monomind 1.11.13 → 1.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (389) hide show
  1. package/.claude/agents/generated/channel-intelligence-director.md +87 -0
  2. package/.claude/agents/generated/chief-growth-officer.md +88 -0
  3. package/.claude/agents/generated/content-seo-strategist.md +90 -0
  4. package/.claude/agents/generated/developer-community-strategist.md +91 -0
  5. package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
  6. package/.claude/agents/generated/social-media-strategist.md +91 -0
  7. package/.claude/agents/generated/video-visual-strategist.md +90 -0
  8. package/.claude/commands/mastermind/idea.md +1 -1
  9. package/.claude/helpers/auto-memory-hook.mjs +13 -4
  10. package/.claude/helpers/control-start.cjs +5 -0
  11. package/.claude/helpers/event-logger.cjs +114 -0
  12. package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
  13. package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
  14. package/.claude/helpers/handlers/compact-handler.cjs +2 -0
  15. package/.claude/helpers/handlers/edit-handler.cjs +1 -1
  16. package/.claude/helpers/handlers/gates-handler.cjs +3 -0
  17. package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
  18. package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
  19. package/.claude/helpers/handlers/route-handler.cjs +13 -6
  20. package/.claude/helpers/handlers/session-handler.cjs +11 -4
  21. package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
  22. package/.claude/helpers/handlers/task-handler.cjs +13 -5
  23. package/.claude/helpers/intelligence.cjs +7 -2
  24. package/.claude/helpers/loop-tracker.cjs +15 -3
  25. package/.claude/helpers/memory.cjs +6 -1
  26. package/.claude/helpers/router.cjs +5 -2
  27. package/.claude/helpers/session.cjs +2 -0
  28. package/.claude/helpers/statusline.cjs +10 -2
  29. package/.claude/helpers/utils/micro-agents.cjs +20 -4
  30. package/.claude/scheduled_tasks.lock +1 -1
  31. package/.claude/settings.json +92 -1
  32. package/.claude/skills/mastermind/_protocol.md +23 -13
  33. package/.claude/skills/mastermind/architect.md +6 -9
  34. package/.claude/skills/mastermind/build.md +3 -3
  35. package/.claude/skills/mastermind/content.md +3 -3
  36. package/.claude/skills/mastermind/createorg.md +2 -2
  37. package/.claude/skills/mastermind/finance.md +3 -3
  38. package/.claude/skills/mastermind/idea.md +5 -3
  39. package/.claude/skills/mastermind/marketing.md +3 -3
  40. package/.claude/skills/mastermind/monitor.md +2 -2
  41. package/.claude/skills/mastermind/release.md +3 -3
  42. package/.claude/skills/mastermind/research.md +3 -3
  43. package/.claude/skills/mastermind/review.md +3 -3
  44. package/.claude/skills/mastermind/runorg.md +153 -86
  45. package/.claude/skills/mastermind/sales.md +3 -3
  46. package/README.md +286 -129
  47. package/package.json +19 -2
  48. package/packages/@monomind/cli/README.md +286 -129
  49. package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
  50. package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
  51. package/packages/@monomind/cli/bundled-graph/package.json +57 -0
  52. package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
  53. package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
  54. package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
  55. package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
  56. package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
  57. package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
  58. package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
  59. package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
  60. package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
  61. package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
  62. package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
  63. package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
  64. package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
  65. package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
  66. package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
  67. package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
  68. package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
  69. package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
  70. package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
  71. package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
  72. package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
  73. package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
  74. package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
  75. package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
  76. package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
  77. package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
  78. package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
  79. package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
  80. package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
  81. package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
  82. package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
  83. package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
  84. package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
  85. package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
  86. package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
  87. package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
  88. package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
  89. package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
  90. package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
  91. package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
  92. package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
  93. package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
  94. package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
  95. package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
  96. package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
  97. package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
  98. package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
  99. package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
  100. package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
  101. package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
  102. package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
  103. package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
  104. package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
  105. package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
  106. package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
  107. package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
  108. package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
  109. package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
  110. package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
  111. package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
  112. package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
  113. package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
  114. package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
  115. package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
  116. package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
  117. package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
  118. package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
  119. package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
  120. package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
  121. package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
  122. package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
  123. package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
  124. package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
  125. package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
  126. package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
  127. package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
  128. package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
  129. package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
  130. package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
  131. package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
  132. package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
  133. package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
  134. package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
  135. package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
  136. package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
  137. package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
  138. package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
  139. package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
  140. package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
  141. package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
  142. package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
  143. package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
  144. package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
  145. package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
  146. package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
  147. package/packages/@monomind/cli/dist/src/context/index.js +12 -0
  148. package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
  149. package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
  150. package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
  151. package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
  152. package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
  153. package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
  154. package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
  155. package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
  156. package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
  157. package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
  158. package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
  159. package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
  160. package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
  161. package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
  162. package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
  163. package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
  164. package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
  165. package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
  166. package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
  167. package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
  168. package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
  169. package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
  170. package/packages/@monomind/cli/dist/src/index.js +7 -3
  171. package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
  172. package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
  173. package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
  174. package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
  175. package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
  176. package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
  177. package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
  178. package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
  179. package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
  180. package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
  181. package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
  182. package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
  183. package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
  184. package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
  185. package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
  186. package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
  187. package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
  188. package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
  189. package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
  190. package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
  191. package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
  192. package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
  193. package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
  194. package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
  195. package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
  196. package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
  197. package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
  198. package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
  199. package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
  200. package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
  201. package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
  202. package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
  203. package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
  204. package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
  205. package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
  206. package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
  207. package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
  208. package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
  209. package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
  210. package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
  211. package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
  212. package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
  213. package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
  214. package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
  215. package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
  216. package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
  217. package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
  218. package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
  219. package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
  220. package/packages/@monomind/cli/dist/src/model/index.js +4 -0
  221. package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
  222. package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
  223. package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
  224. package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
  225. package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
  226. package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
  227. package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
  228. package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
  229. package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
  230. package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
  231. package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
  232. package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
  233. package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
  234. package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
  235. package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
  236. package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
  237. package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
  238. package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
  239. package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
  240. package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
  241. package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
  242. package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
  243. package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
  244. package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
  245. package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
  246. package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
  247. package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
  248. package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
  249. package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
  250. package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
  251. package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
  252. package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
  253. package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
  254. package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
  255. package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
  256. package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
  257. package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
  258. package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
  259. package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
  260. package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
  261. package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
  262. package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
  263. package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
  264. package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
  265. package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
  266. package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
  267. package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
  268. package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
  269. package/packages/@monomind/cli/dist/src/services/index.js +11 -0
  270. package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
  271. package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
  272. package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
  273. package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
  274. package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
  275. package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
  276. package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
  277. package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
  278. package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
  279. package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
  280. package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
  281. package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
  282. package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
  283. package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
  284. package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
  285. package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
  286. package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
  287. package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
  288. package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
  289. package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
  290. package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
  291. package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
  292. package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
  293. package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
  294. package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
  295. package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
  296. package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
  297. package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
  298. package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
  299. package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
  300. package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
  301. package/packages/@monomind/cli/dist/src/update/index.js +18 -1
  302. package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
  303. package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
  304. package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
  305. package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
  306. package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
  307. package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
  308. package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
  309. package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
  310. package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
  311. package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
  312. package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
  313. package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
  314. package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
  315. package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
  316. package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
  317. package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
  318. package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
  319. package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
  320. package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
  321. package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
  322. package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
  323. package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
  324. package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
  325. package/packages/@monomind/cli/package.json +9 -10
  326. package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
  327. package/packages/@monomind/guidance/dist/adversarial.js +572 -0
  328. package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
  329. package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
  330. package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
  331. package/packages/@monomind/guidance/dist/artifacts.js +356 -0
  332. package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
  333. package/packages/@monomind/guidance/dist/authority.js +558 -0
  334. package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
  335. package/packages/@monomind/guidance/dist/capabilities.js +485 -0
  336. package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
  337. package/packages/@monomind/guidance/dist/coherence.js +372 -0
  338. package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
  339. package/packages/@monomind/guidance/dist/compiler.js +419 -0
  340. package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
  341. package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
  342. package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
  343. package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
  344. package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
  345. package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
  346. package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
  347. package/packages/@monomind/guidance/dist/evolution.js +500 -0
  348. package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
  349. package/packages/@monomind/guidance/dist/gates.js +302 -0
  350. package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
  351. package/packages/@monomind/guidance/dist/gateway.js +452 -0
  352. package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
  353. package/packages/@monomind/guidance/dist/generators.js +682 -0
  354. package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
  355. package/packages/@monomind/guidance/dist/headless.js +342 -0
  356. package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
  357. package/packages/@monomind/guidance/dist/hooks.js +347 -0
  358. package/packages/@monomind/guidance/dist/index.d.ts +205 -0
  359. package/packages/@monomind/guidance/dist/index.js +321 -0
  360. package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
  361. package/packages/@monomind/guidance/dist/ledger.js +375 -0
  362. package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
  363. package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
  364. package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
  365. package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
  366. package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
  367. package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
  368. package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
  369. package/packages/@monomind/guidance/dist/optimizer.js +329 -0
  370. package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
  371. package/packages/@monomind/guidance/dist/persistence.js +464 -0
  372. package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
  373. package/packages/@monomind/guidance/dist/proof.js +238 -0
  374. package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
  375. package/packages/@monomind/guidance/dist/retriever.js +394 -0
  376. package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
  377. package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
  378. package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
  379. package/packages/@monomind/guidance/dist/temporal.js +658 -0
  380. package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
  381. package/packages/@monomind/guidance/dist/trust.js +473 -0
  382. package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
  383. package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
  384. package/packages/@monomind/guidance/dist/types.d.ts +378 -0
  385. package/packages/@monomind/guidance/dist/types.js +10 -0
  386. package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
  387. package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
  388. package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
  389. package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
@@ -3,7 +3,7 @@
3
3
  *
4
4
  * Tool definitions for collective intelligence and swarm coordination.
5
5
  */
6
- import { existsSync, readFileSync, writeFileSync, renameSync, mkdirSync } from 'node:fs';
6
+ import { existsSync, readFileSync, statSync, writeFileSync, renameSync, mkdirSync } from 'node:fs';
7
7
  import { join } from 'node:path';
8
8
  import { getProjectCwd } from './types.js';
9
9
  import { weightedTally } from '../consensus/vote-signer.js';
@@ -95,10 +95,11 @@ function ensureHiveDir() {
95
95
  mkdirSync(dir, { recursive: true });
96
96
  }
97
97
  }
98
+ const MAX_HIVE_STATE_BYTES = 10 * 1024 * 1024; // 10 MB
98
99
  function loadHiveState() {
99
100
  try {
100
101
  const path = getHivePath();
101
- if (existsSync(path)) {
102
+ if (existsSync(path) && statSync(path).size <= MAX_HIVE_STATE_BYTES) {
102
103
  const data = readFileSync(path, 'utf-8');
103
104
  return JSON.parse(data);
104
105
  }
@@ -168,9 +169,19 @@ export const hiveMindTools = [
168
169
  return { success: false, error: 'Hive-mind not initialized. Run hive-mind/init first.' };
169
170
  }
170
171
  const count = Math.min(Math.max(1, input.count || 1), 20); // Cap at 20
171
- const role = input.role || 'worker';
172
- const agentType = input.agentType || 'worker';
173
- const prefix = input.prefix || 'hive-worker';
172
+ // Cap role/agentType/prefix: used as JSON keys and stored values in agentStore
173
+ // on disk; an oversized prefix inflates the generated agentId key and config.
174
+ const MAX_HIVE_ROLE_LEN = 256;
175
+ const MAX_HIVE_PREFIX_LEN = 128;
176
+ const rawRole = input.role || 'worker';
177
+ const role = typeof rawRole === 'string' && rawRole.length > MAX_HIVE_ROLE_LEN
178
+ ? rawRole.slice(0, MAX_HIVE_ROLE_LEN) : rawRole;
179
+ const rawAgentType = input.agentType || 'worker';
180
+ const agentType = typeof rawAgentType === 'string' && rawAgentType.length > MAX_HIVE_ROLE_LEN
181
+ ? rawAgentType.slice(0, MAX_HIVE_ROLE_LEN) : rawAgentType;
182
+ const rawPrefix = input.prefix || 'hive-worker';
183
+ const prefix = typeof rawPrefix === 'string' && rawPrefix.length > MAX_HIVE_PREFIX_LEN
184
+ ? rawPrefix.slice(0, MAX_HIVE_PREFIX_LEN) : rawPrefix;
174
185
  const agentStore = loadAgentStore();
175
186
  const spawnedWorkers = [];
176
187
  for (let i = 0; i < count; i++) {
@@ -227,7 +238,11 @@ export const hiveMindTools = [
227
238
  },
228
239
  handler: async (input) => {
229
240
  const hiveId = `hive-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
230
- const queenId = input.queenId || `queen-${Date.now()}`;
241
+ // Cap queenId: stored in hive state JSON as the queen's agentId field.
242
+ const MAX_QUEEN_ID_LEN = 256;
243
+ const rawQueenId = input.queenId || `queen-${Date.now()}`;
244
+ const queenId = typeof rawQueenId === 'string' && rawQueenId.length > MAX_QUEEN_ID_LEN
245
+ ? rawQueenId.slice(0, MAX_QUEEN_ID_LEN) : rawQueenId;
231
246
  const now = new Date().toISOString();
232
247
  const state = {
233
248
  initialized: true,
@@ -281,7 +296,7 @@ export const hiveMindTools = [
281
296
  let activeTaskCount = 0;
282
297
  let completedTaskCount = 0;
283
298
  try {
284
- if (existsSync(taskStorePath)) {
299
+ if (existsSync(taskStorePath) && statSync(taskStorePath).size <= MAX_HIVE_STATE_BYTES) {
285
300
  const taskStore = JSON.parse(readFileSync(taskStorePath, 'utf-8'));
286
301
  for (const task of Object.values(taskStore.tasks || {})) {
287
302
  if (task.status === 'pending')
@@ -478,11 +493,29 @@ export const hiveMindTools = [
478
493
  const minDivergenceRounds = typeof input.minDivergenceRounds === 'number'
479
494
  ? Math.max(0, input.minDivergenceRounds)
480
495
  : 0;
496
+ // Cap proposal fields: stored in state.consensus.pending and then
497
+ // state.consensus.history (up to 1000 entries). An unbounded value
498
+ // inflates the on-disk hive state by up to 1000 × value size.
499
+ const MAX_PROPOSAL_TYPE_LEN = 128;
500
+ const MAX_PROPOSAL_VOTER_ID_LEN = 256;
501
+ const MAX_PROPOSAL_VALUE_BYTES = 64 * 1024; // 64 KB
502
+ const rawProposalType = input.type || 'general';
503
+ const proposalType = typeof rawProposalType === 'string' && rawProposalType.length > MAX_PROPOSAL_TYPE_LEN
504
+ ? rawProposalType.slice(0, MAX_PROPOSAL_TYPE_LEN) : rawProposalType;
505
+ const rawVoterId = input.voterId || 'system';
506
+ const proposedBy = typeof rawVoterId === 'string' && rawVoterId.length > MAX_PROPOSAL_VOTER_ID_LEN
507
+ ? rawVoterId.slice(0, MAX_PROPOSAL_VOTER_ID_LEN) : rawVoterId;
508
+ // Cap value if it's a string; leave non-string values as-is (they are
509
+ // JSON-serialised by saveHiveState which uses JSON.stringify — bounded
510
+ // objects are fine).
511
+ const rawValue = input.value;
512
+ const cappedValue = typeof rawValue === 'string' && rawValue.length > MAX_PROPOSAL_VALUE_BYTES
513
+ ? rawValue.slice(0, MAX_PROPOSAL_VALUE_BYTES) : rawValue;
481
514
  const proposal = {
482
515
  proposalId,
483
- type: input.type || 'general',
484
- value: input.value,
485
- proposedBy: input.voterId || 'system',
516
+ type: proposalType,
517
+ value: cappedValue,
518
+ proposedBy,
486
519
  proposedAt: new Date().toISOString(),
487
520
  votes: {},
488
521
  status: 'pending',
@@ -801,14 +834,32 @@ export const hiveMindTools = [
801
834
  if (!state.initialized) {
802
835
  return { success: false, error: 'Hive-mind not initialized' };
803
836
  }
837
+ // Cap inputs: message/fromId are stored directly in the shared-memory JSON
838
+ // state (up to 100 broadcasts kept). An uncapped message lets an attacker
839
+ // inflate the on-disk hive state by up to 100 × message size per call.
840
+ const MAX_BROADCAST_MSG_LEN = 1024 * 1024; // 1 MB
841
+ const MAX_FROM_ID_LEN = 256;
842
+ const MAX_PRIORITY_LEN = 16;
843
+ const rawMessage = input.message;
844
+ const message = typeof rawMessage === 'string' && rawMessage.length > MAX_BROADCAST_MSG_LEN
845
+ ? rawMessage.slice(0, MAX_BROADCAST_MSG_LEN)
846
+ : rawMessage;
847
+ const rawFromId = input.fromId || 'system';
848
+ const fromId = typeof rawFromId === 'string' && rawFromId.length > MAX_FROM_ID_LEN
849
+ ? rawFromId.slice(0, MAX_FROM_ID_LEN)
850
+ : rawFromId;
851
+ const rawPriority = input.priority || 'normal';
852
+ const priority = typeof rawPriority === 'string' && rawPriority.length > MAX_PRIORITY_LEN
853
+ ? rawPriority.slice(0, MAX_PRIORITY_LEN)
854
+ : rawPriority;
804
855
  const messageId = `msg-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
805
856
  // Store in shared memory
806
857
  const messages = state.sharedMemory.broadcasts || [];
807
858
  messages.push({
808
859
  messageId,
809
- message: input.message,
810
- priority: input.priority || 'normal',
811
- fromId: input.fromId || 'system',
860
+ message,
861
+ priority,
862
+ fromId,
812
863
  timestamp: new Date().toISOString(),
813
864
  });
814
865
  // Keep only last 100 broadcasts
@@ -818,7 +869,7 @@ export const hiveMindTools = [
818
869
  success: true,
819
870
  messageId,
820
871
  recipients: state.workers.length,
821
- priority: input.priority || 'normal',
872
+ priority,
822
873
  broadcastAt: new Date().toISOString(),
823
874
  };
824
875
  },
@@ -898,22 +949,39 @@ export const hiveMindTools = [
898
949
  const state = loadHiveState();
899
950
  const action = input.action;
900
951
  const key = input.key;
952
+ const MAX_HIVE_MEMORY_KEY_LEN = 256;
953
+ const MAX_HIVE_MEMORY_VALUE_BYTES = 1024 * 1024; // 1 MB
954
+ const MAX_HIVE_MEMORY_KEYS = 1000;
901
955
  if (action === 'get') {
902
956
  if (!key)
903
957
  return { action, error: 'Key required' };
958
+ if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
959
+ return { action, error: 'Invalid key' };
960
+ }
904
961
  return {
905
962
  action,
906
963
  key,
907
- value: state.sharedMemory[key],
908
- exists: key in state.sharedMemory,
964
+ value: Object.hasOwn(state.sharedMemory, key) ? state.sharedMemory[key] : undefined,
965
+ exists: Object.hasOwn(state.sharedMemory, key),
909
966
  };
910
967
  }
911
968
  if (action === 'set') {
912
969
  if (!key)
913
970
  return { action, error: 'Key required' };
914
- if (HIVE_RESERVED_KEYS.has(key))
915
- return { action, error: 'Forbidden key' };
916
- state.sharedMemory[key] = input.value;
971
+ if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
972
+ return { action, error: 'Invalid key' };
973
+ }
974
+ // Cap value if it's a string; otherwise serialize and check byte size
975
+ const rawValue = input.value;
976
+ const cappedValue = typeof rawValue === 'string' && rawValue.length > MAX_HIVE_MEMORY_VALUE_BYTES
977
+ ? rawValue.slice(0, MAX_HIVE_MEMORY_VALUE_BYTES)
978
+ : rawValue;
979
+ // Enforce max number of distinct keys to prevent unbounded growth
980
+ const keyCount = Object.keys(state.sharedMemory).length;
981
+ if (!Object.hasOwn(state.sharedMemory, key) && keyCount >= MAX_HIVE_MEMORY_KEYS) {
982
+ return { action, error: `Shared memory full (max ${MAX_HIVE_MEMORY_KEYS} keys)` };
983
+ }
984
+ state.sharedMemory[key] = cappedValue;
917
985
  saveHiveState(state);
918
986
  // Also store in AgentDB for searchable hive memory
919
987
  try {
@@ -935,7 +1003,10 @@ export const hiveMindTools = [
935
1003
  if (action === 'delete') {
936
1004
  if (!key)
937
1005
  return { action, error: 'Key required' };
938
- const existed = key in state.sharedMemory;
1006
+ if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
1007
+ return { action, error: 'Invalid key' };
1008
+ }
1009
+ const existed = Object.hasOwn(state.sharedMemory, key);
939
1010
  delete state.sharedMemory[key];
940
1011
  saveHiveState(state);
941
1012
  return {
@@ -251,10 +251,13 @@ const MEMORY_FILE = 'store.json';
251
251
  function getMemoryPath() {
252
252
  return join(getProjectCwd(), MEMORY_DIR, MEMORY_FILE);
253
253
  }
254
+ // Maximum size of the legacy JSON memory store before reads are skipped.
255
+ // Matches the guard in memory-tools.ts (loadLegacyStore) which loads the same file.
256
+ const MAX_MEMORY_STORE_BYTES = 50 * 1024 * 1024; // 50 MB
254
257
  function loadMemoryStore() {
255
258
  try {
256
259
  const path = getMemoryPath();
257
- if (existsSync(path)) {
260
+ if (existsSync(path) && statSync(path).size <= MAX_MEMORY_STORE_BYTES) {
258
261
  const data = readFileSync(path, 'utf-8');
259
262
  return JSON.parse(data);
260
263
  }
@@ -511,8 +514,18 @@ export const hooksPreEdit = {
511
514
  required: ['filePath'],
512
515
  },
513
516
  handler: async (params) => {
514
- const filePath = params.filePath;
515
- const operation = params.operation || 'update';
517
+ // Cap filePath: passed to suggestAgentsForFile (O(n) regex) and reflected in
518
+ // response. Cap operation to prevent oversized strings in recommendations.
519
+ const MAX_PRE_EDIT_PATH_LEN = 4 * 1024;
520
+ const MAX_PRE_EDIT_OP_LEN = 64;
521
+ const rawFilePath = params.filePath;
522
+ const filePath = typeof rawFilePath === 'string' && rawFilePath.length > MAX_PRE_EDIT_PATH_LEN
523
+ ? rawFilePath.slice(0, MAX_PRE_EDIT_PATH_LEN)
524
+ : rawFilePath;
525
+ const rawOperation = params.operation || 'update';
526
+ const operation = typeof rawOperation === 'string' && rawOperation.length > MAX_PRE_EDIT_OP_LEN
527
+ ? rawOperation.slice(0, MAX_PRE_EDIT_OP_LEN)
528
+ : rawOperation;
516
529
  const suggestedAgents = suggestAgentsForFile(filePath);
517
530
  const ext = getFileExtension(filePath);
518
531
  return {
@@ -548,9 +561,20 @@ export const hooksPostEdit = {
548
561
  required: ['filePath'],
549
562
  },
550
563
  handler: async (params) => {
551
- const filePath = params.filePath;
564
+ // Cap filePath: interpolated into taskId and task text forwarded to
565
+ // bridgeRecordFeedback (which calls generateEmbedding — O(n) hash fallback).
566
+ // Cap agent: stored in feedback record and forwarded to bridge.
567
+ const MAX_POST_EDIT_PATH_LEN = 4 * 1024;
568
+ const MAX_POST_EDIT_AGENT_LEN = 256;
569
+ const rawFilePath = params.filePath;
570
+ const filePath = typeof rawFilePath === 'string' && rawFilePath.length > MAX_POST_EDIT_PATH_LEN
571
+ ? rawFilePath.slice(0, MAX_POST_EDIT_PATH_LEN)
572
+ : rawFilePath;
552
573
  const success = params.success !== false;
553
- const agent = params.agent;
574
+ const rawAgent = params.agent;
575
+ const agent = typeof rawAgent === 'string' && rawAgent.length > MAX_POST_EDIT_AGENT_LEN
576
+ ? rawAgent.slice(0, MAX_POST_EDIT_AGENT_LEN)
577
+ : rawAgent;
554
578
  // Wire recordFeedback through bridge (issue #1209)
555
579
  let feedbackResult = null;
556
580
  try {
@@ -593,7 +617,14 @@ export const hooksPreCommand = {
593
617
  required: ['command'],
594
618
  },
595
619
  handler: async (params) => {
596
- const command = params.command;
620
+ // Cap command length: assessCommandRisk runs O(n) string searches, and the
621
+ // raw command is reflected verbatim in the response. Limit to 4 KB which
622
+ // is far beyond any realistic shell command.
623
+ const MAX_CMD_LEN = 4 * 1024;
624
+ const rawCommand = params.command;
625
+ const command = typeof rawCommand === 'string' && rawCommand.length > MAX_CMD_LEN
626
+ ? rawCommand.slice(0, MAX_CMD_LEN)
627
+ : rawCommand;
597
628
  const assessment = assessCommandRisk(command);
598
629
  const riskLevel = assessment.level >= 0.8 ? 'critical'
599
630
  : assessment.level >= 0.6 ? 'high'
@@ -627,7 +658,16 @@ export const hooksPostCommand = {
627
658
  required: ['command'],
628
659
  },
629
660
  handler: async (params) => {
630
- const command = params.command;
661
+ // Cap command: it is stored in JSON memory store (line 824), forwarded to
662
+ // bridgeStoreEntry which calls generateEmbedding by default — O(n) hash
663
+ // fallback, and reflected verbatim in the response. The recordCommand path
664
+ // already caps to 200 chars; apply a consistent 4 KB cap here that still
665
+ // covers any realistic shell command.
666
+ const MAX_POST_CMD_LEN = 4 * 1024;
667
+ const rawPostCommand = params.command;
668
+ const command = typeof rawPostCommand === 'string' && rawPostCommand.length > MAX_POST_CMD_LEN
669
+ ? rawPostCommand.slice(0, MAX_POST_CMD_LEN)
670
+ : rawPostCommand;
631
671
  const exitCode = params.exitCode || 0;
632
672
  const success = exitCode === 0;
633
673
  // Record the real exit code in the time-windowed command-outcome store so
@@ -690,8 +730,19 @@ export const hooksRoute = {
690
730
  required: ['task'],
691
731
  },
692
732
  handler: async (params) => {
693
- const task = params.task;
694
- const context = params.context;
733
+ // Cap task and context lengths: both are forwarded to generateEmbedding
734
+ // via bridgeRouteTask, and task is used in extractKeywords + stored in
735
+ // route-outcomes.jsonl. 16 KB matches the cap in hooksPatternSearch.
736
+ const MAX_ROUTE_TASK_LEN = 16 * 1024;
737
+ const MAX_ROUTE_CTX_LEN = 4 * 1024;
738
+ const rawTask = params.task;
739
+ const task = typeof rawTask === 'string' && rawTask.length > MAX_ROUTE_TASK_LEN
740
+ ? rawTask.slice(0, MAX_ROUTE_TASK_LEN)
741
+ : rawTask;
742
+ const rawContext = params.context;
743
+ const context = typeof rawContext === 'string' && rawContext.length > MAX_ROUTE_CTX_LEN
744
+ ? rawContext.slice(0, MAX_ROUTE_CTX_LEN)
745
+ : rawContext;
695
746
  const useSemanticRouter = params.useSemanticRouter !== false;
696
747
  // Phase 5: Try AgentDB's SemanticRouter / LearningSystem first
697
748
  if (useSemanticRouter) {
@@ -956,8 +1007,23 @@ export const hooksPreTask = {
956
1007
  required: ['taskId', 'description'],
957
1008
  },
958
1009
  handler: async (params) => {
959
- const taskId = params.taskId;
960
- const description = params.description;
1010
+ // Cap taskId: it is used as a suffix in SQLite memory keys (heuristic:${taskId},
1011
+ // routing-decision:${taskId}, textual_gradient:${taskId}) and as sourceId/targetId
1012
+ // in causal-graph edges persisted to SQLite. An uncapped ID can inflate the DB key
1013
+ // column and every JSON payload that includes the ID.
1014
+ const MAX_TASK_ID_LEN = 256;
1015
+ const rawTaskId = params.taskId;
1016
+ const taskId = typeof rawTaskId === 'string' && rawTaskId.length > MAX_TASK_ID_LEN
1017
+ ? rawTaskId.slice(0, MAX_TASK_ID_LEN)
1018
+ : rawTaskId;
1019
+ // Cap description: it is forwarded to generateEmbedding twice (ERL heuristics
1020
+ // + TextGrad gradient queries) and used in O(n) keyword extraction.
1021
+ // 16 KB matches the cap applied in hooks_route and hooksPatternSearch.
1022
+ const MAX_PRE_TASK_DESC_LEN = 16 * 1024;
1023
+ const rawDescription = params.description;
1024
+ const description = typeof rawDescription === 'string' && rawDescription.length > MAX_PRE_TASK_DESC_LEN
1025
+ ? rawDescription.slice(0, MAX_PRE_TASK_DESC_LEN)
1026
+ : rawDescription;
961
1027
  const filePath = params.filePath;
962
1028
  const suggestion = suggestAgentsForTask(description);
963
1029
  // Determine complexity
@@ -1047,16 +1113,26 @@ export const hooksPostTask = {
1047
1113
  required: ['taskId'],
1048
1114
  },
1049
1115
  handler: async (params) => {
1050
- const taskId = params.taskId;
1116
+ // Cap taskId for the same reason as hooks_pre_task: it flows into SQLite memory keys
1117
+ // (heuristic:${taskId}, routing-decision:${taskId}, textual_gradient:${taskId}) and
1118
+ // into causal-graph edge IDs persisted to the DB. Without a cap an attacker can
1119
+ // inflate every row that stores the raw ID.
1120
+ const MAX_POST_TASK_ID_LEN = 256;
1121
+ const rawPostTaskId = params.taskId;
1122
+ const taskId = typeof rawPostTaskId === 'string' && rawPostTaskId.length > MAX_POST_TASK_ID_LEN
1123
+ ? rawPostTaskId.slice(0, MAX_POST_TASK_ID_LEN)
1124
+ : rawPostTaskId;
1051
1125
  // The success flag, when the caller asserts it (--success true), is taken as
1052
1126
  // ground truth. But callers usually do NOT pass it. Rather than treating every
1053
1127
  // unverified task as "unknown" (and thus excluding it from learning), we now
1054
1128
  // derive a MEASURED success signal from the real command exit codes recorded by
1055
1129
  // post-command within a recent time window. post-command appends each exit code
1056
1130
  // to the command-outcome store keyed by timestamp; deriveRecentSuccess returns:
1057
- // true → recent commands exist and ALL exited 0
1058
- // false → recent commands exist and ANY exited non-zero
1131
+ // true → recent commands exist and the LAST command exited 0 (final-state heuristic)
1132
+ // false → recent commands exist and the LAST command exited non-zero
1059
1133
  // null → no recent commands (genuinely no signal → stays unknown)
1134
+ // Note: "final-state" not "all must pass" — intermediate failures (e.g. grep no-match,
1135
+ // test-then-fix cycles) are intentionally ignored; the last exit code decides.
1060
1136
  // Precedence: an explicit --success ALWAYS wins; the derived signal only fills
1061
1137
  // in when no explicit flag is given; only when there is also no recent command
1062
1138
  // signal does the outcome stay unknown (and excluded from SONA + route join,
@@ -1073,9 +1149,23 @@ export const hooksPostTask = {
1073
1149
  successSource = 'derived-commands';
1074
1150
  }
1075
1151
  }
1076
- const agent = params.agent;
1152
+ // Cap agent: forwarded to bridgeRecordFeedback where it is stored in the
1153
+ // feedback record and used as a tag string in the JSON store. An uncapped
1154
+ // agent value inflates the on-disk store entry.
1155
+ const MAX_POST_TASK_AGENT_LEN = 256;
1156
+ const rawPostTaskAgent = params.agent;
1157
+ const agent = typeof rawPostTaskAgent === 'string' && rawPostTaskAgent.length > MAX_POST_TASK_AGENT_LEN
1158
+ ? rawPostTaskAgent.slice(0, MAX_POST_TASK_AGENT_LEN)
1159
+ : rawPostTaskAgent;
1077
1160
  const quality = params.quality || (success ? 0.85 : 0.3);
1078
1161
  const startTime = Date.now();
1162
+ // Cap task description: passed to generateEmbedding via bridgeRecordFeedback
1163
+ // and persisted to route-outcomes.jsonl. 16 KB matches hooks_route cap.
1164
+ const MAX_POST_TASK_LEN = 16 * 1024;
1165
+ const rawPostTask = params.task;
1166
+ const cappedPostTask = typeof rawPostTask === 'string' && rawPostTask.length > MAX_POST_TASK_LEN
1167
+ ? rawPostTask.slice(0, MAX_POST_TASK_LEN)
1168
+ : rawPostTask;
1079
1169
  // Phase 3: Wire recordFeedback through bridge → LearningSystem + ReasoningBank
1080
1170
  let feedbackResult = null;
1081
1171
  try {
@@ -1087,7 +1177,7 @@ export const hooksPostTask = {
1087
1177
  agent,
1088
1178
  // B1.2: thread the real task description into the SONA trajectory so the
1089
1179
  // embedder encodes meaning, not the opaque task ID.
1090
- task: params.task || undefined,
1180
+ task: cappedPostTask || undefined,
1091
1181
  // B1.3: only feed the SONA LoRA update when the outcome is actually known.
1092
1182
  outcomeKnown,
1093
1183
  duration: params.duration || undefined,
@@ -1114,7 +1204,7 @@ export const hooksPostTask = {
1114
1204
  // B1.3: also gate this sibling learning sink on a known outcome — an unverified
1115
1205
  // task must not train the router as a success either. When the caller did not
1116
1206
  // assert success, the outcome is unknown and we skip persisting a labeled sample.
1117
- const taskText = params.task || '';
1207
+ const taskText = cappedPostTask || '';
1118
1208
  const outcomeKeywords = extractKeywords(taskText);
1119
1209
  let outcomePersisted = false;
1120
1210
  if (outcomeKnown && taskText && agent && agent.length <= 100 && /^[a-zA-Z0-9_-]+$/.test(agent)) {
@@ -1260,7 +1350,13 @@ export const hooksExplain = {
1260
1350
  required: ['task'],
1261
1351
  },
1262
1352
  handler: async (params) => {
1263
- const task = params.task;
1353
+ // Cap task: forwarded to suggestAgentsForTask (O(n) keyword loop + extractKeywords),
1354
+ // .toLowerCase() (O(n)), and reflected verbatim in the response.
1355
+ const MAX_EXPLAIN_TASK_LEN = 16 * 1024;
1356
+ const rawExplainTask = params.task;
1357
+ const task = typeof rawExplainTask === 'string' && rawExplainTask.length > MAX_EXPLAIN_TASK_LEN
1358
+ ? rawExplainTask.slice(0, MAX_EXPLAIN_TASK_LEN)
1359
+ : rawExplainTask;
1264
1360
  const suggestion = suggestAgentsForTask(task);
1265
1361
  const taskLower = task.toLowerCase();
1266
1362
  // Determine matched patterns
@@ -1366,6 +1462,12 @@ export const hooksPretrain = {
1366
1462
  // For code files, count lines and extract imports
1367
1463
  if (['.ts', '.js', '.py', '.go', '.rs', '.java'].includes(ext)) {
1368
1464
  try {
1465
+ // Skip very large files (minified bundles, generated code) to prevent OOM.
1466
+ // 1 MB is generous for a source file; anything larger is unlikely to have
1467
+ // useful import patterns in the first 30 lines anyway.
1468
+ const MAX_CODE_FILE_BYTES = 1 * 1024 * 1024;
1469
+ if (statSync(full).size > MAX_CODE_FILE_BYTES)
1470
+ continue;
1369
1471
  const content = readFileSync(full, 'utf-8');
1370
1472
  const lines = content.split('\n');
1371
1473
  totalLines += lines.length;
@@ -1553,8 +1655,9 @@ export const hooksTransfer = {
1553
1655
  // Try to load patterns from source project's memory store
1554
1656
  const sourceMemoryPath = join(resolvedSource, MEMORY_DIR, MEMORY_FILE);
1555
1657
  let sourceStore = { entries: {}, version: '3.0.0' };
1658
+ const MAX_SOURCE_STORE_BYTES = 50 * 1024 * 1024; // 50 MB — matches other store readers
1556
1659
  try {
1557
- if (existsSync(sourceMemoryPath)) {
1660
+ if (existsSync(sourceMemoryPath) && statSync(sourceMemoryPath).size <= MAX_SOURCE_STORE_BYTES) {
1558
1661
  sourceStore = JSON.parse(readFileSync(sourceMemoryPath, 'utf-8'));
1559
1662
  }
1560
1663
  }
@@ -2054,8 +2157,18 @@ export const hooksTrajectoryStart = {
2054
2157
  required: ['task'],
2055
2158
  },
2056
2159
  handler: async (params) => {
2057
- const task = params.task;
2058
- const agent = params.agent || 'coder';
2160
+ // Cap task and agent lengths to prevent the trajectory map from accumulating
2161
+ // large strings (up to MAX_TRAJECTORIES × uncapped length = potential GB of RAM).
2162
+ const MAX_TASK_LEN = 4 * 1024; // 4 KB — same cap as trajectory-step fields
2163
+ const MAX_AGENT_LEN = 256;
2164
+ const rawTask = params.task;
2165
+ const task = typeof rawTask === 'string' && rawTask.length > MAX_TASK_LEN
2166
+ ? rawTask.slice(0, MAX_TASK_LEN)
2167
+ : rawTask;
2168
+ const rawAgent = params.agent || 'coder';
2169
+ const agent = typeof rawAgent === 'string' && rawAgent.length > MAX_AGENT_LEN
2170
+ ? rawAgent.slice(0, MAX_AGENT_LEN)
2171
+ : rawAgent;
2059
2172
  const trajectoryId = `traj-${Date.now()}-${Math.random().toString(36).substring(7)}`;
2060
2173
  const startedAt = new Date().toISOString();
2061
2174
  // Create real trajectory entry in memory
@@ -2100,14 +2213,28 @@ export const hooksTrajectoryStep = {
2100
2213
  },
2101
2214
  handler: async (params) => {
2102
2215
  const trajectoryId = params.trajectoryId;
2103
- const action = params.action;
2104
- const result = params.result || 'success';
2216
+ // Cap action and result strings to prevent unbounded in-memory growth when
2217
+ // trajectory-step is called many times with large payloads.
2218
+ const MAX_STEP_STRING_LEN = 4 * 1024; // 4 KB per field
2219
+ const MAX_STEPS_PER_TRAJECTORY = 1000;
2220
+ const rawAction = params.action;
2221
+ const rawResult = params.result || 'success';
2222
+ const action = typeof rawAction === 'string' && rawAction.length > MAX_STEP_STRING_LEN
2223
+ ? rawAction.slice(0, MAX_STEP_STRING_LEN)
2224
+ : rawAction;
2225
+ const result = typeof rawResult === 'string' && rawResult.length > MAX_STEP_STRING_LEN
2226
+ ? rawResult.slice(0, MAX_STEP_STRING_LEN)
2227
+ : rawResult;
2105
2228
  const quality = params.quality || 0.85;
2106
2229
  const timestamp = new Date().toISOString();
2107
2230
  const stepId = `step-${Date.now()}`;
2108
2231
  // Add step to real trajectory if it exists
2109
2232
  const trajectory = activeTrajectories.get(trajectoryId);
2110
2233
  if (trajectory) {
2234
+ if (trajectory.steps.length >= MAX_STEPS_PER_TRAJECTORY) {
2235
+ // Drop the oldest step to keep the array bounded
2236
+ trajectory.steps.shift();
2237
+ }
2111
2238
  trajectory.steps.push({
2112
2239
  action,
2113
2240
  result,
@@ -2275,8 +2402,18 @@ export const hooksPatternStore = {
2275
2402
  required: ['pattern'],
2276
2403
  },
2277
2404
  handler: async (params) => {
2278
- const pattern = params.pattern;
2279
- const type = params.type || 'general';
2405
+ // Cap pattern and type lengths to prevent DoS via large embedding generation
2406
+ // and unbounded database writes. 16 KB matches the cap in neural_patterns store.
2407
+ const MAX_PATTERN_LEN = 16 * 1024; // 16 KB
2408
+ const MAX_TYPE_LEN = 256;
2409
+ const rawPattern = params.pattern;
2410
+ const pattern = typeof rawPattern === 'string' && rawPattern.length > MAX_PATTERN_LEN
2411
+ ? rawPattern.slice(0, MAX_PATTERN_LEN)
2412
+ : rawPattern;
2413
+ const rawType = params.type || 'general';
2414
+ const type = typeof rawType === 'string' && rawType.length > MAX_TYPE_LEN
2415
+ ? rawType.slice(0, MAX_TYPE_LEN)
2416
+ : rawType;
2280
2417
  const confidence = params.confidence || 0.8;
2281
2418
  const metadata = params.metadata;
2282
2419
  const timestamp = new Date().toISOString();
@@ -2342,8 +2479,18 @@ export const hooksPatternSearch = {
2342
2479
  required: ['query'],
2343
2480
  },
2344
2481
  handler: async (params) => {
2345
- const query = params.query;
2346
- const topK = params.topK || 5;
2482
+ // Cap query length to prevent DoS via large embedding generation (same
2483
+ // class of bug fixed in neural_patterns search and hooksPatternStore).
2484
+ const MAX_SEARCH_QUERY_LEN = 16 * 1024; // 16 KB — matches neural_patterns cap
2485
+ const MAX_TOP_K = 100;
2486
+ const rawQuery = params.query;
2487
+ const query = typeof rawQuery === 'string' && rawQuery.length > MAX_SEARCH_QUERY_LEN
2488
+ ? rawQuery.slice(0, MAX_SEARCH_QUERY_LEN)
2489
+ : rawQuery;
2490
+ const rawTopK = params.topK;
2491
+ const topK = Number.isFinite(rawTopK) && rawTopK > 0
2492
+ ? Math.min(Math.floor(rawTopK), MAX_TOP_K)
2493
+ : 5;
2347
2494
  const minConfidence = params.minConfidence || 0.3;
2348
2495
  const namespace = params.namespace || 'pattern';
2349
2496
  // Phase 3: Try ReasoningBank search via bridge first
@@ -3119,7 +3266,13 @@ export const hooksModelRoute = {
3119
3266
  required: ['task'],
3120
3267
  },
3121
3268
  handler: async (params) => {
3122
- const task = params.task;
3269
+ // Cap task: analyzeComplexityFallback calls .toLowerCase() and O(n) .includes()
3270
+ // for each keyword; an unbounded task string causes event-loop DoS.
3271
+ const MAX_MODEL_ROUTE_TASK_LEN = 16 * 1024;
3272
+ const rawTask = params.task;
3273
+ const task = typeof rawTask === 'string' && rawTask.length > MAX_MODEL_ROUTE_TASK_LEN
3274
+ ? rawTask.slice(0, MAX_MODEL_ROUTE_TASK_LEN)
3275
+ : rawTask;
3123
3276
  // Native neural model-router removed in the lean build — keyword complexity heuristic.
3124
3277
  const complexity = analyzeComplexityFallback(task);
3125
3278
  return {
@@ -3147,7 +3300,13 @@ export const hooksModelOutcome = {
3147
3300
  required: ['task', 'model', 'outcome'],
3148
3301
  },
3149
3302
  handler: async (params) => {
3150
- const task = params.task;
3303
+ // Cap task: even though the response only reflects task.slice(0, 50), an
3304
+ // unbounded task string causes unnecessary memory allocation before the slice.
3305
+ const MAX_MODEL_OUTCOME_TASK_LEN = 16 * 1024;
3306
+ const rawOutcomeTask = params.task;
3307
+ const task = typeof rawOutcomeTask === 'string' && rawOutcomeTask.length > MAX_MODEL_OUTCOME_TASK_LEN
3308
+ ? rawOutcomeTask.slice(0, MAX_MODEL_OUTCOME_TASK_LEN)
3309
+ : rawOutcomeTask;
3151
3310
  const model = params.model;
3152
3311
  // RLVR: derive effective outcome from verifier exit_code when provided
3153
3312
  // Source: https://github.com/opendilab/awesome-RLVR
@@ -35,6 +35,10 @@ function ensureMemoryDir() {
35
35
  const MAX_KEY_LENGTH = 1024;
36
36
  const MAX_VALUE_SIZE = 1024 * 1024; // 1MB
37
37
  const MAX_QUERY_LENGTH = 4096;
38
+ const MAX_NAMESPACE_LENGTH = 256;
39
+ const MAX_AGENT_ID_LENGTH = 256;
40
+ const MAX_TAGS_COUNT = 50;
41
+ const MAX_TAG_LENGTH = 256;
38
42
  function validateMemoryInput(key, value, query) {
39
43
  if (key && key.length > MAX_KEY_LENGTH) {
40
44
  throw new Error(`Key exceeds maximum length of ${MAX_KEY_LENGTH} characters`);
@@ -166,10 +170,14 @@ export const memoryTools = [
166
170
  await ensureInitialized();
167
171
  const { storeEntry } = await getMemoryFunctions();
168
172
  const key = input.key;
169
- const namespace = input.namespace || 'default';
173
+ const rawNamespace = input.namespace || 'default';
174
+ const namespace = typeof rawNamespace === 'string' && rawNamespace.length > MAX_NAMESPACE_LENGTH
175
+ ? rawNamespace.slice(0, MAX_NAMESPACE_LENGTH) : rawNamespace;
170
176
  const rawValue = input.value;
171
177
  const value = typeof rawValue === 'string' ? rawValue : (rawValue !== undefined ? JSON.stringify(rawValue) : '');
172
- const tags = input.tags || [];
178
+ const rawTags = input.tags || [];
179
+ // Cap tags count and individual tag length to prevent store inflation
180
+ const tags = rawTags.slice(0, MAX_TAGS_COUNT).map(t => typeof t === 'string' && t.length > MAX_TAG_LENGTH ? t.slice(0, MAX_TAG_LENGTH) : t);
173
181
  const ttl = input.ttl;
174
182
  const upsert = input.upsert || false;
175
183
  if (!value) {
@@ -233,8 +241,12 @@ export const memoryTools = [
233
241
  await ensureInitialized();
234
242
  const { getEntry } = await getMemoryFunctions();
235
243
  const key = input.key;
236
- const namespace = input.namespace || 'default';
237
- const agentId = input.agentId;
244
+ const rawNs = input.namespace || 'default';
245
+ const namespace = typeof rawNs === 'string' && rawNs.length > MAX_NAMESPACE_LENGTH
246
+ ? rawNs.slice(0, MAX_NAMESPACE_LENGTH) : rawNs;
247
+ const rawAgentId = input.agentId;
248
+ const agentId = typeof rawAgentId === 'string' && rawAgentId.length > MAX_AGENT_ID_LENGTH
249
+ ? rawAgentId.slice(0, MAX_AGENT_ID_LENGTH) : rawAgentId;
238
250
  validateMemoryInput(key);
239
251
  try {
240
252
  const result = await getEntry({ key, namespace, agentId });
@@ -296,7 +308,9 @@ export const memoryTools = [
296
308
  await ensureInitialized();
297
309
  const { searchEntries } = await getMemoryFunctions();
298
310
  const query = input.query;
299
- const namespace = input.namespace || 'default';
311
+ const rawSearchNs = input.namespace || 'default';
312
+ const namespace = typeof rawSearchNs === 'string' && rawSearchNs.length > MAX_NAMESPACE_LENGTH
313
+ ? rawSearchNs.slice(0, MAX_NAMESPACE_LENGTH) : rawSearchNs;
300
314
  const limit = Math.min(Math.max(input.limit || 10, 1), 1000);
301
315
  const threshold = input.threshold || 0.3;
302
316
  validateMemoryInput(undefined, undefined, query);
@@ -359,7 +373,9 @@ export const memoryTools = [
359
373
  await ensureInitialized();
360
374
  const { deleteEntry } = await getMemoryFunctions();
361
375
  const key = input.key;
362
- const namespace = input.namespace || 'default';
376
+ const rawDelNs = input.namespace || 'default';
377
+ const namespace = typeof rawDelNs === 'string' && rawDelNs.length > MAX_NAMESPACE_LENGTH
378
+ ? rawDelNs.slice(0, MAX_NAMESPACE_LENGTH) : rawDelNs;
363
379
  validateMemoryInput(key);
364
380
  try {
365
381
  const result = await deleteEntry({ key, namespace });
@@ -398,7 +414,9 @@ export const memoryTools = [
398
414
  handler: async (input) => {
399
415
  await ensureInitialized();
400
416
  const { listEntries } = await getMemoryFunctions();
401
- const namespace = input.namespace;
417
+ const rawListNs = input.namespace;
418
+ const namespace = typeof rawListNs === 'string' && rawListNs.length > MAX_NAMESPACE_LENGTH
419
+ ? rawListNs.slice(0, MAX_NAMESPACE_LENGTH) : rawListNs;
402
420
  const limit = Math.min(Math.max(input.limit || 50, 1), 1000);
403
421
  const offset = input.offset || 0;
404
422
  try {