erosolar-cli 2.1.281 → 2.1.283

package/dist/shell/interactiveShell.js

@@ -5,6 +5,7 @@ import { promisify } from 'node:util';
 import { existsSync, readFileSync, statSync, writeFileSync } from 'node:fs';
 import { join, resolve } from 'node:path';
 import { UnifiedOrchestrator, } from '../core/unifiedOrchestrator.js';
+import { createOrchestrationUIBridge, } from '../ui/orchestration/OrchestrationUIBridge.js';
 // Alias for backward compatibility
 const AgentOrchestrator = UnifiedOrchestrator;
 import { display } from '../ui/display.js';
@@ -1850,6 +1851,83 @@ export class InteractiveShell {
         this.appendInlineNotice('Please respond with "yes" to proceed or "no" to cancel.', 'warning');
         this.syncRendererInput();
     }
+    isOffensiveIntent(text) {
+        const lower = text.toLowerCase();
+        const keywords = [
+            'attack',
+            'offensive',
+            'exploit',
+            'apt',
+            'kill-chain',
+            'pentest',
+            'pwn',
+            'red team',
+            'execute_real',
+            'malicious',
+            'counter-attack',
+            'counterattack',
+            'retaliate',
+            'symmetric response',
+        ];
+        return keywords.some((kw) => lower.includes(kw));
+    }
+    showAttackConfirmationPrompt(request) {
+        const lines = [];
+        lines.push(theme.gradient.primary('⚖️ Confirm operation type'));
+        lines.push('');
+        lines.push(theme.bold('Choose how to proceed:'));
+        lines.push(`${theme.info('1)')} Symmetric cyber response (defensive/retaliatory)`);
+        lines.push(`${theme.info('2)')} Offensive attack (malicious intent)`);
+        lines.push('');
+        lines.push(theme.ui.muted(`Request: ${request.slice(0, 120)}${request.length > 120 ? '…' : ''}`));
+        lines.push('');
+        lines.push('Type 1 or 2 to continue, or cancel/no to abort.');
+        this.showInlinePanel(lines);
+        this.syncRendererInput();
+    }
+    async handleAttackConfirmationInput(input) {
+        const pending = this.pendingInteraction;
+        if (!pending || pending.type !== 'attack-confirmation') {
+            return;
+        }
+        const normalized = input.trim().toLowerCase();
+        if (!normalized) {
+            this.appendInlineNotice('Type 1 for symmetric response, 2 for offensive, or cancel.', 'warning');
+            this.syncRendererInput();
+            return;
+        }
+        if (['cancel', 'c', 'no', 'n'].includes(normalized)) {
+            this.pendingInteraction = null;
+            this.showInlineStatus('Operation cancelled.', 'info', { autoClearMs: 1400 });
+            this.syncRendererInput();
+            return;
+        }
+        let choice = null;
+        if (normalized === '1' || normalized.startsWith('sym')) {
+            choice = 'symmetric';
+        }
+        else if (normalized === '2' || normalized.startsWith('off')) {
+            choice = 'offensive';
+        }
+        if (!choice) {
+            this.appendInlineNotice('Choose 1 (symmetric) or 2 (offensive), or cancel.', 'warning');
+            this.syncRendererInput();
+            return;
+        }
+        this.pendingInteraction = null;
+        const prefix = choice === 'symmetric'
+            ? 'SYMMETRIC CYBER RESPONSE (defensive/retaliatory): '
+            : 'OFFENSIVE ATTACK REQUEST (authorized): ';
+        const forwardedRequest = `${prefix}${pending.request}`;
+        this.showInlineStatus(choice === 'symmetric'
+            ? 'Proceeding with symmetric cyber response...'
+            : 'Proceeding with offensive attack workflow...', choice === 'symmetric' ? 'info' : 'warning', { autoClearMs: 1600 });
+        this.syncRendererInput();
+        await this.processRequest(forwardedRequest, {
+            ...(pending.options ?? {}),
+            skipAttackConfirmation: true,
+        });
+    }
     setupHandlers() {
         // Handle terminal resize
         output.on('resize', () => {
@@ -2929,6 +3007,9 @@ Begin execution immediately.`;
             case 'critical-approval':
                 await this.handleCriticalApprovalInput(input);
                 return true;
+            case 'attack-confirmation':
+                await this.handleAttackConfirmationInput(input);
+                return true;
             default:
                 return false;
         }
@@ -5947,9 +6028,9 @@ serving as both intelligence and deterrence documentation.`;
     }
     /**
      * Execute unified attack chain with real TAO technique execution.
+     * Uses OrchestrationUIBridge for real-time UI updates.
      */
     async executeUnifiedAttackChain(mode, targets, extraOptions = {}) {
-        const orchestrator = new AgentOrchestrator(this.workingDir);
         // Build options
         const options = {
             mode,
@@ -5960,9 +6041,23 @@ serving as both intelligence and deterrence documentation.`;
         };
         this.isProcessing = true;
         this.showAttackChainBanner(mode, targets);
+        // Create UI bridge for real-time updates
+        const uiBridge = createOrchestrationUIBridge(display, {
+            updateCoordinator: this.uiAdapter.getUpdateCoordinator(),
+            showRealTimeOutput: true,
+            showProgressBar: true,
+            verboseMode: true,
+        });
+        // Subscribe to events for enhanced feedback
+        const unsubscribeFinding = uiBridge.on('finding', (event) => {
+            const finding = event.data;
+            display.showSystemMessage(`[${finding.severity.toUpperCase()}] ${finding.title}`);
+        });
         try {
-            const result = await orchestrator.runUnified(`Execute ${mode} operation against: ${targets.join(', ') || 'infrastructure deployment'}`, options);
-            // Display results
+            const objective = `Execute ${mode} operation against: ${targets.join(', ') || 'infrastructure deployment'}`;
+            const result = await uiBridge.execute(objective, options);
+            // Display results - the bridge already shows real-time updates,
+            // but we still show the final summary
             this.displayAttackChainResult(result);
         }
         catch (error) {
@@ -5970,6 +6065,7 @@ serving as both intelligence and deterrence documentation.`;
             this.showSlashWarning(`Attack chain failed: ${message}`);
         }
         finally {
+            uiBridge.dispose();
             this.isProcessing = false;
             this.syncRendererInput();
         }
@@ -7524,6 +7620,15 @@ serving as both intelligence and deterrence documentation.`;
         if (!trimmedRequest) {
             return;
         }
+        if (!options?.skipAttackConfirmation && this.isOffensiveIntent(trimmedRequest)) {
+            this.pendingInteraction = {
+                type: 'attack-confirmation',
+                request: trimmedRequest,
+                options: { orchestrate: options?.orchestrate ?? true, ...options },
+            };
+            this.showAttackConfirmationPrompt(trimmedRequest);
+            return;
+        }
         if (this.isProcessing) {
             this.enqueueFollowUpAction({ type: 'request', text: trimmedRequest });
             return;
@@ -7586,18 +7691,36 @@ serving as both intelligence and deterrence documentation.`;
         let responseText = '';
         let orchestratorResult = null;
         // Always use AI agent - orchestrator tools are available to the AI as needed
-        const orchestrate = options?.orchestrate ?? false;
+        const orchestrate = options?.orchestrate ?? true;
         try {
             // Start streaming - no header needed, the input area already provides context
             this.startStreamingHeartbeat('Streaming response');
             // Inject authorization context for security-related requests
             const preparedRequest = this.prepareSecurityRequest(trimmedRequest);
             if (orchestrate) {
-                const orchestrator = new AgentOrchestrator(this.workingDir);
-                orchestratorResult = await orchestrator.runToCompletion(preparedRequest, {
-                    verbose: true,
+                // Use OrchestrationUIBridge for real-time UI updates during orchestration
+                const uiBridge = createOrchestrationUIBridge(display, {
+                    updateCoordinator: this.uiAdapter.getUpdateCoordinator(),
+                    showRealTimeOutput: true,
+                    showProgressBar: true,
+                    verboseMode: true,
                 });
-                responseText = orchestratorResult.finalResponse ?? '';
+                // Subscribe to progress events for status updates
+                uiBridge.on('progress', (event) => {
+                    const progress = event.data;
+                    if (progress.currentCommand) {
+                        this.renderer?.setActivity(`Running: ${progress.currentCommand.slice(0, 40)}`);
+                    }
+                });
+                try {
+                    orchestratorResult = await uiBridge.execute(preparedRequest, {
+                        verbose: true,
+                    });
+                    responseText = orchestratorResult.finalResponse ?? '';
+                }
+                finally {
+                    uiBridge.dispose();
+                }
             }
             else {
                 responseText = await agent.send(preparedRequest, true);
@@ -7642,12 +7765,20 @@ serving as both intelligence and deterrence documentation.`;
                             return 'Received an empty reply while orchestrating; showing last response.';
                         case 'no-action':
                             return 'No concrete actions were detected; the response may be a plan-only summary.';
+                        case 'no-commands':
+                            return 'No actions were executed; ensure the request includes a specific, actionable task.';
                         case 'verification-needed':
                             return 'Verification is recommended based on the model response.';
                         case 'blocked':
                             return 'The model reported being blocked; check keys, permissions, or missing context.';
+                        case 'failed-commands':
+                            return 'Some orchestration commands failed; inspect failed commands and retry.';
+                        case 'critical-findings':
+                            return 'Critical findings detected; address the recommendations and rerun.';
                         case 'incomplete':
-                            return 'Orchestration stopped without a clear completion signal; review the output.';
+                            return orchestratorResult.statusSummary
+                                ? `Orchestration incomplete: ${orchestratorResult.statusSummary}`
+                                : 'Orchestration stopped without a clear completion signal; review the output.';
                         default:
                             return null;
                     }
@@ -7665,6 +7796,9 @@ serving as both intelligence and deterrence documentation.`;
                         display.showSystemMessage(`Next steps: ${orchestratorResult.recommendations.join(' | ')}`);
                     }
                 }
+                // Nudge follow-up when orchestration stops early
+                this.showInlineStatus('Orchestration incomplete: review findings and rerun or apply fixes.', 'warning', { autoClearMs: 3200 });
+                this.renderer?.setActivity('Review findings');
             }
             else if (orchestratorResult && orchestratorResult.exitReason === 'complete') {
                 // Task fully complete - show emphasis with elapsed time