debug-toolkit 0.4.0

package/dist/security.js

@@ -0,0 +1,158 @@
+import { resolve, relative } from "node:path";
+import { realpathSync, existsSync, readFileSync, writeFileSync, appendFileSync } from "node:fs";
+// --- Path traversal protection ---
+/**
+ * Validate that a file path is within the project root.
+ * Resolves symlinks and rejects paths that escape the boundary.
+ */
+export function validateFilePath(filePath, projectRoot) {
+    // Resolve the project root to its real path (handles symlinks like /tmp → /private/tmp)
+    const realRoot = existsSync(projectRoot) ? realpathSync(projectRoot) : resolve(projectRoot);
+    // Resolve filePath: if absolute, resolve it independently then check containment
+    const rawResolved = resolve(projectRoot, filePath);
+    const resolved = existsSync(rawResolved) ? realpathSync(rawResolved) : resolve(realRoot, relative(resolve(projectRoot), rawResolved));
+    // Check the resolved path is within project root
+    const rel = relative(realRoot, resolved);
+    if (rel.startsWith("..") || resolve(rel) === rel) {
+        throw new Error(`Security: path "${filePath}" resolves outside project root "${projectRoot}"`);
+    }
+    // If file exists, also check the real path (resolves symlinks)
+    if (existsSync(resolved)) {
+        const real = realpathSync(resolved);
+        const realRel = relative(realRoot, real);
+        if (realRel.startsWith("..")) {
+            throw new Error(`Security: symlink "${filePath}" points outside project root`);
+        }
+    }
+    // Reject system paths (only if project root is NOT inside them)
+    const dangerous = ["/etc/", "/usr/", "/bin/", "/sbin/", "/var/", "/root/"];
+    for (const prefix of dangerous) {
+        if (resolved.startsWith(prefix) && !realRoot.startsWith(prefix.slice(0, -1))) {
+            throw new Error(`Security: refusing to access system path "${resolved}"`);
+        }
+    }
+    return resolved;
+}
+// --- Command injection protection ---
+const SHELL_METACHAR_RE = /[;&|`$(){}[\]!<>\\]/;
+/**
+ * Validate a command string for obvious injection attempts.
+ * We allow commands but reject chaining operators.
+ */
+export function validateCommand(command) {
+    const trimmed = command.trim();
+    if (!trimmed)
+        throw new Error("Security: empty command");
+    // Block obvious shell injection patterns
+    if (trimmed.includes("&&") || trimmed.includes("||") || trimmed.includes(";")) {
+        // Allow these only if they look like a normal dev command
+        // e.g., "npm run build && npm test" is fine
+        // But "; rm -rf /" is not
+        const parts = trimmed.split(/[;&|]+/).map((s) => s.trim());
+        for (const part of parts) {
+            if (part.startsWith("rm ") || part.startsWith("curl ") ||
+                part.includes("> /") || part.includes("| sh") ||
+                part.includes("eval ") || part.includes("exec ")) {
+                throw new Error(`Security: potentially dangerous command "${part}"`);
+            }
+        }
+    }
+    return trimmed;
+}
+// --- Sensitive data redaction ---
+const REDACTION_PATTERNS = [
+    // Authorization headers in captured output
+    [/(?:Authorization|Bearer|Token|X-API-Key)[:=]\s*["']?[A-Za-z0-9._\-/+=]{8,}["']?/gi, "[REDACTED_AUTH]"],
+    // JWT tokens
+    [/eyJ[A-Za-z0-9_-]{4,}\.[A-Za-z0-9_-]{4,}\.[A-Za-z0-9_-]{4,}/g, "[REDACTED_JWT]"],
+    // Common secret patterns in env vars and output
+    [/(?:password|passwd|secret|api_key|apikey|access_token|private_key|credentials?)[\s=:]+["']?[^\s"']{8,}["']?/gi, "[REDACTED_SECRET]"],
+    // AWS keys
+    [/(?:AKIA|ABIA|ACCA|ASIA)[A-Z0-9]{16}/g, "[REDACTED_AWS_KEY]"],
+    // Connection strings with credentials
+    [/(?:postgres|mysql|mongodb|redis):\/\/[^:]+:[^@]+@/gi, "[REDACTED_CONNECTION_STRING]://***@"],
+    // GitHub tokens
+    [/gh[pousr]_[A-Za-z0-9_]{36,}/g, "[REDACTED_GITHUB_TOKEN]"],
+    // npm tokens
+    [/npm_[A-Za-z0-9]{36,}/g, "[REDACTED_NPM_TOKEN]"],
+    // Generic hex secrets (32+ chars, likely API keys)
+    [/(?:key|token|secret|password)["']?\s*[:=]\s*["']?[a-f0-9]{32,}["']?/gi, "[REDACTED_HEX_SECRET]"],
+];
+/**
+ * Redact sensitive information from captured text.
+ */
+export function redactSensitiveData(text) {
+    let result = text;
+    for (const [pattern, replacement] of REDACTION_PATTERNS) {
+        result = result.replace(pattern, replacement);
+    }
+    return result;
+}
+/**
+ * Redact sensitive headers from captured network requests.
+ */
+export function redactHeaders(headers) {
+    const sensitiveHeaders = new Set([
+        "authorization",
+        "cookie",
+        "set-cookie",
+        "x-api-key",
+        "x-auth-token",
+        "proxy-authorization",
+    ]);
+    const redacted = {};
+    for (const [key, value] of Object.entries(headers)) {
+        if (sensitiveHeaders.has(key.toLowerCase())) {
+            redacted[key] = "[REDACTED]";
+        }
+        else {
+            redacted[key] = value;
+        }
+    }
+    return redacted;
+}
+// --- Auto .gitignore management ---
+/**
+ * Ensure .debug/ is in .gitignore.
+ */
+export function ensureGitignore(projectRoot) {
+    const gitignorePath = resolve(projectRoot, ".gitignore");
+    if (existsSync(gitignorePath)) {
+        const content = readFileSync(gitignorePath, "utf-8");
+        if (content.includes(".debug/") || content.includes(".debug")) {
+            return; // Already ignored
+        }
+        appendFileSync(gitignorePath, "\n# debug-toolkit session data\n.debug/\n");
+    }
+    else {
+        writeFileSync(gitignorePath, "# debug-toolkit session data\n.debug/\n");
+    }
+}
+// --- Expression sanitization ---
+/**
+ * Validate that an instrumentation expression is safe to inject.
+ * Prevents code injection via the expression parameter.
+ */
+export function validateExpression(expression) {
+    const trimmed = expression.trim();
+    if (!trimmed)
+        throw new Error("Empty expression");
+    // Block only actual code execution patterns, not property access
+    const dangerous = [
+        /\beval\s*\(/,
+        /\bFunction\s*\(/,
+        /\bprocess\.exit\s*\(/,
+        /\brequire\s*\(\s*['"`]/,
+        /\bimport\s*\(\s*['"`]/,
+        /\bexec\s*\(/,
+        /\bexecSync\s*\(/,
+        /\bspawn\s*\(/,
+    ];
+    for (const pattern of dangerous) {
+        if (pattern.test(trimmed)) {
+            throw new Error(`Security: expression "${trimmed}" contains potentially dangerous code`);
+        }
+    }
+    return trimmed;
+}
+//# sourceMappingURL=security.js.map

package/dist/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEhG,oCAAoC;AAEpC;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAgB,EAAE,WAAmB;IACpE,wFAAwF;IACxF,MAAM,QAAQ,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC5F,iFAAiF;IACjF,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC;IAEtI,iDAAiD;IACjD,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACzC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CACb,mBAAmB,QAAQ,oCAAoC,WAAW,GAAG,CAC9E,CAAC;IACJ,CAAC;IAED,+DAA+D;IAC/D,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACzC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CACb,sBAAsB,QAAQ,+BAA+B,CAC9D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,MAAM,SAAS,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC3E,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;QAC/B,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,MAAM,IAAI,KAAK,CAAC,6CAA6C,QAAQ,GAAG,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,uCAAuC;AAEvC,MAAM,iBAAiB,GAAG,qBAAqB,CAAC;AAEhD;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAC/B,IAAI,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAEzD,yCAAyC;IACzC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9E,0DAA0D;QAC1D,4CAA4C;QAC5C,0BAA0B;QAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;gBAClD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC7C,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,GAAG,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,mCAAmC;AAEnC,MAAM,kBAAkB,GAA4B;IAClD,2CAA2C;IAC3C,CAAC,mFAAmF,EAAE,iBAAiB,CAAC;IACxG,aAAa;IACb,CAAC,6DAA6D,EAAE,gBAAgB,CAAC;IACjF,gDAAgD;IAChD,CAAC,+GAA+G,EAAE,mBAAmB,CAAC;IACtI,WAAW;IACX,CAAC,sCAAsC,EAAE,oBAAoB,CAAC;IAC9D,sCAAsC;IACtC,CAAC,qDAAqD,EAAE,qCAAqC,CAAC;IAC9F,gBAAgB;IAChB,CAAC,8BAA8B,EAAE,yBAAyB,CAAC;IAC3D,aAAa;IACb,CAAC,uBAAuB,EAAE,sBAAsB,CAAC;IACjD,mDAAmD;IACnD,CAAC,uEAAuE,EAAE,uBAAuB,CAAC;CACnG,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,IAAI,MAAM,GAAG,IAAI,CAAC;IAClB,KAAK,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,kBAAkB,EAAE,CAAC;QACxD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,OAA+B;IAE/B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;QAC/B,eAAe;QACf,QAAQ;QACR,YAAY;QACZ,WAAW;QACX,cAAc;QACd,qBAAqB;KACtB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAC5C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACnD,IAAI,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC5C,QAAQ,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,qCAAqC;AAErC;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,WAAmB;IACjD,MAAM,aAAa,GAAG,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAEzD,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACrD,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9D,OAAO,CAAC,kBAAkB;QAC5B,CAAC;QACD,cAAc,CAAC,aAAa,EAAE,2CAA2C,CAAC,CAAC;IAC7E,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,aAAa,EAAE,yCAAyC,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC;AAED,kCAAkC;AAElC;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,UAAkB;IACnD,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;IAClC,IAAI,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;IAElD,iEAAiE;IACjE,MAAM,SAAS,GAAG;QAChB,aAAa;QACb,iBAAiB;QACjB,sBAAsB;QACtB,wBAAwB;QACxB,uBAAuB;QACvB,aAAa;QACb,iBAAiB;QACjB,cAAc;KACf,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;QAChC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,yBAAyB,OAAO,uCAAuC,CACxE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/session.d.ts

@@ -0,0 +1,53 @@
+export interface Hypothesis {
+    id: string;
+    text: string;
+    status: "testing" | "confirmed" | "rejected";
+    evidence: string[];
+}
+export interface InstrumentationRecord {
+    id: string;
+    filePath: string;
+    lineNumber: number;
+    markerTag: string;
+    language: string;
+    insertedCode: string;
+    active: boolean;
+    hypothesisId: string | null;
+}
+export interface Capture {
+    id: string;
+    timestamp: string;
+    source: "terminal" | "browser-console" | "browser-network" | "browser-error" | "environment" | "tauri-log";
+    markerTag: string | null;
+    data: unknown;
+    hypothesisId: string | null;
+}
+export interface FileSnapshot {
+    filePath: string;
+    content: string;
+    takenAt: string;
+}
+export interface DebugSession {
+    id: string;
+    version: number;
+    createdAt: string;
+    status: "active" | "resolved" | "abandoned";
+    problem: string;
+    hypotheses: Hypothesis[];
+    instrumentation: InstrumentationRecord[];
+    captures: Capture[];
+    snapshots: Record<string, FileSnapshot>;
+    diagnosis: string | null;
+    _markerIndex: Record<string, string>;
+}
+export declare const MAX_FILE_SIZE: number;
+export declare function createSession(cwd: string, problem: string): DebugSession;
+export declare function saveSession(cwd: string, session: DebugSession): void;
+export declare function loadSession(cwd: string, sessionId: string): DebugSession;
+export declare function indexMarker(session: DebugSession, tag: string, hypothesisId: string | null): void;
+export declare function lookupHypothesis(session: DebugSession, markerTag: string): string | null;
+export declare function newHypothesisId(): string;
+export declare function newInstrumentationId(): string;
+export declare function newCaptureId(): string;
+export declare function nextMarkerTag(): string;
+export declare function resetMarkerCounter(): void;

package/dist/session.js

@@ -0,0 +1,94 @@
+import { randomBytes } from "node:crypto";
+import { existsSync, mkdirSync, readFileSync, writeFileSync, renameSync } from "node:fs";
+import { join } from "node:path";
+import { ensureGitignore } from "./security.js";
+// --- Constants ---
+export const MAX_FILE_SIZE = 10 * 1024 * 1024;
+const MAX_CAPTURES = 3000;
+const TRIM_TO = 2000;
+// --- Helpers ---
+function uid(prefix) {
+    return `${prefix}_${randomBytes(4).toString("hex")}`;
+}
+function debugDir(cwd) {
+    return join(cwd, ".debug");
+}
+function sessionsDir(cwd) {
+    return join(debugDir(cwd), "sessions");
+}
+function ensureDirs(cwd) {
+    for (const d of [debugDir(cwd), sessionsDir(cwd)]) {
+        if (!existsSync(d))
+            mkdirSync(d, { recursive: true, mode: 0o700 });
+    }
+    ensureGitignore(cwd);
+}
+function atomicWrite(filePath, data) {
+    const tmp = `${filePath}.tmp_${process.pid}`;
+    writeFileSync(tmp, data, { mode: 0o600 });
+    renameSync(tmp, filePath);
+}
+// --- Session CRUD ---
+export function createSession(cwd, problem) {
+    ensureDirs(cwd);
+    const session = {
+        id: uid("dbg"),
+        version: 0,
+        createdAt: new Date().toISOString(),
+        status: "active",
+        problem,
+        hypotheses: [],
+        instrumentation: [],
+        captures: [],
+        snapshots: {},
+        diagnosis: null,
+        _markerIndex: {},
+    };
+    saveSession(cwd, session);
+    return session;
+}
+export function saveSession(cwd, session) {
+    ensureDirs(cwd);
+    // Trim captures to prevent unbounded growth
+    if (session.captures.length > MAX_CAPTURES) {
+        session.captures = session.captures.slice(-TRIM_TO);
+    }
+    session.version++;
+    atomicWrite(join(sessionsDir(cwd), `${session.id}.json`), JSON.stringify(session, null, 2));
+}
+export function loadSession(cwd, sessionId) {
+    const p = join(sessionsDir(cwd), `${sessionId}.json`);
+    if (!existsSync(p))
+        throw new Error(`Session not found: ${sessionId}`);
+    const session = JSON.parse(readFileSync(p, "utf-8"));
+    // Rebuild marker index if missing (backwards compat)
+    if (!session._markerIndex) {
+        session._markerIndex = {};
+        for (const r of session.instrumentation) {
+            if (r.active && r.hypothesisId) {
+                session._markerIndex[r.markerTag] = r.hypothesisId;
+            }
+        }
+    }
+    return session;
+}
+// --- Marker index ---
+export function indexMarker(session, tag, hypothesisId) {
+    if (hypothesisId) {
+        session._markerIndex[tag] = hypothesisId;
+    }
+}
+export function lookupHypothesis(session, markerTag) {
+    return session._markerIndex[markerTag] ?? null;
+}
+// --- ID generators ---
+export function newHypothesisId() { return uid("hyp"); }
+export function newInstrumentationId() { return uid("ins"); }
+export function newCaptureId() { return uid("cap"); }
+let markerCounter = 0;
+export function nextMarkerTag() {
+    markerCounter++;
+    return `DBG_${String(markerCounter).padStart(3, "0")}`;
+}
+export function resetMarkerCounter() { markerCounter = 0; }
+//# sourceMappingURL=session.js.map

package/dist/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACzF,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAoDhD,oBAAoB;AAEpB,MAAM,CAAC,MAAM,aAAa,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AAC9C,MAAM,YAAY,GAAG,IAAI,CAAC;AAC1B,MAAM,OAAO,GAAG,IAAI,CAAC;AAErB,kBAAkB;AAElB,SAAS,GAAG,CAAC,MAAc;IACzB,OAAO,GAAG,MAAM,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;AACvD,CAAC;AAED,SAAS,QAAQ,CAAC,GAAW;IAC3B,OAAO,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,KAAK,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAAE,SAAS,CAAC,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACrE,CAAC;IACD,eAAe,CAAC,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB,EAAE,IAAY;IACjD,MAAM,GAAG,GAAG,GAAG,QAAQ,QAAQ,OAAO,CAAC,GAAG,EAAE,CAAC;IAC7C,aAAa,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC1C,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AAC5B,CAAC;AAED,uBAAuB;AAEvB,MAAM,UAAU,aAAa,CAAC,GAAW,EAAE,OAAe;IACxD,UAAU,CAAC,GAAG,CAAC,CAAC;IAChB,MAAM,OAAO,GAAiB;QAC5B,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC;QACd,OAAO,EAAE,CAAC;QACV,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM,EAAE,QAAQ;QAChB,OAAO;QACP,UAAU,EAAE,EAAE;QACd,eAAe,EAAE,EAAE;QACnB,QAAQ,EAAE,EAAE;QACZ,SAAS,EAAE,EAAE;QACb,SAAS,EAAE,IAAI;QACf,YAAY,EAAE,EAAE;KACjB,CAAC;IACF,WAAW,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IAC1B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,OAAqB;IAC5D,UAAU,CAAC,GAAG,CAAC,CAAC;IAChB,4CAA4C;IAC5C,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,YAAY,EAAE,CAAC;QAC3C,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,CAAC,OAAO,EAAE,CAAC;IAClB,WAAW,CACT,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,GAAG,OAAO,CAAC,EAAE,OAAO,CAAC,EAC5C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CACjC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,SAAiB;IACxD,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,GAAG,SAAS,OAAO,CAAC,CAAC;IACtD,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,sBAAsB,SAAS,EAAE,CAAC,CAAC;IACvE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAiB,CAAC;IACrE,qDAAqD;IACrD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1B,OAAO,CAAC,YAAY,GAAG,EAAE,CAAC;QAC1B,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;YACxC,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC;gBAC/B,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,uBAAuB;AAEvB,MAAM,UAAU,WAAW,CAAC,OAAqB,EAAE,GAAW,EAAE,YAA2B;IACzF,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,YAAY,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAAqB,EAAE,SAAiB;IACvE,OAAO,OAAO,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,IAAI,CAAC;AACjD,CAAC;AAED,wBAAwB;AAExB,MAAM,UAAU,eAAe,KAAa,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAChE,MAAM,UAAU,oBAAoB,KAAa,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACrE,MAAM,UAAU,YAAY,KAAa,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAE7D,IAAI,aAAa,GAAG,CAAC,CAAC;AACtB,MAAM,UAAU,aAAa;IAC3B,aAAa,EAAE,CAAC;IAChB,OAAO,OAAO,MAAM,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AACD,MAAM,UAAU,kBAAkB,KAAW,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC"}

package/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "debug-toolkit",
+  "version": "0.4.0",
+  "description": "Closed-loop debugging toolkit for AI coding agents",
+  "type": "module",
+  "bin": {
+    "debug-toolkit": "./dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc && cp src/injected.js dist/injected.js",
+    "dev": "tsc --watch",
+    "start": "node dist/index.js"
+  },
+  "files": [
+    "dist",
+    "hooks",
+    "SKILL.md"
+  ],
+  "keywords": ["debugging", "ai", "mcp", "developer-tools"],
+  "license": "MIT",
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.1",
+    "http-proxy": "^1.18.1",
+    "tree-kill": "^1.2.2",
+    "ws": "^8.18.0"
+  },
+  "devDependencies": {
+    "@types/http-proxy": "^1.17.16",
+    "@types/node": "^22.13.0",
+    "@types/ws": "^8.5.14",
+    "typescript": "^5.7.0"
+  }
+}