careervivid 1.12.31 → 1.12.38

package/dist/agent/agentAuditLog.d.ts

@@ -0,0 +1,43 @@
+/**
+ * agentAuditLog.ts — Forensic audit trail for every agent tool call.
+ *
+ * Architecture:
+ *   PRIMARY:   Local JSONL append at ~/.careervivid/agent-audit.log
+ *              Fast, offline, zero network dependency.
+ *              Each line is a self-contained JSON record.
+ *
+ *   SECONDARY: Firebase Firestore (jastalk-firebase / agent_audit_logs)
+ *              Written fire-and-forget (non-blocking). Fails silently.
+ *              Gives cloud visibility and cross-device forensics via the web dashboard.
+ *
+ * Usage (in repl.ts):
+ *   import { auditLog, flushAuditLog } from "./agentAuditLog.js";
+ *   auditLog({ sessionId, tool: name, args, result, durationMs });
+ *   // On session end:
+ *   await flushAuditLog();
+ */
+export interface AuditEntry {
+    ts: string;
+    sessionId: string;
+    tool: string;
+    args: Record<string, unknown>;
+    resultSummary: string;
+    durationMs: number;
+    ok: boolean;
+}
+export declare let SESSION_ID: string;
+export declare function auditLog(entry: {
+    sessionId?: string;
+    tool: string;
+    args: Record<string, unknown>;
+    result: string;
+    durationMs: number;
+}): void;
+export declare function flushAuditLog(): Promise<void>;
+export declare function writeSessionSummary(stats: {
+    turns: number;
+    mutations: number;
+    toolCalls: number;
+    creditsUsed?: number;
+}): Promise<void>;
+//# sourceMappingURL=agentAuditLog.d.ts.map

package/dist/agent/agentAuditLog.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agentAuditLog.d.ts","sourceRoot":"","sources":["../../src/agent/agentAuditLog.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AASH,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,EAAE,EAAE,OAAO,CAAC;CACb;AAID,eAAO,IAAI,UAAU,QAA2B,CAAC;AA8BjD,wBAAgB,QAAQ,CAAC,KAAK,EAAE;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB,GAAG,IAAI,CAuBP;AAwCD,wBAAsB,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CAMnD;AAID,wBAAsB,mBAAmB,CAAC,KAAK,EAAE;IAC/C,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,GAAG,OAAO,CAAC,IAAI,CAAC,CAwBhB"}

package/dist/agent/agentAuditLog.js

@@ -0,0 +1,145 @@
+/**
+ * agentAuditLog.ts — Forensic audit trail for every agent tool call.
+ *
+ * Architecture:
+ *   PRIMARY:   Local JSONL append at ~/.careervivid/agent-audit.log
+ *              Fast, offline, zero network dependency.
+ *              Each line is a self-contained JSON record.
+ *
+ *   SECONDARY: Firebase Firestore (jastalk-firebase / agent_audit_logs)
+ *              Written fire-and-forget (non-blocking). Fails silently.
+ *              Gives cloud visibility and cross-device forensics via the web dashboard.
+ *
+ * Usage (in repl.ts):
+ *   import { auditLog, flushAuditLog } from "./agentAuditLog.js";
+ *   auditLog({ sessionId, tool: name, args, result, durationMs });
+ *   // On session end:
+ *   await flushAuditLog();
+ */
+import { appendFileSync, existsSync, mkdirSync } from "fs";
+import { resolve } from "path";
+import { homedir } from "os";
+import { randomUUID } from "crypto";
+// ── Session-level state ───────────────────────────────────────────────────────
+export let SESSION_ID = randomUUID().slice(0, 8);
+const pendingFirestore = [];
+// ── Local JSONL path ──────────────────────────────────────────────────────────
+function getAuditLogPath() {
+    const dir = resolve(homedir(), ".careervivid");
+    if (!existsSync(dir))
+        mkdirSync(dir, { recursive: true });
+    return resolve(dir, "agent-audit.log");
+}
+// ── Sanitize args (remove any key that looks like a secret) ─────────────────
+function sanitizeArgs(args) {
+    const REDACT_KEYS = /key|secret|password|token|auth|credential/i;
+    const out = {};
+    for (const [k, v] of Object.entries(args)) {
+        if (REDACT_KEYS.test(k)) {
+            out[k] = "***REDACTED***";
+        }
+        else if (typeof v === "string" && v.length > 300) {
+            out[k] = v.slice(0, 300) + "…";
+        }
+        else {
+            out[k] = v;
+        }
+    }
+    return out;
+}
+// ── Core log function (sync local + async Firestore) ─────────────────────────
+export function auditLog(entry) {
+    const record = {
+        ts: new Date().toISOString(),
+        sessionId: entry.sessionId ?? SESSION_ID,
+        tool: entry.tool,
+        args: sanitizeArgs(entry.args),
+        resultSummary: entry.result.slice(0, 200).replace(/\n/g, " "),
+        durationMs: Math.round(entry.durationMs),
+        ok: !entry.result.startsWith("❌"),
+    };
+    // ── 1. Local JSONL (synchronous, never fails) ─────────────────────────────
+    try {
+        appendFileSync(getAuditLogPath(), JSON.stringify(record) + "\n", "utf-8");
+    }
+    catch {
+        // Silently swallow — never break the agent because of logging
+    }
+    // ── 2. Firebase Firestore (fire-and-forget — non-blocking) ───────────────
+    pendingFirestore.push(record);
+    void writeToFirestore(record).catch(() => {
+        // Silently swallow — Firebase being unavailable must not affect the agent
+    });
+}
+// ── Firebase write (dynamic import to avoid hard dependency) ─────────────────
+async function writeToFirestore(record) {
+    // Only attempt if firebase-admin is installed (it's optional)
+    let admin;
+    try {
+        admin = await import("firebase-admin");
+    }
+    catch {
+        return; // firebase-admin not installed — skip silently
+    }
+    try {
+        if (!admin.apps?.length) {
+            // Use Application Default Credentials (works in GCP/Cloud Shell)
+            // or the service account key if present
+            const keyPath = resolve(homedir(), ".careervivid", "firebase-service-account.json");
+            const credential = existsSync(keyPath)
+                ? admin.credential.cert(keyPath)
+                : admin.credential.applicationDefault();
+            admin.initializeApp({
+                credential,
+                projectId: "jastalk-firebase",
+            });
+        }
+        const db = admin.firestore();
+        await db.collection("agent_audit_logs").add({
+            ...record,
+            createdAt: admin.firestore.FieldValue.serverTimestamp(),
+        });
+    }
+    catch {
+        // Any Firebase error is silently swallowed
+    }
+}
+// ── Flush pending entries (call on session end) ───────────────────────────────
+export async function flushAuditLog() {
+    // Pending Firestore writes are already in-flight via fire-and-forget.
+    // Give them 2 seconds to complete before exit.
+    if (pendingFirestore.length > 0) {
+        await new Promise(r => setTimeout(r, 2000));
+    }
+}
+// ── Session summary (call on exit) ─────────────────────────────────────────
+export async function writeSessionSummary(stats) {
+    const record = {
+        type: "session_summary",
+        sessionId: SESSION_ID,
+        ts: new Date().toISOString(),
+        ...stats,
+    };
+    try {
+        appendFileSync(getAuditLogPath(), JSON.stringify(record) + "\n", "utf-8");
+    }
+    catch { /* silent */ }
+    // Firestore session summary
+    let admin;
+    try {
+        admin = await import("firebase-admin");
+    }
+    catch {
+        return;
+    }
+    try {
+        if (admin.apps?.length) {
+            const db = admin.firestore();
+            await db.collection("agent_session_summaries").add({
+                ...record,
+                createdAt: admin.firestore.FieldValue.serverTimestamp(),
+            });
+        }
+    }
+    catch { /* silent */ }
+}

package/dist/agent/instructions.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"instructions.d.ts","sourceRoot":"","sources":["../../src/agent/instructions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,eAAO,MAAM,aAAa,QAalB,CAAC;AAMT,eAAO,MAAM,cAAc,QAcnB,CAAC;AAMT,eAAO,MAAM,cAAc,QAgBnB,CAAC;AAMT,eAAO,MAAM,kBAAkB,QAoCvB,CAAC;AAMT,eAAO,MAAM,YAAY,QAsCjB,CAAC;AAMT,eAAO,MAAM,iBAAiB,QActB,CAAC;AAMT;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,GAAG,MAAM,CAyBT"}
+{"version":3,"file":"instructions.d.ts","sourceRoot":"","sources":["../../src/agent/instructions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,eAAO,MAAM,aAAa,QAalB,CAAC;AAMT,eAAO,MAAM,cAAc,QAcnB,CAAC;AAMT,eAAO,MAAM,cAAc,QAgBnB,CAAC;AAMT,eAAO,MAAM,kBAAkB,QAwCvB,CAAC;AAMT,eAAO,MAAM,YAAY,QA2CjB,CAAC;AAMT,eAAO,MAAM,iBAAiB,QActB,CAAC;AAMT;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,GAAG,MAAM,CAyBT"}

package/dist/agent/instructions.js

@@ -75,7 +75,10 @@ export const JOBS_TOOLS_SECTION = `
 - **delete_resume**     — Permanently delete a resume (ask for confirmation first).
 
 ### Job Search
-- **search_jobs**       — Search for jobs scored against the user's resume. Returns results for review (dry_run by default — does NOT auto-save).
+- **search_jobs**       — Search for NEW companies/roles NOT yet in the tracker. Returns results for review (dry_run by default — does NOT auto-save). Use for discovery only.
+- **openings_scan**    ⭐ — Drill into companies ALREADY in jobs.csv to find their SPECIFIC open roles with direct apply links (uses Greenhouse/Ashby/Lever APIs). Use this instead of search_jobs when the user wants roles at known tracked companies.
+- **openings_list**    — List saved job openings found by openings_scan.
+- **openings_apply**   — Mark a specific opening as Applied (requires explicit date).
 
 ### CSV Pipeline Tracker (tracker_*)
 These tools read/write jobs.csv — the local career-ops pipeline spreadsheet.
@@ -86,6 +89,7 @@ These tools read/write jobs.csv — the local career-ops pipeline spreadsheet.
 - **tracker_dashboard**      — Full analytics: apply rate, avg scores, salary data, stale count.
 - **tracker_find_stale**     — Surface cold companies with next-action recommendations.
 - **tracker_inspect_quality**— Scan for duplicates, missing URLs, and corrupted data (read-only).
+- **tracker_recheck_urls**   — Re-verify all careers URLs in the tracker; annotates dead links in notes.
 
 ### Web Kanban Board (kanban_*)
 These tools read/write the Firebase Kanban board at careervivid.app/job-tracker.
@@ -109,9 +113,10 @@ export const JOBS_HARNESS = `
 ## Autonomy Rules (Non-Negotiable)
 
 ### What you may do freely (no confirmation needed)
-- Call any read-only tool (tracker_list_jobs, tracker_dashboard, tracker_rank_priority, tracker_find_stale, tracker_inspect_quality, search_jobs, get_resume, etc.)
+- Call any read-only tool (tracker_list_jobs, tracker_dashboard, tracker_rank_priority, tracker_find_stale, tracker_inspect_quality, tracker_recheck_urls, openings_scan, openings_list, search_jobs, get_resume, etc.)
 - Add a new company/job entry via tracker_add_job (when the user explicitly names a company or approves a search result)
 - Update non-status fields (attention_score, excitement, notes, follow_up_date, etc.) via tracker_update_job
+- Run openings_scan to fetch real job postings from tracked companies
 
 ### What requires explicit user confirmation
 - Changing status to "Applied", "Rejected", or "Ghosted" — present the proposed change and wait for "yes"
@@ -138,11 +143,15 @@ If it does, call tracker_update_job instead — never create a duplicate row.
 | stats, dashboard, apply rate, search health   | tracker_dashboard              |
 | stale, cold, neglecting, need attention       | tracker_find_stale             |
 | duplicates, data quality, audit               | tracker_inspect_quality        |
+| stale/dead job URLs, link check               | tracker_recheck_urls           |
 | adding a company, new job                     | tracker_add_job                |
 | updating status, marking applied, follow-up   | tracker_update_job             |
 | Kanban board, web tracker                     | kanban_list_jobs               |
 | resume, background, skills, experience        | get_resume                     |
-| find jobs, search roles                       | get_resume → search_jobs       |
+| specific roles at tracked companies           | openings_scan                  |
+| view saved openings                           | openings_list                  |
+| applied to a specific opening                 | openings_apply                 |
+| find NEW companies/roles not yet in tracker   | get_resume → search_jobs       |
 `.trim();
 // ---------------------------------------------------------------------------
 // §6 — Greeting protocol (shared across modes)

package/dist/agent/tools/jobOpenings.d.ts

@@ -0,0 +1,21 @@
+/**
+ * jobOpenings.ts — Job Openings Drill-Down Tools
+ *
+ * Bridges jobs.csv (company pipeline) → specific open roles with direct apply links.
+ *
+ * Architecture:
+ *   jobs.csv          →  openings_scan  →  job_openings.csv
+ *   (company-level)      (ATS fetcher)     (posting-level)
+ *
+ * ATS Support:
+ *   Greenhouse  — Free public REST API (boards-api.greenhouse.io)
+ *   Ashby       — HTML parse (JavaScript SPA; titles extracted from embedded JSON)
+ *   Lever       — Public REST API (api.lever.co/v0/postings/{slug})
+ *   Direct      — JSON-LD schema.org/JobPosting + heuristic <a> tag parsing
+ */
+import { Tool } from "../Tool.js";
+export declare const OpeningsScanTool: Tool;
+export declare const OpeningsListTool: Tool;
+export declare const OpeningsApplyTool: Tool;
+export declare const ALL_JOB_OPENINGS_TOOLS: Tool[];
+//# sourceMappingURL=jobOpenings.d.ts.map

package/dist/agent/tools/jobOpenings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jobOpenings.d.ts","sourceRoot":"","sources":["../../../src/agent/tools/jobOpenings.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAgclC,eAAO,MAAM,gBAAgB,EAAE,IA6O9B,CAAC;AAMF,eAAO,MAAM,gBAAgB,EAAE,IA4G9B,CAAC;AAQF,eAAO,MAAM,iBAAiB,EAAE,IA8F/B,CAAC;AAMF,eAAO,MAAM,sBAAsB,EAAE,IAAI,EAIxC,CAAC"}