npm - hyperclaw - Versions diffs - 4.0.2 → 5.0.1 - Mend

hyperclaw 4.0.2 → 5.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (194) hide show

package/README.md +246 -60
package/dist/a2ui-protocol-CfBI44-Q.js +75 -0
package/dist/agents-routing-ChHiZp36.js +327 -0
package/dist/agents-routing-ChqZ6l2S.js +4 -0
package/dist/api-keys-guide-BCcOl0Q7.js +149 -0
package/dist/api-keys-guide-CGn5BSF7.js +149 -0
package/dist/audit-BJohI_vC.js +441 -0
package/dist/audit-BaIiyWFu.js +441 -0
package/dist/bounty-tools-CY_i91DU.js +211 -0
package/dist/bounty-tools-DWudyZie.js +211 -0
package/dist/browser-tools-BsTeGMnX.js +5 -0
package/dist/browser-tools-D8_rLe2p.js +179 -0
package/dist/claw-tasks-CgTsiNE8.js +80 -0
package/dist/claw-tasks-Cyzdbhz_.js +80 -0
package/dist/connector-5N0-X_xs.js +194 -0
package/dist/connector-B3v0qcXg.js +425 -0
package/dist/connector-B8R3iBY1.js +280 -0
package/dist/connector-BAM-08NN.js +189 -0
package/dist/connector-BC8FIVu4.js +181 -0
package/dist/connector-BDmwwaVc.js +213 -0
package/dist/connector-BGjbBy69.js +225 -0
package/dist/connector-BO2SRzfG.js +218 -0
package/dist/connector-BfXky0L3.js +167 -0
package/dist/connector-BiiSJpx3.js +192 -0
package/dist/connector-BnDmIhIu.js +85 -0
package/dist/connector-C1HSoUyk.js +189 -0
package/dist/connector-CKQHZOXg.js +568 -0
package/dist/connector-CRl-iidy.js +239 -0
package/dist/connector-Ci9glMD-.js +340 -0
package/dist/connector-CjtZIEDj.js +181 -0
package/dist/connector-Ck6JtOsX.js +531 -0
package/dist/connector-D8Kelee0.js +286 -0
package/dist/connector-DAnRJ0oP.js +162 -0
package/dist/connector-DXTp5PE8.js +508 -0
package/dist/connector-Dih6dUPP.js +173 -0
package/dist/connector-DqTH_tPX.js +182 -0
package/dist/connector-DrnEiiyP.js +419 -0
package/dist/connector-DtR5GGTX.js +167 -0
package/dist/connector-Tky_qS_K.js +350 -0
package/dist/connector-ZSc3oTTy.js +305 -0
package/dist/connector-sW5yhU1m.js +498 -0
package/dist/connector-u3ICd3Ic.js +552 -0
package/dist/cost-tracker-Ca1UPZ33.js +103 -0
package/dist/cost-tracker-DD9wtWsr.js +103 -0
package/dist/credentials-store-C6ir0Dae.js +4 -0
package/dist/credentials-store-CA8UtK0T.js +77 -0
package/dist/credentials-store-Cm7DH-kh.js +4 -0
package/dist/credentials-store-H13LqOwJ.js +77 -0
package/dist/cron-tasks-Bli7Kzd2.js +82 -0
package/dist/cron-tasks-_pqQCmxc.js +82 -0
package/dist/daemon-7ViroziB.js +5 -0
package/dist/daemon-BfyKmZhr.js +318 -0
package/dist/daemon-Bg4GtCmc.js +318 -0
package/dist/daemon-DhmwY8k4.js +5 -0
package/dist/delivery-BmIYy9VQ.js +4 -0
package/dist/delivery-DVHmv1IR.js +4 -0
package/dist/delivery-DpMX0Yyc.js +95 -0
package/dist/delivery-pWUPBp1F.js +95 -0
package/dist/destructive-gate-D6vWOdEl.js +101 -0
package/dist/destructive-gate-DZt71UZR.js +101 -0
package/dist/developer-keys-CPWT7Q6S.js +8 -0
package/dist/developer-keys-DrrcUqFa.js +127 -0
package/dist/doctor-BvCe8BBk.js +230 -0
package/dist/doctor-CxyPLYsJ.js +6 -0
package/dist/engine-B0kLfRL0.js +256 -0
package/dist/engine-BJUpRUOv.js +7 -0
package/dist/engine-CEDSqXfw.js +256 -0
package/dist/engine-Da4JMNpI.js +7 -0
package/dist/env-resolve-17ekEU6p.js +10 -0
package/dist/env-resolve-CiXbWYwe.js +10 -0
package/dist/env-resolve-CmGWhWXJ.js +115 -0
package/dist/env-resolve-Z2XF6leB.js +115 -0
package/dist/extraction-tools-HOZstZ0y.js +91 -0
package/dist/extraction-tools-m4lmAv7l.js +5 -0
package/dist/form_data-Cz040rio.js +8657 -0
package/dist/gmail-watch-setup-Du7DVV7S.js +40 -0
package/dist/health-B-asI__D.js +6 -0
package/dist/health-Ds2YlpTB.js +152 -0
package/dist/heartbeat-engine-BYT5ayQH.js +83 -0
package/dist/heartbeat-engine-Ut6pXBD6.js +83 -0
package/dist/hub-9LaKnLjY.js +6 -0
package/dist/hub-CfwUz9YW.js +515 -0
package/dist/hub-D0XwdjM-.js +515 -0
package/dist/hub-LiD5Iztb.js +6 -0
package/dist/hyperclawbot-CBiDSKsa.js +505 -0
package/dist/hyperclawbot-zvczQgKx.js +505 -0
package/dist/inference-0mlFQqIm.js +922 -0
package/dist/inference-BKVkBREb.js +6 -0
package/dist/inference-DCXH4Q3x.js +922 -0
package/dist/inference-SzqFe_nk.js +6 -0
package/dist/knowledge-graph-DE5lSF02.js +131 -0
package/dist/knowledge-graph-iBG76fvm.js +131 -0
package/dist/loader-BkDi8MD9.js +400 -0
package/dist/loader-CC45xGpC.js +4 -0
package/dist/loader-CnEdOyjT.js +400 -0
package/dist/loader-DI2qDRPC.js +4 -0
package/dist/logger-Cp8wC7F8.js +83 -0
package/dist/logger-ybOp7VOC.js +83 -0
package/dist/manager-03ipO9R0.js +105 -0
package/dist/manager-B2Gls5RG.js +218 -0
package/dist/manager-BpDfbDjg.js +117 -0
package/dist/manager-Bxl0sqlh.js +4 -0
package/dist/manager-CWNSML5D.js +117 -0
package/dist/manager-CrVDn6eN.js +6 -0
package/dist/manager-FCgF1plu.js +218 -0
package/dist/manager-SJe9gt-q.js +4 -0
package/dist/manager-rgCsaWT1.js +40 -0
package/dist/mcp-CfoSU4Uz.js +139 -0
package/dist/mcp-loader-CvxRDtPC.js +94 -0
package/dist/mcp-loader-DkRBsLpk.js +94 -0
package/dist/memory-BlHL7JCO.js +4 -0
package/dist/memory-DsS_eFvJ.js +270 -0
package/dist/memory-auto-BkvtSFUw.js +5 -0
package/dist/memory-auto-Bnz_-1wP.js +306 -0
package/dist/memory-auto-CpQHZlEJ.js +306 -0
package/dist/memory-auto-Z6LCf-iK.js +5 -0
package/dist/memory-integration-cSYkZyEo.js +91 -0
package/dist/memory-integration-g2vxwgoE.js +91 -0
package/dist/moltbook-BtLDZTfM.js +81 -0
package/dist/moltbook-Cl8cQfxJ.js +81 -0
package/dist/node-Dw2Gi-cP.js +222 -0
package/dist/nodes-registry-B8dmrlLv.js +52 -0
package/dist/nodes-registry-C9dCFwjh.js +52 -0
package/dist/oauth-flow-CeaaGAz0.js +150 -0
package/dist/oauth-flow-DQPvMHRH.js +150 -0
package/dist/oauth-provider-B4dzn56l.js +110 -0
package/dist/oauth-provider-Uo4Nib_c.js +110 -0
package/dist/observability-BV-Yx0V9.js +89 -0
package/dist/observability-nZ3CBIxG.js +89 -0
package/dist/onboard-0WoDxbv_.js +10 -0
package/dist/onboard-BBBWcfhp.js +10 -0
package/dist/onboard-BXNXCQp4.js +4070 -0
package/dist/onboard-Bw28IRQ3.js +4070 -0
package/dist/orchestrator-BovkM63z.js +6 -0
package/dist/orchestrator-DSbpkP1X.js +189 -0
package/dist/orchestrator-DmnEvMaL.js +189 -0
package/dist/orchestrator-RI3bpqqc.js +6 -0
package/dist/osint-B4_m3VHQ.js +277 -0
package/dist/pairing-6iM27aD8.js +196 -0
package/dist/pairing-dGoiGepK.js +4 -0
package/dist/pc-access-CgCsYrpt.js +8 -0
package/dist/pc-access-_iH2aorG.js +819 -0
package/dist/pending-approval-BgNjjuI2.js +22 -0
package/dist/pending-approval-CUXjysAo.js +22 -0
package/dist/reminders-store-Drjed_-h.js +58 -0
package/dist/renderer-BVQrd0_g.js +225 -0
package/dist/rules-BE4GV6cV.js +103 -0
package/dist/run-main.js +1639 -460
package/dist/runner-CJFJUtPm.js +1271 -0
package/dist/runner-DatMMYYE.js +1271 -0
package/dist/sdk/index.js +2 -2
package/dist/sdk/index.mjs +2 -2
package/dist/security-BqNyT4ID.js +4 -0
package/dist/security-tpgqPWWH.js +73 -0
package/dist/server-Brl_HQUB.js +1255 -0
package/dist/server-D4wVHiX9.js +4 -0
package/dist/server-Dh3JlBFB.js +1255 -0
package/dist/server-DhfipkwN.js +4 -0
package/dist/session-store-BUiPz0Vv.js +5 -0
package/dist/session-store-is4B6qmD.js +113 -0
package/dist/sessions-tools-CbUTFe4i.js +5 -0
package/dist/sessions-tools-CeqD7iil.js +95 -0
package/dist/skill-loader-BaNLVmJy.js +7 -0
package/dist/skill-loader-HgpF6Vqs.js +159 -0
package/dist/skill-runtime-BXWd-Ktf.js +102 -0
package/dist/skill-runtime-CJN24QPW.js +102 -0
package/dist/skill-runtime-jgklm02e.js +5 -0
package/dist/skill-runtime-w1ig_lcw.js +5 -0
package/dist/src-Bhybpk1J.js +63 -0
package/dist/src-BxPHKO5x.js +63 -0
package/dist/src-DIc-L2IG.js +20 -0
package/dist/src-DMJ4-uqk.js +458 -0
package/dist/src-g_rNx5rh.js +458 -0
package/dist/sub-agent-tools-CHQoHz9c.js +39 -0
package/dist/sub-agent-tools-DHY-4WWM.js +39 -0
package/dist/theme-DcxwcUgZ.js +180 -0
package/dist/theme-cx0fkgWC.js +8 -0
package/dist/tool-policy-CNT-mF2Z.js +189 -0
package/dist/tool-policy-DZvF8xlQ.js +189 -0
package/dist/tts-elevenlabs-BRosZv-f.js +61 -0
package/dist/tts-elevenlabs-C06nUxMK.js +61 -0
package/dist/update-check-C2Dz85wJ.js +81 -0
package/dist/update-check-w4XuxVl7.js +81 -0
package/dist/vision-BMmiIKy7.js +121 -0
package/dist/vision-JOtOS1Br.js +121 -0
package/dist/vision-tools-CB28ZCO_.js +5 -0
package/dist/vision-tools-DVuYc17I.js +51 -0
package/dist/vision-tools-U3YC4L-g.js +5 -0
package/dist/vision-tools-vPPwQ-0N.js +51 -0
package/dist/voice-transcription-B555DbWR.js +138 -0
package/dist/voice-transcription-DBo5hXmu.js +138 -0
package/dist/website-watch-tools-DFMrJU-R.js +139 -0
package/dist/website-watch-tools-Du3W5sN7.js +5 -0
package/package.json +1 -1

package/dist/delivery-DpMX0Yyc.js ADDED Viewed

@@ -0,0 +1,95 @@
+//#region src/channels/delivery.ts
+/**
+* src/channels/delivery.ts
+* Delivery pipeline: queue retry, per-channel chunking, media handling.
+*/
+const CHANNEL_MAX_LENGTH = {
+	telegram: 4096,
+	discord: 2e3,
+	whatsapp: 4096,
+	"whatsapp-baileys": 4096,
+	slack: 4e4,
+	googlechat: 4096,
+	msteams: 28e3,
+	matrix: 32768,
+	irc: 512,
+	mattermost: 16383,
+	signal: 4096,
+	line: 2e3,
+	twitch: 490,
+	viber: 7e3,
+	default: 4e3
+};
+function chunkForChannel(text, channelId) {
+	const max = CHANNEL_MAX_LENGTH[channelId] ?? CHANNEL_MAX_LENGTH.default;
+	if (text.length <= max) return [text];
+	const chunks = [];
+	let i = 0;
+	while (i < text.length) {
+		let end = Math.min(i + max, text.length);
+		if (end < text.length) {
+			const nl = text.lastIndexOf("\n", end);
+			if (nl > i) end = nl + 1;
+		}
+		chunks.push(text.slice(i, end));
+		i = end;
+	}
+	return chunks;
+}
+const DEFAULT_RETRIES = 3;
+const DEFAULT_BACKOFF_MS = 1e3;
+async function withRetry(fn, opts) {
+	const retries = opts?.retries ?? DEFAULT_RETRIES;
+	const backoff = opts?.backoffMs ?? DEFAULT_BACKOFF_MS;
+	let lastErr = null;
+	for (let i = 0; i <= retries; i++) try {
+		return await fn();
+	} catch (e) {
+		lastErr = e;
+		opts?.onRetry?.(i + 1, lastErr);
+		if (i < retries) await new Promise((r) => setTimeout(r, backoff * Math.pow(2, i)));
+	}
+	throw lastErr;
+}
+/** Enrich message text from voice note (transcribe if audioPath provided). */
+async function enrichVoiceNote(msg) {
+	if (!msg.audioPath) return msg.text;
+	if (msg.text && msg.text !== "[voice note]") return msg.text;
+	try {
+		const { transcribeVoiceNote } = await Promise.resolve().then(() => require("./voice-transcription-DBo5hXmu.js"));
+		const text = await transcribeVoiceNote(msg.audioPath);
+		return text || msg.text;
+	} catch (e) {
+		return `[Voice note — transcription failed: ${e.message}]`;
+	}
+}
+//#endregion
+Object.defineProperty(exports, 'CHANNEL_MAX_LENGTH', {
+  enumerable: true,
+  get: function () {
+    return CHANNEL_MAX_LENGTH;
+  }
+});
+Object.defineProperty(exports, 'chunkForChannel', {
+  enumerable: true,
+  get: function () {
+    return chunkForChannel;
+  }
+});
+Object.defineProperty(exports, 'enrichVoiceNote', {
+  enumerable: true,
+  get: function () {
+    return enrichVoiceNote;
+  }
+});
+Object.defineProperty(exports, 'withRetry', {
+  enumerable: true,
+  get: function () {
+    return withRetry;
+  }
+});

package/dist/delivery-pWUPBp1F.js ADDED Viewed

@@ -0,0 +1,95 @@
+//#region src/channels/delivery.ts
+/**
+* src/channels/delivery.ts
+* Delivery pipeline: queue retry, per-channel chunking, media handling.
+*/
+const CHANNEL_MAX_LENGTH = {
+	telegram: 4096,
+	discord: 2e3,
+	whatsapp: 4096,
+	"whatsapp-baileys": 4096,
+	slack: 4e4,
+	googlechat: 4096,
+	msteams: 28e3,
+	matrix: 32768,
+	irc: 512,
+	mattermost: 16383,
+	signal: 4096,
+	line: 2e3,
+	twitch: 490,
+	viber: 7e3,
+	default: 4e3
+};
+function chunkForChannel(text, channelId) {
+	const max = CHANNEL_MAX_LENGTH[channelId] ?? CHANNEL_MAX_LENGTH.default;
+	if (text.length <= max) return [text];
+	const chunks = [];
+	let i = 0;
+	while (i < text.length) {
+		let end = Math.min(i + max, text.length);
+		if (end < text.length) {
+			const nl = text.lastIndexOf("\n", end);
+			if (nl > i) end = nl + 1;
+		}
+		chunks.push(text.slice(i, end));
+		i = end;
+	}
+	return chunks;
+}
+const DEFAULT_RETRIES = 3;
+const DEFAULT_BACKOFF_MS = 1e3;
+async function withRetry(fn, opts) {
+	const retries = opts?.retries ?? DEFAULT_RETRIES;
+	const backoff = opts?.backoffMs ?? DEFAULT_BACKOFF_MS;
+	let lastErr = null;
+	for (let i = 0; i <= retries; i++) try {
+		return await fn();
+	} catch (e) {
+		lastErr = e;
+		opts?.onRetry?.(i + 1, lastErr);
+		if (i < retries) await new Promise((r) => setTimeout(r, backoff * Math.pow(2, i)));
+	}
+	throw lastErr;
+}
+/** Enrich message text from voice note (transcribe if audioPath provided). */
+async function enrichVoiceNote(msg) {
+	if (!msg.audioPath) return msg.text;
+	if (msg.text && msg.text !== "[voice note]") return msg.text;
+	try {
+		const { transcribeVoiceNote } = await Promise.resolve().then(() => require("./voice-transcription-B555DbWR.js"));
+		const text = await transcribeVoiceNote(msg.audioPath);
+		return text || msg.text;
+	} catch (e) {
+		return `[Voice note — transcription failed: ${e.message}]`;
+	}
+}
+//#endregion
+Object.defineProperty(exports, 'CHANNEL_MAX_LENGTH', {
+  enumerable: true,
+  get: function () {
+    return CHANNEL_MAX_LENGTH;
+  }
+});
+Object.defineProperty(exports, 'chunkForChannel', {
+  enumerable: true,
+  get: function () {
+    return chunkForChannel;
+  }
+});
+Object.defineProperty(exports, 'enrichVoiceNote', {
+  enumerable: true,
+  get: function () {
+    return enrichVoiceNote;
+  }
+});
+Object.defineProperty(exports, 'withRetry', {
+  enumerable: true,
+  get: function () {
+    return withRetry;
+  }
+});

package/dist/destructive-gate-D6vWOdEl.js ADDED Viewed

@@ -0,0 +1,101 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+//#region src/infra/destructive-gate.ts
+function isDangerousShellCommand(cmd) {
+	const c = (cmd || "").trim();
+	for (const re of DANGEROUS_SHELL_PATTERNS) if (re.test(c)) return true;
+	return false;
+}
+/**
+* Wrap tools so destructive ones are gated. When sessionId set, stores pending for confirm flow.
+*/
+function applyDestructiveGate(tools, opts) {
+	const { elevated, source, sessionId } = opts;
+	const fromChannel = source && CHANNEL_SOURCES.has(source);
+	if (!fromChannel || elevated) return tools;
+	return tools.map((t) => {
+		if (DESTRUCTIVE_TOOLS.includes(t.name)) {
+			const orig = t.handler;
+			return {
+				...t,
+				handler: async (input) => {
+					if (sessionId) {
+						const { setPending } = await Promise.resolve().then(() => require("./pending-approval-CUXjysAo.js"));
+						setPending(sessionId, {
+							toolName: t.name,
+							input,
+							execute: () => orig(input)
+						});
+						return PENDING_MSG;
+					}
+					return BLOCKED_MSG;
+				}
+			};
+		}
+		if (t.name === "run_shell") {
+			const orig = t.handler;
+			return {
+				...t,
+				handler: async (input) => {
+					const cmd = input.command || "";
+					if (isDangerousShellCommand(cmd)) {
+						if (sessionId) {
+							const { setPending } = await Promise.resolve().then(() => require("./pending-approval-CUXjysAo.js"));
+							setPending(sessionId, {
+								toolName: "run_shell",
+								input,
+								execute: () => orig(input)
+							});
+							return PENDING_MSG;
+						}
+						return BLOCKED_MSG;
+					}
+					return orig(input);
+				}
+			};
+		}
+		return t;
+	});
+}
+var DESTRUCTIVE_TOOLS, DANGEROUS_SHELL_PATTERNS, CHANNEL_SOURCES, BLOCKED_MSG, PENDING_MSG;
+var init_destructive_gate = require_chunk.__esm({ "src/infra/destructive-gate.ts"() {
+	DESTRUCTIVE_TOOLS = ["delete_file", "kill_process"];
+	DANGEROUS_SHELL_PATTERNS = [
+		/\brm\s+-[rf]\b|\brm\s+--recursive|\brm\s+-rf\b/,
+		/\bmkfs\.|format\s+/i,
+		/\bdd\s+if=/,
+		/\b>\/dev\/sd[a-z]/,
+		/\bshutdown\s+-/,
+		/\breboot\b/i,
+		/\b:\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}/,
+		/\bcurl\s+.*\s*\|\s*sh\b/,
+		/\bwget\s+.*\s*\|\s*(bash|sh)\b/
+	];
+	CHANNEL_SOURCES = new Set([
+		"telegram",
+		"discord",
+		"whatsapp",
+		"slack",
+		"signal",
+		"matrix",
+		"line",
+		"nostr",
+		"feishu",
+		"msteams",
+		"teams",
+		"instagram",
+		"messenger",
+		"twitter",
+		"viber",
+		"zalo",
+		"webhook:inbound"
+	]);
+	BLOCKED_MSG = "Blocked: destructive action requires elevated session. Use \"elevate\" or run from CLI with full access.";
+	PENDING_MSG = "This action requires confirmation. Ask the user to reply \"confirm\" to proceed.";
+} });
+//#endregion
+init_destructive_gate();
+exports.applyDestructiveGate = applyDestructiveGate;

package/dist/destructive-gate-DZt71UZR.js ADDED Viewed

@@ -0,0 +1,101 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+//#region src/infra/destructive-gate.ts
+function isDangerousShellCommand(cmd) {
+	const c = (cmd || "").trim();
+	for (const re of DANGEROUS_SHELL_PATTERNS) if (re.test(c)) return true;
+	return false;
+}
+/**
+* Wrap tools so destructive ones are gated. When sessionId set, stores pending for confirm flow.
+*/
+function applyDestructiveGate(tools, opts) {
+	const { elevated, source, sessionId } = opts;
+	const fromChannel = source && CHANNEL_SOURCES.has(source);
+	if (!fromChannel || elevated) return tools;
+	return tools.map((t) => {
+		if (DESTRUCTIVE_TOOLS.includes(t.name)) {
+			const orig = t.handler;
+			return {
+				...t,
+				handler: async (input) => {
+					if (sessionId) {
+						const { setPending } = await Promise.resolve().then(() => require("./pending-approval-BgNjjuI2.js"));
+						setPending(sessionId, {
+							toolName: t.name,
+							input,
+							execute: () => orig(input)
+						});
+						return PENDING_MSG;
+					}
+					return BLOCKED_MSG;
+				}
+			};
+		}
+		if (t.name === "run_shell") {
+			const orig = t.handler;
+			return {
+				...t,
+				handler: async (input) => {
+					const cmd = input.command || "";
+					if (isDangerousShellCommand(cmd)) {
+						if (sessionId) {
+							const { setPending } = await Promise.resolve().then(() => require("./pending-approval-BgNjjuI2.js"));
+							setPending(sessionId, {
+								toolName: "run_shell",
+								input,
+								execute: () => orig(input)
+							});
+							return PENDING_MSG;
+						}
+						return BLOCKED_MSG;
+					}
+					return orig(input);
+				}
+			};
+		}
+		return t;
+	});
+}
+var DESTRUCTIVE_TOOLS, DANGEROUS_SHELL_PATTERNS, CHANNEL_SOURCES, BLOCKED_MSG, PENDING_MSG;
+var init_destructive_gate = require_chunk.__esm({ "src/infra/destructive-gate.ts"() {
+	DESTRUCTIVE_TOOLS = ["delete_file", "kill_process"];
+	DANGEROUS_SHELL_PATTERNS = [
+		/\brm\s+-[rf]\b|\brm\s+--recursive|\brm\s+-rf\b/,
+		/\bmkfs\.|format\s+/i,
+		/\bdd\s+if=/,
+		/\b>\/dev\/sd[a-z]/,
+		/\bshutdown\s+-/,
+		/\breboot\b/i,
+		/\b:\(\)\s*\{\s*:\s*\|\s*:\s*&\s*\}/,
+		/\bcurl\s+.*\s*\|\s*sh\b/,
+		/\bwget\s+.*\s*\|\s*(bash|sh)\b/
+	];
+	CHANNEL_SOURCES = new Set([
+		"telegram",
+		"discord",
+		"whatsapp",
+		"slack",
+		"signal",
+		"matrix",
+		"line",
+		"nostr",
+		"feishu",
+		"msteams",
+		"teams",
+		"instagram",
+		"messenger",
+		"twitter",
+		"viber",
+		"zalo",
+		"webhook:inbound"
+	]);
+	BLOCKED_MSG = "Blocked: destructive action requires elevated session. Use \"elevate\" or run from CLI with full access.";
+	PENDING_MSG = "This action requires confirmation. Ask the user to reply \"confirm\" to proceed.";
+} });
+//#endregion
+init_destructive_gate();
+exports.applyDestructiveGate = applyDestructiveGate;

package/dist/developer-keys-CPWT7Q6S.js ADDED Viewed

@@ -0,0 +1,8 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+require('./paths-AIyBxIzm.js');
+const require_developer_keys = require('./developer-keys-DrrcUqFa.js');
+exports.createDeveloperKey = require_developer_keys.createDeveloperKey;
+exports.listDeveloperKeys = require_developer_keys.listDeveloperKeys;
+exports.revokeDeveloperKey = require_developer_keys.revokeDeveloperKey;
+exports.validateDeveloperKey = require_developer_keys.validateDeveloperKey;

package/dist/developer-keys-DrrcUqFa.js ADDED Viewed

@@ -0,0 +1,127 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_paths = require('./paths-AIyBxIzm.js');
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const crypto = require_chunk.__toESM(require("crypto"));
+//#region src/infra/developer-keys.ts
+require_paths.init_paths();
+const KEYS_FILE = "developer-keys.json";
+function getKeysPath(baseDir) {
+	const root = baseDir ?? require_paths.getHyperClawDir();
+	return path.default.join(root, KEYS_FILE);
+}
+function hashKey(key) {
+	return crypto.default.createHash("sha256").update(key, "utf8").digest("hex");
+}
+function generateKey() {
+	return `hc_${crypto.default.randomBytes(24).toString("base64url")}`;
+}
+async function loadKeys(baseDir) {
+	const fp = getKeysPath(baseDir);
+	if (!await fs_extra.default.pathExists(fp)) return [];
+	try {
+		const data = await fs_extra.default.readJson(fp);
+		return Array.isArray(data.keys) ? data.keys : [];
+	} catch {
+		return [];
+	}
+}
+async function saveKeys(keys, baseDir) {
+	const fp = getKeysPath(baseDir);
+	const dir = path.default.dirname(fp);
+	await fs_extra.default.ensureDir(dir);
+	await fs_extra.default.writeJson(fp, {
+		keys,
+		updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+	}, { spaces: 2 });
+}
+/** Create a new developer key. Returns the raw key (show once). Optional tenantId for multi-tenant. */
+async function createDeveloperKey(name, opts) {
+	const rawKey = generateKey();
+	const keyHash = hashKey(rawKey);
+	const id = `key_${crypto.default.randomBytes(8).toString("hex")}`;
+	const entry = {
+		id,
+		name: name || "Unnamed",
+		keyHash,
+		tenantId: opts?.tenantId,
+		createdAt: (/* @__PURE__ */ new Date()).toISOString()
+	};
+	const keys = await loadKeys(opts?.baseDir);
+	keys.push(entry);
+	await saveKeys(keys, opts?.baseDir);
+	return {
+		id,
+		key: rawKey,
+		name: entry.name,
+		tenantId: entry.tenantId
+	};
+}
+/** List developer keys (without raw keys). Optional tenantId filter. */
+async function listDeveloperKeys(opts) {
+	let keys = await loadKeys(opts?.baseDir);
+	if (opts?.tenantId) keys = keys.filter((k) => k.tenantId === opts.tenantId);
+	return keys.map((k) => ({
+		id: k.id,
+		name: k.name,
+		tenantId: k.tenantId,
+		createdAt: k.createdAt,
+		lastUsedAt: k.lastUsedAt
+	}));
+}
+/** Revoke a developer key by id. */
+async function revokeDeveloperKey(id) {
+	const keys = await loadKeys();
+	const before = keys.length;
+	const filtered = keys.filter((k) => k.id !== id);
+	if (filtered.length === before) return false;
+	await saveKeys(filtered);
+	return true;
+}
+/**
+* Validate a Bearer token. Returns { valid: true, tenantId?: string } or { valid: false }.
+* Use with gateway token check: valid = gatewayToken OR result.valid.
+*/
+async function validateDeveloperKey(bearer, opts) {
+	if (!bearer || bearer.length < 20) return { valid: false };
+	const keys = await loadKeys(opts?.baseDir);
+	const hash = hashKey(bearer);
+	const idx = keys.findIndex((k) => k.keyHash === hash);
+	if (idx < 0) return { valid: false };
+	keys[idx].lastUsedAt = (/* @__PURE__ */ new Date()).toISOString();
+	await saveKeys(keys, opts?.baseDir).catch(() => {});
+	return {
+		valid: true,
+		tenantId: keys[idx].tenantId
+	};
+}
+//#endregion
+Object.defineProperty(exports, 'createDeveloperKey', {
+  enumerable: true,
+  get: function () {
+    return createDeveloperKey;
+  }
+});
+Object.defineProperty(exports, 'listDeveloperKeys', {
+  enumerable: true,
+  get: function () {
+    return listDeveloperKeys;
+  }
+});
+Object.defineProperty(exports, 'revokeDeveloperKey', {
+  enumerable: true,
+  get: function () {
+    return revokeDeveloperKey;
+  }
+});
+Object.defineProperty(exports, 'validateDeveloperKey', {
+  enumerable: true,
+  get: function () {
+    return validateDeveloperKey;
+  }
+});