npm - cowork-os - Versions diffs - 0.3.21 - Mend

cowork-os 0.3.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/LICENSE +21 -0
package/README.md +1638 -0
package/bin/cowork.js +42 -0
package/build/entitlements.mac.plist +16 -0
package/build/icon.icns +0 -0
package/build/icon.png +0 -0
package/dist/electron/electron/activity/ActivityRepository.js +190 -0
package/dist/electron/electron/agent/browser/browser-service.js +639 -0
package/dist/electron/electron/agent/context-manager.js +225 -0
package/dist/electron/electron/agent/custom-skill-loader.js +566 -0
package/dist/electron/electron/agent/daemon.js +975 -0
package/dist/electron/electron/agent/executor.js +3561 -0
package/dist/electron/electron/agent/llm/anthropic-provider.js +155 -0
package/dist/electron/electron/agent/llm/bedrock-provider.js +202 -0
package/dist/electron/electron/agent/llm/gemini-provider.js +375 -0
package/dist/electron/electron/agent/llm/index.js +34 -0
package/dist/electron/electron/agent/llm/ollama-provider.js +263 -0
package/dist/electron/electron/agent/llm/openai-oauth.js +101 -0
package/dist/electron/electron/agent/llm/openai-provider.js +657 -0
package/dist/electron/electron/agent/llm/openrouter-provider.js +232 -0
package/dist/electron/electron/agent/llm/pricing.js +160 -0
package/dist/electron/electron/agent/llm/provider-factory.js +880 -0
package/dist/electron/electron/agent/llm/types.js +178 -0
package/dist/electron/electron/agent/queue-manager.js +378 -0
package/dist/electron/electron/agent/sandbox/docker-sandbox.js +402 -0
package/dist/electron/electron/agent/sandbox/macos-sandbox.js +407 -0
package/dist/electron/electron/agent/sandbox/runner.js +410 -0
package/dist/electron/electron/agent/sandbox/sandbox-factory.js +228 -0
package/dist/electron/electron/agent/sandbox/security-utils.js +258 -0
package/dist/electron/electron/agent/search/brave-provider.js +119 -0
package/dist/electron/electron/agent/search/google-provider.js +100 -0
package/dist/electron/electron/agent/search/index.js +28 -0
package/dist/electron/electron/agent/search/provider-factory.js +395 -0
package/dist/electron/electron/agent/search/serpapi-provider.js +112 -0
package/dist/electron/electron/agent/search/tavily-provider.js +90 -0
package/dist/electron/electron/agent/search/types.js +40 -0
package/dist/electron/electron/agent/security/index.js +12 -0
package/dist/electron/electron/agent/security/input-sanitizer.js +303 -0
package/dist/electron/electron/agent/security/output-filter.js +217 -0
package/dist/electron/electron/agent/skill-eligibility.js +281 -0
package/dist/electron/electron/agent/skill-registry.js +396 -0
package/dist/electron/electron/agent/skills/document.js +878 -0
package/dist/electron/electron/agent/skills/image-generator.js +225 -0
package/dist/electron/electron/agent/skills/organizer.js +141 -0
package/dist/electron/electron/agent/skills/presentation.js +367 -0
package/dist/electron/electron/agent/skills/spreadsheet.js +165 -0
package/dist/electron/electron/agent/tools/browser-tools.js +523 -0
package/dist/electron/electron/agent/tools/builtin-settings.js +384 -0
package/dist/electron/electron/agent/tools/canvas-tools.js +530 -0
package/dist/electron/electron/agent/tools/cron-tools.js +577 -0
package/dist/electron/electron/agent/tools/edit-tools.js +194 -0
package/dist/electron/electron/agent/tools/file-tools.js +719 -0
package/dist/electron/electron/agent/tools/glob-tools.js +283 -0
package/dist/electron/electron/agent/tools/grep-tools.js +387 -0
package/dist/electron/electron/agent/tools/image-tools.js +111 -0
package/dist/electron/electron/agent/tools/mention-tools.js +282 -0
package/dist/electron/electron/agent/tools/node-tools.js +476 -0
package/dist/electron/electron/agent/tools/registry.js +2719 -0
package/dist/electron/electron/agent/tools/search-tools.js +91 -0
package/dist/electron/electron/agent/tools/shell-tools.js +574 -0
package/dist/electron/electron/agent/tools/skill-tools.js +274 -0
package/dist/electron/electron/agent/tools/system-tools.js +578 -0
package/dist/electron/electron/agent/tools/web-fetch-tools.js +444 -0
package/dist/electron/electron/agent/tools/x-tools.js +264 -0
package/dist/electron/electron/agents/AgentRoleRepository.js +420 -0
package/dist/electron/electron/agents/HeartbeatService.js +356 -0
package/dist/electron/electron/agents/MentionRepository.js +197 -0
package/dist/electron/electron/agents/TaskSubscriptionRepository.js +168 -0
package/dist/electron/electron/agents/WorkingStateRepository.js +229 -0
package/dist/electron/electron/canvas/canvas-manager.js +714 -0
package/dist/electron/electron/canvas/canvas-preload.js +53 -0
package/dist/electron/electron/canvas/canvas-protocol.js +195 -0
package/dist/electron/electron/canvas/canvas-store.js +174 -0
package/dist/electron/electron/canvas/index.js +13 -0
package/dist/electron/electron/control-plane/client.js +364 -0
package/dist/electron/electron/control-plane/handlers.js +572 -0
package/dist/electron/electron/control-plane/index.js +41 -0
package/dist/electron/electron/control-plane/node-manager.js +264 -0
package/dist/electron/electron/control-plane/protocol.js +194 -0
package/dist/electron/electron/control-plane/remote-client.js +437 -0
package/dist/electron/electron/control-plane/server.js +640 -0
package/dist/electron/electron/control-plane/settings.js +369 -0
package/dist/electron/electron/control-plane/ssh-tunnel.js +549 -0
package/dist/electron/electron/cron/index.js +30 -0
package/dist/electron/electron/cron/schedule.js +190 -0
package/dist/electron/electron/cron/service.js +614 -0
package/dist/electron/electron/cron/store.js +155 -0
package/dist/electron/electron/cron/types.js +82 -0
package/dist/electron/electron/cron/webhook.js +258 -0
package/dist/electron/electron/database/SecureSettingsRepository.js +444 -0
package/dist/electron/electron/database/TaskLabelRepository.js +120 -0
package/dist/electron/electron/database/repositories.js +1781 -0
package/dist/electron/electron/database/schema.js +978 -0
package/dist/electron/electron/extensions/index.js +33 -0
package/dist/electron/electron/extensions/loader.js +313 -0
package/dist/electron/electron/extensions/registry.js +485 -0
package/dist/electron/electron/extensions/types.js +11 -0
package/dist/electron/electron/gateway/channel-registry.js +1102 -0
package/dist/electron/electron/gateway/channels/bluebubbles-client.js +479 -0
package/dist/electron/electron/gateway/channels/bluebubbles.js +432 -0
package/dist/electron/electron/gateway/channels/discord.js +975 -0
package/dist/electron/electron/gateway/channels/email-client.js +593 -0
package/dist/electron/electron/gateway/channels/email.js +443 -0
package/dist/electron/electron/gateway/channels/google-chat.js +631 -0
package/dist/electron/electron/gateway/channels/imessage-client.js +363 -0
package/dist/electron/electron/gateway/channels/imessage.js +465 -0
package/dist/electron/electron/gateway/channels/index.js +36 -0
package/dist/electron/electron/gateway/channels/line-client.js +470 -0
package/dist/electron/electron/gateway/channels/line.js +479 -0
package/dist/electron/electron/gateway/channels/matrix-client.js +432 -0
package/dist/electron/electron/gateway/channels/matrix.js +592 -0
package/dist/electron/electron/gateway/channels/mattermost-client.js +394 -0
package/dist/electron/electron/gateway/channels/mattermost.js +496 -0
package/dist/electron/electron/gateway/channels/signal-client.js +500 -0
package/dist/electron/electron/gateway/channels/signal.js +582 -0
package/dist/electron/electron/gateway/channels/slack.js +415 -0
package/dist/electron/electron/gateway/channels/teams.js +596 -0
package/dist/electron/electron/gateway/channels/telegram.js +1390 -0
package/dist/electron/electron/gateway/channels/twitch-client.js +502 -0
package/dist/electron/electron/gateway/channels/twitch.js +396 -0
package/dist/electron/electron/gateway/channels/types.js +8 -0
package/dist/electron/electron/gateway/channels/whatsapp.js +953 -0
package/dist/electron/electron/gateway/context-policy.js +268 -0
package/dist/electron/electron/gateway/index.js +1063 -0
package/dist/electron/electron/gateway/infrastructure.js +496 -0
package/dist/electron/electron/gateway/router.js +2700 -0
package/dist/electron/electron/gateway/security.js +375 -0
package/dist/electron/electron/gateway/session.js +115 -0
package/dist/electron/electron/gateway/tunnel.js +503 -0
package/dist/electron/electron/guardrails/guardrail-manager.js +348 -0
package/dist/electron/electron/hooks/gmail-watcher.js +300 -0
package/dist/electron/electron/hooks/index.js +46 -0
package/dist/electron/electron/hooks/mappings.js +381 -0
package/dist/electron/electron/hooks/server.js +480 -0
package/dist/electron/electron/hooks/settings.js +447 -0
package/dist/electron/electron/hooks/types.js +41 -0
package/dist/electron/electron/ipc/canvas-handlers.js +158 -0
package/dist/electron/electron/ipc/handlers.js +3138 -0
package/dist/electron/electron/ipc/mission-control-handlers.js +141 -0
package/dist/electron/electron/main.js +448 -0
package/dist/electron/electron/mcp/client/MCPClientManager.js +330 -0
package/dist/electron/electron/mcp/client/MCPServerConnection.js +437 -0
package/dist/electron/electron/mcp/client/transports/SSETransport.js +304 -0
package/dist/electron/electron/mcp/client/transports/StdioTransport.js +307 -0
package/dist/electron/electron/mcp/client/transports/WebSocketTransport.js +329 -0
package/dist/electron/electron/mcp/host/MCPHostServer.js +354 -0
package/dist/electron/electron/mcp/host/ToolAdapter.js +100 -0
package/dist/electron/electron/mcp/registry/MCPRegistryManager.js +497 -0
package/dist/electron/electron/mcp/settings.js +446 -0
package/dist/electron/electron/mcp/types.js +59 -0
package/dist/electron/electron/memory/MemoryService.js +435 -0
package/dist/electron/electron/notifications/index.js +17 -0
package/dist/electron/electron/notifications/service.js +118 -0
package/dist/electron/electron/notifications/store.js +144 -0
package/dist/electron/electron/preload.js +842 -0
package/dist/electron/electron/reports/StandupReportService.js +272 -0
package/dist/electron/electron/security/concurrency.js +293 -0
package/dist/electron/electron/security/index.js +15 -0
package/dist/electron/electron/security/policy-manager.js +435 -0
package/dist/electron/electron/settings/appearance-manager.js +193 -0
package/dist/electron/electron/settings/personality-manager.js +724 -0
package/dist/electron/electron/settings/x-manager.js +58 -0
package/dist/electron/electron/tailscale/exposure.js +188 -0
package/dist/electron/electron/tailscale/index.js +28 -0
package/dist/electron/electron/tailscale/settings.js +205 -0
package/dist/electron/electron/tailscale/tailscale.js +355 -0
package/dist/electron/electron/tray/QuickInputWindow.js +568 -0
package/dist/electron/electron/tray/TrayManager.js +895 -0
package/dist/electron/electron/tray/index.js +9 -0
package/dist/electron/electron/updater/index.js +6 -0
package/dist/electron/electron/updater/update-manager.js +418 -0
package/dist/electron/electron/utils/env-migration.js +209 -0
package/dist/electron/electron/utils/process.js +102 -0
package/dist/electron/electron/utils/rate-limiter.js +104 -0
package/dist/electron/electron/utils/validation.js +419 -0
package/dist/electron/electron/utils/x-cli.js +177 -0
package/dist/electron/electron/voice/VoiceService.js +507 -0
package/dist/electron/electron/voice/index.js +14 -0
package/dist/electron/electron/voice/voice-settings-manager.js +359 -0
package/dist/electron/shared/channelMessages.js +170 -0
package/dist/electron/shared/types.js +1185 -0
package/package.json +159 -0
package/resources/skills/1password.json +10 -0
package/resources/skills/add-documentation.json +31 -0
package/resources/skills/analyze-csv.json +17 -0
package/resources/skills/apple-notes.json +10 -0
package/resources/skills/apple-reminders.json +10 -0
package/resources/skills/auto-commenter.json +10 -0
package/resources/skills/bear-notes.json +10 -0
package/resources/skills/bird.json +35 -0
package/resources/skills/blogwatcher.json +10 -0
package/resources/skills/blucli.json +10 -0
package/resources/skills/bluebubbles.json +10 -0
package/resources/skills/camsnap.json +10 -0
package/resources/skills/clean-imports.json +18 -0
package/resources/skills/code-review.json +18 -0
package/resources/skills/coding-agent.json +10 -0
package/resources/skills/compare-files.json +23 -0
package/resources/skills/convert-code.json +34 -0
package/resources/skills/create-changelog.json +24 -0
package/resources/skills/debug-error.json +17 -0
package/resources/skills/dependency-check.json +10 -0
package/resources/skills/discord.json +10 -0
package/resources/skills/eightctl.json +10 -0
package/resources/skills/explain-code.json +29 -0
package/resources/skills/extract-todos.json +18 -0
package/resources/skills/food-order.json +10 -0
package/resources/skills/gemini.json +10 -0
package/resources/skills/generate-readme.json +10 -0
package/resources/skills/gifgrep.json +10 -0
package/resources/skills/git-commit.json +10 -0
package/resources/skills/github.json +10 -0
package/resources/skills/gog.json +10 -0
package/resources/skills/goplaces.json +10 -0
package/resources/skills/himalaya.json +10 -0
package/resources/skills/imsg.json +10 -0
package/resources/skills/karpathy-guidelines.json +12 -0
package/resources/skills/last30days.json +26 -0
package/resources/skills/local-places.json +10 -0
package/resources/skills/mcporter.json +10 -0
package/resources/skills/model-usage.json +10 -0
package/resources/skills/nano-banana-pro.json +10 -0
package/resources/skills/nano-pdf.json +10 -0
package/resources/skills/notion.json +10 -0
package/resources/skills/obsidian.json +10 -0
package/resources/skills/openai-image-gen.json +10 -0
package/resources/skills/openai-whisper-api.json +10 -0
package/resources/skills/openai-whisper.json +10 -0
package/resources/skills/openhue.json +10 -0
package/resources/skills/oracle.json +10 -0
package/resources/skills/ordercli.json +10 -0
package/resources/skills/peekaboo.json +10 -0
package/resources/skills/project-structure.json +10 -0
package/resources/skills/proofread.json +17 -0
package/resources/skills/refactor-code.json +31 -0
package/resources/skills/rename-symbol.json +23 -0
package/resources/skills/sag.json +10 -0
package/resources/skills/security-audit.json +18 -0
package/resources/skills/session-logs.json +10 -0
package/resources/skills/sherpa-onnx-tts.json +10 -0
package/resources/skills/skill-creator.json +15 -0
package/resources/skills/skill-hub.json +29 -0
package/resources/skills/slack.json +10 -0
package/resources/skills/songsee.json +10 -0
package/resources/skills/sonoscli.json +10 -0
package/resources/skills/spotify-player.json +10 -0
package/resources/skills/startup-cfo.json +55 -0
package/resources/skills/summarize-folder.json +18 -0
package/resources/skills/summarize.json +10 -0
package/resources/skills/things-mac.json +10 -0
package/resources/skills/tmux.json +10 -0
package/resources/skills/translate.json +36 -0
package/resources/skills/trello.json +10 -0
package/resources/skills/video-frames.json +10 -0
package/resources/skills/voice-call.json +10 -0
package/resources/skills/wacli.json +10 -0
package/resources/skills/weather.json +10 -0
package/resources/skills/write-tests.json +31 -0
package/src/electron/activity/ActivityRepository.ts +238 -0
package/src/electron/agent/browser/browser-service.ts +721 -0
package/src/electron/agent/context-manager.ts +257 -0
package/src/electron/agent/custom-skill-loader.ts +634 -0
package/src/electron/agent/daemon.ts +1097 -0
package/src/electron/agent/executor.ts +4017 -0
package/src/electron/agent/llm/anthropic-provider.ts +175 -0
package/src/electron/agent/llm/bedrock-provider.ts +236 -0
package/src/electron/agent/llm/gemini-provider.ts +422 -0
package/src/electron/agent/llm/index.ts +9 -0
package/src/electron/agent/llm/ollama-provider.ts +347 -0
package/src/electron/agent/llm/openai-oauth.ts +127 -0
package/src/electron/agent/llm/openai-provider.ts +686 -0
package/src/electron/agent/llm/openrouter-provider.ts +273 -0
package/src/electron/agent/llm/pricing.ts +180 -0
package/src/electron/agent/llm/provider-factory.ts +971 -0
package/src/electron/agent/llm/types.ts +291 -0
package/src/electron/agent/queue-manager.ts +408 -0
package/src/electron/agent/sandbox/docker-sandbox.ts +453 -0
package/src/electron/agent/sandbox/macos-sandbox.ts +426 -0
package/src/electron/agent/sandbox/runner.ts +453 -0
package/src/electron/agent/sandbox/sandbox-factory.ts +337 -0
package/src/electron/agent/sandbox/security-utils.ts +251 -0
package/src/electron/agent/search/brave-provider.ts +141 -0
package/src/electron/agent/search/google-provider.ts +131 -0
package/src/electron/agent/search/index.ts +6 -0
package/src/electron/agent/search/provider-factory.ts +450 -0
package/src/electron/agent/search/serpapi-provider.ts +138 -0
package/src/electron/agent/search/tavily-provider.ts +108 -0
package/src/electron/agent/search/types.ts +118 -0
package/src/electron/agent/security/index.ts +20 -0
package/src/electron/agent/security/input-sanitizer.ts +380 -0
package/src/electron/agent/security/output-filter.ts +259 -0
package/src/electron/agent/skill-eligibility.ts +334 -0
package/src/electron/agent/skill-registry.ts +457 -0
package/src/electron/agent/skills/document.ts +1070 -0
package/src/electron/agent/skills/image-generator.ts +272 -0
package/src/electron/agent/skills/organizer.ts +131 -0
package/src/electron/agent/skills/presentation.ts +418 -0
package/src/electron/agent/skills/spreadsheet.ts +166 -0
package/src/electron/agent/tools/browser-tools.ts +546 -0
package/src/electron/agent/tools/builtin-settings.ts +422 -0
package/src/electron/agent/tools/canvas-tools.ts +572 -0
package/src/electron/agent/tools/cron-tools.ts +723 -0
package/src/electron/agent/tools/edit-tools.ts +196 -0
package/src/electron/agent/tools/file-tools.ts +811 -0
package/src/electron/agent/tools/glob-tools.ts +303 -0
package/src/electron/agent/tools/grep-tools.ts +432 -0
package/src/electron/agent/tools/image-tools.ts +126 -0
package/src/electron/agent/tools/mention-tools.ts +371 -0
package/src/electron/agent/tools/node-tools.ts +550 -0
package/src/electron/agent/tools/registry.ts +3052 -0
package/src/electron/agent/tools/search-tools.ts +111 -0
package/src/electron/agent/tools/shell-tools.ts +651 -0
package/src/electron/agent/tools/skill-tools.ts +340 -0
package/src/electron/agent/tools/system-tools.ts +665 -0
package/src/electron/agent/tools/web-fetch-tools.ts +528 -0
package/src/electron/agent/tools/x-tools.ts +267 -0
package/src/electron/agents/AgentRoleRepository.ts +557 -0
package/src/electron/agents/HeartbeatService.ts +469 -0
package/src/electron/agents/MentionRepository.ts +242 -0
package/src/electron/agents/TaskSubscriptionRepository.ts +231 -0
package/src/electron/agents/WorkingStateRepository.ts +278 -0
package/src/electron/canvas/canvas-manager.ts +818 -0
package/src/electron/canvas/canvas-preload.ts +102 -0
package/src/electron/canvas/canvas-protocol.ts +174 -0
package/src/electron/canvas/canvas-store.ts +200 -0
package/src/electron/canvas/index.ts +8 -0
package/src/electron/control-plane/client.ts +527 -0
package/src/electron/control-plane/handlers.ts +723 -0
package/src/electron/control-plane/index.ts +51 -0
package/src/electron/control-plane/node-manager.ts +322 -0
package/src/electron/control-plane/protocol.ts +269 -0
package/src/electron/control-plane/remote-client.ts +517 -0
package/src/electron/control-plane/server.ts +853 -0
package/src/electron/control-plane/settings.ts +401 -0
package/src/electron/control-plane/ssh-tunnel.ts +624 -0
package/src/electron/cron/index.ts +9 -0
package/src/electron/cron/schedule.ts +217 -0
package/src/electron/cron/service.ts +743 -0
package/src/electron/cron/store.ts +165 -0
package/src/electron/cron/types.ts +291 -0
package/src/electron/cron/webhook.ts +303 -0
package/src/electron/database/SecureSettingsRepository.ts +514 -0
package/src/electron/database/TaskLabelRepository.ts +148 -0
package/src/electron/database/repositories.ts +2397 -0
package/src/electron/database/schema.ts +1017 -0
package/src/electron/extensions/index.ts +18 -0
package/src/electron/extensions/loader.ts +336 -0
package/src/electron/extensions/registry.ts +546 -0
package/src/electron/extensions/types.ts +372 -0
package/src/electron/gateway/channel-registry.ts +1267 -0
package/src/electron/gateway/channels/bluebubbles-client.ts +641 -0
package/src/electron/gateway/channels/bluebubbles.ts +509 -0
package/src/electron/gateway/channels/discord.ts +1150 -0
package/src/electron/gateway/channels/email-client.ts +708 -0
package/src/electron/gateway/channels/email.ts +516 -0
package/src/electron/gateway/channels/google-chat.ts +760 -0
package/src/electron/gateway/channels/imessage-client.ts +473 -0
package/src/electron/gateway/channels/imessage.ts +520 -0
package/src/electron/gateway/channels/index.ts +21 -0
package/src/electron/gateway/channels/line-client.ts +598 -0
package/src/electron/gateway/channels/line.ts +559 -0
package/src/electron/gateway/channels/matrix-client.ts +632 -0
package/src/electron/gateway/channels/matrix.ts +655 -0
package/src/electron/gateway/channels/mattermost-client.ts +526 -0
package/src/electron/gateway/channels/mattermost.ts +550 -0
package/src/electron/gateway/channels/signal-client.ts +722 -0
package/src/electron/gateway/channels/signal.ts +666 -0
package/src/electron/gateway/channels/slack.ts +458 -0
package/src/electron/gateway/channels/teams.ts +681 -0
package/src/electron/gateway/channels/telegram.ts +1727 -0
package/src/electron/gateway/channels/twitch-client.ts +665 -0
package/src/electron/gateway/channels/twitch.ts +468 -0
package/src/electron/gateway/channels/types.ts +1002 -0
package/src/electron/gateway/channels/whatsapp.ts +1101 -0
package/src/electron/gateway/context-policy.ts +382 -0
package/src/electron/gateway/index.ts +1274 -0
package/src/electron/gateway/infrastructure.ts +645 -0
package/src/electron/gateway/router.ts +3206 -0
package/src/electron/gateway/security.ts +422 -0
package/src/electron/gateway/session.ts +144 -0
package/src/electron/gateway/tunnel.ts +626 -0
package/src/electron/guardrails/guardrail-manager.ts +380 -0
package/src/electron/hooks/gmail-watcher.ts +355 -0
package/src/electron/hooks/index.ts +30 -0
package/src/electron/hooks/mappings.ts +404 -0
package/src/electron/hooks/server.ts +574 -0
package/src/electron/hooks/settings.ts +466 -0
package/src/electron/hooks/types.ts +245 -0
package/src/electron/ipc/canvas-handlers.ts +223 -0
package/src/electron/ipc/handlers.ts +3661 -0
package/src/electron/ipc/mission-control-handlers.ts +182 -0
package/src/electron/main.ts +496 -0
package/src/electron/mcp/client/MCPClientManager.ts +406 -0
package/src/electron/mcp/client/MCPServerConnection.ts +514 -0
package/src/electron/mcp/client/transports/SSETransport.ts +360 -0
package/src/electron/mcp/client/transports/StdioTransport.ts +355 -0
package/src/electron/mcp/client/transports/WebSocketTransport.ts +384 -0
package/src/electron/mcp/host/MCPHostServer.ts +388 -0
package/src/electron/mcp/host/ToolAdapter.ts +140 -0
package/src/electron/mcp/registry/MCPRegistryManager.ts +565 -0
package/src/electron/mcp/settings.ts +468 -0
package/src/electron/mcp/types.ts +371 -0
package/src/electron/memory/MemoryService.ts +523 -0
package/src/electron/notifications/index.ts +16 -0
package/src/electron/notifications/service.ts +161 -0
package/src/electron/notifications/store.ts +163 -0
package/src/electron/preload.ts +2845 -0
package/src/electron/reports/StandupReportService.ts +356 -0
package/src/electron/security/concurrency.ts +333 -0
package/src/electron/security/index.ts +17 -0
package/src/electron/security/policy-manager.ts +539 -0
package/src/electron/settings/appearance-manager.ts +182 -0
package/src/electron/settings/personality-manager.ts +800 -0
package/src/electron/settings/x-manager.ts +62 -0
package/src/electron/tailscale/exposure.ts +262 -0
package/src/electron/tailscale/index.ts +34 -0
package/src/electron/tailscale/settings.ts +218 -0
package/src/electron/tailscale/tailscale.ts +379 -0
package/src/electron/tray/QuickInputWindow.ts +609 -0
package/src/electron/tray/TrayManager.ts +1005 -0
package/src/electron/tray/index.ts +6 -0
package/src/electron/updater/index.ts +1 -0
package/src/electron/updater/update-manager.ts +447 -0
package/src/electron/utils/env-migration.ts +203 -0
package/src/electron/utils/process.ts +124 -0
package/src/electron/utils/rate-limiter.ts +130 -0
package/src/electron/utils/validation.ts +493 -0
package/src/electron/utils/x-cli.ts +198 -0
package/src/electron/voice/VoiceService.ts +583 -0
package/src/electron/voice/index.ts +9 -0
package/src/electron/voice/voice-settings-manager.ts +403 -0
package/src/renderer/App.tsx +775 -0
package/src/renderer/components/ActivityFeed.tsx +407 -0
package/src/renderer/components/ActivityFeedItem.tsx +285 -0
package/src/renderer/components/AgentRoleCard.tsx +343 -0
package/src/renderer/components/AgentRoleEditor.tsx +805 -0
package/src/renderer/components/AgentSquadSettings.tsx +295 -0
package/src/renderer/components/AgentWorkingStatePanel.tsx +411 -0
package/src/renderer/components/AppearanceSettings.tsx +122 -0
package/src/renderer/components/ApprovalDialog.tsx +100 -0
package/src/renderer/components/BlueBubblesSettings.tsx +505 -0
package/src/renderer/components/BuiltinToolsSettings.tsx +307 -0
package/src/renderer/components/CanvasPreview.tsx +1189 -0
package/src/renderer/components/CommandOutput.tsx +202 -0
package/src/renderer/components/ContextPolicySettings.tsx +523 -0
package/src/renderer/components/ControlPlaneSettings.tsx +1134 -0
package/src/renderer/components/DisclaimerModal.tsx +124 -0
package/src/renderer/components/DiscordSettings.tsx +436 -0
package/src/renderer/components/EmailSettings.tsx +606 -0
package/src/renderer/components/ExtensionsSettings.tsx +542 -0
package/src/renderer/components/FileViewer.tsx +224 -0
package/src/renderer/components/GoogleChatSettings.tsx +535 -0
package/src/renderer/components/GuardrailSettings.tsx +487 -0
package/src/renderer/components/HooksSettings.tsx +581 -0
package/src/renderer/components/ImessageSettings.tsx +484 -0
package/src/renderer/components/LineSettings.tsx +483 -0
package/src/renderer/components/MCPRegistryBrowser.tsx +386 -0
package/src/renderer/components/MCPSettings.tsx +943 -0
package/src/renderer/components/MainContent.tsx +2433 -0
package/src/renderer/components/MatrixSettings.tsx +510 -0
package/src/renderer/components/MattermostSettings.tsx +473 -0
package/src/renderer/components/MemorySettings.tsx +247 -0
package/src/renderer/components/MentionBadge.tsx +87 -0
package/src/renderer/components/MentionInput.tsx +409 -0
package/src/renderer/components/MentionList.tsx +476 -0
package/src/renderer/components/MissionControlPanel.tsx +1995 -0
package/src/renderer/components/NodesSettings.tsx +316 -0
package/src/renderer/components/NotificationPanel.tsx +481 -0
package/src/renderer/components/Onboarding/AwakeningOrb.tsx +44 -0
package/src/renderer/components/Onboarding/Onboarding.tsx +443 -0
package/src/renderer/components/Onboarding/TypewriterText.tsx +102 -0
package/src/renderer/components/Onboarding/index.ts +3 -0
package/src/renderer/components/OnboardingModal.tsx +698 -0
package/src/renderer/components/PairingCodeDisplay.tsx +324 -0
package/src/renderer/components/PersonalitySettings.tsx +597 -0
package/src/renderer/components/QueueSettings.tsx +119 -0
package/src/renderer/components/QuickTaskFAB.tsx +71 -0
package/src/renderer/components/RightPanel.tsx +413 -0
package/src/renderer/components/ScheduledTasksSettings.tsx +1328 -0
package/src/renderer/components/SearchSettings.tsx +328 -0
package/src/renderer/components/Settings.tsx +1504 -0
package/src/renderer/components/Sidebar.tsx +344 -0
package/src/renderer/components/SignalSettings.tsx +673 -0
package/src/renderer/components/SkillHubBrowser.tsx +458 -0
package/src/renderer/components/SkillParameterModal.tsx +185 -0
package/src/renderer/components/SkillsSettings.tsx +451 -0
package/src/renderer/components/SlackSettings.tsx +442 -0
package/src/renderer/components/StandupReportViewer.tsx +614 -0
package/src/renderer/components/TaskBoard.tsx +498 -0
package/src/renderer/components/TaskBoardCard.tsx +357 -0
package/src/renderer/components/TaskBoardColumn.tsx +211 -0
package/src/renderer/components/TaskLabelManager.tsx +472 -0
package/src/renderer/components/TaskQueuePanel.tsx +144 -0
package/src/renderer/components/TaskQuickActions.tsx +492 -0
package/src/renderer/components/TaskTimeline.tsx +216 -0
package/src/renderer/components/TaskView.tsx +162 -0
package/src/renderer/components/TeamsSettings.tsx +518 -0
package/src/renderer/components/TelegramSettings.tsx +421 -0
package/src/renderer/components/Toast.tsx +76 -0
package/src/renderer/components/TraySettings.tsx +189 -0
package/src/renderer/components/TwitchSettings.tsx +511 -0
package/src/renderer/components/UpdateSettings.tsx +295 -0
package/src/renderer/components/VoiceIndicator.tsx +270 -0
package/src/renderer/components/VoiceSettings.tsx +867 -0
package/src/renderer/components/WhatsAppSettings.tsx +721 -0
package/src/renderer/components/WorkingStateEditor.tsx +309 -0
package/src/renderer/components/WorkingStateHistory.tsx +481 -0
package/src/renderer/components/WorkspaceSelector.tsx +150 -0
package/src/renderer/components/XSettings.tsx +311 -0
package/src/renderer/global.d.ts +9 -0
package/src/renderer/hooks/useAgentContext.ts +153 -0
package/src/renderer/hooks/useOnboardingFlow.ts +548 -0
package/src/renderer/hooks/useVoiceInput.ts +268 -0
package/src/renderer/index.html +12 -0
package/src/renderer/main.tsx +10 -0
package/src/renderer/public/cowork-os-logo.png +0 -0
package/src/renderer/quick-input.html +164 -0
package/src/renderer/styles/index.css +14504 -0
package/src/renderer/utils/agentMessages.ts +749 -0
package/src/renderer/utils/voice-directives.ts +169 -0
package/src/shared/channelMessages.ts +213 -0
package/src/shared/types.ts +3608 -0
package/tsconfig.electron.json +26 -0
package/tsconfig.json +26 -0
package/tsconfig.node.json +10 -0
package/vite.config.ts +23 -0

package/src/electron/control-plane/server.ts ADDED Viewed

@@ -0,0 +1,853 @@
+/**
+ * WebSocket Control Plane Server
+ *
+ * The main WebSocket server that handles client connections, authentication,
+ * and message routing for the control plane.
+ */
+import http from 'http';
+import { WebSocketServer, WebSocket } from 'ws';
+import crypto from 'crypto';
+import {
+  Frame,
+  RequestFrame,
+  FrameType,
+  parseFrame,
+  serializeFrame,
+  createResponseFrame,
+  createErrorResponse,
+  createEventFrame,
+  ErrorCodes,
+  Events,
+  Methods,
+} from './protocol';
+import {
+  ControlPlaneClient,
+  ClientRegistry,
+  type ClientScope,
+} from './client';
+import {
+  ControlPlaneSettingsManager,
+  type ControlPlaneSettings,
+} from './settings';
+import {
+  startTailscaleExposure,
+  stopTailscaleExposure,
+  getExposureStatus,
+  type TailscaleExposureResult,
+} from '../tailscale';
+/**
+ * Control plane server configuration
+ */
+export interface ControlPlaneConfig {
+  /** Port to listen on (default: 18789) */
+  port?: number;
+  /** Host to bind to (default: 127.0.0.1) */
+  host?: string;
+  /** Authentication token */
+  token: string;
+  /** Handshake timeout in milliseconds (default: 10000) */
+  handshakeTimeoutMs?: number;
+  /** Heartbeat interval in milliseconds (default: 30000) */
+  heartbeatIntervalMs?: number;
+  /** Cleanup interval in milliseconds for disconnected clients (default: 60000) */
+  cleanupIntervalMs?: number;
+  /** Maximum payload size in bytes (default: 10MB) */
+  maxPayloadBytes?: number;
+  /** Maximum failed auth attempts before temporary ban (default: 5) */
+  maxAuthAttempts?: number;
+  /** Auth ban duration in milliseconds (default: 300000 = 5 minutes) */
+  authBanDurationMs?: number;
+  /** Event handler for server events */
+  onEvent?: (event: ControlPlaneServerEvent) => void;
+}
+/**
+ * Server events emitted for monitoring
+ */
+export interface ControlPlaneServerEvent {
+  action: 'started' | 'stopped' | 'client_connected' | 'client_disconnected' | 'client_authenticated' | 'request' | 'error';
+  timestamp: number;
+  clientId?: string;
+  method?: string;
+  error?: string;
+  details?: unknown;
+}
+/**
+ * Method handler function signature
+ */
+export type MethodHandler = (
+  client: ControlPlaneClient,
+  params?: unknown
+) => Promise<unknown>;
+/**
+ * WebSocket Control Plane Server
+ */
+export class ControlPlaneServer {
+  private httpServer: http.Server | null = null;
+  private wss: WebSocketServer | null = null;
+  private clients: ClientRegistry;
+  private config: Required<ControlPlaneConfig>;
+  private methods: Map<string, MethodHandler> = new Map();
+  private heartbeatInterval: NodeJS.Timeout | null = null;
+  private cleanupInterval: NodeJS.Timeout | null = null;
+  private tailscaleCleanup: (() => Promise<void>) | null = null;
+  // Rate limiting for auth attempts: Map<remoteAddress, { attempts: number, bannedUntil?: number }>
+  private authAttempts: Map<string, { attempts: number; bannedUntil?: number }> = new Map();
+  constructor(config: ControlPlaneConfig) {
+    this.config = {
+      port: config.port ?? 18789,
+      host: config.host ?? '127.0.0.1',
+      token: config.token,
+      handshakeTimeoutMs: config.handshakeTimeoutMs ?? 10000,
+      heartbeatIntervalMs: config.heartbeatIntervalMs ?? 30000,
+      cleanupIntervalMs: config.cleanupIntervalMs ?? 60000,
+      maxPayloadBytes: config.maxPayloadBytes ?? 10 * 1024 * 1024,
+      maxAuthAttempts: config.maxAuthAttempts ?? 5,
+      authBanDurationMs: config.authBanDurationMs ?? 5 * 60 * 1000, // 5 minutes
+      onEvent: config.onEvent ?? (() => {}),
+    };
+    this.clients = new ClientRegistry();
+    this.registerBuiltinMethods();
+  }
+  /**
+   * Check if the server is running
+   */
+  get isRunning(): boolean {
+    return this.httpServer !== null && this.wss !== null;
+  }
+  /**
+   * Get server address
+   */
+  getAddress(): { host: string; port: number; wsUrl: string } | null {
+    if (!this.httpServer) return null;
+    const addr = this.httpServer.address();
+    if (typeof addr === 'string' || !addr) return null;
+    return {
+      host: addr.address,
+      port: addr.port,
+      wsUrl: `ws://${addr.address}:${addr.port}`,
+    };
+  }
+  /**
+   * Start the control plane server
+   */
+  async start(): Promise<void> {
+    if (this.isRunning) {
+      console.info('[ControlPlane] Server already running');
+      return;
+    }
+    return new Promise((resolve, reject) => {
+      // Create HTTP server for WebSocket upgrade
+      this.httpServer = http.createServer((req, res) => {
+        // Health check endpoint
+        if (req.url === '/health' && req.method === 'GET') {
+          res.writeHead(200, { 'Content-Type': 'application/json' });
+          res.end(JSON.stringify({
+            status: 'ok',
+            timestamp: Date.now(),
+            clients: this.clients.count,
+          }));
+          return;
+        }
+        // Return 404 for other HTTP requests
+        res.writeHead(404, { 'Content-Type': 'application/json' });
+        res.end(JSON.stringify({ error: 'Not found' }));
+      });
+      // Create WebSocket server
+      this.wss = new WebSocketServer({
+        server: this.httpServer,
+        maxPayload: this.config.maxPayloadBytes,
+      });
+      // Handle new connections
+      this.wss.on('connection', (socket, request) => {
+        this.handleConnection(socket, request);
+      });
+      this.wss.on('error', (error) => {
+        console.error('[ControlPlane] WebSocket server error:', error);
+        this.emitEvent({ action: 'error', timestamp: Date.now(), error: String(error) });
+      });
+      this.httpServer.on('error', (error) => {
+        console.error('[ControlPlane] HTTP server error:', error);
+        reject(error);
+      });
+      // Start listening
+      this.httpServer.listen(this.config.port, this.config.host, () => {
+        console.info(`[ControlPlane] Server listening on ws://${this.config.host}:${this.config.port}`);
+        this.emitEvent({ action: 'started', timestamp: Date.now() });
+        // Start heartbeat interval
+        this.startHeartbeat();
+        // Start cleanup interval
+        this.startCleanup();
+        resolve();
+      });
+    });
+  }
+  /**
+   * Start with Tailscale exposure
+   */
+  async startWithTailscale(): Promise<TailscaleExposureResult | null> {
+    const settings = ControlPlaneSettingsManager.loadSettings();
+    // Start the WebSocket server first
+    await this.start();
+    // If Tailscale is configured, start exposure
+    if (settings.tailscale.mode !== 'off') {
+      const result = await startTailscaleExposure({
+        mode: settings.tailscale.mode,
+        port: this.config.port,
+        resetOnExit: settings.tailscale.resetOnExit,
+        log: (msg) => console.log(msg),
+        warn: (msg) => console.warn(msg),
+      });
+      if (result.cleanup) {
+        this.tailscaleCleanup = result.cleanup;
+      }
+      return result;
+    }
+    return null;
+  }
+  /**
+   * Stop the control plane server
+   */
+  async stop(): Promise<void> {
+    // Stop heartbeat
+    if (this.heartbeatInterval) {
+      clearInterval(this.heartbeatInterval);
+      this.heartbeatInterval = null;
+    }
+    // Stop cleanup
+    if (this.cleanupInterval) {
+      clearInterval(this.cleanupInterval);
+      this.cleanupInterval = null;
+    }
+    // Cleanup Tailscale
+    if (this.tailscaleCleanup) {
+      await this.tailscaleCleanup();
+      this.tailscaleCleanup = null;
+    }
+    // Broadcast shutdown event
+    this.clients.broadcast(Events.SHUTDOWN, { reason: 'Server stopping' });
+    // Close all client connections
+    this.clients.closeAll(1001, 'Server shutting down');
+    // Close WebSocket server
+    if (this.wss) {
+      this.wss.close();
+      this.wss = null;
+    }
+    // Close HTTP server
+    if (this.httpServer) {
+      return new Promise((resolve) => {
+        this.httpServer!.close(() => {
+          console.info('[ControlPlane] Server stopped');
+          this.emitEvent({ action: 'stopped', timestamp: Date.now() });
+          this.httpServer = null;
+          resolve();
+        });
+      });
+    }
+  }
+  /**
+   * Register a method handler
+   */
+  registerMethod(method: string, handler: MethodHandler): void {
+    this.methods.set(method, handler);
+  }
+  /**
+   * Get server status
+   */
+  getStatus(): {
+    running: boolean;
+    address: ReturnType<ControlPlaneServer['getAddress']>;
+    clients: ReturnType<ClientRegistry['getStatus']>;
+    tailscale: ReturnType<typeof getExposureStatus>;
+  } {
+    return {
+      running: this.isRunning,
+      address: this.getAddress(),
+      clients: this.clients.getStatus(),
+      tailscale: getExposureStatus(),
+    };
+  }
+  /**
+   * Broadcast an event to all authenticated clients
+   */
+  broadcast(event: string, payload?: unknown): number {
+    return this.clients.broadcast(event, payload);
+  }
+  // ===== Private Methods =====
+  /**
+   * Handle a new WebSocket connection
+   */
+  private handleConnection(socket: WebSocket, request: http.IncomingMessage): void {
+    const remoteAddress =
+      (request.headers['x-forwarded-for'] as string)?.split(',')[0]?.trim() ||
+      request.socket.remoteAddress ||
+      'unknown';
+    const userAgent = request.headers['user-agent'];
+    const origin = request.headers['origin'];
+    const client = new ControlPlaneClient(socket, remoteAddress, userAgent, origin);
+    this.clients.add(client);
+    console.info(`[ControlPlane] Client connected: ${client.id} from ${remoteAddress}`);
+    this.emitEvent({
+      action: 'client_connected',
+      timestamp: Date.now(),
+      clientId: client.id,
+    });
+    // Send challenge
+    client.sendChallenge();
+    // Set handshake timeout
+    const handshakeTimeout = setTimeout(() => {
+      if (!client.isAuthenticated) {
+        console.warn(`[ControlPlane] Handshake timeout for client ${client.id}`);
+        client.close(4008, 'Handshake timeout');
+      }
+    }, this.config.handshakeTimeoutMs);
+    // Handle messages
+    socket.on('message', async (data) => {
+      try {
+        const message = data.toString();
+        await this.handleMessage(client, message);
+      } catch (error) {
+        console.error(`[ControlPlane] Message handling error:`, error);
+      }
+    });
+    // Handle close
+    socket.on('close', (code, reason) => {
+      clearTimeout(handshakeTimeout);
+      // If this was a node, broadcast disconnection event to operators
+      if (client.isNode) {
+        const nodeInfo = client.getNodeInfo();
+        this.clients.broadcastToOperators(Events.NODE_DISCONNECTED, {
+          nodeId: client.id,
+          node: nodeInfo,
+        });
+        console.info(`[ControlPlane] Node disconnected: ${client.id} (${nodeInfo?.displayName || 'unnamed'}) (code: ${code})`);
+      } else {
+        console.info(`[ControlPlane] Client disconnected: ${client.id} (code: ${code})`);
+      }
+      this.clients.remove(client.id);
+      this.emitEvent({
+        action: 'client_disconnected',
+        timestamp: Date.now(),
+        clientId: client.id,
+        details: { code, reason: reason.toString(), wasNode: client.isNode },
+      });
+    });
+    // Handle error
+    socket.on('error', (error) => {
+      console.error(`[ControlPlane] Client error (${client.id}):`, error);
+    });
+  }
+  /**
+   * Handle an incoming message from a client
+   */
+  private async handleMessage(client: ControlPlaneClient, message: string): Promise<void> {
+    const frame = parseFrame(message);
+    if (!frame) {
+      console.warn(`[ControlPlane] Invalid frame from ${client.id}`);
+      return;
+    }
+    client.updateActivity();
+    // Only handle request frames
+    if (frame.type !== FrameType.Request) {
+      return;
+    }
+    const request = frame as RequestFrame;
+    // Handle connect method (authentication)
+    if (request.method === Methods.CONNECT) {
+      await this.handleConnect(client, request);
+      return;
+    }
+    // All other methods require authentication
+    if (!client.isAuthenticated) {
+      client.send(createErrorResponse(
+        request.id,
+        ErrorCodes.UNAUTHORIZED,
+        'Authentication required'
+      ));
+      return;
+    }
+    // Route to method handler
+    await this.handleRequest(client, request);
+  }
+  /**
+   * Handle connect/authentication request
+   */
+  private async handleConnect(client: ControlPlaneClient, request: RequestFrame): Promise<void> {
+    const remoteAddress = client.info.remoteAddress;
+    // Check if IP is banned due to too many failed attempts
+    const authRecord = this.authAttempts.get(remoteAddress);
+    if (authRecord?.bannedUntil && authRecord.bannedUntil > Date.now()) {
+      const remainingMs = authRecord.bannedUntil - Date.now();
+      console.warn(`[ControlPlane] Auth blocked for ${remoteAddress}: banned for ${Math.ceil(remainingMs / 1000)}s`);
+      client.send(createErrorResponse(
+        request.id,
+        ErrorCodes.UNAUTHORIZED,
+        `Too many failed attempts. Try again in ${Math.ceil(remainingMs / 1000)} seconds.`
+      ));
+      client.close(4029, 'Rate limited');
+      return;
+    }
+    const params = request.params as {
+      token?: string;
+      deviceName?: string;
+      nonce?: string;
+      // Node-specific params (Mobile Companions)
+      role?: 'operator' | 'node';
+      client?: {
+        id?: string;
+        displayName?: string;
+        version?: string;
+        platform?: 'ios' | 'android' | 'macos';
+        mode?: string;
+        deviceFamily?: string;
+        modelIdentifier?: string;
+      };
+      capabilities?: string[];
+      commands?: string[];
+      permissions?: Record<string, boolean>;
+    } | undefined;
+    // Verify token
+    const providedToken = params?.token || '';
+    if (!this.verifyToken(providedToken)) {
+      // Track failed attempt
+      this.recordFailedAuth(remoteAddress);
+      client.reject();
+      client.send(createErrorResponse(
+        request.id,
+        ErrorCodes.UNAUTHORIZED,
+        'Invalid token'
+      ));
+      client.close(4001, 'Authentication failed');
+      return;
+    }
+    // Clear auth attempts on success
+    this.authAttempts.delete(remoteAddress);
+    // Check if this is a node (mobile companion) connection
+    const isNode = params?.role === 'node';
+    if (isNode) {
+      // Authenticate as a node
+      const platform = (params?.client?.platform || 'ios') as 'ios' | 'android' | 'macos';
+      const capabilities = (params?.capabilities || []) as any[];
+      const commands = params?.commands || [];
+      const permissions = params?.permissions || {};
+      client.authenticateAsNode({
+        deviceName: params?.client?.displayName || params?.deviceName,
+        platform,
+        version: params?.client?.version || '0.0.0',
+        deviceId: params?.client?.id,
+        modelIdentifier: params?.client?.modelIdentifier,
+        capabilities,
+        commands,
+        permissions,
+      });
+      console.info(`[ControlPlane] Node authenticated: ${client.id} (${params?.client?.displayName || 'unnamed'}) [${platform}]`);
+      this.emitEvent({
+        action: 'client_authenticated',
+        timestamp: Date.now(),
+        clientId: client.id,
+        details: {
+          deviceName: params?.client?.displayName,
+          role: 'node',
+          platform,
+          capabilities,
+        },
+      });
+      // Broadcast node connected event to operators
+      this.clients.broadcastToOperators(Events.NODE_CONNECTED, {
+        nodeId: client.id,
+        node: client.getNodeInfo(),
+      });
+      // Send success response
+      client.send(createResponseFrame(request.id, {
+        clientId: client.id,
+        role: 'node',
+        scopes: ['read'],
+      }));
+    } else {
+      // Authenticate as operator with admin scope
+      const scopes: ClientScope[] = ['admin'];
+      client.authenticate(scopes, params?.deviceName);
+      console.info(`[ControlPlane] Client authenticated: ${client.id} (${params?.deviceName || 'unnamed'})`);
+      this.emitEvent({
+        action: 'client_authenticated',
+        timestamp: Date.now(),
+        clientId: client.id,
+        details: { deviceName: params?.deviceName, role: 'operator' },
+      });
+      // Send success response
+      client.send(createResponseFrame(request.id, {
+        clientId: client.id,
+        role: 'operator',
+        scopes,
+      }));
+    }
+    // Send connect success event
+    client.sendEvent(Events.CONNECT_SUCCESS, {
+      clientId: client.id,
+      serverVersion: '1.0.0',
+    });
+  }
+  /**
+   * Record a failed authentication attempt for rate limiting
+   */
+  private recordFailedAuth(remoteAddress: string): void {
+    const record = this.authAttempts.get(remoteAddress) || { attempts: 0 };
+    record.attempts++;
+    if (record.attempts >= this.config.maxAuthAttempts) {
+      record.bannedUntil = Date.now() + this.config.authBanDurationMs;
+      console.warn(`[ControlPlane] IP ${remoteAddress} banned for ${this.config.authBanDurationMs / 1000}s after ${record.attempts} failed attempts`);
+    }
+    this.authAttempts.set(remoteAddress, record);
+  }
+  /**
+   * Handle an authenticated request
+   */
+  private async handleRequest(client: ControlPlaneClient, request: RequestFrame): Promise<void> {
+    const handler = this.methods.get(request.method);
+    this.emitEvent({
+      action: 'request',
+      timestamp: Date.now(),
+      clientId: client.id,
+      method: request.method,
+    });
+    if (!handler) {
+      client.send(createErrorResponse(
+        request.id,
+        ErrorCodes.UNKNOWN_METHOD,
+        `Unknown method: ${request.method}`
+      ));
+      return;
+    }
+    try {
+      const result = await handler(client, request.params);
+      client.send(createResponseFrame(request.id, result));
+    } catch (error: any) {
+      console.error(`[ControlPlane] Method error (${request.method}):`, error);
+      client.send(createErrorResponse(
+        request.id,
+        ErrorCodes.METHOD_FAILED,
+        error.message || 'Method execution failed',
+        error.details
+      ));
+    }
+  }
+  /**
+   * Verify authentication token
+   */
+  private verifyToken(provided: string): boolean {
+    if (!this.config.token || !provided) return false;
+    const expected = Buffer.from(this.config.token);
+    const actual = Buffer.from(provided);
+    if (expected.length !== actual.length) return false;
+    return crypto.timingSafeEqual(expected, actual);
+  }
+  /**
+   * Register built-in method handlers
+   */
+  private registerBuiltinMethods(): void {
+    // Ping/health check
+    this.registerMethod(Methods.PING, async () => ({
+      pong: true,
+      timestamp: Date.now(),
+    }));
+    this.registerMethod(Methods.HEALTH, async () => ({
+      status: 'ok',
+      timestamp: Date.now(),
+      uptime: process.uptime(),
+    }));
+    // Status
+    this.registerMethod(Methods.STATUS, async () => this.getStatus());
+    // ===== Node (Mobile Companion) Methods =====
+    // List connected nodes
+    this.registerMethod(Methods.NODE_LIST, async () => {
+      return {
+        nodes: this.clients.getNodeInfoList(),
+      };
+    });
+    // Describe a specific node
+    this.registerMethod(Methods.NODE_DESCRIBE, async (client, params) => {
+      const { nodeId } = params as { nodeId?: string };
+      if (!nodeId) {
+        throw { code: ErrorCodes.INVALID_PARAMS, message: 'nodeId is required' };
+      }
+      const node = this.clients.getNodeByIdOrName(nodeId);
+      if (!node) {
+        throw { code: ErrorCodes.NODE_NOT_FOUND, message: `Node not found: ${nodeId}` };
+      }
+      return {
+        node: node.getNodeInfo(),
+      };
+    });
+    // Invoke a command on a node
+    this.registerMethod(Methods.NODE_INVOKE, async (client, params) => {
+      const { nodeId, command, params: commandParams, timeoutMs = 30000 } = params as {
+        nodeId?: string;
+        command?: string;
+        params?: Record<string, unknown>;
+        timeoutMs?: number;
+      };
+      if (!nodeId) {
+        throw { code: ErrorCodes.INVALID_PARAMS, message: 'nodeId is required' };
+      }
+      if (!command) {
+        throw { code: ErrorCodes.INVALID_PARAMS, message: 'command is required' };
+      }
+      const node = this.clients.getNodeByIdOrName(nodeId);
+      if (!node) {
+        throw { code: ErrorCodes.NODE_NOT_FOUND, message: `Node not found: ${nodeId}` };
+      }
+      // Check if node supports this command
+      const nodeInfo = node.getNodeInfo();
+      if (!nodeInfo?.commands.includes(command)) {
+        throw {
+          code: ErrorCodes.NODE_COMMAND_FAILED,
+          message: `Node does not support command: ${command}`,
+        };
+      }
+      // Check if node is in foreground (required for most commands)
+      if (!nodeInfo.isForeground && ['camera.snap', 'camera.clip', 'screen.record'].includes(command)) {
+        throw {
+          code: ErrorCodes.NODE_BACKGROUND_UNAVAILABLE,
+          message: 'Node app must be in foreground for this command',
+        };
+      }
+      // Forward the command to the node
+      return await this.invokeNodeCommand(node, command, commandParams, timeoutMs);
+    });
+    // Handle node events (from nodes to gateway)
+    this.registerMethod(Methods.NODE_EVENT, async (client, params) => {
+      if (!client.isNode) {
+        throw { code: ErrorCodes.UNAUTHORIZED, message: 'Only nodes can send node events' };
+      }
+      const { event, payload } = params as { event?: string; payload?: unknown };
+      if (!event) {
+        throw { code: ErrorCodes.INVALID_PARAMS, message: 'event is required' };
+      }
+      // Handle specific node events
+      if (event === 'foreground_changed') {
+        const isForeground = (payload as any)?.isForeground ?? true;
+        client.setForeground(isForeground);
+        this.clients.broadcastToOperators(Events.NODE_EVENT, {
+          nodeId: client.id,
+          event: 'foreground_changed',
+          isForeground,
+        });
+      } else if (event === 'capabilities_changed') {
+        const { capabilities, commands, permissions } = payload as any;
+        if (capabilities && commands && permissions) {
+          client.updateCapabilities(capabilities, commands, permissions);
+          this.clients.broadcastToOperators(Events.NODE_CAPABILITIES_CHANGED, {
+            nodeId: client.id,
+            node: client.getNodeInfo(),
+          });
+        }
+      }
+      return { ok: true };
+    });
+  }
+  /**
+   * Invoke a command on a node and wait for response
+   */
+  private async invokeNodeCommand(
+    node: ControlPlaneClient,
+    command: string,
+    params: Record<string, unknown> | undefined,
+    timeoutMs: number
+  ): Promise<{ ok: boolean; payload?: unknown; error?: { code: string; message: string } }> {
+    return new Promise((resolve) => {
+      const requestId = crypto.randomUUID();
+      let timeoutHandle: NodeJS.Timeout;
+      // Set up one-time response handler
+      const handleResponse = (data: Buffer | string) => {
+        try {
+          const message = data.toString();
+          const frame = parseFrame(message);
+          if (frame && frame.type === FrameType.Response && (frame as any).id === requestId) {
+            clearTimeout(timeoutHandle);
+            node.info.socket.removeListener('message', handleResponse);
+            const response = frame as any;
+            if (response.ok) {
+              resolve({ ok: true, payload: response.payload });
+            } else {
+              resolve({
+                ok: false,
+                error: response.error || { code: 'UNKNOWN', message: 'Command failed' },
+              });
+            }
+          }
+        } catch {
+          // Ignore parse errors
+        }
+      };
+      node.info.socket.on('message', handleResponse);
+      // Set timeout
+      timeoutHandle = setTimeout(() => {
+        node.info.socket.removeListener('message', handleResponse);
+        resolve({
+          ok: false,
+          error: { code: ErrorCodes.NODE_TIMEOUT, message: `Command timed out after ${timeoutMs}ms` },
+        });
+      }, timeoutMs);
+      // Send command to node
+      const requestFrame = {
+        type: FrameType.Request,
+        id: requestId,
+        method: 'node.invoke',
+        params: { command, params },
+      };
+      node.info.socket.send(JSON.stringify(requestFrame));
+    });
+  }
+  /**
+   * Start heartbeat interval
+   */
+  private startHeartbeat(): void {
+    this.heartbeatInterval = setInterval(() => {
+      const event = createEventFrame(Events.HEARTBEAT, {
+        timestamp: Date.now(),
+        clients: this.clients.count,
+      });
+      for (const client of this.clients.getAuthenticated()) {
+        client.send(event);
+        client.updateHeartbeat();
+      }
+    }, this.config.heartbeatIntervalMs);
+  }
+  /**
+   * Start cleanup interval
+   */
+  private startCleanup(): void {
+    this.cleanupInterval = setInterval(() => {
+      const removed = this.clients.cleanup();
+      if (removed > 0) {
+        console.info(`[ControlPlane] Cleaned up ${removed} disconnected clients`);
+      }
+      // Also clean up expired auth bans
+      const now = Date.now();
+      for (const [ip, record] of this.authAttempts) {
+        if (record.bannedUntil && record.bannedUntil < now) {
+          this.authAttempts.delete(ip);
+        }
+      }
+    }, this.config.cleanupIntervalMs);
+  }
+  /**
+   * Emit a server event
+   */
+  private emitEvent(event: ControlPlaneServerEvent): void {
+    if (this.config.onEvent) {
+      try {
+        this.config.onEvent(event);
+      } catch (error) {
+        console.error('[ControlPlane] Event handler error:', error);
+      }
+    }
+  }
+}