npm - erosolar-cli - Versions diffs - 1.5.2 → 1.5.4 - Mend

erosolar-cli 1.5.2 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (346) hide show

package/config/security-deployment.json +54 -0
package/dist/bin/adapters/node/index.js +33 -0
package/dist/bin/adapters/types.js +1 -0
package/dist/bin/alpha-zero/agentWrapper.js +165 -0
package/dist/bin/alpha-zero/codeEvaluator.js +272 -0
package/dist/bin/alpha-zero/competitiveRunner.js +219 -0
package/dist/bin/alpha-zero/index.js +98 -0
package/dist/bin/alpha-zero/introspection.js +298 -0
package/dist/bin/alpha-zero/metricsTracker.js +207 -0
package/dist/bin/alpha-zero/security/core.js +269 -0
package/dist/bin/alpha-zero/security/google.js +308 -0
package/dist/bin/alpha-zero/security/googleLoader.js +40 -0
package/dist/bin/alpha-zero/security/index.js +31 -0
package/dist/bin/alpha-zero/security/simulation.js +274 -0
package/dist/bin/alpha-zero/selfModification.js +231 -0
package/dist/bin/alpha-zero/types.js +30 -0
package/dist/bin/bin/erosolar-optimized.js +205 -0
package/dist/bin/capabilities/agentSpawningCapability.js +116 -0
package/dist/bin/capabilities/bashCapability.js +22 -0
package/dist/bin/capabilities/cloudCapability.js +36 -0
package/dist/bin/capabilities/codeAnalysisCapability.js +22 -0
package/dist/bin/capabilities/codeQualityCapability.js +23 -0
package/dist/bin/capabilities/dependencySecurityCapability.js +22 -0
package/dist/bin/capabilities/devCapability.js +22 -0
package/dist/bin/capabilities/editCapability.js +28 -0
package/dist/bin/capabilities/emailCapability.js +20 -0
package/dist/bin/capabilities/enhancedGitCapability.js +221 -0
package/dist/bin/capabilities/filesystemCapability.js +22 -0
package/dist/bin/capabilities/globCapability.js +28 -0
package/dist/bin/capabilities/interactionCapability.js +20 -0
package/dist/bin/capabilities/learnCapability.js +22 -0
package/dist/bin/capabilities/mcpCapability.js +20 -0
package/dist/bin/capabilities/notebookCapability.js +28 -0
package/dist/bin/capabilities/planningCapability.js +27 -0
package/dist/bin/capabilities/refactoringCapability.js +23 -0
package/dist/bin/capabilities/repoChecksCapability.js +22 -0
package/dist/bin/capabilities/searchCapability.js +22 -0
package/dist/bin/capabilities/skillCapability.js +76 -0
package/dist/bin/capabilities/taskManagementCapability.js +20 -0
package/dist/bin/capabilities/testingCapability.js +23 -0
package/dist/bin/capabilities/toolManifest.js +159 -0
package/dist/bin/capabilities/toolRegistry.js +114 -0
package/dist/bin/capabilities/webCapability.js +20 -0
package/dist/bin/config.js +139 -0
package/dist/bin/contracts/v1/agent.js +7 -0
package/dist/bin/contracts/v1/agentProfileManifest.js +8 -0
package/dist/bin/contracts/v1/agentRules.js +9 -0
package/dist/bin/contracts/v1/toolAccess.js +8 -0
package/dist/bin/core/agent.js +362 -0
package/dist/bin/core/agentProfileManifest.js +187 -0
package/dist/bin/core/agentProfiles.js +34 -0
package/dist/bin/core/agentRulebook.js +135 -0
package/dist/bin/core/agentSchemaLoader.js +233 -0
package/dist/bin/core/contextManager.js +412 -0
package/dist/bin/core/contextWindow.js +122 -0
package/dist/bin/core/customCommands.js +80 -0
package/dist/bin/core/errors/apiKeyErrors.js +114 -0
package/dist/bin/core/errors/errorTypes.js +340 -0
package/dist/bin/core/errors/safetyValidator.js +304 -0
package/dist/bin/core/errors.js +32 -0
package/dist/bin/core/modelDiscovery.js +755 -0
package/dist/bin/core/preferences.js +224 -0
package/dist/bin/core/schemaValidator.js +92 -0
package/dist/bin/core/secretStore.js +199 -0
package/dist/bin/core/sessionStore.js +187 -0
package/dist/bin/core/toolRuntime.js +290 -0
package/dist/bin/core/types.js +1 -0
package/dist/bin/erosolar-optimized.d.ts +12 -0
package/dist/bin/erosolar-optimized.d.ts.map +1 -0
package/dist/bin/erosolar-optimized.js +239 -0
package/dist/bin/erosolar-optimized.js.map +1 -0
package/dist/bin/erosolar.js +14 -0
package/dist/bin/erosolar.js.map +1 -1
package/dist/bin/headless/headlessApp.js +172 -0
package/dist/bin/mcp/config.js +202 -0
package/dist/bin/mcp/stdioClient.js +172 -0
package/dist/bin/mcp/toolBridge.js +104 -0
package/dist/bin/mcp/types.js +1 -0
package/dist/bin/plugins/index.js +113 -0
package/dist/bin/plugins/providers/anthropic/index.js +25 -0
package/dist/bin/plugins/providers/deepseek/index.js +24 -0
package/dist/bin/plugins/providers/google/index.js +26 -0
package/dist/bin/plugins/providers/index.js +19 -0
package/dist/bin/plugins/providers/ollama/index.js +59 -0
package/dist/bin/plugins/providers/openai/index.js +26 -0
package/dist/bin/plugins/providers/xai/index.js +24 -0
package/dist/bin/plugins/tools/agentSpawning/agentSpawningPlugin.js +8 -0
package/dist/bin/plugins/tools/bash/localBashPlugin.js +13 -0
package/dist/bin/plugins/tools/checks/localRepoChecksPlugin.js +13 -0
package/dist/bin/plugins/tools/cloud/cloudPlugin.js +13 -0
package/dist/bin/plugins/tools/codeAnalysis/codeAnalysisPlugin.js +13 -0
package/dist/bin/plugins/tools/codeQuality/codeQualityPlugin.js +13 -0
package/dist/bin/plugins/tools/dependency/dependencyPlugin.js +11 -0
package/dist/bin/plugins/tools/development/devPlugin.js +13 -0
package/dist/bin/plugins/tools/edit/editPlugin.js +14 -0
package/dist/bin/plugins/tools/email/emailPlugin.js +11 -0
package/dist/bin/plugins/tools/enhancedGit/enhancedGitPlugin.js +8 -0
package/dist/bin/plugins/tools/filesystem/localFilesystemPlugin.js +13 -0
package/dist/bin/plugins/tools/glob/globPlugin.js +14 -0
package/dist/bin/plugins/tools/index.js +2 -0
package/dist/bin/plugins/tools/interaction/interactionPlugin.js +11 -0
package/dist/bin/plugins/tools/learn/learnPlugin.js +13 -0
package/dist/bin/plugins/tools/mcp/mcpPlugin.js +8 -0
package/dist/bin/plugins/tools/nodeDefaults.js +56 -0
package/dist/bin/plugins/tools/notebook/notebookPlugin.js +14 -0
package/dist/bin/plugins/tools/planning/planningPlugin.js +14 -0
package/dist/bin/plugins/tools/refactoring/refactoringPlugin.js +11 -0
package/dist/bin/plugins/tools/registry.js +57 -0
package/dist/bin/plugins/tools/search/localSearchPlugin.js +13 -0
package/dist/bin/plugins/tools/skills/skillPlugin.js +8 -0
package/dist/bin/plugins/tools/taskManagement/taskManagementPlugin.js +11 -0
package/dist/bin/plugins/tools/testing/testingPlugin.js +11 -0
package/dist/bin/plugins/tools/web/webPlugin.js +11 -0
package/dist/bin/providers/anthropicProvider.js +329 -0
package/dist/bin/providers/googleProvider.js +203 -0
package/dist/bin/providers/openaiChatCompletionsProvider.js +208 -0
package/dist/bin/providers/openaiResponsesProvider.js +249 -0
package/dist/bin/providers/providerFactory.js +24 -0
package/dist/bin/runtime/agentController.js +321 -0
package/dist/bin/runtime/agentHost.js +153 -0
package/dist/bin/runtime/agentSession.js +195 -0
package/dist/bin/runtime/node.js +10 -0
package/dist/bin/runtime/universal.js +28 -0
package/dist/bin/shell/bracketedPasteManager.js +350 -0
package/dist/bin/shell/fileChangeTracker.js +65 -0
package/dist/bin/shell/interactiveShell.js +2908 -0
package/dist/bin/shell/liveStatus.js +78 -0
package/dist/bin/shell/shellApp.js +290 -0
package/dist/bin/shell/systemPrompt.js +60 -0
package/dist/bin/shell/updateManager.js +108 -0
package/dist/bin/skills/skillRepository.js +236 -0
package/dist/bin/skills/types.js +1 -0
package/dist/bin/subagents/taskRunner.js +269 -0
package/dist/bin/tools/backgroundBashTools.js +211 -0
package/dist/bin/tools/bashTools.js +159 -0
package/dist/bin/tools/cloudTools.js +864 -0
package/dist/bin/tools/codeAnalysisTools.js +641 -0
package/dist/bin/tools/codeQualityTools.js +294 -0
package/dist/bin/tools/dependencyTools.js +282 -0
package/dist/bin/tools/devTools.js +238 -0
package/dist/bin/tools/diffUtils.js +137 -0
package/dist/bin/tools/editTools.js +134 -0
package/dist/bin/tools/emailTools.js +448 -0
package/dist/bin/tools/fileTools.js +282 -0
package/dist/bin/tools/globTools.js +173 -0
package/dist/bin/tools/grepTools.js +332 -0
package/dist/bin/tools/interactionTools.js +170 -0
package/dist/bin/tools/learnTools.js +1818 -0
package/dist/bin/tools/notebookEditTools.js +196 -0
package/dist/bin/tools/planningTools.js +46 -0
package/dist/bin/tools/refactoringTools.js +293 -0
package/dist/bin/tools/repoChecksTools.js +160 -0
package/dist/bin/tools/searchTools.js +206 -0
package/dist/bin/tools/skillTools.js +177 -0
package/dist/bin/tools/taskManagementTools.js +156 -0
package/dist/bin/tools/testingTools.js +232 -0
package/dist/bin/tools/webTools.js +480 -0
package/dist/bin/ui/ShellUIAdapter.js +459 -0
package/dist/bin/ui/UnifiedUIController.js +183 -0
package/dist/bin/ui/animation/AnimationScheduler.js +430 -0
package/dist/bin/ui/codeHighlighter.js +854 -0
package/dist/bin/ui/designSystem.js +121 -0
package/dist/bin/ui/display.js +1222 -0
package/dist/bin/ui/interrupts/InterruptManager.js +437 -0
package/dist/bin/ui/layout.js +139 -0
package/dist/bin/ui/orchestration/StatusOrchestrator.js +403 -0
package/dist/bin/ui/outputMode.js +38 -0
package/dist/bin/ui/persistentPrompt.js +183 -0
package/dist/bin/ui/richText.js +338 -0
package/dist/bin/ui/shortcutsHelp.js +87 -0
package/dist/bin/ui/telemetry/UITelemetry.js +443 -0
package/dist/bin/ui/textHighlighter.js +210 -0
package/dist/bin/ui/theme.js +116 -0
package/dist/bin/ui/toolDisplay.js +423 -0
package/dist/bin/ui/toolDisplayAdapter.js +357 -0
package/dist/bin/workspace.js +106 -0
package/dist/bin/workspace.validator.js +213 -0
package/dist/capabilities/cloudCapability.d.ts +13 -0
package/dist/capabilities/cloudCapability.d.ts.map +1 -0
package/dist/capabilities/cloudCapability.js +38 -0
package/dist/capabilities/cloudCapability.js.map +1 -0
package/dist/capabilities/index.d.ts +1 -0
package/dist/capabilities/index.d.ts.map +1 -1
package/dist/capabilities/index.js +1 -0
package/dist/capabilities/index.js.map +1 -1
package/dist/capabilities/offensiveSecurityCapability.d.ts +26 -0
package/dist/capabilities/offensiveSecurityCapability.d.ts.map +1 -0
package/dist/capabilities/offensiveSecurityCapability.js +58 -0
package/dist/capabilities/offensiveSecurityCapability.js.map +1 -0
package/dist/capabilities/realSecurityCapability.d.ts +26 -0
package/dist/capabilities/realSecurityCapability.d.ts.map +1 -0
package/dist/capabilities/realSecurityCapability.js +53 -0
package/dist/capabilities/realSecurityCapability.js.map +1 -0
package/dist/capabilities/securityCapability.d.ts +32 -0
package/dist/capabilities/securityCapability.d.ts.map +1 -0
package/dist/capabilities/securityCapability.js +57 -0
package/dist/capabilities/securityCapability.js.map +1 -0
package/dist/capabilities/ultimateSecurityCapability.d.ts +42 -0
package/dist/capabilities/ultimateSecurityCapability.d.ts.map +1 -0
package/dist/capabilities/ultimateSecurityCapability.js +96 -0
package/dist/capabilities/ultimateSecurityCapability.js.map +1 -0
package/dist/core/LazyLoader.d.ts +129 -0
package/dist/core/LazyLoader.d.ts.map +1 -0
package/dist/core/LazyLoader.js +240 -0
package/dist/core/LazyLoader.js.map +1 -0
package/dist/core/intelligenceTools.d.ts +19 -0
package/dist/core/intelligenceTools.d.ts.map +1 -0
package/dist/core/intelligenceTools.js +453 -0
package/dist/core/intelligenceTools.js.map +1 -0
package/dist/core/operationalTools.d.ts +19 -0
package/dist/core/operationalTools.d.ts.map +1 -0
package/dist/core/operationalTools.js +467 -0
package/dist/core/operationalTools.js.map +1 -0
package/dist/offensive/core/offensive-engine.d.ts +171 -0
package/dist/offensive/core/offensive-engine.d.ts.map +1 -0
package/dist/offensive/core/offensive-engine.js +345 -0
package/dist/offensive/core/offensive-engine.js.map +1 -0
package/dist/offensive/core/offensive-integration.d.ts +129 -0
package/dist/offensive/core/offensive-integration.d.ts.map +1 -0
package/dist/offensive/core/offensive-integration.js +364 -0
package/dist/offensive/core/offensive-integration.js.map +1 -0
package/dist/offensive/core/offensive-tools.d.ts +55 -0
package/dist/offensive/core/offensive-tools.d.ts.map +1 -0
package/dist/offensive/core/offensive-tools.js +438 -0
package/dist/offensive/core/offensive-tools.js.map +1 -0
package/dist/offensive/offensive-cli.d.ts +48 -0
package/dist/offensive/offensive-cli.d.ts.map +1 -0
package/dist/offensive/offensive-cli.js +233 -0
package/dist/offensive/offensive-cli.js.map +1 -0
package/dist/plugins/index.d.ts +1 -1
package/dist/plugins/index.d.ts.map +1 -1
package/dist/plugins/index.js +2 -0
package/dist/plugins/index.js.map +1 -1
package/dist/plugins/tools/cloud/cloudPlugin.d.ts +3 -0
package/dist/plugins/tools/cloud/cloudPlugin.d.ts.map +1 -0
package/dist/plugins/tools/cloud/cloudPlugin.js +14 -0
package/dist/plugins/tools/cloud/cloudPlugin.js.map +1 -0
package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
package/dist/plugins/tools/nodeDefaults.js +2 -0
package/dist/plugins/tools/nodeDefaults.js.map +1 -1
package/dist/security/advanced-persistence-research.d.ts +92 -0
package/dist/security/advanced-persistence-research.d.ts.map +1 -0
package/dist/security/advanced-persistence-research.js +195 -0
package/dist/security/advanced-persistence-research.js.map +1 -0
package/dist/security/apt-simulation-cli.d.ts +57 -0
package/dist/security/apt-simulation-cli.d.ts.map +1 -0
package/dist/security/apt-simulation-cli.js +278 -0
package/dist/security/apt-simulation-cli.js.map +1 -0
package/dist/security/apt-simulation-engine-complete.d.ts +97 -0
package/dist/security/apt-simulation-engine-complete.d.ts.map +1 -0
package/dist/security/apt-simulation-engine-complete.js +441 -0
package/dist/security/apt-simulation-engine-complete.js.map +1 -0
package/dist/security/apt-simulation-engine.d.ts +97 -0
package/dist/security/apt-simulation-engine.d.ts.map +1 -0
package/dist/security/apt-simulation-engine.js +441 -0
package/dist/security/apt-simulation-engine.js.map +1 -0
package/dist/security/assessment/vulnerabilityAssessment.d.ts +104 -0
package/dist/security/assessment/vulnerabilityAssessment.d.ts.map +1 -0
package/dist/security/assessment/vulnerabilityAssessment.js +315 -0
package/dist/security/assessment/vulnerabilityAssessment.js.map +1 -0
package/dist/security/authorization/securityAuthorization.d.ts +88 -0
package/dist/security/authorization/securityAuthorization.d.ts.map +1 -0
package/dist/security/authorization/securityAuthorization.js +172 -0
package/dist/security/authorization/securityAuthorization.js.map +1 -0
package/dist/security/authorization.d.ts +45 -0
package/dist/security/authorization.d.ts.map +1 -0
package/dist/security/authorization.js +128 -0
package/dist/security/authorization.js.map +1 -0
package/dist/security/comprehensive-security-research.d.ts +84 -0
package/dist/security/comprehensive-security-research.d.ts.map +1 -0
package/dist/security/comprehensive-security-research.js +211 -0
package/dist/security/comprehensive-security-research.js.map +1 -0
package/dist/security/offensive/exploitationEngine.d.ts +54 -0
package/dist/security/offensive/exploitationEngine.d.ts.map +1 -0
package/dist/security/offensive/exploitationEngine.js +263 -0
package/dist/security/offensive/exploitationEngine.js.map +1 -0
package/dist/security/persistence-analyzer.d.ts +56 -0
package/dist/security/persistence-analyzer.d.ts.map +1 -0
package/dist/security/persistence-analyzer.js +187 -0
package/dist/security/persistence-analyzer.js.map +1 -0
package/dist/security/persistence-cli.d.ts +36 -0
package/dist/security/persistence-cli.d.ts.map +1 -0
package/dist/security/persistence-cli.js +160 -0
package/dist/security/persistence-cli.js.map +1 -0
package/dist/security/persistence-research.d.ts +100 -0
package/dist/security/persistence-research.d.ts.map +1 -0
package/dist/security/persistence-research.js +372 -0
package/dist/security/persistence-research.js.map +1 -0
package/dist/security/real/networkExploitation.d.ts +92 -0
package/dist/security/real/networkExploitation.d.ts.map +1 -0
package/dist/security/real/networkExploitation.js +316 -0
package/dist/security/real/networkExploitation.js.map +1 -0
package/dist/security/real/persistenceImplementation.d.ts +62 -0
package/dist/security/real/persistenceImplementation.d.ts.map +1 -0
package/dist/security/real/persistenceImplementation.js +323 -0
package/dist/security/real/persistenceImplementation.js.map +1 -0
package/dist/security/real/vulnerabilityScanner.d.ts +73 -0
package/dist/security/real/vulnerabilityScanner.d.ts.map +1 -0
package/dist/security/real/vulnerabilityScanner.js +341 -0
package/dist/security/real/vulnerabilityScanner.js.map +1 -0
package/dist/security/research/persistenceResearch.d.ts +97 -0
package/dist/security/research/persistenceResearch.d.ts.map +1 -0
package/dist/security/research/persistenceResearch.js +282 -0
package/dist/security/research/persistenceResearch.js.map +1 -0
package/dist/security/security-testing-framework.d.ts +120 -0
package/dist/security/security-testing-framework.d.ts.map +1 -0
package/dist/security/security-testing-framework.js +372 -0
package/dist/security/security-testing-framework.js.map +1 -0
package/dist/security/simulation/attackSimulation.d.ts +93 -0
package/dist/security/simulation/attackSimulation.d.ts.map +1 -0
package/dist/security/simulation/attackSimulation.js +341 -0
package/dist/security/simulation/attackSimulation.js.map +1 -0
package/dist/shell/bracketedPasteManager.d.ts +76 -0
package/dist/shell/bracketedPasteManager.d.ts.map +1 -1
package/dist/shell/bracketedPasteManager.js +267 -9
package/dist/shell/bracketedPasteManager.js.map +1 -1
package/dist/shell/interactiveShell.d.ts +34 -1
package/dist/shell/interactiveShell.d.ts.map +1 -1
package/dist/shell/interactiveShell.js +304 -24
package/dist/shell/interactiveShell.js.map +1 -1
package/dist/shell/taskCompletionDetector.d.ts +101 -0
package/dist/shell/taskCompletionDetector.d.ts.map +1 -0
package/dist/shell/taskCompletionDetector.js +343 -0
package/dist/shell/taskCompletionDetector.js.map +1 -0
package/dist/tools/cloudTools.d.ts +57 -0
package/dist/tools/cloudTools.d.ts.map +1 -0
package/dist/tools/cloudTools.js +865 -0
package/dist/tools/cloudTools.js.map +1 -0
package/dist/tools/enhancedSecurityTools.d.ts +19 -0
package/dist/tools/enhancedSecurityTools.d.ts.map +1 -0
package/dist/tools/enhancedSecurityTools.js +215 -0
package/dist/tools/enhancedSecurityTools.js.map +1 -0
package/dist/tools/offensiveSecurityTools.d.ts +16 -0
package/dist/tools/offensiveSecurityTools.d.ts.map +1 -0
package/dist/tools/offensiveSecurityTools.js +285 -0
package/dist/tools/offensiveSecurityTools.js.map +1 -0
package/dist/tools/realSecurityTools.d.ts +18 -0
package/dist/tools/realSecurityTools.d.ts.map +1 -0
package/dist/tools/realSecurityTools.js +468 -0
package/dist/tools/realSecurityTools.js.map +1 -0
package/dist/tools/securityTools.d.ts +20 -0
package/dist/tools/securityTools.d.ts.map +1 -0
package/dist/tools/securityTools.js +449 -0
package/dist/tools/securityTools.js.map +1 -0
package/package.json +27 -12
package/scripts/deploy-security-capabilities.js +178 -0

package/dist/bin/alpha-zero/metricsTracker.js ADDED Viewed

@@ -0,0 +1,207 @@
+/**
+ * Alpha Zero 2 - Metrics Tracker
+ *
+ * Performance metrics tracking for agent sessions.
+ *
+ * Principal Investigator: Bo Shang
+ * Framework: erosolar-cli
+ */
+/**
+ * Creates default performance metrics.
+ */
+export function createDefaultMetrics(sessionId) {
+    return {
+        sessionId,
+        totalMessages: 0,
+        totalToolCalls: 0,
+        totalTokensUsed: 0,
+        totalTimeMs: 0,
+        successfulToolCalls: 0,
+        failedToolCalls: 0,
+        codeBlocksGenerated: 0,
+        avgResponseTimeMs: 0,
+        avgCodeQuality: 0,
+        avgAlgorithmEfficiency: 0,
+        avgErrorHandling: 0,
+    };
+}
+/**
+ * Tracks performance metrics for an agent session.
+ */
+export class MetricsTracker {
+    constructor(sessionId) {
+        this.responseTimes = [];
+        this.codeQualityScores = [];
+        this.efficiencyScores = [];
+        this.errorHandlingScores = [];
+        this.traces = [];
+        this.metrics = createDefaultMetrics(sessionId);
+    }
+    /**
+     * Record a message exchange.
+     */
+    recordMessage(elapsedMs, usage) {
+        this.metrics.totalMessages += 1;
+        this.metrics.totalTimeMs += elapsedMs;
+        this.responseTimes.push(elapsedMs);
+        if (usage) {
+            const tokens = usage.totalTokens ?? (usage.inputTokens ?? 0) + (usage.outputTokens ?? 0);
+            this.metrics.totalTokensUsed += tokens;
+        }
+        this.updateAverages();
+    }
+    /**
+     * Record a tool call.
+     */
+    recordToolCall(success) {
+        this.metrics.totalToolCalls += 1;
+        if (success) {
+            this.metrics.successfulToolCalls += 1;
+        }
+        else {
+            this.metrics.failedToolCalls += 1;
+        }
+    }
+    /**
+     * Record code generation.
+     */
+    recordCodeGeneration(codeBlockCount) {
+        this.metrics.codeBlocksGenerated += codeBlockCount;
+    }
+    /**
+     * Record code quality evaluation.
+     */
+    recordCodeQuality(quality) {
+        this.codeQualityScores.push(quality.codeQualityScore);
+        this.efficiencyScores.push(quality.algorithmEfficiency);
+        this.errorHandlingScores.push(quality.errorHandlingScore);
+        this.updateAverages();
+    }
+    /**
+     * Add an execution trace.
+     */
+    addTrace(trace) {
+        this.traces.push(trace);
+        // Keep only the last 100 traces
+        if (this.traces.length > 100) {
+            this.traces.shift();
+        }
+    }
+    /**
+     * Update running averages.
+     */
+    updateAverages() {
+        if (this.responseTimes.length > 0) {
+            this.metrics.avgResponseTimeMs =
+                this.responseTimes.reduce((a, b) => a + b, 0) / this.responseTimes.length;
+        }
+        if (this.codeQualityScores.length > 0) {
+            this.metrics.avgCodeQuality =
+                this.codeQualityScores.reduce((a, b) => a + b, 0) / this.codeQualityScores.length;
+        }
+        if (this.efficiencyScores.length > 0) {
+            this.metrics.avgAlgorithmEfficiency =
+                this.efficiencyScores.reduce((a, b) => a + b, 0) / this.efficiencyScores.length;
+        }
+        if (this.errorHandlingScores.length > 0) {
+            this.metrics.avgErrorHandling =
+                this.errorHandlingScores.reduce((a, b) => a + b, 0) / this.errorHandlingScores.length;
+        }
+    }
+    /**
+     * Get current metrics.
+     */
+    getMetrics() {
+        return { ...this.metrics };
+    }
+    /**
+     * Get execution traces.
+     */
+    getTraces() {
+        return [...this.traces];
+    }
+    /**
+     * Get human-readable performance summary.
+     */
+    getPerformanceSummary() {
+        const m = this.metrics;
+        const lines = [
+            `Agent Performance Summary: ${m.sessionId}`,
+            '='.repeat(50),
+            `Messages: ${m.totalMessages}`,
+            `Total Time: ${(m.totalTimeMs / 1000).toFixed(2)}s`,
+            `Avg Response: ${m.avgResponseTimeMs.toFixed(0)}ms`,
+            `Code Blocks: ${m.codeBlocksGenerated}`,
+            `Tokens Used: ${m.totalTokensUsed.toLocaleString()}`,
+            '',
+            'Tool Usage:',
+            `  Total Calls: ${m.totalToolCalls}`,
+            `  Success Rate: ${m.totalToolCalls > 0 ? ((m.successfulToolCalls / m.totalToolCalls) * 100).toFixed(1) : 0}%`,
+            '',
+            'Code Quality Metrics:',
+            `  Quality Score: ${(m.avgCodeQuality * 100).toFixed(1)}/100`,
+            `  Algorithm Efficiency: ${(m.avgAlgorithmEfficiency * 100).toFixed(1)}/100`,
+            `  Error Handling: ${(m.avgErrorHandling * 100).toFixed(1)}/100`,
+        ];
+        return lines.join('\n');
+    }
+    /**
+     * Get improvement suggestions based on metrics.
+     */
+    getImprovementSuggestions() {
+        const suggestions = [];
+        const m = this.metrics;
+        if (m.avgResponseTimeMs > 5000) {
+            suggestions.push({
+                category: 'performance',
+                severity: 'high',
+                message: 'Response time is high - consider optimizing prompts or using a faster model',
+                suggestedAction: 'Review prompt complexity and consider caching common operations',
+            });
+        }
+        if (m.avgCodeQuality < 0.5 && m.codeBlocksGenerated > 0) {
+            suggestions.push({
+                category: 'quality',
+                severity: 'medium',
+                message: 'Code quality is below average - enhance system prompt with coding best practices',
+                suggestedAction: 'Add explicit code style guidelines to the system prompt',
+            });
+        }
+        if (m.avgAlgorithmEfficiency < 0.5 && m.codeBlocksGenerated > 0) {
+            suggestions.push({
+                category: 'efficiency',
+                severity: 'medium',
+                message: 'Algorithm efficiency is low - add guidance for efficient data structures',
+                suggestedAction: 'Include examples of optimal algorithm patterns in prompts',
+            });
+        }
+        if (m.avgErrorHandling < 0.3 && m.codeBlocksGenerated > 0) {
+            suggestions.push({
+                category: 'error-handling',
+                severity: 'high',
+                message: 'Error handling is weak - instruct agent to include try/catch blocks',
+                suggestedAction: 'Require explicit error handling in generated code',
+            });
+        }
+        if (m.totalToolCalls > 0 && m.failedToolCalls / m.totalToolCalls > 0.2) {
+            suggestions.push({
+                category: 'performance',
+                severity: 'medium',
+                message: `Tool failure rate is ${((m.failedToolCalls / m.totalToolCalls) * 100).toFixed(1)}%`,
+                suggestedAction: 'Review failed tool calls and improve error recovery',
+            });
+        }
+        return suggestions;
+    }
+    /**
+     * Reset all metrics.
+     */
+    reset() {
+        this.metrics = createDefaultMetrics(this.metrics.sessionId);
+        this.responseTimes = [];
+        this.codeQualityScores = [];
+        this.efficiencyScores = [];
+        this.errorHandlingScores = [];
+        this.traces = [];
+    }
+}

package/dist/bin/alpha-zero/security/core.js ADDED Viewed

@@ -0,0 +1,269 @@
+/**
+ * Core Security Research Framework
+ *
+ * Base authorization system and reconnaissance capabilities.
+ * All operations require explicit authorization.
+ *
+ * Principal Investigator: Bo Shang
+ * Framework: erosolar-cli
+ */
+import * as dns from 'dns/promises';
+import * as net from 'net';
+/**
+ * Scope of authorization for security testing
+ */
+export var AuthorizationScope;
+(function (AuthorizationScope) {
+    AuthorizationScope["OWNED_SYSTEMS"] = "owned_systems";
+    AuthorizationScope["BUG_BOUNTY"] = "bug_bounty";
+    AuthorizationScope["PENTEST_ENGAGEMENT"] = "pentest_engagement";
+    AuthorizationScope["CTF_COMPETITION"] = "ctf_competition";
+    AuthorizationScope["RED_TEAM"] = "red_team";
+    AuthorizationScope["EDUCATIONAL"] = "educational";
+})(AuthorizationScope || (AuthorizationScope = {}));
+const DEFAULT_CONFIG = {
+    dataDir: '.security_research',
+    verbose: false,
+};
+/**
+ * Security Research Engine
+ *
+ * All operations require explicit authorization records.
+ */
+export class SecurityResearchEngine {
+    constructor(config = {}) {
+        this.authorization = null;
+        this.findings = [];
+        this.reconResults = [];
+        this.config = { ...DEFAULT_CONFIG, ...config };
+    }
+    /**
+     * Set authorization for testing
+     */
+    setAuthorization(authorization) {
+        this.authorization = authorization;
+        if (this.config.verbose) {
+            console.log(`[Authorization] Set for ${authorization.targetDomain}`);
+        }
+    }
+    /**
+     * Check if authorization is valid
+     */
+    checkAuthorization(target) {
+        if (!this.authorization) {
+            throw new Error('No authorization record set.');
+        }
+        // Check expiration
+        if (this.authorization.expirationDate) {
+            const exp = new Date(this.authorization.expirationDate);
+            if (new Date() > exp) {
+                throw new Error('Authorization has expired.');
+            }
+        }
+        // Check scope
+        const inScope = this.authorization.targetDomain.includes(target) ||
+            target.endsWith(this.authorization.targetDomain);
+        const outOfScope = this.authorization.outOfScope.some(oos => target.includes(oos));
+        if (!inScope || outOfScope) {
+            throw new Error(`Target ${target} is not within authorized scope.`);
+        }
+    }
+    /**
+     * Perform passive reconnaissance
+     */
+    async passiveRecon(target) {
+        this.checkAuthorization(target);
+        if (this.config.verbose) {
+            console.log(`[Recon] Starting passive recon on ${target}`);
+        }
+        const result = {
+            target,
+            timestamp: Date.now(),
+            dnsRecords: {},
+            openPorts: [],
+            sslInfo: {},
+            httpHeaders: {},
+            technologies: [],
+            subdomains: [],
+            potentialVectors: [],
+        };
+        // DNS lookup
+        try {
+            result.dnsRecords['A'] = await dns.resolve4(target);
+        }
+        catch { /* ignore */ }
+        try {
+            result.dnsRecords['MX'] = (await dns.resolveMx(target)).map(r => r.exchange);
+        }
+        catch { /* ignore */ }
+        try {
+            result.dnsRecords['TXT'] = await dns.resolveTxt(target).then(r => r.flat());
+        }
+        catch { /* ignore */ }
+        // Common subdomain patterns
+        const prefixes = ['www', 'mail', 'api', 'dev', 'staging', 'admin'];
+        result.subdomains = prefixes.map(p => `${p}.${target}`);
+        this.reconResults.push(result);
+        return result;
+    }
+    /**
+     * Perform active reconnaissance (requires stronger authorization)
+     */
+    async activeRecon(target, ports = [80, 443, 8080, 8443]) {
+        this.checkAuthorization(target);
+        // Active recon requires stronger authorization
+        const allowed = [
+            AuthorizationScope.OWNED_SYSTEMS,
+            AuthorizationScope.PENTEST_ENGAGEMENT,
+            AuthorizationScope.RED_TEAM,
+            AuthorizationScope.CTF_COMPETITION,
+        ];
+        if (!allowed.includes(this.authorization.scope)) {
+            throw new Error('Active recon requires stronger authorization.');
+        }
+        const result = await this.passiveRecon(target);
+        // Port scan
+        result.openPorts = await this.scanPorts(target, ports);
+        // Identify vectors
+        result.potentialVectors = this.identifyVectors(result);
+        return result;
+    }
+    /**
+     * Scan ports
+     */
+    async scanPorts(host, ports) {
+        const checkPort = (port) => {
+            return new Promise(resolve => {
+                const socket = new net.Socket();
+                socket.setTimeout(2000);
+                socket.on('connect', () => {
+                    socket.destroy();
+                    resolve(true);
+                });
+                socket.on('error', () => {
+                    socket.destroy();
+                    resolve(false);
+                });
+                socket.on('timeout', () => {
+                    socket.destroy();
+                    resolve(false);
+                });
+                socket.connect(port, host);
+            });
+        };
+        const results = await Promise.all(ports.map(async (port) => {
+            const isOpen = await checkPort(port);
+            return isOpen ? port : null;
+        }));
+        return results.filter((p) => p !== null);
+    }
+    /**
+     * Identify potential attack vectors
+     */
+    identifyVectors(recon) {
+        const vectors = [];
+        // Missing security headers (would need HTTP request to determine)
+        // Placeholder for now
+        vectors.push('Check for missing security headers');
+        // Open ports analysis
+        if (recon.openPorts.includes(21)) {
+            vectors.push('FTP port open - check for anonymous access');
+        }
+        if (recon.openPorts.includes(22)) {
+            vectors.push('SSH port open - check for weak credentials');
+        }
+        return vectors;
+    }
+    /**
+     * Analyze for vulnerabilities
+     */
+    analyzeForVulnerabilities(recon) {
+        this.checkAuthorization(recon.target);
+        const findings = [];
+        // Example: missing HSTS (would need actual HTTP response)
+        findings.push({
+            title: 'Missing HSTS Header (Verify Required)',
+            severity: 'medium',
+            category: 'config',
+            description: 'Verify HSTS header is present.',
+            evidence: 'Requires HTTP response analysis',
+            remediation: 'Add Strict-Transport-Security header',
+            cweId: 'CWE-319',
+        });
+        this.findings.push(...findings);
+        return findings;
+    }
+    /**
+     * Generate report
+     */
+    generateReport(format = 'text') {
+        if (format === 'json') {
+            return JSON.stringify({
+                generated: new Date().toISOString(),
+                authorization: this.authorization,
+                findings: this.findings,
+                reconResults: this.reconResults,
+            }, null, 2);
+        }
+        const lines = [
+            '='.repeat(60),
+            'SECURITY RESEARCH REPORT',
+            '='.repeat(60),
+            `Generated: ${new Date().toISOString()}`,
+        ];
+        if (this.authorization) {
+            lines.push(`Target: ${this.authorization.targetDomain}`);
+            lines.push(`Scope: ${this.authorization.scope}`);
+        }
+        if (this.findings.length > 0) {
+            lines.push('', `Findings: ${this.findings.length}`);
+            for (const f of this.findings) {
+                lines.push(`  [${f.severity.toUpperCase()}] ${f.title}`);
+            }
+        }
+        return lines.join('\n');
+    }
+}
+/**
+ * Create bug bounty authorization
+ */
+export function createBugBountyAuthorization(targetDomain, programName, scopeLimitations = [], outOfScope = []) {
+    return {
+        scope: AuthorizationScope.BUG_BOUNTY,
+        targetDomain,
+        authorizedBy: `Bug Bounty: ${programName}`,
+        authorizationDate: new Date().toISOString(),
+        scopeLimitations,
+        outOfScope,
+        notes: 'Testing authorized under bug bounty program terms',
+    };
+}
+/**
+ * Create pentest authorization
+ */
+export function createPentestAuthorization(targetDomain, clientName, engagementId, expirationDate) {
+    return {
+        scope: AuthorizationScope.PENTEST_ENGAGEMENT,
+        targetDomain,
+        authorizedBy: `Client: ${clientName} (${engagementId})`,
+        authorizationDate: new Date().toISOString(),
+        expirationDate,
+        scopeLimitations: [],
+        outOfScope: [],
+        notes: 'Testing authorized under penetration testing agreement',
+    };
+}
+/**
+ * Create CTF authorization
+ */
+export function createCtfAuthorization(targetDomain, ctfName) {
+    return {
+        scope: AuthorizationScope.CTF_COMPETITION,
+        targetDomain,
+        authorizedBy: `CTF: ${ctfName}`,
+        authorizationDate: new Date().toISOString(),
+        scopeLimitations: [],
+        outOfScope: [],
+        notes: 'CTF competition testing',
+    };
+}