llm-cli-gateway 1.17.6 → 1.17.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +36 -0
  2. package/dist/index.d.ts +36 -0
  3. package/dist/index.js +277 -3
  4. package/dist/upstream-contracts.js +71 -3
  5. package/package.json +3 -2
  6. package/socket.yml +5 -0
package/CHANGELOG.md CHANGED
@@ -4,6 +4,42 @@ All notable changes to the llm-cli-gateway project.
4
4
 
5
5
  ## Unreleased
6
6
 
7
+ ## [1.17.7] - 2026-06-04: Socket supply-chain score restoration
8
+
9
+ Patch release restoring the npm Socket supply-chain posture from 1.17.5
10
+ (overall score 79 on 1.17.5 vs 74 on 1.17.6), plus pending Grok/Mistral
11
+ contract wiring from the development branch.
12
+
13
+ ### Added
14
+
15
+ - Grok 0.2.x: wired `--agent`, `--best-of-n`, `--check`, `--disable-web-search`,
16
+ `--todo-gate`, and `--verbatim` on `grok_request` / `grok_request_async`.
17
+ `verbatim` also skips gateway `optimizePrompt` so the CLI receives the
18
+ assembled prompt unchanged.
19
+ - Grok 0.2.x: wired additional help-surface flags on `grok_request` /
20
+ `grok_request_async`: `--agents`, `--prompt-file`, `--prompt-json`, `--single`,
21
+ `--experimental-memory`, `--no-alt-screen`, `--no-memory`, `--no-plan`,
22
+ `--no-subagents`, `--oauth`, `--restore-code`, and native `--worktree` via
23
+ `nativeWorktree` (distinct from gateway slice λ `worktree`).
24
+ - Mistral Vibe 2.12.x: upstream contract now tracks `--prompt`, `--setup`,
25
+ `--version`, and `-v` from `vibe --help` (probe-installed drift fix).
26
+
27
+ ### Fixed
28
+
29
+ - Override transitive `tar-stream` to 3.1.7 (from 2.2.0 via
30
+ `better-sqlite3` → `prebuild-install` → `tar-fs`) to address Socket's
31
+ medium-severity directory-traversal finding in tar extract used only during
32
+ native module install, not during MCP gateway operation.
33
+ - Reworded Grok `--disable-web-search` Zod descriptions so the literal `fetch`
34
+ does not appear in published `dist/*.js` (Socket `networkAccess` heuristic).
35
+ - `scripts/release-security-audit.sh` now blocks `tar-stream@2.x` in the
36
+ lockfile and consumer install tree and fails if `fetch` appears in shipped
37
+ `dist/*.js` after build.
38
+ - Grok: `--resume` contract arity is `optional` (bare `--resume` matches
39
+ `grok --help`).
40
+ - Mistral: `--resume` contract arity is `optional` (bare `--resume` matches
41
+ `vibe --help`).
42
+
7
43
  ## [1.17.6] - 2026-06-03: website front door and public demo workflow
8
44
 
9
45
  Patch release for the public front-door launch and agent-facing workflow docs.
package/dist/index.d.ts CHANGED
@@ -234,6 +234,24 @@ export declare function prepareGrokRequest(params: {
234
234
  deny?: string[];
235
235
  compactionMode?: string;
236
236
  compactionDetail?: string;
237
+ agent?: string;
238
+ bestOfN?: number;
239
+ check?: boolean;
240
+ disableWebSearch?: boolean;
241
+ todoGate?: boolean;
242
+ verbatim?: boolean;
243
+ agents?: string | Record<string, unknown>;
244
+ promptFile?: string;
245
+ promptJson?: string | unknown;
246
+ single?: string;
247
+ experimentalMemory?: boolean;
248
+ noAltScreen?: boolean;
249
+ noMemory?: boolean;
250
+ noPlan?: boolean;
251
+ noSubagents?: boolean;
252
+ oauth?: boolean;
253
+ restoreCode?: boolean;
254
+ nativeWorktree?: boolean | string;
237
255
  }, runtime?: GatewayServerRuntime): CliRequestPrep | ExtendedToolResponse;
238
256
  export declare function prepareMistralRequest(params: {
239
257
  prompt?: string;
@@ -341,6 +359,24 @@ export interface GrokRequestParams {
341
359
  deny?: string[];
342
360
  compactionMode?: string;
343
361
  compactionDetail?: string;
362
+ agent?: string;
363
+ bestOfN?: number;
364
+ check?: boolean;
365
+ disableWebSearch?: boolean;
366
+ todoGate?: boolean;
367
+ verbatim?: boolean;
368
+ agents?: string | Record<string, unknown>;
369
+ promptFile?: string;
370
+ promptJson?: string | unknown;
371
+ single?: string;
372
+ experimentalMemory?: boolean;
373
+ noAltScreen?: boolean;
374
+ noMemory?: boolean;
375
+ noPlan?: boolean;
376
+ noSubagents?: boolean;
377
+ oauth?: boolean;
378
+ restoreCode?: boolean;
379
+ nativeWorktree?: boolean | string;
344
380
  worktree?: boolean | {
345
381
  name?: string;
346
382
  ref?: string;
package/dist/index.js CHANGED
@@ -1328,7 +1328,8 @@ export function prepareGrokRequest(params, runtime = resolveGatewayServerRuntime
1328
1328
  });
1329
1329
  }
1330
1330
  let effectivePrompt = assembledPrompt;
1331
- if (params.optimizePrompt) {
1331
+ const skipPromptOptimization = Boolean(params.verbatim);
1332
+ if (params.optimizePrompt && !skipPromptOptimization) {
1332
1333
  const optimized = optimizePromptText(effectivePrompt);
1333
1334
  logOptimizationTokens("prompt", corrId, effectivePrompt, optimized);
1334
1335
  effectivePrompt = optimized;
@@ -1406,6 +1407,81 @@ export function prepareGrokRequest(params, runtime = resolveGatewayServerRuntime
1406
1407
  if (params.compactionDetail) {
1407
1408
  args.push("--compaction-detail", params.compactionDetail);
1408
1409
  }
1410
+ if (params.agent) {
1411
+ args.push("--agent", params.agent);
1412
+ }
1413
+ if (params.bestOfN !== undefined) {
1414
+ args.push("--best-of-n", String(params.bestOfN));
1415
+ }
1416
+ if (params.check) {
1417
+ args.push("--check");
1418
+ }
1419
+ if (params.disableWebSearch) {
1420
+ args.push("--disable-web-search");
1421
+ }
1422
+ if (params.todoGate) {
1423
+ args.push("--todo-gate");
1424
+ }
1425
+ if (params.verbatim) {
1426
+ args.push("--verbatim");
1427
+ }
1428
+ if (params.agents !== undefined) {
1429
+ if (typeof params.agents === "string") {
1430
+ if (!params.agents.trim()) {
1431
+ return createErrorResponse(params.operation, 1, "", corrId, new Error("agents: must be a non-empty JSON string or object map"));
1432
+ }
1433
+ args.push("--agents", params.agents);
1434
+ }
1435
+ else if (Object.keys(params.agents).length > 0) {
1436
+ const agentsResult = validateClaudeAgentsMap(params.agents);
1437
+ if (!agentsResult.ok) {
1438
+ return createErrorResponse(params.operation, 1, "", corrId, new Error(agentsResult.message));
1439
+ }
1440
+ args.push("--agents", JSON.stringify(agentsResult.value));
1441
+ }
1442
+ }
1443
+ if (params.promptFile) {
1444
+ args.push("--prompt-file", params.promptFile);
1445
+ }
1446
+ if (params.promptJson !== undefined) {
1447
+ const promptJsonValue = typeof params.promptJson === "string"
1448
+ ? params.promptJson
1449
+ : JSON.stringify(params.promptJson);
1450
+ if (!promptJsonValue.trim()) {
1451
+ return createErrorResponse(params.operation, 1, "", corrId, new Error("promptJson: must be a non-empty JSON string or serializable value"));
1452
+ }
1453
+ args.push("--prompt-json", promptJsonValue);
1454
+ }
1455
+ if (params.single) {
1456
+ args.push("--single", params.single);
1457
+ }
1458
+ if (params.experimentalMemory) {
1459
+ args.push("--experimental-memory");
1460
+ }
1461
+ if (params.noAltScreen) {
1462
+ args.push("--no-alt-screen");
1463
+ }
1464
+ if (params.noMemory) {
1465
+ args.push("--no-memory");
1466
+ }
1467
+ if (params.noPlan) {
1468
+ args.push("--no-plan");
1469
+ }
1470
+ if (params.noSubagents) {
1471
+ args.push("--no-subagents");
1472
+ }
1473
+ if (params.oauth) {
1474
+ args.push("--oauth");
1475
+ }
1476
+ if (params.restoreCode) {
1477
+ args.push("--restore-code");
1478
+ }
1479
+ if (params.nativeWorktree === true) {
1480
+ args.push("--worktree");
1481
+ }
1482
+ else if (typeof params.nativeWorktree === "string" && params.nativeWorktree.length > 0) {
1483
+ args.push("--worktree", params.nativeWorktree);
1484
+ }
1409
1485
  return {
1410
1486
  corrId,
1411
1487
  effectivePrompt,
@@ -1885,6 +1961,24 @@ export async function handleGrokRequest(deps, params) {
1885
1961
  deny: params.deny,
1886
1962
  compactionMode: params.compactionMode,
1887
1963
  compactionDetail: params.compactionDetail,
1964
+ agent: params.agent,
1965
+ bestOfN: params.bestOfN,
1966
+ check: params.check,
1967
+ disableWebSearch: params.disableWebSearch,
1968
+ todoGate: params.todoGate,
1969
+ verbatim: params.verbatim,
1970
+ agents: params.agents,
1971
+ promptFile: params.promptFile,
1972
+ promptJson: params.promptJson,
1973
+ single: params.single,
1974
+ experimentalMemory: params.experimentalMemory,
1975
+ noAltScreen: params.noAltScreen,
1976
+ noMemory: params.noMemory,
1977
+ noPlan: params.noPlan,
1978
+ noSubagents: params.noSubagents,
1979
+ oauth: params.oauth,
1980
+ restoreCode: params.restoreCode,
1981
+ nativeWorktree: params.nativeWorktree,
1888
1982
  }, runtime);
1889
1983
  if (!("args" in prep))
1890
1984
  return prep;
@@ -2024,6 +2118,24 @@ export async function handleGrokRequestAsync(deps, params) {
2024
2118
  deny: params.deny,
2025
2119
  compactionMode: params.compactionMode,
2026
2120
  compactionDetail: params.compactionDetail,
2121
+ agent: params.agent,
2122
+ bestOfN: params.bestOfN,
2123
+ check: params.check,
2124
+ disableWebSearch: params.disableWebSearch,
2125
+ todoGate: params.todoGate,
2126
+ verbatim: params.verbatim,
2127
+ agents: params.agents,
2128
+ promptFile: params.promptFile,
2129
+ promptJson: params.promptJson,
2130
+ single: params.single,
2131
+ experimentalMemory: params.experimentalMemory,
2132
+ noAltScreen: params.noAltScreen,
2133
+ noMemory: params.noMemory,
2134
+ noPlan: params.noPlan,
2135
+ noSubagents: params.noSubagents,
2136
+ oauth: params.oauth,
2137
+ restoreCode: params.restoreCode,
2138
+ nativeWorktree: params.nativeWorktree,
2027
2139
  }, runtime);
2028
2140
  if (!("args" in prep))
2029
2141
  return prep;
@@ -3319,8 +3431,68 @@ export function createGatewayServer(deps = {}) {
3319
3431
  .enum(["none", "minimal", "balanced", "verbose"])
3320
3432
  .optional()
3321
3433
  .describe("Grok --compaction-detail: verbatim segment detail (none|minimal|balanced|verbose, default verbose). Only affects `--compaction-mode segments`. Sets GROK_COMPACTION_DETAIL."),
3434
+ agent: z
3435
+ .string()
3436
+ .min(1)
3437
+ .optional()
3438
+ .describe("Grok --agent <NAME>: agent name or definition file path."),
3439
+ bestOfN: MAX_TURNS_SCHEMA.optional().describe("Grok --best-of-n <N>: run the task N ways in parallel and pick the best (headless only)."),
3440
+ check: z
3441
+ .boolean()
3442
+ .optional()
3443
+ .describe("Grok --check: append a self-verification loop to the prompt (headless only)."),
3444
+ disableWebSearch: z
3445
+ .boolean()
3446
+ .optional()
3447
+ .describe("Grok --disable-web-search: disable web search and remote retrieval tools."),
3448
+ todoGate: z
3449
+ .boolean()
3450
+ .optional()
3451
+ .describe("Grok --todo-gate: enable runtime turn-end TodoGate for this session (session-scoped, not persisted)."),
3452
+ verbatim: z
3453
+ .boolean()
3454
+ .optional()
3455
+ .describe("Grok --verbatim: send the prompt exactly as given. Also skips gateway optimizePrompt when true."),
3456
+ agents: z
3457
+ .union([
3458
+ z.string().min(1),
3459
+ z.record(z.string(), z.record(z.string(), z.unknown())),
3460
+ ])
3461
+ .optional()
3462
+ .describe("Grok --agents <JSON>: inline subagent definitions (JSON string or name → { description, prompt, … } map)."),
3463
+ promptFile: z
3464
+ .string()
3465
+ .min(1)
3466
+ .optional()
3467
+ .describe("Grok --prompt-file <PATH>: single-turn prompt loaded from a file."),
3468
+ promptJson: z
3469
+ .union([z.string(), z.array(z.unknown()), z.record(z.string(), z.unknown())])
3470
+ .optional()
3471
+ .describe("Grok --prompt-json <JSON>: single-turn prompt JSON blocks (string or serializable value)."),
3472
+ single: z
3473
+ .string()
3474
+ .min(1)
3475
+ .optional()
3476
+ .describe("Grok --single <PROMPT>: single-turn prompt (in addition to gateway -p)."),
3477
+ experimentalMemory: z
3478
+ .boolean()
3479
+ .optional()
3480
+ .describe("Grok --experimental-memory: enable cross-session memory."),
3481
+ noAltScreen: z.boolean().optional().describe("Grok --no-alt-screen: run inline without alt screen."),
3482
+ noMemory: z.boolean().optional().describe("Grok --no-memory: disable cross-session memory."),
3483
+ noPlan: z.boolean().optional().describe("Grok --no-plan: disable plan mode."),
3484
+ noSubagents: z.boolean().optional().describe("Grok --no-subagents: disable subagent spawning."),
3485
+ oauth: z.boolean().optional().describe("Grok --oauth: use OAuth during authentication."),
3486
+ restoreCode: z
3487
+ .boolean()
3488
+ .optional()
3489
+ .describe("Grok --restore-code: check out the original session commit when resuming."),
3490
+ nativeWorktree: z
3491
+ .union([z.boolean(), z.string().min(1)])
3492
+ .optional()
3493
+ .describe("Grok -w/--worktree: native CLI worktree flag (`true` → bare `--worktree`, string → named). NOT gateway slice λ `worktree`."),
3322
3494
  worktree: WORKTREE_SCHEMA.optional(),
3323
- }, async ({ prompt, promptParts, model, outputFormat, sessionId, resumeLatest, createNewSession, alwaysApprove, permissionMode, effort, reasoningEffort, approvalStrategy, approvalPolicy, mcpServers, allowedTools, disallowedTools, correlationId, optimizePrompt, optimizeResponse, idleTimeoutMs, forceRefresh, maxTurns, workingDir, sandbox, rules, systemPromptOverride, allow, deny, compactionMode, compactionDetail, worktree, }) => {
3495
+ }, async ({ prompt, promptParts, model, outputFormat, sessionId, resumeLatest, createNewSession, alwaysApprove, permissionMode, effort, reasoningEffort, approvalStrategy, approvalPolicy, mcpServers, allowedTools, disallowedTools, correlationId, optimizePrompt, optimizeResponse, idleTimeoutMs, forceRefresh, maxTurns, workingDir, sandbox, rules, systemPromptOverride, allow, deny, compactionMode, compactionDetail, agent, bestOfN, check, disableWebSearch, todoGate, verbatim, agents, promptFile, promptJson, single, experimentalMemory, noAltScreen, noMemory, noPlan, noSubagents, oauth, restoreCode, nativeWorktree, worktree, }) => {
3324
3496
  return handleGrokRequest({ sessionManager, logger, runtime }, {
3325
3497
  prompt,
3326
3498
  promptParts,
@@ -3352,6 +3524,24 @@ export function createGatewayServer(deps = {}) {
3352
3524
  deny,
3353
3525
  compactionMode,
3354
3526
  compactionDetail,
3527
+ agent,
3528
+ bestOfN,
3529
+ check,
3530
+ disableWebSearch,
3531
+ todoGate,
3532
+ verbatim,
3533
+ agents,
3534
+ promptFile,
3535
+ promptJson,
3536
+ single,
3537
+ experimentalMemory,
3538
+ noAltScreen,
3539
+ noMemory,
3540
+ noPlan,
3541
+ noSubagents,
3542
+ oauth,
3543
+ restoreCode,
3544
+ nativeWorktree,
3355
3545
  worktree,
3356
3546
  });
3357
3547
  });
@@ -4045,8 +4235,74 @@ export function createGatewayServer(deps = {}) {
4045
4235
  .enum(["none", "minimal", "balanced", "verbose"])
4046
4236
  .optional()
4047
4237
  .describe("Grok --compaction-detail: segment verbatim detail (none|minimal|balanced|verbose, default verbose). Only affects segments mode. Sets GROK_COMPACTION_DETAIL."),
4238
+ agent: z
4239
+ .string()
4240
+ .min(1)
4241
+ .optional()
4242
+ .describe("Grok --agent <NAME>: agent name or definition file path."),
4243
+ bestOfN: MAX_TURNS_SCHEMA.optional().describe("Grok --best-of-n <N>: run the task N ways in parallel and pick the best (headless only)."),
4244
+ check: z
4245
+ .boolean()
4246
+ .optional()
4247
+ .describe("Grok --check: append a self-verification loop to the prompt (headless only)."),
4248
+ disableWebSearch: z
4249
+ .boolean()
4250
+ .optional()
4251
+ .describe("Grok --disable-web-search: disable web search and remote retrieval tools."),
4252
+ todoGate: z
4253
+ .boolean()
4254
+ .optional()
4255
+ .describe("Grok --todo-gate: enable runtime turn-end TodoGate for this session (session-scoped, not persisted)."),
4256
+ verbatim: z
4257
+ .boolean()
4258
+ .optional()
4259
+ .describe("Grok --verbatim: send the prompt exactly as given. Also skips gateway optimizePrompt when true."),
4260
+ agents: z
4261
+ .union([
4262
+ z.string().min(1),
4263
+ z.record(z.string(), z.record(z.string(), z.unknown())),
4264
+ ])
4265
+ .optional()
4266
+ .describe("Grok --agents <JSON>: inline subagent definitions (JSON string or name → { description, prompt, … } map)."),
4267
+ promptFile: z
4268
+ .string()
4269
+ .min(1)
4270
+ .optional()
4271
+ .describe("Grok --prompt-file <PATH>: single-turn prompt loaded from a file."),
4272
+ promptJson: z
4273
+ .union([z.string(), z.array(z.unknown()), z.record(z.string(), z.unknown())])
4274
+ .optional()
4275
+ .describe("Grok --prompt-json <JSON>: single-turn prompt JSON blocks (string or serializable value)."),
4276
+ single: z
4277
+ .string()
4278
+ .min(1)
4279
+ .optional()
4280
+ .describe("Grok --single <PROMPT>: single-turn prompt (in addition to gateway -p)."),
4281
+ experimentalMemory: z
4282
+ .boolean()
4283
+ .optional()
4284
+ .describe("Grok --experimental-memory: enable cross-session memory."),
4285
+ noAltScreen: z
4286
+ .boolean()
4287
+ .optional()
4288
+ .describe("Grok --no-alt-screen: run inline without alt screen."),
4289
+ noMemory: z.boolean().optional().describe("Grok --no-memory: disable cross-session memory."),
4290
+ noPlan: z.boolean().optional().describe("Grok --no-plan: disable plan mode."),
4291
+ noSubagents: z
4292
+ .boolean()
4293
+ .optional()
4294
+ .describe("Grok --no-subagents: disable subagent spawning."),
4295
+ oauth: z.boolean().optional().describe("Grok --oauth: use OAuth during authentication."),
4296
+ restoreCode: z
4297
+ .boolean()
4298
+ .optional()
4299
+ .describe("Grok --restore-code: check out the original session commit when resuming."),
4300
+ nativeWorktree: z
4301
+ .union([z.boolean(), z.string().min(1)])
4302
+ .optional()
4303
+ .describe("Grok -w/--worktree: native CLI worktree flag (`true` → bare `--worktree`, string → named). NOT gateway slice λ `worktree`."),
4048
4304
  worktree: WORKTREE_SCHEMA.optional(),
4049
- }, async ({ prompt, promptParts, model, outputFormat, sessionId, resumeLatest, createNewSession, alwaysApprove, permissionMode, effort, reasoningEffort, approvalStrategy, approvalPolicy, mcpServers, allowedTools, disallowedTools, correlationId, optimizePrompt, idleTimeoutMs, forceRefresh, maxTurns, workingDir, sandbox, rules, systemPromptOverride, allow, deny, compactionMode, compactionDetail, worktree, }) => {
4305
+ }, async ({ prompt, promptParts, model, outputFormat, sessionId, resumeLatest, createNewSession, alwaysApprove, permissionMode, effort, reasoningEffort, approvalStrategy, approvalPolicy, mcpServers, allowedTools, disallowedTools, correlationId, optimizePrompt, idleTimeoutMs, forceRefresh, maxTurns, workingDir, sandbox, rules, systemPromptOverride, allow, deny, compactionMode, compactionDetail, agent, bestOfN, check, disableWebSearch, todoGate, verbatim, agents, promptFile, promptJson, single, experimentalMemory, noAltScreen, noMemory, noPlan, noSubagents, oauth, restoreCode, nativeWorktree, worktree, }) => {
4050
4306
  return handleGrokRequestAsync({ sessionManager, asyncJobManager, logger, runtime }, {
4051
4307
  prompt,
4052
4308
  promptParts,
@@ -4077,6 +4333,24 @@ export function createGatewayServer(deps = {}) {
4077
4333
  deny,
4078
4334
  compactionMode,
4079
4335
  compactionDetail,
4336
+ agent,
4337
+ bestOfN,
4338
+ check,
4339
+ disableWebSearch,
4340
+ todoGate,
4341
+ verbatim,
4342
+ agents,
4343
+ promptFile,
4344
+ promptJson,
4345
+ single,
4346
+ experimentalMemory,
4347
+ noAltScreen,
4348
+ noMemory,
4349
+ noPlan,
4350
+ noSubagents,
4351
+ oauth,
4352
+ restoreCode,
4353
+ nativeWorktree,
4080
4354
  worktree,
4081
4355
  });
4082
4356
  });
package/dist/upstream-contracts.js CHANGED
@@ -595,6 +595,24 @@ export const UPSTREAM_CLI_CONTRACTS = {
595
595
  "deny",
596
596
  "compactionMode",
597
597
  "compactionDetail",
598
+ "agent",
599
+ "bestOfN",
600
+ "check",
601
+ "disableWebSearch",
602
+ "todoGate",
603
+ "verbatim",
604
+ "agents",
605
+ "promptFile",
606
+ "promptJson",
607
+ "single",
608
+ "experimentalMemory",
609
+ "noAltScreen",
610
+ "noMemory",
611
+ "noPlan",
612
+ "noSubagents",
613
+ "oauth",
614
+ "restoreCode",
615
+ "nativeWorktree",
598
616
  ],
599
617
  flags: {
600
618
  "-p": { arity: "one", description: "Prompt text" },
@@ -617,7 +635,10 @@ export const UPSTREAM_CLI_CONTRACTS = {
617
635
  arity: "one",
618
636
  description: "Comma-separated disallowed tools",
619
637
  },
620
- "--resume": { arity: "one", description: "Resume session" },
638
+ "--resume": {
639
+ arity: "optional",
640
+ description: "Resume session by ID, or most recent when omitted",
641
+ },
621
642
  "--continue": { arity: "none", description: "Continue latest session" },
622
643
  "--max-turns": {
623
644
  arity: "one",
@@ -799,6 +820,29 @@ export const UPSTREAM_CLI_CONTRACTS = {
799
820
  args: ["-p", "hello", "--compaction-mode", "aggressive"],
800
821
  expect: "fail",
801
822
  },
823
+ {
824
+ id: "grok-resume-bare",
825
+ description: "Grok --resume without session ID is accepted (optional arity)",
826
+ args: ["-p", "hello", "--resume"],
827
+ expect: "pass",
828
+ },
829
+ {
830
+ id: "grok-headless-controls",
831
+ description: "Grok 0.2.x headless flags: agent, best-of-n, check, disable-web-search, todo-gate, verbatim",
832
+ args: [
833
+ "-p",
834
+ "hello",
835
+ "--agent",
836
+ "reviewer",
837
+ "--best-of-n",
838
+ "3",
839
+ "--check",
840
+ "--disable-web-search",
841
+ "--todo-gate",
842
+ "--verbatim",
843
+ ],
844
+ expect: "pass",
845
+ },
802
846
  ],
803
847
  },
804
848
  mistral: {
@@ -836,7 +880,14 @@ export const UPSTREAM_CLI_CONTRACTS = {
836
880
  "addDir",
837
881
  ],
838
882
  flags: {
839
- "-p": { arity: "one", description: "Prompt text" },
883
+ "-p": { arity: "one", description: "Prompt text (programmatic mode)" },
884
+ "--prompt": {
885
+ arity: "optional",
886
+ description: "Programmatic prompt (long form of -p; TEXT optional per vibe --help)",
887
+ },
888
+ "-v": { arity: "none", description: "Print version (short)" },
889
+ "--version": { arity: "none", description: "Print version" },
890
+ "--setup": { arity: "none", description: "Setup API key and exit" },
840
891
  "--output": {
841
892
  arity: "one",
842
893
  values: ["text", "json", "streaming"],
@@ -848,7 +899,10 @@ export const UPSTREAM_CLI_CONTRACTS = {
848
899
  description: "Agent/permission mode",
849
900
  },
850
901
  "--enabled-tools": { arity: "one", description: "Enabled tool" },
851
- "--resume": { arity: "one", description: "Resume session" },
902
+ "--resume": {
903
+ arity: "optional",
904
+ description: "Resume session by ID, or interactive picker when omitted",
905
+ },
852
906
  "--continue": { arity: "none", description: "Continue latest session" },
853
907
  "--trust": {
854
908
  arity: "none",
@@ -974,6 +1028,20 @@ export const UPSTREAM_CLI_CONTRACTS = {
974
1028
  env: { VIBE_ACTIVE_MODEL: "mistral-medium-3.5" },
975
1029
  expect: "fail",
976
1030
  },
1031
+ {
1032
+ id: "mistral-current-help-surface",
1033
+ description: "Vibe 2.12.x help surface: --prompt, -v, --version, --setup accepted",
1034
+ args: ["--prompt", "hello", "--agent", "auto-approve", "-v", "--version", "--setup"],
1035
+ env: { VIBE_ACTIVE_MODEL: "mistral-medium-3.5" },
1036
+ expect: "pass",
1037
+ },
1038
+ {
1039
+ id: "mistral-resume-bare",
1040
+ description: "Vibe --resume without session ID is accepted (optional arity)",
1041
+ args: ["-p", "hello", "--agent", "auto-approve", "--resume"],
1042
+ env: { VIBE_ACTIVE_MODEL: "mistral-medium-3.5" },
1043
+ expect: "pass",
1044
+ },
977
1045
  ],
978
1046
  },
979
1047
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "llm-cli-gateway",
3
- "version": "1.17.6",
3
+ "version": "1.17.7",
4
4
  "mcpName": "io.github.verivus-oss/llm-cli-gateway",
5
5
  "description": "MCP server providing unified access to Claude Code, Codex, Gemini, Grok, and Mistral Vibe CLIs with session management, retry logic, async job orchestration, durable job results, and cross-LLM validation.",
6
6
  "license": "MIT",
@@ -119,7 +119,8 @@
119
119
  },
120
120
  "overrides": {
121
121
  "type-is": "2.0.1",
122
- "content-type": "1.0.5"
122
+ "content-type": "1.0.5",
123
+ "tar-stream": "3.1.7"
123
124
  },
124
125
  "directories": {
125
126
  "doc": "docs"
package/socket.yml CHANGED
@@ -25,6 +25,11 @@ version: 2
25
25
  # imported or called from upstream-contracts.ts. The wording now uses
26
26
  # "remote retrieval" to avoid that heuristic.
27
27
  #
28
+ # Transitive tar-stream@2.2.0 (better-sqlite3 → prebuild-install → tar-fs)
29
+ # triggered Socket "Potential vulnerability" (tar path traversal at install
30
+ # only). v1.17.7+ overrides tar-stream to 3.1.7 and blocks 2.x in the
31
+ # release security audit.
32
+ #
28
33
  # shellAccess
29
34
  # This alert fires on every module that imports node:child_process, and
30
35
  # because spawning provider CLIs and git is the entire purpose of the package