hyperclaw 4.0.2 → 5.0.0

package/dist/audit-BaIiyWFu.js

@@ -0,0 +1,441 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const ora = require_chunk.__toESM(require("ora"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+
+//#region src/security/audit.ts
+const HC_DIR = path.default.join(os.default.homedir(), ".hyperclaw");
+async function checkFilePermissions() {
+	const findings = [];
+	const sensitiveFiles = [
+		path.default.join(HC_DIR, "hyperclaw.json"),
+		path.default.join(HC_DIR, "auth.json"),
+		path.default.join(HC_DIR, ".env"),
+		path.default.join(HC_DIR, "AGENTS.md")
+	];
+	for (const f of sensitiveFiles) if (await fs_extra.default.pathExists(f)) {
+		const stat = await fs_extra.default.stat(f);
+		if ((stat.mode & 63) !== 0) findings.push({
+			checkId: "creds-permissions",
+			severity: "high",
+			category: "File Permissions",
+			title: `Unsafe permissions on ${path.default.basename(f)}`,
+			detail: `Mode ${(stat.mode & 511).toString(8)} allows group/other read`,
+			remediation: `chmod 600 ${f}`,
+			cvss: 7.5,
+			autofix: async () => {
+				await fs_extra.default.chmod(f, 384);
+			}
+		});
+	}
+	const credsDir = path.default.join(HC_DIR, "credentials");
+	if (await fs_extra.default.pathExists(credsDir)) {
+		const stat = await fs_extra.default.stat(credsDir);
+		if ((stat.mode & 63) !== 0) findings.push({
+			checkId: "creds-dir-permissions",
+			severity: "critical",
+			category: "File Permissions",
+			title: "credentials/ directory is world-readable",
+			detail: `Mode ${(stat.mode & 511).toString(8)} — all credential files are exposed`,
+			remediation: `chmod 700 ${credsDir}`,
+			cvss: 9.1,
+			autofix: async () => {
+				await fs_extra.default.chmod(credsDir, 448);
+			}
+		});
+	}
+	if (await fs_extra.default.pathExists(HC_DIR)) {
+		const stat = await fs_extra.default.stat(HC_DIR);
+		if ((stat.mode & 63) !== 0) findings.push({
+			checkId: "config-dir-permissions",
+			severity: "high",
+			category: "File Permissions",
+			title: "~/.hyperclaw/ directory is group/world readable",
+			detail: `Mode ${(stat.mode & 511).toString(8)} — config directory accessible to others`,
+			remediation: `chmod 700 ${HC_DIR}`,
+			cvss: 6.5,
+			autofix: async () => {
+				await fs_extra.default.chmod(HC_DIR, 448);
+			}
+		});
+	}
+	const cwd = process.cwd();
+	const gitignorePath = path.default.join(cwd, ".gitignore");
+	if (await fs_extra.default.pathExists(gitignorePath)) {
+		const gi = await fs_extra.default.readFile(gitignorePath, "utf8");
+		if (!gi.includes(".env")) findings.push({
+			checkId: "gitignore-env",
+			severity: "high",
+			category: "Secret Exposure",
+			title: ".env is not in .gitignore",
+			detail: "Environment files with secrets may be committed to git",
+			remediation: "echo \".env\" >> .gitignore",
+			cvss: 8.1
+		});
+		if (!gi.includes("credentials/")) findings.push({
+			checkId: "gitignore-creds",
+			severity: "high",
+			category: "Secret Exposure",
+			title: "credentials/ is not in .gitignore",
+			detail: "Credential files may be committed to git",
+			remediation: "echo \"credentials/\" >> .gitignore",
+			cvss: 8.1
+		});
+	}
+	return findings;
+}
+async function checkGatewayConfig() {
+	const findings = [];
+	let cfg = null;
+	try {
+		cfg = await fs_extra.default.readJson(path.default.join(HC_DIR, "hyperclaw.json"));
+	} catch {
+		return findings;
+	}
+	const token = cfg.gateway?.authToken;
+	if (!token) findings.push({
+		checkId: "gateway-auth-missing",
+		severity: "critical",
+		category: "Authentication",
+		title: "Gateway auth token not set",
+		detail: "Any client can connect to the gateway without authentication",
+		remediation: "hyperclaw gateway config --set-token",
+		cvss: 9.8
+	});
+	else if (token.length < 32) findings.push({
+		checkId: "auth-token-strength",
+		severity: "high",
+		category: "Authentication",
+		title: "Gateway auth token is too short",
+		detail: `Token is ${token.length} chars — minimum recommended is 32`,
+		remediation: "hyperclaw gateway config --regenerate-token",
+		cvss: 7.3
+	});
+	if (cfg.gateway?.bind === "0.0.0.0") findings.push({
+		checkId: "gateway-bind-all",
+		severity: "medium",
+		category: "Network Exposure",
+		title: "Gateway bound to all interfaces (0.0.0.0)",
+		detail: "Gateway is accessible from the local network. Ensure auth token is strong.",
+		remediation: "Set gateway.bind: \"127.0.0.1\" unless LAN access is required",
+		cvss: 5.3
+	});
+	if (cfg.gateway?.tailscaleExposure === "funnel") findings.push({
+		checkId: "tailscale-funnel",
+		severity: "medium",
+		category: "Network Exposure",
+		title: "Gateway exposed via Tailscale Funnel (public internet)",
+		detail: "Your gateway is reachable from the public internet via Tailscale Funnel",
+		remediation: "Ensure auth token is strong and DM policies are restrictive",
+		cvss: 5.8
+	});
+	const tp = cfg.gateway?.trustedProxies;
+	if (Array.isArray(tp) && tp.length > 0 && !token) findings.push({
+		checkId: "trusted-proxies-no-auth",
+		severity: "high",
+		category: "Network Exposure",
+		title: "trustedProxies configured but gateway has no auth token",
+		detail: "Proxy IP spoofing combined with no auth allows unauthenticated access",
+		remediation: "Set gateway.authToken and gateway.trustedProxies to known proxy IPs only",
+		cvss: 8.1
+	});
+	const channels = cfg.channels || cfg.channelConfigs || {};
+	for (const [ch, chCfg] of Object.entries(channels)) {
+		const policy = chCfg?.dmPolicy ?? chCfg?.dm?.policy;
+		if (policy === "open") findings.push({
+			checkId: `dm-policy-open-${ch}`,
+			severity: "high",
+			category: "DM Policy",
+			title: `DM policy is "open" on ${ch}`,
+			detail: "Anyone can send DMs to your agent. This is a prompt injection risk.",
+			remediation: `hyperclaw channels add ${ch}  # choose pairing or allowlist`,
+			cvss: 7.1
+		});
+		if (policy === "allowlist") {
+			const allowFrom = chCfg?.allowFrom ?? chCfg?.dm?.allowFrom ?? [];
+			if (allowFrom.length === 0) findings.push({
+				checkId: `allowlist-empty-${ch}`,
+				severity: "medium",
+				category: "DM Policy",
+				title: `Empty allowlist on ${ch} — DMs are silently dropped`,
+				detail: `allowFrom is [] — no one can reach your agent on ${ch}`,
+				remediation: `hyperclaw pairing approve ${ch} <code>`,
+				cvss: 4
+			});
+			if (allowFrom.includes("*")) findings.push({
+				checkId: `allowlist-wildcard-${ch}`,
+				severity: "high",
+				category: "DM Policy",
+				title: `Wildcard (*) in allowFrom on ${ch}`,
+				detail: "allowFrom: [\"*\"] is equivalent to open DMs — anyone can message your agent",
+				remediation: `Remove "*" and add specific users to allowFrom on ${ch}`,
+				cvss: 7.1
+			});
+		}
+		const groups = chCfg?.groups ?? {};
+		for (const [spaceId, gCfg] of Object.entries(groups)) if (gCfg?.requireMention === false) findings.push({
+			checkId: `group-mention-off-${ch}-${spaceId}`,
+			severity: "medium",
+			category: "Group Policy",
+			title: `requireMention disabled in ${ch} group ${spaceId}`,
+			detail: "Bot responds to all messages in the group — prompt injection surface is maximised",
+			remediation: `Set channels.${ch}.groups.${spaceId}.requireMention: true`,
+			cvss: 5.3
+		});
+	}
+	const dmScope = cfg.session?.dmScope;
+	if (!dmScope || dmScope === "global") findings.push({
+		checkId: "session-dmscope-global",
+		severity: "low",
+		category: "Session Isolation",
+		title: "session.dmScope is \"global\" — shared inbox not isolated",
+		detail: "All DMs share one session context. If multiple people can DM your bot, consider \"per-channel-peer\".",
+		remediation: "Set session.dmScope: \"per-channel-peer\" in your config",
+		cvss: 3.5
+	});
+	const toolsExec = cfg.tools?.exec;
+	if (toolsExec?.security === "allow" && !cfg.tools?.exec?.ask) findings.push({
+		checkId: "exec-allow-no-ask",
+		severity: "high",
+		category: "Tool Blast Radius",
+		title: "tools.exec.security is \"allow\" without ask confirmation",
+		detail: "Any agent turn can run arbitrary shell commands without your approval",
+		remediation: "Set tools.exec.ask: \"always\" or tools.exec.security: \"deny\"",
+		cvss: 8.5
+	});
+	const elevated = cfg.tools?.elevated;
+	if (elevated?.enabled === true) findings.push({
+		checkId: "elevated-enabled",
+		severity: "medium",
+		category: "Tool Blast Radius",
+		title: "tools.elevated is enabled",
+		detail: "Elevated mode allows running exec on the gateway host from chat. Keep allowFrom tight.",
+		remediation: "Set tools.elevated.allowFrom to specific trusted users only",
+		cvss: 6
+	});
+	const sandboxMode = cfg.agents?.defaults?.sandbox?.mode;
+	if (sandboxMode === "off" && cfg.agents?.defaults?.sandbox?.image) findings.push({
+		checkId: "sandbox-configured-off",
+		severity: "medium",
+		category: "Tool Blast Radius",
+		title: "Sandbox image configured but sandbox mode is \"off\"",
+		detail: "Tools run directly on the gateway host despite sandbox config being present",
+		remediation: "Set agents.defaults.sandbox.mode: \"all\" to activate the sandbox",
+		cvss: 5.5
+	});
+	const fsWorkspaceOnly = cfg.tools?.fs?.workspaceOnly;
+	const workspace = cfg.agents?.defaults?.workspace ?? cfg.agent?.workspace ?? "";
+	if (fsWorkspaceOnly === false || !fsWorkspaceOnly && workspace && (workspace === os.default.homedir() || workspace === "~")) findings.push({
+		checkId: "fs-workspace-broad",
+		severity: "medium",
+		category: "File System",
+		title: "Workspace root is very broad or workspaceOnly is disabled",
+		detail: "A broad workspace root exposes sensitive files like ~/.hyperclaw to the filesystem tools",
+		remediation: "Set tools.fs.workspaceOnly: true and use a dedicated workspace directory",
+		cvss: 5.3
+	});
+	const ssrfPolicy = cfg.browser?.ssrfPolicy;
+	if (ssrfPolicy?.dangerouslyAllowPrivateNetwork === false && (!ssrfPolicy?.hostnameAllowlist || ssrfPolicy.hostnameAllowlist.length === 0)) findings.push({
+		checkId: "browser-ssrf-no-allowlist",
+		severity: "info",
+		category: "Browser Security",
+		title: "Browser strict SSRF mode enabled but no hostnameAllowlist defined",
+		detail: "dangerouslyAllowPrivateNetwork: false without hostnameAllowlist may block all browser navigation",
+		remediation: "Add browser.ssrfPolicy.hostnameAllowlist with allowed domains",
+		cvss: 0
+	});
+	const plugins = cfg.plugins?.entries ?? {};
+	const hasPlugins = Object.keys(plugins).length > 0;
+	const hasAllowlist = Array.isArray(cfg.plugins?.allowlist) && cfg.plugins.allowlist.length > 0;
+	if (hasPlugins && !hasAllowlist) findings.push({
+		checkId: "plugin-allowlist-missing",
+		severity: "low",
+		category: "Plugins",
+		title: "Plugins installed without an explicit allowlist",
+		detail: `${Object.keys(plugins).length} plugin(s) installed; plugins.allowlist is not set`,
+		remediation: "Set plugins.allowlist: [\"<pluginId>\"] for each approved plugin",
+		cvss: 3
+	});
+	const baselinePath = path.default.join(process.cwd(), ".secrets.baseline");
+	if (!await fs_extra.default.pathExists(baselinePath)) findings.push({
+		checkId: "detect-secrets-baseline",
+		severity: "low",
+		category: "Secret Scanning",
+		title: "No .secrets.baseline file — detect-secrets not configured",
+		detail: "Secret scanning CI will fail without a baseline file",
+		remediation: "Run: detect-secrets scan > .secrets.baseline && git add .secrets.baseline",
+		cvss: 2
+	});
+	return findings;
+}
+async function checkSecretsInPrompts() {
+	const findings = [];
+	const secretPatterns = [
+		{
+			pattern: /sk-[a-zA-Z0-9]{20,}/,
+			name: "OpenAI API key"
+		},
+		{
+			pattern: /tvly-[a-zA-Z0-9]{20,}/,
+			name: "Tavily API key"
+		},
+		{
+			pattern: /xai-[a-zA-Z0-9]{20,}/,
+			name: "xAI API key"
+		},
+		{
+			pattern: /ghp_[a-zA-Z0-9]{36}/,
+			name: "GitHub PAT"
+		},
+		{
+			pattern: /or-[a-zA-Z0-9]{20,}/,
+			name: "OpenRouter API key"
+		},
+		{
+			pattern: /[a-f0-9]{64}/,
+			name: "Potential hex secret"
+		}
+	];
+	const filesToScan = [
+		path.default.join(HC_DIR, "AGENTS.md"),
+		path.default.join(HC_DIR, "MEMORY.md"),
+		path.default.join(HC_DIR, "hyperclaw.json")
+	];
+	for (const f of filesToScan) {
+		if (!await fs_extra.default.pathExists(f)) continue;
+		const content = await fs_extra.default.readFile(f, "utf8");
+		for (const { pattern, name } of secretPatterns) if (pattern.test(content)) findings.push({
+			checkId: "key-in-config",
+			severity: "critical",
+			category: "Secret Exposure",
+			title: `${name} potentially embedded in ${path.default.basename(f)}`,
+			detail: `Found pattern matching ${name} in plaintext file. Secrets in prompts are a serious risk.`,
+			remediation: `Remove the secret and use: hyperclaw secrets set KEY=value`,
+			cvss: 9.1
+		});
+	}
+	return findings;
+}
+async function deepScan() {
+	const findings = [];
+	const hubState = path.default.join(HC_DIR, "hub-state.json");
+	if (await fs_extra.default.pathExists(hubState)) {
+		const state = await fs_extra.default.readJson(hubState);
+		const dangerous = state.installed?.filter((s) => s.risk === "dangerous") || [];
+		for (const s of dangerous) findings.push({
+			checkId: `plugin-unreviewed-${s.id}`,
+			severity: "critical",
+			category: "Installed Skills",
+			title: `Dangerous skill installed: ${s.name}`,
+			detail: s.riskReason || "Skill is flagged as dangerous",
+			remediation: `hyperclaw hub --uninstall ${s.id}`,
+			cvss: 8.5
+		});
+	}
+	let cfg = null;
+	try {
+		cfg = await fs_extra.default.readJson(path.default.join(HC_DIR, "hyperclaw.json"));
+	} catch {}
+	if (cfg?.gateway?.authToken) {
+		const token = cfg.gateway.authToken;
+		const entropy = estimateEntropy(token);
+		if (entropy < 3.5) findings.push({
+			checkId: "auth-token-low-entropy",
+			severity: "high",
+			category: "Token Quality",
+			title: "Gateway auth token has low entropy",
+			detail: `Estimated entropy: ${entropy.toFixed(2)} bits/char — token may be guessable`,
+			remediation: "hyperclaw gateway config --regenerate-token",
+			cvss: 6.5
+		});
+	}
+	return findings;
+}
+function estimateEntropy(str) {
+	const freq = /* @__PURE__ */ new Map();
+	for (const ch of str) freq.set(ch, (freq.get(ch) || 0) + 1);
+	let entropy = 0;
+	for (const count of freq.values()) {
+		const p = count / str.length;
+		entropy -= p * Math.log2(p);
+	}
+	return entropy;
+}
+const SEVERITY_ORDER = [
+	"critical",
+	"high",
+	"medium",
+	"low",
+	"info"
+];
+const SEVERITY_COLOR = {
+	critical: chalk.default.bgRed.white.bold,
+	high: chalk.default.red,
+	medium: chalk.default.yellow,
+	low: chalk.default.cyan,
+	info: chalk.default.gray
+};
+async function runSecurityAudit(opts = {}) {
+	const { deep = false, fix = false, json = false } = opts;
+	if (!json) console.log(chalk.default.bold.cyan("\n  🔐 HYPERCLAW SECURITY AUDIT\n"));
+	const spinner = json ? null : (0, ora.default)("Running security checks...").start();
+	const allFindings = [
+		...await checkFilePermissions(),
+		...await checkGatewayConfig(),
+		...await checkSecretsInPrompts(),
+		...deep ? await deepScan() : []
+	];
+	spinner?.stop();
+	if (json) {
+		const summary = SEVERITY_ORDER.reduce((acc, sev) => {
+			acc[sev] = allFindings.filter((f) => f.severity === sev).length;
+			return acc;
+		}, {});
+		process.stdout.write(JSON.stringify({
+			mode: deep ? "deep" : "standard",
+			total: allFindings.length,
+			summary,
+			findings: allFindings.map(({ autofix: _af,...f }) => f)
+		}, null, 2) + "\n");
+		return;
+	}
+	if (deep) console.log(chalk.default.gray("  Mode: DEEP SCAN\n"));
+	else console.log(chalk.default.gray("  Mode: standard (run with --deep for full scan)\n"));
+	if (allFindings.length === 0) {
+		console.log(chalk.default.green("  ✔  No security issues found!\n"));
+		return;
+	}
+	allFindings.sort((a, b) => SEVERITY_ORDER.indexOf(a.severity) - SEVERITY_ORDER.indexOf(b.severity));
+	let fixedCount = 0;
+	for (const f of allFindings) {
+		const color = SEVERITY_COLOR[f.severity];
+		const badge = color(` ${f.severity.toUpperCase()} `);
+		const cvss = f.cvss ? chalk.default.gray(` CVSS ${f.cvss}`) : "";
+		const cid = chalk.default.gray(`[${f.checkId}]`);
+		console.log(`  ${badge}${cvss}  ${chalk.default.white(f.title)}  ${cid}`);
+		console.log(`     ${chalk.default.gray(`Category: ${f.category}`)}`);
+		console.log(`     ${chalk.default.gray(f.detail)}`);
+		if (fix && f.autofix) try {
+			await f.autofix();
+			fixedCount++;
+			console.log(`     ${chalk.default.green("✔ Auto-fixed")}`);
+		} catch (e) {
+			console.log(`     ${chalk.default.yellow("⚠ Auto-fix failed: " + e.message)}`);
+			console.log(`     ${chalk.default.cyan("Fix: " + f.remediation)}`);
+		}
+		else console.log(`     ${chalk.default.cyan("Fix: " + f.remediation)}`);
+		console.log();
+	}
+	const counts = SEVERITY_ORDER.reduce((acc, sev) => {
+		acc[sev] = allFindings.filter((f) => f.severity === sev).length;
+		return acc;
+	}, {});
+	console.log(`  ${chalk.default.bold("Summary:")} ${chalk.default.bgRed.white.bold(` ${counts.critical} CRITICAL `)}  ${chalk.default.red(`${counts.high} high`)}  ${chalk.default.yellow(`${counts.medium} medium`)}  ${chalk.default.cyan(`${counts.low} low`)}\n`);
+	if (fix && fixedCount > 0) console.log(chalk.default.green(`  ✔ ${fixedCount} issue(s) auto-fixed\n`));
+	if (!deep) console.log(chalk.default.gray("  Run: hyperclaw security audit --deep   for full credential entropy scan\n"));
+}
+
+//#endregion
+exports.runSecurityAudit = runSecurityAudit;

package/dist/bounty-tools-DWudyZie.js

@@ -0,0 +1,211 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_env_resolve = require('./env-resolve-CmGWhWXJ.js');
+const https = require_chunk.__toESM(require("https"));
+
+//#region packages/core/src/agent/bounty-tools.ts
+function fetchJson(url, auth) {
+	return new Promise((resolve, reject) => {
+		const u = new URL(url);
+		const opts = {
+			hostname: u.hostname,
+			port: 443,
+			path: u.pathname + u.search,
+			method: "GET",
+			headers: { "Accept": "application/json" }
+		};
+		if (auth) {
+			const h = opts.headers;
+			if (auth.startsWith("Basic ") || auth.startsWith("Token ") || auth.startsWith("Bearer ")) h["Authorization"] = auth;
+			else h["Authorization"] = `Basic ${Buffer.from(auth).toString("base64")}`;
+		}
+		https.default.get(opts, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data || "{}"));
+				} catch {
+					resolve({});
+				}
+			});
+		}).on("error", reject);
+	});
+}
+function getBountyTools(cfg) {
+	const hackeroneKey = require_env_resolve.resolveServiceApiKey("hackerone", cfg);
+	const bugcrowdKey = require_env_resolve.resolveServiceApiKey("bugcrowd", cfg);
+	const synackKey = require_env_resolve.resolveServiceApiKey("synack", cfg);
+	const tools = [];
+	if (hackeroneKey) tools.push({
+		name: "hackerone_list_programs",
+		description: "List HackerOne programs you have access to. Use for bug bounty research.",
+		input_schema: {
+			type: "object",
+			properties: { limit: {
+				type: "string",
+				description: "Max programs (default 20)"
+			} }
+		},
+		handler: async (input) => {
+			try {
+				const auth = Buffer.from(hackeroneKey.includes(":") ? hackeroneKey : `:${hackeroneKey}`).toString("base64");
+				const body = await fetchJson("https://api.hackerone.com/v1/hackers/programs", `Basic ${auth}`);
+				const progs = body.data || [];
+				const limit = parseInt(input.limit || "20", 10);
+				return progs.slice(0, limit).map((p) => {
+					const attrs = p.attributes;
+					return `- ${attrs?.name || p.id} (${attrs?.state || "?"})`;
+				}).join("\n") || "No programs found.";
+			} catch (e) {
+				return `Error: ${e.message}. Check HackerOne API key (username:token).`;
+			}
+		}
+	});
+	if (bugcrowdKey) tools.push({
+		name: "bugcrowd_list_programs",
+		description: "List Bugcrowd programs. Use for bug bounty research.",
+		input_schema: {
+			type: "object",
+			properties: { limit: {
+				type: "string",
+				description: "Max programs (default 20)"
+			} }
+		},
+		handler: async (input) => {
+			try {
+				const auth = bugcrowdKey.startsWith("Token ") ? bugcrowdKey : `Token ${bugcrowdKey}`;
+				const body = await fetchJson("https://api.bugcrowd.com/programs", auth);
+				const progs = (body && typeof body === "object" && "data" in body ? body.data : body) || [];
+				const arr = Array.isArray(progs) ? progs : [progs];
+				const limit = parseInt(input.limit || "20", 10);
+				return arr.slice(0, limit).map((p) => {
+					const attrs = p.attributes;
+					const name = attrs?.name || p.name || p.id || "?";
+					const links = p.links;
+					const linkUrl = links?.self || p.url || "";
+					return `- ${name} ${linkUrl ? `(${linkUrl})` : ""}`;
+				}).join("\n") || JSON.stringify(body).slice(0, 500);
+			} catch (e) {
+				return `Error: ${e.message}. Check Bugcrowd API token.`;
+			}
+		}
+	});
+	if (synackKey) tools.push({
+		name: "synack_list_targets",
+		description: "List Synack targets you have access to. Use for bug bounty research.",
+		input_schema: {
+			type: "object",
+			properties: {}
+		},
+		handler: async () => {
+			try {
+				const body = await fetchJson("https://api.synack.com/api/targets", `Bearer ${synackKey}`);
+				const targets = body.targets || body || [];
+				const arr = Array.isArray(targets) ? targets : [targets];
+				return arr.slice(0, 20).map((t) => `- ${t.name || t.slug || t.id || "?"}`).join("\n") || "No targets or check Synack API.";
+			} catch (e) {
+				return `Error: ${e.message}. Check Synack API token.`;
+			}
+		}
+	});
+	const apiKeys = cfg?.skills?.apiKeys ?? {};
+	const genericServiceIds = Object.keys(apiKeys).filter((id) => !KNOWN_BOUNTY_SERVICES.includes(id.toLowerCase()));
+	if (genericServiceIds.length > 0) tools.push({
+		name: "call_service_api",
+		description: `Call external API for services with configured keys. Available: ${genericServiceIds.join(", ")}. Use when the user needs to query an API for a service they've added (Stripe, GitHub, custom APIs, etc).`,
+		input_schema: {
+			type: "object",
+			properties: {
+				service_id: {
+					type: "string",
+					description: `Service id from configured keys: ${genericServiceIds.join(", ")}`
+				},
+				url: {
+					type: "string",
+					description: "Full API URL (e.g. https://api.example.com/v1/resource) or path if baseUrl configured"
+				},
+				method: {
+					type: "string",
+					description: "HTTP method",
+					enum: [
+						"GET",
+						"POST",
+						"PUT",
+						"PATCH",
+						"DELETE"
+					]
+				},
+				body: {
+					type: "object",
+					description: "Request body for POST/PUT/PATCH (optional)"
+				}
+			},
+			required: ["service_id", "url"]
+		},
+		handler: async (input) => {
+			const serviceId = String(input.service_id || "").trim().toLowerCase();
+			const url = String(input.url || "");
+			const method = String(input.method || "GET").toUpperCase();
+			const key = require_env_resolve.resolveServiceApiKey(serviceId, cfg);
+			if (!key) return `Error: No API key for service "${serviceId}". Configure via: hyperclaw config set-service-key ${serviceId} <key>`;
+			if (!url || !url.startsWith("http")) return "Error: url must be a full URL (https://...).";
+			try {
+				const body = await genericHttpRequest(url, method, key, input.body);
+				return typeof body === "string" ? body : JSON.stringify(body, null, 2).slice(0, 8e3);
+			} catch (e) {
+				return `Error: ${e.message}`;
+			}
+		}
+	});
+	return tools;
+}
+function genericHttpRequest(url, method, apiKey, body) {
+	return new Promise((resolve, reject) => {
+		const u = new URL(url);
+		const authHeader = apiKey.startsWith("Bearer ") || apiKey.startsWith("Token ") || apiKey.startsWith("Basic ") ? apiKey : `Bearer ${apiKey}`;
+		const bodyStr = body && method !== "GET" ? JSON.stringify(body) : void 0;
+		const opts = {
+			hostname: u.hostname,
+			port: u.port || 443,
+			path: u.pathname + u.search,
+			method,
+			headers: {
+				"Accept": "application/json",
+				"Authorization": authHeader,
+				...bodyStr ? {
+					"Content-Type": "application/json",
+					"Content-Length": Buffer.byteLength(bodyStr)
+				} : {}
+			}
+		};
+		const req = https.default.request(opts, (res) => {
+			let data = "";
+			res.on("data", (c) => {
+				data += c.toString();
+			});
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data || "{}"));
+				} catch {
+					resolve(data || "{}");
+				}
+			});
+		});
+		req.on("error", reject);
+		if (bodyStr) req.write(bodyStr);
+		req.end();
+	});
+}
+var KNOWN_BOUNTY_SERVICES;
+var init_bounty_tools = require_chunk.__esm({ "packages/core/src/agent/bounty-tools.ts"() {
+	require_env_resolve.init_env_resolve();
+	KNOWN_BOUNTY_SERVICES = [
+		"hackerone",
+		"bugcrowd",
+		"synack"
+	];
+} });
+
+//#endregion
+init_bounty_tools();
+exports.getBountyTools = getBountyTools;

package/dist/browser-tools-BsTeGMnX.js

@@ -0,0 +1,5 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_browser_tools = require('./browser-tools-D8_rLe2p.js');
+
+require_browser_tools.init_browser_tools();
+exports.getBrowserTools = require_browser_tools.getBrowserTools;