npm - instar - Versions diffs - 0.9.13 → 0.9.14 - Mend

instar 0.9.13 → 0.9.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/dist/commands/server.d.ts.map +1 -1
package/dist/commands/server.js +16 -1
package/dist/commands/server.js.map +1 -1
package/dist/core/AdaptiveTrust.d.ts +180 -0
package/dist/core/AdaptiveTrust.d.ts.map +1 -0
package/dist/core/AdaptiveTrust.js +335 -0
package/dist/core/AdaptiveTrust.js.map +1 -0
package/dist/core/AutoUpdater.d.ts +10 -0
package/dist/core/AutoUpdater.d.ts.map +1 -1
package/dist/core/AutoUpdater.js +34 -0
package/dist/core/AutoUpdater.js.map +1 -1
package/dist/core/ExternalOperationGate.d.ts +204 -0
package/dist/core/ExternalOperationGate.d.ts.map +1 -0
package/dist/core/ExternalOperationGate.js +410 -0
package/dist/core/ExternalOperationGate.js.map +1 -0
package/dist/core/MessageSentinel.d.ts +116 -0
package/dist/core/MessageSentinel.d.ts.map +1 -0
package/dist/core/MessageSentinel.js +359 -0
package/dist/core/MessageSentinel.js.map +1 -0
package/dist/index.d.ts +6 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +3 -0
package/dist/index.js.map +1 -1
package/dist/lifeline/ServerSupervisor.d.ts +11 -0
package/dist/lifeline/ServerSupervisor.d.ts.map +1 -1
package/dist/lifeline/ServerSupervisor.js +57 -0
package/dist/lifeline/ServerSupervisor.js.map +1 -1
package/dist/lifeline/TelegramLifeline.d.ts.map +1 -1
package/dist/lifeline/TelegramLifeline.js +1 -0
package/dist/lifeline/TelegramLifeline.js.map +1 -1
package/dist/server/AgentServer.d.ts +3 -0
package/dist/server/AgentServer.d.ts.map +1 -1
package/dist/server/AgentServer.js +3 -0
package/dist/server/AgentServer.js.map +1 -1
package/dist/server/routes.d.ts +6 -0
package/dist/server/routes.d.ts.map +1 -1
package/dist/server/routes.js +142 -0
package/dist/server/routes.js.map +1 -1
package/package.json +1 -1
package/upgrades/0.9.14.md +23 -0

package/dist/core/ExternalOperationGate.d.ts ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * External Operation Gate — LLM-supervised safety for external service operations.
+ *
+ * Born from the OpenClaw email deletion incident (2026-02-25): An agent deleted
+ * 200+ emails autonomously, ignoring repeated "stop" commands, because nothing
+ * distinguished safe operations (read email) from destructive ones (delete 200 emails).
+ *
+ * Design principle: Structure > Willpower. A memory.md rule saying "don't delete
+ * emails without approval" degrades as context grows. A gate that physically
+ * intercepts the operation and evaluates risk does not.
+ *
+ * Three layers:
+ * 1. Static classification — operation type × reversibility × scope → risk level
+ * 2. Config permissions — per-service allow/block lists (structural floor)
+ * 3. LLM evaluation — for medium+ risk, a haiku-tier model evaluates proportionality
+ *
+ * Integrates with AdaptiveTrust for organic permission evolution.
+ */
+import type { IntelligenceProvider } from './types.js';
+export type OperationMutability = 'read' | 'write' | 'modify' | 'delete';
+export type OperationReversibility = 'reversible' | 'partially-reversible' | 'irreversible';
+export type OperationScope = 'single' | 'batch' | 'bulk';
+export type RiskLevel = 'low' | 'medium' | 'high' | 'critical';
+export type GateAction = 'proceed' | 'show-plan' | 'suggest-alternative' | 'block';
+export type TrustLevel = 'blocked' | 'approve-always' | 'approve-first' | 'log' | 'autonomous';
+export type TrustSource = 'default' | 'config' | 'user-explicit' | 'earned' | 'revoked';
+export type AutonomyBehavior = 'proceed' | 'log' | 'approve' | 'block';
+export interface OperationClassification {
+    /** What the operation does */
+    mutability: OperationMutability;
+    /** Whether it can be undone */
+    reversibility: OperationReversibility;
+    /** How many items affected */
+    scope: OperationScope;
+    /** Computed risk level */
+    riskLevel: RiskLevel;
+    /** External service name */
+    service: string;
+    /** Human-readable description */
+    description: string;
+    /** Number of items affected (if known) */
+    itemCount?: number;
+}
+export interface GateDecision {
+    /** What the gate recommends */
+    action: GateAction;
+    /** Why this decision was made */
+    reason: string;
+    /** The operation classification that led to this decision */
+    classification: OperationClassification;
+    /** If show-plan: what to present to user */
+    plan?: string;
+    /** If suggest-alternative: safer approach */
+    alternative?: string;
+    /** If batch/bulk: checkpoint config */
+    checkpoint?: CheckpointConfig;
+    /** Whether LLM was consulted */
+    llmEvaluated: boolean;
+    /** Timestamp */
+    evaluatedAt: string;
+}
+export interface CheckpointConfig {
+    /** Pause after this many items */
+    afterCount: number;
+    /** Total items expected */
+    totalExpected: number;
+    /** Items completed so far */
+    completedSoFar: number;
+}
+export interface ServicePermissions {
+    /** Operations the agent CAN perform */
+    permissions: OperationMutability[];
+    /** Operations that are HARD BLOCKED (no override, no trust escalation) */
+    blocked?: OperationMutability[];
+    /** Maximum batch size before requiring checkpoint */
+    batchLimit?: number;
+    /** Operations that always require approval regardless of trust */
+    requireApproval?: OperationMutability[];
+}
+export interface ExternalOperationGateConfig {
+    /** State directory for operation logs and trust data */
+    stateDir: string;
+    /** Intelligence provider for LLM evaluation (haiku-tier recommended) */
+    intelligence?: IntelligenceProvider;
+    /** Per-service permissions */
+    services?: Record<string, ServicePermissions>;
+    /** Services that are fully blocked */
+    blockedServices?: string[];
+    /** Services that are read-only */
+    readOnlyServices?: string[];
+    /** Batch checkpoint configuration */
+    batchCheckpoint?: {
+        /** Items before first checkpoint (default: 5) */
+        batchThreshold: number;
+        /** Items considered "bulk" (default: 20) */
+        bulkThreshold: number;
+        /** Checkpoint interval for bulk operations (default: 10) */
+        checkpointEvery: number;
+    };
+    /** Autonomy gradient — default behavior per risk level */
+    autonomyDefaults?: Record<RiskLevel, AutonomyBehavior>;
+}
+export interface OperationLogEntry {
+    /** ISO timestamp */
+    timestamp: string;
+    /** The operation that was evaluated */
+    classification: OperationClassification;
+    /** The gate's decision */
+    decision: GateAction;
+    /** Whether the user approved (if approval was requested) */
+    userApproved?: boolean;
+    /** Whether the operation completed successfully */
+    succeeded?: boolean;
+}
+/** Autonomy profiles for the three standard levels */
+export declare const AUTONOMY_PROFILES: Record<string, Record<RiskLevel, AutonomyBehavior>>;
+/**
+ * Compute risk level from operation dimensions.
+ *
+ * The matrix follows the principle: irreversible + bulk = critical,
+ * read operations are always low, and risk escalates with scope.
+ */
+export declare function computeRiskLevel(mutability: OperationMutability, reversibility: OperationReversibility, scope: OperationScope): RiskLevel;
+/**
+ * Determine scope from item count.
+ */
+export declare function scopeFromCount(count: number, config?: {
+    batchThreshold?: number;
+    bulkThreshold?: number;
+}): OperationScope;
+export declare class ExternalOperationGate {
+    private config;
+    private logPath;
+    constructor(config: ExternalOperationGateConfig);
+    /**
+     * Classify an external operation into its risk dimensions.
+     */
+    classify(params: {
+        service: string;
+        mutability: OperationMutability;
+        reversibility: OperationReversibility;
+        description: string;
+        itemCount?: number;
+    }): OperationClassification;
+    /**
+     * Evaluate an operation through the full gate pipeline.
+     *
+     * Pipeline:
+     * 1. Check if service is fully blocked → block
+     * 2. Check if service is read-only and operation mutates → block
+     * 3. Check per-service permission config → block if operation type blocked
+     * 4. Classify operation risk
+     * 5. Check autonomy gradient for this risk level
+     * 6. For medium+ risk with intelligence provider, consult LLM
+     * 7. Check batch limits and add checkpoint if needed
+     * 8. Return final decision
+     */
+    evaluate(params: {
+        service: string;
+        mutability: OperationMutability;
+        reversibility: OperationReversibility;
+        description: string;
+        itemCount?: number;
+        /** The user's original request (for LLM proportionality check) */
+        userRequest?: string;
+    }): Promise<GateDecision>;
+    /**
+     * Consult LLM for proportionality evaluation.
+     *
+     * IMPORTANT: The LLM never sees the content being operated on.
+     * This prevents prompt injection via email body, calendar event, etc.
+     * The LLM only sees: what operation, what scope, what the user asked for.
+     */
+    private consultLLM;
+    /**
+     * Build a human-readable plan for the user.
+     */
+    private buildPlan;
+    /**
+     * Log an operation evaluation to the JSONL log.
+     */
+    private logOperation;
+    /**
+     * Read recent operation log entries.
+     */
+    getOperationLog(limit?: number): OperationLogEntry[];
+    /**
+     * Get the effective service permissions (config + defaults).
+     */
+    getServicePermissions(service: string): ServicePermissions | null;
+    /**
+     * Get the current autonomy profile.
+     */
+    getAutonomyProfile(): Record<RiskLevel, AutonomyBehavior>;
+    /**
+     * Update autonomy defaults (used by AdaptiveTrust when trust changes).
+     */
+    updateAutonomyDefaults(defaults: Record<RiskLevel, AutonomyBehavior>): void;
+    /**
+     * Update service permissions at runtime.
+     */
+    updateServicePermissions(service: string, permissions: ServicePermissions): void;
+}
+//# sourceMappingURL=ExternalOperationGate.d.ts.map

package/dist/core/ExternalOperationGate.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ExternalOperationGate.d.ts","sourceRoot":"","sources":["../../src/core/ExternalOperationGate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAIH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAIvD,MAAM,MAAM,mBAAmB,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AACzE,MAAM,MAAM,sBAAsB,GAAG,YAAY,GAAG,sBAAsB,GAAG,cAAc,CAAC;AAC5F,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC;AACzD,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAC/D,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,WAAW,GAAG,qBAAqB,GAAG,OAAO,CAAC;AACnF,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,gBAAgB,GAAG,eAAe,GAAG,KAAK,GAAG,YAAY,CAAC;AAC/F,MAAM,MAAM,WAAW,GAAG,SAAS,GAAG,QAAQ,GAAG,eAAe,GAAG,QAAQ,GAAG,SAAS,CAAC;AACxF,MAAM,MAAM,gBAAgB,GAAG,SAAS,GAAG,KAAK,GAAG,SAAS,GAAG,OAAO,CAAC;AAEvE,MAAM,WAAW,uBAAuB;IACtC,8BAA8B;IAC9B,UAAU,EAAE,mBAAmB,CAAC;IAChC,+BAA+B;IAC/B,aAAa,EAAE,sBAAsB,CAAC;IACtC,8BAA8B;IAC9B,KAAK,EAAE,cAAc,CAAC;IACtB,0BAA0B;IAC1B,SAAS,EAAE,SAAS,CAAC;IACrB,4BAA4B;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,0CAA0C;IAC1C,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,+BAA+B;IAC/B,MAAM,EAAE,UAAU,CAAC;IACnB,iCAAiC;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,6DAA6D;IAC7D,cAAc,EAAE,uBAAuB,CAAC;IACxC,4CAA4C;IAC5C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,6CAA6C;IAC7C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uCAAuC;IACvC,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAC9B,gCAAgC;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,gBAAgB;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,kCAAkC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,2BAA2B;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,6BAA6B;IAC7B,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,kBAAkB;IACjC,uCAAuC;IACvC,WAAW,EAAE,mBAAmB,EAAE,CAAC;IACnC,0EAA0E;IAC1E,OAAO,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAChC,qDAAqD;IACrD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,kEAAkE;IAClE,eAAe,CAAC,EAAE,mBAAmB,EAAE,CAAC;CACzC;AAED,MAAM,WAAW,2BAA2B;IAC1C,wDAAwD;IACxD,QAAQ,EAAE,MAAM,CAAC;IACjB,wEAAwE;IACxE,YAAY,CAAC,EAAE,oBAAoB,CAAC;IACpC,8BAA8B;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;IAC9C,sCAAsC;IACtC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,kCAAkC;IAClC,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,qCAAqC;IACrC,eAAe,CAAC,EAAE;QAChB,iDAAiD;QACjD,cAAc,EAAE,MAAM,CAAC;QACvB,4CAA4C;QAC5C,aAAa,EAAE,MAAM,CAAC;QACtB,4DAA4D;QAC5D,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,0DAA0D;IAC1D,gBAAgB,CAAC,EAAE,MAAM,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;CACxD;AAED,MAAM,WAAW,iBAAiB;IAChC,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,uCAAuC;IACvC,cAAc,EAAE,uBAAuB,CAAC;IACxC,0BAA0B;IAC1B,QAAQ,EAAE,UAAU,CAAC;IACrB,4DAA4D;IAC5D,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,mDAAmD;IACnD,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAYD,sDAAsD;AACtD,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAIjF,CAAC;AAUF;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAC9B,UAAU,EAAE,mBAAmB,EAC/B,aAAa,EAAE,sBAAsB,EACrC,KAAK,EAAE,cAAc,GACpB,SAAS,CA+BX;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE;IAAE,cAAc,CAAC,EAAE,MAAM,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,cAAc,CAO1H;AAID,qBAAa,qBAAqB;IAChC,OAAO,CAAC,MAAM,CAA8B;IAC5C,OAAO,CAAC,OAAO,CAAS;gBAEZ,MAAM,EAAE,2BAA2B;IAK/C;;OAEG;IACH,QAAQ,CAAC,MAAM,EAAE;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,mBAAmB,CAAC;QAChC,aAAa,EAAE,sBAAsB,CAAC;QACtC,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,uBAAuB;IAkB3B;;;;;;;;;;;;OAYG;IACG,QAAQ,CAAC,MAAM,EAAE;QACrB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,mBAAmB,CAAC;QAChC,aAAa,EAAE,sBAAsB,CAAC;QACtC,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,kEAAkE;QAClE,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,YAAY,CAAC;IA0KzB;;;;;;OAMG;YACW,UAAU;IA4CxB;;OAEG;IACH,OAAO,CAAC,SAAS;IAsBjB;;OAEG;IACH,OAAO,CAAC,YAAY;IAYpB;;OAEG;IACH,eAAe,CAAC,KAAK,SAAK,GAAG,iBAAiB,EAAE;IAgBhD;;OAEG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,kBAAkB,GAAG,IAAI;IAYjE;;OAEG;IACH,kBAAkB,IAAI,MAAM,CAAC,SAAS,EAAE,gBAAgB,CAAC;IAIzD;;OAEG;IACH,sBAAsB,CAAC,QAAQ,EAAE,MAAM,CAAC,SAAS,EAAE,gBAAgB,CAAC,GAAG,IAAI;IAI3E;;OAEG;IACH,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,kBAAkB,GAAG,IAAI;CAMjF"}

package/dist/core/ExternalOperationGate.js ADDED Viewed

@@ -0,0 +1,410 @@
+/**
+ * External Operation Gate — LLM-supervised safety for external service operations.
+ *
+ * Born from the OpenClaw email deletion incident (2026-02-25): An agent deleted
+ * 200+ emails autonomously, ignoring repeated "stop" commands, because nothing
+ * distinguished safe operations (read email) from destructive ones (delete 200 emails).
+ *
+ * Design principle: Structure > Willpower. A memory.md rule saying "don't delete
+ * emails without approval" degrades as context grows. A gate that physically
+ * intercepts the operation and evaluates risk does not.
+ *
+ * Three layers:
+ * 1. Static classification — operation type × reversibility × scope → risk level
+ * 2. Config permissions — per-service allow/block lists (structural floor)
+ * 3. LLM evaluation — for medium+ risk, a haiku-tier model evaluates proportionality
+ *
+ * Integrates with AdaptiveTrust for organic permission evolution.
+ */
+import fs from 'node:fs';
+import path from 'node:path';
+// ── Constants ────────────────────────────────────────────────────────
+/** Default autonomy behaviors per risk level (collaborative profile) */
+const DEFAULT_AUTONOMY = {
+    low: 'proceed',
+    medium: 'log',
+    high: 'approve',
+    critical: 'approve',
+};
+/** Autonomy profiles for the three standard levels */
+export const AUTONOMY_PROFILES = {
+    supervised: { low: 'log', medium: 'approve', high: 'approve', critical: 'block' },
+    collaborative: { low: 'proceed', medium: 'log', high: 'approve', critical: 'approve' },
+    autonomous: { low: 'proceed', medium: 'proceed', high: 'log', critical: 'approve' },
+};
+const DEFAULT_BATCH_CONFIG = {
+    batchThreshold: 5,
+    bulkThreshold: 20,
+    checkpointEvery: 10,
+};
+// ── Risk Matrix ──────────────────────────────────────────────────────
+/**
+ * Compute risk level from operation dimensions.
+ *
+ * The matrix follows the principle: irreversible + bulk = critical,
+ * read operations are always low, and risk escalates with scope.
+ */
+export function computeRiskLevel(mutability, reversibility, scope) {
+    // Reads are always low risk
+    if (mutability === 'read')
+        return 'low';
+    // Bulk irreversible = always critical
+    if (scope === 'bulk' && reversibility === 'irreversible')
+        return 'critical';
+    // Bulk deletes = critical regardless of reversibility
+    if (scope === 'bulk' && mutability === 'delete')
+        return 'critical';
+    // Any irreversible bulk = critical
+    if (scope === 'bulk')
+        return 'critical';
+    // Batch deletes = high
+    if (scope === 'batch' && mutability === 'delete')
+        return 'high';
+    // Batch irreversible = high
+    if (scope === 'batch' && reversibility === 'irreversible')
+        return 'high';
+    // Single deletes = medium-to-high based on reversibility
+    if (mutability === 'delete' && reversibility === 'irreversible')
+        return 'high';
+    if (mutability === 'delete')
+        return 'medium';
+    // Single irreversible writes/modifies = medium
+    if (reversibility === 'irreversible')
+        return 'medium';
+    // Batch reversible writes/modifies = medium
+    if (scope === 'batch')
+        return 'medium';
+    // Single reversible writes/modifies = low
+    return 'low';
+}
+/**
+ * Determine scope from item count.
+ */
+export function scopeFromCount(count, config) {
+    const batch = config?.batchThreshold ?? DEFAULT_BATCH_CONFIG.batchThreshold;
+    const bulk = config?.bulkThreshold ?? DEFAULT_BATCH_CONFIG.bulkThreshold;
+    if (count <= 1)
+        return 'single';
+    if (count <= bulk)
+        return 'batch';
+    return 'bulk';
+}
+// ── Gate Implementation ──────────────────────────────────────────────
+export class ExternalOperationGate {
+    config;
+    logPath;
+    constructor(config) {
+        this.config = config;
+        this.logPath = path.join(config.stateDir, 'state', 'operation-log.jsonl');
+    }
+    /**
+     * Classify an external operation into its risk dimensions.
+     */
+    classify(params) {
+        const scope = scopeFromCount(params.itemCount ?? 1, this.config.batchCheckpoint);
+        const riskLevel = computeRiskLevel(params.mutability, params.reversibility, scope);
+        return {
+            mutability: params.mutability,
+            reversibility: params.reversibility,
+            scope,
+            riskLevel,
+            service: params.service,
+            description: params.description,
+            itemCount: params.itemCount,
+        };
+    }
+    /**
+     * Evaluate an operation through the full gate pipeline.
+     *
+     * Pipeline:
+     * 1. Check if service is fully blocked → block
+     * 2. Check if service is read-only and operation mutates → block
+     * 3. Check per-service permission config → block if operation type blocked
+     * 4. Classify operation risk
+     * 5. Check autonomy gradient for this risk level
+     * 6. For medium+ risk with intelligence provider, consult LLM
+     * 7. Check batch limits and add checkpoint if needed
+     * 8. Return final decision
+     */
+    async evaluate(params) {
+        const now = new Date().toISOString();
+        // Step 1: Check if service is fully blocked
+        if (this.config.blockedServices?.includes(params.service)) {
+            const classification = this.classify(params);
+            return {
+                action: 'block',
+                reason: `Service "${params.service}" is fully blocked by configuration.`,
+                classification,
+                llmEvaluated: false,
+                evaluatedAt: now,
+            };
+        }
+        // Step 2: Check if service is read-only
+        if (this.config.readOnlyServices?.includes(params.service) && params.mutability !== 'read') {
+            const classification = this.classify(params);
+            return {
+                action: 'block',
+                reason: `Service "${params.service}" is configured as read-only. ${params.mutability} operations are not allowed.`,
+                classification,
+                llmEvaluated: false,
+                evaluatedAt: now,
+            };
+        }
+        // Step 3: Check per-service permissions
+        const serviceConfig = this.config.services?.[params.service];
+        if (serviceConfig) {
+            // Check blocked operations
+            if (serviceConfig.blocked?.includes(params.mutability)) {
+                const classification = this.classify(params);
+                return {
+                    action: 'block',
+                    reason: `"${params.mutability}" operations are blocked for service "${params.service}" by configuration.`,
+                    classification,
+                    llmEvaluated: false,
+                    evaluatedAt: now,
+                };
+            }
+            // Check if operation is in allowed permissions
+            if (serviceConfig.permissions.length > 0 && !serviceConfig.permissions.includes(params.mutability)) {
+                const classification = this.classify(params);
+                return {
+                    action: 'block',
+                    reason: `"${params.mutability}" is not in the allowed permissions for "${params.service}". Allowed: ${serviceConfig.permissions.join(', ')}.`,
+                    classification,
+                    llmEvaluated: false,
+                    evaluatedAt: now,
+                };
+            }
+        }
+        // Step 4: Classify
+        const classification = this.classify(params);
+        // Step 5: Check autonomy gradient
+        const autonomyDefaults = this.config.autonomyDefaults ?? DEFAULT_AUTONOMY;
+        let behavior = autonomyDefaults[classification.riskLevel];
+        // Per-service requireApproval override
+        if (serviceConfig?.requireApproval?.includes(params.mutability)) {
+            if (behavior === 'proceed' || behavior === 'log') {
+                behavior = 'approve';
+            }
+        }
+        // Step 6: LLM evaluation for medium+ risk (if available)
+        let llmEvaluated = false;
+        let llmSuggestion = null;
+        if (this.config.intelligence &&
+            classification.riskLevel !== 'low' &&
+            behavior !== 'block') {
+            llmSuggestion = await this.consultLLM(classification, params.userRequest);
+            llmEvaluated = true;
+            // LLM can escalate (make stricter) but not relax past the config floor
+            if (llmSuggestion === 'block' || llmSuggestion === 'show-plan') {
+                if (behavior === 'proceed' || behavior === 'log') {
+                    behavior = 'approve'; // LLM escalated
+                }
+            }
+        }
+        // Step 7: Map autonomy behavior to gate action
+        let action;
+        let reason;
+        switch (behavior) {
+            case 'proceed':
+                action = 'proceed';
+                reason = `Risk level "${classification.riskLevel}" allows proceeding under current autonomy settings.`;
+                break;
+            case 'log':
+                action = 'proceed';
+                reason = `Risk level "${classification.riskLevel}" allows proceeding with logging under current autonomy settings.`;
+                break;
+            case 'approve':
+                action = 'show-plan';
+                reason = `Risk level "${classification.riskLevel}" requires approval under current autonomy settings.`;
+                break;
+            case 'block':
+                action = 'block';
+                reason = `Risk level "${classification.riskLevel}" is blocked under current autonomy settings.`;
+                break;
+        }
+        // Override with LLM suggestion if it provided an alternative
+        if (llmSuggestion === 'suggest-alternative') {
+            action = 'suggest-alternative';
+            reason = 'LLM evaluation suggests a safer alternative approach.';
+        }
+        // Step 8: Add checkpoint for batch/bulk operations
+        let checkpoint;
+        if (classification.scope !== 'single' && action !== 'block') {
+            const batchConfig = this.config.batchCheckpoint ?? DEFAULT_BATCH_CONFIG;
+            const itemCount = params.itemCount ?? 0;
+            if (classification.scope === 'batch') {
+                checkpoint = {
+                    afterCount: batchConfig.batchThreshold,
+                    totalExpected: itemCount,
+                    completedSoFar: 0,
+                };
+            }
+            else if (classification.scope === 'bulk') {
+                checkpoint = {
+                    afterCount: batchConfig.checkpointEvery,
+                    totalExpected: itemCount,
+                    completedSoFar: 0,
+                };
+                // Bulk operations always require plan even if autonomy says proceed
+                if (action === 'proceed') {
+                    action = 'show-plan';
+                    reason = `Bulk operations (${itemCount} items) always require a plan before proceeding.`;
+                }
+            }
+        }
+        // Build plan text for show-plan actions
+        let plan;
+        if (action === 'show-plan') {
+            plan = this.buildPlan(classification, checkpoint);
+        }
+        const decision = {
+            action,
+            reason,
+            classification,
+            plan,
+            checkpoint,
+            llmEvaluated,
+            evaluatedAt: now,
+        };
+        // Log the evaluation
+        this.logOperation({
+            timestamp: now,
+            classification,
+            decision: action,
+        });
+        return decision;
+    }
+    /**
+     * Consult LLM for proportionality evaluation.
+     *
+     * IMPORTANT: The LLM never sees the content being operated on.
+     * This prevents prompt injection via email body, calendar event, etc.
+     * The LLM only sees: what operation, what scope, what the user asked for.
+     */
+    async consultLLM(classification, userRequest) {
+        if (!this.config.intelligence)
+            return 'proceed';
+        const prompt = [
+            'You are a safety evaluator for an AI agent\'s external service operations.',
+            'Evaluate whether this operation is proportional and appropriate.',
+            '',
+            `Service: ${classification.service}`,
+            `Operation: ${classification.mutability} (${classification.description})`,
+            `Reversibility: ${classification.reversibility}`,
+            `Scope: ${classification.scope}${classification.itemCount ? ` (${classification.itemCount} items)` : ''}`,
+            `Risk level: ${classification.riskLevel}`,
+            '',
+            userRequest ? `User's original request: "${userRequest}"` : 'No user request context available.',
+            '',
+            'Questions:',
+            '1. Does this operation match what the user likely intended?',
+            '2. Is the scope proportional to the request?',
+            '3. Is there a less destructive way to achieve the same goal?',
+            '',
+            'Respond with exactly one word: proceed, show-plan, suggest-alternative, or block.',
+        ].join('\n');
+        try {
+            const response = await this.config.intelligence.evaluate(prompt, {
+                maxTokens: 10,
+                temperature: 0,
+            });
+            const cleaned = response.trim().toLowerCase();
+            if (['proceed', 'show-plan', 'suggest-alternative', 'block'].includes(cleaned)) {
+                return cleaned;
+            }
+            // If LLM response is unparseable, default to cautious
+            return 'show-plan';
+        }
+        catch {
+            // If LLM fails, don't block — fall back to programmatic decision
+            return 'proceed';
+        }
+    }
+    /**
+     * Build a human-readable plan for the user.
+     */
+    buildPlan(classification, checkpoint) {
+        const lines = [];
+        lines.push(`I'd like to ${classification.mutability} on ${classification.service}: ${classification.description}`);
+        lines.push('');
+        lines.push(`Risk: ${classification.riskLevel} (${classification.reversibility}, ${classification.scope})`);
+        if (classification.itemCount) {
+            lines.push(`Items affected: ${classification.itemCount}`);
+        }
+        if (checkpoint) {
+            lines.push('');
+            lines.push(`I'll check in after every ${checkpoint.afterCount} items with a progress report.`);
+        }
+        lines.push('');
+        lines.push('Approve to proceed, or tell me to adjust the approach.');
+        return lines.join('\n');
+    }
+    /**
+     * Log an operation evaluation to the JSONL log.
+     */
+    logOperation(entry) {
+        try {
+            const dir = path.dirname(this.logPath);
+            if (!fs.existsSync(dir)) {
+                fs.mkdirSync(dir, { recursive: true });
+            }
+            fs.appendFileSync(this.logPath, JSON.stringify(entry) + '\n');
+        }
+        catch {
+            // Logging should never break the gate
+        }
+    }
+    /**
+     * Read recent operation log entries.
+     */
+    getOperationLog(limit = 50) {
+        if (!fs.existsSync(this.logPath))
+            return [];
+        try {
+            const lines = fs.readFileSync(this.logPath, 'utf-8')
+                .split('\n')
+                .filter(Boolean);
+            return lines
+                .slice(-limit)
+                .map(line => JSON.parse(line));
+        }
+        catch {
+            return [];
+        }
+    }
+    /**
+     * Get the effective service permissions (config + defaults).
+     */
+    getServicePermissions(service) {
+        if (this.config.blockedServices?.includes(service)) {
+            return { permissions: [], blocked: ['read', 'write', 'modify', 'delete'] };
+        }
+        if (this.config.readOnlyServices?.includes(service)) {
+            return { permissions: ['read'], blocked: ['write', 'modify', 'delete'] };
+        }
+        return this.config.services?.[service] ?? null;
+    }
+    /**
+     * Get the current autonomy profile.
+     */
+    getAutonomyProfile() {
+        return this.config.autonomyDefaults ?? DEFAULT_AUTONOMY;
+    }
+    /**
+     * Update autonomy defaults (used by AdaptiveTrust when trust changes).
+     */
+    updateAutonomyDefaults(defaults) {
+        this.config.autonomyDefaults = defaults;
+    }
+    /**
+     * Update service permissions at runtime.
+     */
+    updateServicePermissions(service, permissions) {
+        if (!this.config.services) {
+            this.config.services = {};
+        }
+        this.config.services[service] = permissions;
+    }
+}
+//# sourceMappingURL=ExternalOperationGate.js.map

package/dist/core/ExternalOperationGate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ExternalOperationGate.js","sourceRoot":"","sources":["../../src/core/ExternalOperationGate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AA2G7B,wEAAwE;AAExE,wEAAwE;AACxE,MAAM,gBAAgB,GAAwC;IAC5D,GAAG,EAAE,SAAS;IACd,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,SAAS;CACpB,CAAC;AAEF,sDAAsD;AACtD,MAAM,CAAC,MAAM,iBAAiB,GAAwD;IACpF,UAAU,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE;IACjF,aAAa,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE;IACtF,UAAU,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE;CACpF,CAAC;AAEF,MAAM,oBAAoB,GAAG;IAC3B,cAAc,EAAE,CAAC;IACjB,aAAa,EAAE,EAAE;IACjB,eAAe,EAAE,EAAE;CACpB,CAAC;AAEF,wEAAwE;AAExE;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAC9B,UAA+B,EAC/B,aAAqC,EACrC,KAAqB;IAErB,4BAA4B;IAC5B,IAAI,UAAU,KAAK,MAAM;QAAE,OAAO,KAAK,CAAC;IAExC,sCAAsC;IACtC,IAAI,KAAK,KAAK,MAAM,IAAI,aAAa,KAAK,cAAc;QAAE,OAAO,UAAU,CAAC;IAE5E,sDAAsD;IACtD,IAAI,KAAK,KAAK,MAAM,IAAI,UAAU,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC;IAEnE,mCAAmC;IACnC,IAAI,KAAK,KAAK,MAAM;QAAE,OAAO,UAAU,CAAC;IAExC,uBAAuB;IACvB,IAAI,KAAK,KAAK,OAAO,IAAI,UAAU,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC;IAEhE,4BAA4B;IAC5B,IAAI,KAAK,KAAK,OAAO,IAAI,aAAa,KAAK,cAAc;QAAE,OAAO,MAAM,CAAC;IAEzE,yDAAyD;IACzD,IAAI,UAAU,KAAK,QAAQ,IAAI,aAAa,KAAK,cAAc;QAAE,OAAO,MAAM,CAAC;IAC/E,IAAI,UAAU,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE7C,+CAA+C;IAC/C,IAAI,aAAa,KAAK,cAAc;QAAE,OAAO,QAAQ,CAAC;IAEtD,4CAA4C;IAC5C,IAAI,KAAK,KAAK,OAAO;QAAE,OAAO,QAAQ,CAAC;IAEvC,0CAA0C;IAC1C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,MAA4D;IACxG,MAAM,KAAK,GAAG,MAAM,EAAE,cAAc,IAAI,oBAAoB,CAAC,cAAc,CAAC;IAC5E,MAAM,IAAI,GAAG,MAAM,EAAE,aAAa,IAAI,oBAAoB,CAAC,aAAa,CAAC;IAEzE,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,QAAQ,CAAC;IAChC,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,OAAO,CAAC;IAClC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,wEAAwE;AAExE,MAAM,OAAO,qBAAqB;IACxB,MAAM,CAA8B;IACpC,OAAO,CAAS;IAExB,YAAY,MAAmC;QAC7C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,qBAAqB,CAAC,CAAC;IAC5E,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,MAMR;QACC,MAAM,KAAK,GAAG,cAAc,CAC1B,MAAM,CAAC,SAAS,IAAI,CAAC,EACrB,IAAI,CAAC,MAAM,CAAC,eAAe,CAC5B,CAAC;QACF,MAAM,SAAS,GAAG,gBAAgB,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAEnF,OAAO;YACL,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK;YACL,SAAS;YACT,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,QAAQ,CAAC,MAQd;QACC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAErC,4CAA4C;QAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7C,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,YAAY,MAAM,CAAC,OAAO,sCAAsC;gBACxE,cAAc;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,GAAG;aACjB,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,UAAU,KAAK,MAAM,EAAE,CAAC;YAC3F,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7C,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,YAAY,MAAM,CAAC,OAAO,iCAAiC,MAAM,CAAC,UAAU,8BAA8B;gBAClH,cAAc;gBACd,YAAY,EAAE,KAAK;gBACnB,WAAW,EAAE,GAAG;aACjB,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,aAAa,EAAE,CAAC;YAClB,2BAA2B;YAC3B,IAAI,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;gBACvD,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAC7C,OAAO;oBACL,MAAM,EAAE,OAAO;oBACf,MAAM,EAAE,IAAI,MAAM,CAAC,UAAU,yCAAyC,MAAM,CAAC,OAAO,qBAAqB;oBACzG,cAAc;oBACd,YAAY,EAAE,KAAK;oBACnB,WAAW,EAAE,GAAG;iBACjB,CAAC;YACJ,CAAC;YAED,+CAA+C;YAC/C,IAAI,aAAa,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;gBACnG,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAC7C,OAAO;oBACL,MAAM,EAAE,OAAO;oBACf,MAAM,EAAE,IAAI,MAAM,CAAC,UAAU,4CAA4C,MAAM,CAAC,OAAO,eAAe,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;oBAC7I,cAAc;oBACd,YAAY,EAAE,KAAK;oBACnB,WAAW,EAAE,GAAG;iBACjB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAE7C,kCAAkC;QAClC,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,gBAAgB,CAAC;QAC1E,IAAI,QAAQ,GAAG,gBAAgB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAE1D,uCAAuC;QACvC,IAAI,aAAa,EAAE,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YAChE,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACjD,QAAQ,GAAG,SAAS,CAAC;YACvB,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,YAAY,GAAG,KAAK,CAAC;QACzB,IAAI,aAAa,GAAsB,IAAI,CAAC;QAE5C,IACE,IAAI,CAAC,MAAM,CAAC,YAAY;YACxB,cAAc,CAAC,SAAS,KAAK,KAAK;YAClC,QAAQ,KAAK,OAAO,EACpB,CAAC;YACD,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YAC1E,YAAY,GAAG,IAAI,CAAC;YAEpB,uEAAuE;YACvE,IAAI,aAAa,KAAK,OAAO,IAAI,aAAa,KAAK,WAAW,EAAE,CAAC;gBAC/D,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;oBACjD,QAAQ,GAAG,SAAS,CAAC,CAAC,gBAAgB;gBACxC,CAAC;YACH,CAAC;QACH,CAAC;QAED,+CAA+C;QAC/C,IAAI,MAAkB,CAAC;QACvB,IAAI,MAAc,CAAC;QAEnB,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,SAAS;gBACZ,MAAM,GAAG,SAAS,CAAC;gBACnB,MAAM,GAAG,eAAe,cAAc,CAAC,SAAS,sDAAsD,CAAC;gBACvG,MAAM;YACR,KAAK,KAAK;gBACR,MAAM,GAAG,SAAS,CAAC;gBACnB,MAAM,GAAG,eAAe,cAAc,CAAC,SAAS,mEAAmE,CAAC;gBACpH,MAAM;YACR,KAAK,SAAS;gBACZ,MAAM,GAAG,WAAW,CAAC;gBACrB,MAAM,GAAG,eAAe,cAAc,CAAC,SAAS,sDAAsD,CAAC;gBACvG,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,GAAG,OAAO,CAAC;gBACjB,MAAM,GAAG,eAAe,cAAc,CAAC,SAAS,+CAA+C,CAAC;gBAChG,MAAM;QACV,CAAC;QAED,6DAA6D;QAC7D,IAAI,aAAa,KAAK,qBAAqB,EAAE,CAAC;YAC5C,MAAM,GAAG,qBAAqB,CAAC;YAC/B,MAAM,GAAG,uDAAuD,CAAC;QACnE,CAAC;QAED,mDAAmD;QACnD,IAAI,UAAwC,CAAC;QAC7C,IAAI,cAAc,CAAC,KAAK,KAAK,QAAQ,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YAC5D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,oBAAoB,CAAC;YACxE,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,CAAC,CAAC;YAExC,IAAI,cAAc,CAAC,KAAK,KAAK,OAAO,EAAE,CAAC;gBACrC,UAAU,GAAG;oBACX,UAAU,EAAE,WAAW,CAAC,cAAc;oBACtC,aAAa,EAAE,SAAS;oBACxB,cAAc,EAAE,CAAC;iBAClB,CAAC;YACJ,CAAC;iBAAM,IAAI,cAAc,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;gBAC3C,UAAU,GAAG;oBACX,UAAU,EAAE,WAAW,CAAC,eAAe;oBACvC,aAAa,EAAE,SAAS;oBACxB,cAAc,EAAE,CAAC;iBAClB,CAAC;gBACF,oEAAoE;gBACpE,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,MAAM,GAAG,WAAW,CAAC;oBACrB,MAAM,GAAG,oBAAoB,SAAS,kDAAkD,CAAC;gBAC3F,CAAC;YACH,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,IAAwB,CAAC;QAC7B,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;YAC3B,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,QAAQ,GAAiB;YAC7B,MAAM;YACN,MAAM;YACN,cAAc;YACd,IAAI;YACJ,UAAU;YACV,YAAY;YACZ,WAAW,EAAE,GAAG;SACjB,CAAC;QAEF,qBAAqB;QACrB,IAAI,CAAC,YAAY,CAAC;YAChB,SAAS,EAAE,GAAG;YACd,cAAc;YACd,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,UAAU,CACtB,cAAuC,EACvC,WAAoB;QAEpB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY;YAAE,OAAO,SAAS,CAAC;QAEhD,MAAM,MAAM,GAAG;YACb,4EAA4E;YAC5E,kEAAkE;YAClE,EAAE;YACF,YAAY,cAAc,CAAC,OAAO,EAAE;YACpC,cAAc,cAAc,CAAC,UAAU,KAAK,cAAc,CAAC,WAAW,GAAG;YACzE,kBAAkB,cAAc,CAAC,aAAa,EAAE;YAChD,UAAU,cAAc,CAAC,KAAK,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,cAAc,CAAC,SAAS,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE;YACzG,eAAe,cAAc,CAAC,SAAS,EAAE;YACzC,EAAE;YACF,WAAW,CAAC,CAAC,CAAC,6BAA6B,WAAW,GAAG,CAAC,CAAC,CAAC,oCAAoC;YAChG,EAAE;YACF,YAAY;YACZ,6DAA6D;YAC7D,8CAA8C;YAC9C,8DAA8D;YAC9D,EAAE;YACF,mFAAmF;SACpF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,EAAE;gBAC/D,SAAS,EAAE,EAAE;gBACb,WAAW,EAAE,CAAC;aACf,CAAC,CAAC;YAEH,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC9C,IAAI,CAAC,SAAS,EAAE,WAAW,EAAE,qBAAqB,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/E,OAAO,OAAqB,CAAC;YAC/B,CAAC;YACD,sDAAsD;YACtD,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,MAAM,CAAC;YACP,iEAAiE;YACjE,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,SAAS,CAAC,cAAuC,EAAE,UAA6B;QACtF,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,KAAK,CAAC,IAAI,CAAC,eAAe,cAAc,CAAC,UAAU,OAAO,cAAc,CAAC,OAAO,KAAK,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC;QACnH,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,SAAS,cAAc,CAAC,SAAS,KAAK,cAAc,CAAC,aAAa,KAAK,cAAc,CAAC,KAAK,GAAG,CAAC,CAAC;QAE3G,IAAI,cAAc,CAAC,SAAS,EAAE,CAAC;YAC7B,KAAK,CAAC,IAAI,CAAC,mBAAmB,cAAc,CAAC,SAAS,EAAE,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,6BAA6B,UAAU,CAAC,UAAU,gCAAgC,CAAC,CAAC;QACjG,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QAErE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,KAAwB;QAC3C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACvC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzC,CAAC;YACD,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,sCAAsC;QACxC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,KAAK,GAAG,EAAE;QACxB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO,EAAE,CAAC;QAE5C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC;iBACjD,KAAK,CAAC,IAAI,CAAC;iBACX,MAAM,CAAC,OAAO,CAAC,CAAC;YAEnB,OAAO,KAAK;iBACT,KAAK,CAAC,CAAC,KAAK,CAAC;iBACb,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAsB,CAAC,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,OAAe;QACnC,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACnD,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC7E,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACpD,OAAO,EAAE,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC3E,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,gBAAgB,CAAC;IAC1D,CAAC;IAED;;OAEG;IACH,sBAAsB,CAAC,QAA6C;QAClE,IAAI,CAAC,MAAM,CAAC,gBAAgB,GAAG,QAAQ,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,OAAe,EAAE,WAA+B;QACvE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAC,MAAM,CAAC,QAAQ,GAAG,EAAE,CAAC;QAC5B,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,WAAW,CAAC;IAC9C,CAAC;CACF"}