monomind 1.11.13 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/generated/channel-intelligence-director.md +87 -0
- package/.claude/agents/generated/chief-growth-officer.md +88 -0
- package/.claude/agents/generated/content-seo-strategist.md +90 -0
- package/.claude/agents/generated/developer-community-strategist.md +91 -0
- package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
- package/.claude/agents/generated/social-media-strategist.md +91 -0
- package/.claude/agents/generated/video-visual-strategist.md +90 -0
- package/.claude/commands/mastermind/idea.md +1 -1
- package/.claude/helpers/auto-memory-hook.mjs +13 -4
- package/.claude/helpers/control-start.cjs +5 -0
- package/.claude/helpers/event-logger.cjs +114 -0
- package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
- package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
- package/.claude/helpers/handlers/compact-handler.cjs +2 -0
- package/.claude/helpers/handlers/edit-handler.cjs +1 -1
- package/.claude/helpers/handlers/gates-handler.cjs +3 -0
- package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
- package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
- package/.claude/helpers/handlers/route-handler.cjs +13 -6
- package/.claude/helpers/handlers/session-handler.cjs +11 -4
- package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
- package/.claude/helpers/handlers/task-handler.cjs +13 -5
- package/.claude/helpers/intelligence.cjs +7 -2
- package/.claude/helpers/loop-tracker.cjs +15 -3
- package/.claude/helpers/memory.cjs +6 -1
- package/.claude/helpers/router.cjs +5 -2
- package/.claude/helpers/session.cjs +2 -0
- package/.claude/helpers/statusline.cjs +10 -2
- package/.claude/helpers/utils/micro-agents.cjs +20 -4
- package/.claude/scheduled_tasks.lock +1 -1
- package/.claude/settings.json +92 -1
- package/.claude/skills/mastermind/_protocol.md +23 -13
- package/.claude/skills/mastermind/architect.md +6 -9
- package/.claude/skills/mastermind/build.md +3 -3
- package/.claude/skills/mastermind/content.md +3 -3
- package/.claude/skills/mastermind/createorg.md +2 -2
- package/.claude/skills/mastermind/finance.md +3 -3
- package/.claude/skills/mastermind/idea.md +5 -3
- package/.claude/skills/mastermind/marketing.md +3 -3
- package/.claude/skills/mastermind/monitor.md +2 -2
- package/.claude/skills/mastermind/release.md +3 -3
- package/.claude/skills/mastermind/research.md +3 -3
- package/.claude/skills/mastermind/review.md +3 -3
- package/.claude/skills/mastermind/runorg.md +153 -86
- package/.claude/skills/mastermind/sales.md +3 -3
- package/README.md +286 -129
- package/package.json +19 -2
- package/packages/@monomind/cli/README.md +286 -129
- package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
- package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
- package/packages/@monomind/cli/bundled-graph/package.json +57 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
- package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
- package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
- package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
- package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
- package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
- package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
- package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
- package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
- package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
- package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
- package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
- package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
- package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
- package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
- package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
- package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
- package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
- package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
- package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
- package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
- package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
- package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
- package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
- package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
- package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
- package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
- package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
- package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
- package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
- package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
- package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
- package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
- package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
- package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
- package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
- package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
- package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
- package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
- package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
- package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
- package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
- package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
- package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
- package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
- package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
- package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
- package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
- package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
- package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
- package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
- package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
- package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
- package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
- package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
- package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
- package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
- package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
- package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
- package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
- package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
- package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
- package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
- package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/context/index.js +12 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
- package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
- package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
- package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
- package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
- package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
- package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
- package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
- package/packages/@monomind/cli/dist/src/index.js +7 -3
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
- package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
- package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
- package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
- package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
- package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
- package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
- package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
- package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
- package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
- package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
- package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
- package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
- package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
- package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
- package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
- package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
- package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
- package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
- package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
- package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
- package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
- package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
- package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
- package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
- package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
- package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
- package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
- package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
- package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
- package/packages/@monomind/cli/dist/src/model/index.js +4 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
- package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
- package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
- package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
- package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
- package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
- package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
- package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
- package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
- package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
- package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
- package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
- package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
- package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
- package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
- package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
- package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
- package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
- package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
- package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
- package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
- package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
- package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
- package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
- package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
- package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
- package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
- package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
- package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
- package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
- package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
- package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/services/index.js +11 -0
- package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
- package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
- package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
- package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
- package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
- package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
- package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
- package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
- package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
- package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
- package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
- package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
- package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
- package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
- package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
- package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
- package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
- package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
- package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
- package/packages/@monomind/cli/dist/src/update/index.js +18 -1
- package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
- package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
- package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
- package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
- package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
- package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
- package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
- package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
- package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
- package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
- package/packages/@monomind/cli/package.json +9 -10
- package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
- package/packages/@monomind/guidance/dist/adversarial.js +572 -0
- package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
- package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
- package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
- package/packages/@monomind/guidance/dist/artifacts.js +356 -0
- package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
- package/packages/@monomind/guidance/dist/authority.js +558 -0
- package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
- package/packages/@monomind/guidance/dist/capabilities.js +485 -0
- package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
- package/packages/@monomind/guidance/dist/coherence.js +372 -0
- package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
- package/packages/@monomind/guidance/dist/compiler.js +419 -0
- package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
- package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
- package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
- package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
- package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
- package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
- package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
- package/packages/@monomind/guidance/dist/evolution.js +500 -0
- package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
- package/packages/@monomind/guidance/dist/gates.js +302 -0
- package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
- package/packages/@monomind/guidance/dist/gateway.js +452 -0
- package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
- package/packages/@monomind/guidance/dist/generators.js +682 -0
- package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
- package/packages/@monomind/guidance/dist/headless.js +342 -0
- package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
- package/packages/@monomind/guidance/dist/hooks.js +347 -0
- package/packages/@monomind/guidance/dist/index.d.ts +205 -0
- package/packages/@monomind/guidance/dist/index.js +321 -0
- package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
- package/packages/@monomind/guidance/dist/ledger.js +375 -0
- package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
- package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
- package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
- package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
- package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
- package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
- package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
- package/packages/@monomind/guidance/dist/optimizer.js +329 -0
- package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
- package/packages/@monomind/guidance/dist/persistence.js +464 -0
- package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
- package/packages/@monomind/guidance/dist/proof.js +238 -0
- package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
- package/packages/@monomind/guidance/dist/retriever.js +394 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
- package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
- package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
- package/packages/@monomind/guidance/dist/temporal.js +658 -0
- package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
- package/packages/@monomind/guidance/dist/trust.js +473 -0
- package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
- package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
- package/packages/@monomind/guidance/dist/types.d.ts +378 -0
- package/packages/@monomind/guidance/dist/types.js +10 -0
- package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
- package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
- package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Tool definitions for collective intelligence and swarm coordination.
|
|
5
5
|
*/
|
|
6
|
-
import { existsSync, readFileSync, writeFileSync, renameSync, mkdirSync } from 'node:fs';
|
|
6
|
+
import { existsSync, readFileSync, statSync, writeFileSync, renameSync, mkdirSync } from 'node:fs';
|
|
7
7
|
import { join } from 'node:path';
|
|
8
8
|
import { getProjectCwd } from './types.js';
|
|
9
9
|
import { weightedTally } from '../consensus/vote-signer.js';
|
|
@@ -95,10 +95,11 @@ function ensureHiveDir() {
|
|
|
95
95
|
mkdirSync(dir, { recursive: true });
|
|
96
96
|
}
|
|
97
97
|
}
|
|
98
|
+
const MAX_HIVE_STATE_BYTES = 10 * 1024 * 1024; // 10 MB
|
|
98
99
|
function loadHiveState() {
|
|
99
100
|
try {
|
|
100
101
|
const path = getHivePath();
|
|
101
|
-
if (existsSync(path)) {
|
|
102
|
+
if (existsSync(path) && statSync(path).size <= MAX_HIVE_STATE_BYTES) {
|
|
102
103
|
const data = readFileSync(path, 'utf-8');
|
|
103
104
|
return JSON.parse(data);
|
|
104
105
|
}
|
|
@@ -168,9 +169,19 @@ export const hiveMindTools = [
|
|
|
168
169
|
return { success: false, error: 'Hive-mind not initialized. Run hive-mind/init first.' };
|
|
169
170
|
}
|
|
170
171
|
const count = Math.min(Math.max(1, input.count || 1), 20); // Cap at 20
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
const
|
|
172
|
+
// Cap role/agentType/prefix: used as JSON keys and stored values in agentStore
|
|
173
|
+
// on disk; an oversized prefix inflates the generated agentId key and config.
|
|
174
|
+
const MAX_HIVE_ROLE_LEN = 256;
|
|
175
|
+
const MAX_HIVE_PREFIX_LEN = 128;
|
|
176
|
+
const rawRole = input.role || 'worker';
|
|
177
|
+
const role = typeof rawRole === 'string' && rawRole.length > MAX_HIVE_ROLE_LEN
|
|
178
|
+
? rawRole.slice(0, MAX_HIVE_ROLE_LEN) : rawRole;
|
|
179
|
+
const rawAgentType = input.agentType || 'worker';
|
|
180
|
+
const agentType = typeof rawAgentType === 'string' && rawAgentType.length > MAX_HIVE_ROLE_LEN
|
|
181
|
+
? rawAgentType.slice(0, MAX_HIVE_ROLE_LEN) : rawAgentType;
|
|
182
|
+
const rawPrefix = input.prefix || 'hive-worker';
|
|
183
|
+
const prefix = typeof rawPrefix === 'string' && rawPrefix.length > MAX_HIVE_PREFIX_LEN
|
|
184
|
+
? rawPrefix.slice(0, MAX_HIVE_PREFIX_LEN) : rawPrefix;
|
|
174
185
|
const agentStore = loadAgentStore();
|
|
175
186
|
const spawnedWorkers = [];
|
|
176
187
|
for (let i = 0; i < count; i++) {
|
|
@@ -227,7 +238,11 @@ export const hiveMindTools = [
|
|
|
227
238
|
},
|
|
228
239
|
handler: async (input) => {
|
|
229
240
|
const hiveId = `hive-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
|
|
230
|
-
|
|
241
|
+
// Cap queenId: stored in hive state JSON as the queen's agentId field.
|
|
242
|
+
const MAX_QUEEN_ID_LEN = 256;
|
|
243
|
+
const rawQueenId = input.queenId || `queen-${Date.now()}`;
|
|
244
|
+
const queenId = typeof rawQueenId === 'string' && rawQueenId.length > MAX_QUEEN_ID_LEN
|
|
245
|
+
? rawQueenId.slice(0, MAX_QUEEN_ID_LEN) : rawQueenId;
|
|
231
246
|
const now = new Date().toISOString();
|
|
232
247
|
const state = {
|
|
233
248
|
initialized: true,
|
|
@@ -281,7 +296,7 @@ export const hiveMindTools = [
|
|
|
281
296
|
let activeTaskCount = 0;
|
|
282
297
|
let completedTaskCount = 0;
|
|
283
298
|
try {
|
|
284
|
-
if (existsSync(taskStorePath)) {
|
|
299
|
+
if (existsSync(taskStorePath) && statSync(taskStorePath).size <= MAX_HIVE_STATE_BYTES) {
|
|
285
300
|
const taskStore = JSON.parse(readFileSync(taskStorePath, 'utf-8'));
|
|
286
301
|
for (const task of Object.values(taskStore.tasks || {})) {
|
|
287
302
|
if (task.status === 'pending')
|
|
@@ -478,11 +493,29 @@ export const hiveMindTools = [
|
|
|
478
493
|
const minDivergenceRounds = typeof input.minDivergenceRounds === 'number'
|
|
479
494
|
? Math.max(0, input.minDivergenceRounds)
|
|
480
495
|
: 0;
|
|
496
|
+
// Cap proposal fields: stored in state.consensus.pending and then
|
|
497
|
+
// state.consensus.history (up to 1000 entries). An unbounded value
|
|
498
|
+
// inflates the on-disk hive state by up to 1000 × value size.
|
|
499
|
+
const MAX_PROPOSAL_TYPE_LEN = 128;
|
|
500
|
+
const MAX_PROPOSAL_VOTER_ID_LEN = 256;
|
|
501
|
+
const MAX_PROPOSAL_VALUE_BYTES = 64 * 1024; // 64 KB
|
|
502
|
+
const rawProposalType = input.type || 'general';
|
|
503
|
+
const proposalType = typeof rawProposalType === 'string' && rawProposalType.length > MAX_PROPOSAL_TYPE_LEN
|
|
504
|
+
? rawProposalType.slice(0, MAX_PROPOSAL_TYPE_LEN) : rawProposalType;
|
|
505
|
+
const rawVoterId = input.voterId || 'system';
|
|
506
|
+
const proposedBy = typeof rawVoterId === 'string' && rawVoterId.length > MAX_PROPOSAL_VOTER_ID_LEN
|
|
507
|
+
? rawVoterId.slice(0, MAX_PROPOSAL_VOTER_ID_LEN) : rawVoterId;
|
|
508
|
+
// Cap value if it's a string; leave non-string values as-is (they are
|
|
509
|
+
// JSON-serialised by saveHiveState which uses JSON.stringify — bounded
|
|
510
|
+
// objects are fine).
|
|
511
|
+
const rawValue = input.value;
|
|
512
|
+
const cappedValue = typeof rawValue === 'string' && rawValue.length > MAX_PROPOSAL_VALUE_BYTES
|
|
513
|
+
? rawValue.slice(0, MAX_PROPOSAL_VALUE_BYTES) : rawValue;
|
|
481
514
|
const proposal = {
|
|
482
515
|
proposalId,
|
|
483
|
-
type:
|
|
484
|
-
value:
|
|
485
|
-
proposedBy
|
|
516
|
+
type: proposalType,
|
|
517
|
+
value: cappedValue,
|
|
518
|
+
proposedBy,
|
|
486
519
|
proposedAt: new Date().toISOString(),
|
|
487
520
|
votes: {},
|
|
488
521
|
status: 'pending',
|
|
@@ -801,14 +834,32 @@ export const hiveMindTools = [
|
|
|
801
834
|
if (!state.initialized) {
|
|
802
835
|
return { success: false, error: 'Hive-mind not initialized' };
|
|
803
836
|
}
|
|
837
|
+
// Cap inputs: message/fromId are stored directly in the shared-memory JSON
|
|
838
|
+
// state (up to 100 broadcasts kept). An uncapped message lets an attacker
|
|
839
|
+
// inflate the on-disk hive state by up to 100 × message size per call.
|
|
840
|
+
const MAX_BROADCAST_MSG_LEN = 1024 * 1024; // 1 MB
|
|
841
|
+
const MAX_FROM_ID_LEN = 256;
|
|
842
|
+
const MAX_PRIORITY_LEN = 16;
|
|
843
|
+
const rawMessage = input.message;
|
|
844
|
+
const message = typeof rawMessage === 'string' && rawMessage.length > MAX_BROADCAST_MSG_LEN
|
|
845
|
+
? rawMessage.slice(0, MAX_BROADCAST_MSG_LEN)
|
|
846
|
+
: rawMessage;
|
|
847
|
+
const rawFromId = input.fromId || 'system';
|
|
848
|
+
const fromId = typeof rawFromId === 'string' && rawFromId.length > MAX_FROM_ID_LEN
|
|
849
|
+
? rawFromId.slice(0, MAX_FROM_ID_LEN)
|
|
850
|
+
: rawFromId;
|
|
851
|
+
const rawPriority = input.priority || 'normal';
|
|
852
|
+
const priority = typeof rawPriority === 'string' && rawPriority.length > MAX_PRIORITY_LEN
|
|
853
|
+
? rawPriority.slice(0, MAX_PRIORITY_LEN)
|
|
854
|
+
: rawPriority;
|
|
804
855
|
const messageId = `msg-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
|
|
805
856
|
// Store in shared memory
|
|
806
857
|
const messages = state.sharedMemory.broadcasts || [];
|
|
807
858
|
messages.push({
|
|
808
859
|
messageId,
|
|
809
|
-
message
|
|
810
|
-
priority
|
|
811
|
-
fromId
|
|
860
|
+
message,
|
|
861
|
+
priority,
|
|
862
|
+
fromId,
|
|
812
863
|
timestamp: new Date().toISOString(),
|
|
813
864
|
});
|
|
814
865
|
// Keep only last 100 broadcasts
|
|
@@ -818,7 +869,7 @@ export const hiveMindTools = [
|
|
|
818
869
|
success: true,
|
|
819
870
|
messageId,
|
|
820
871
|
recipients: state.workers.length,
|
|
821
|
-
priority
|
|
872
|
+
priority,
|
|
822
873
|
broadcastAt: new Date().toISOString(),
|
|
823
874
|
};
|
|
824
875
|
},
|
|
@@ -898,22 +949,39 @@ export const hiveMindTools = [
|
|
|
898
949
|
const state = loadHiveState();
|
|
899
950
|
const action = input.action;
|
|
900
951
|
const key = input.key;
|
|
952
|
+
const MAX_HIVE_MEMORY_KEY_LEN = 256;
|
|
953
|
+
const MAX_HIVE_MEMORY_VALUE_BYTES = 1024 * 1024; // 1 MB
|
|
954
|
+
const MAX_HIVE_MEMORY_KEYS = 1000;
|
|
901
955
|
if (action === 'get') {
|
|
902
956
|
if (!key)
|
|
903
957
|
return { action, error: 'Key required' };
|
|
958
|
+
if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
|
|
959
|
+
return { action, error: 'Invalid key' };
|
|
960
|
+
}
|
|
904
961
|
return {
|
|
905
962
|
action,
|
|
906
963
|
key,
|
|
907
|
-
value: state.sharedMemory[key],
|
|
908
|
-
exists:
|
|
964
|
+
value: Object.hasOwn(state.sharedMemory, key) ? state.sharedMemory[key] : undefined,
|
|
965
|
+
exists: Object.hasOwn(state.sharedMemory, key),
|
|
909
966
|
};
|
|
910
967
|
}
|
|
911
968
|
if (action === 'set') {
|
|
912
969
|
if (!key)
|
|
913
970
|
return { action, error: 'Key required' };
|
|
914
|
-
if (HIVE_RESERVED_KEYS.has(key))
|
|
915
|
-
return { action, error: '
|
|
916
|
-
|
|
971
|
+
if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
|
|
972
|
+
return { action, error: 'Invalid key' };
|
|
973
|
+
}
|
|
974
|
+
// Cap value if it's a string; otherwise serialize and check byte size
|
|
975
|
+
const rawValue = input.value;
|
|
976
|
+
const cappedValue = typeof rawValue === 'string' && rawValue.length > MAX_HIVE_MEMORY_VALUE_BYTES
|
|
977
|
+
? rawValue.slice(0, MAX_HIVE_MEMORY_VALUE_BYTES)
|
|
978
|
+
: rawValue;
|
|
979
|
+
// Enforce max number of distinct keys to prevent unbounded growth
|
|
980
|
+
const keyCount = Object.keys(state.sharedMemory).length;
|
|
981
|
+
if (!Object.hasOwn(state.sharedMemory, key) && keyCount >= MAX_HIVE_MEMORY_KEYS) {
|
|
982
|
+
return { action, error: `Shared memory full (max ${MAX_HIVE_MEMORY_KEYS} keys)` };
|
|
983
|
+
}
|
|
984
|
+
state.sharedMemory[key] = cappedValue;
|
|
917
985
|
saveHiveState(state);
|
|
918
986
|
// Also store in AgentDB for searchable hive memory
|
|
919
987
|
try {
|
|
@@ -935,7 +1003,10 @@ export const hiveMindTools = [
|
|
|
935
1003
|
if (action === 'delete') {
|
|
936
1004
|
if (!key)
|
|
937
1005
|
return { action, error: 'Key required' };
|
|
938
|
-
|
|
1006
|
+
if (typeof key !== 'string' || key.length > MAX_HIVE_MEMORY_KEY_LEN || HIVE_RESERVED_KEYS.has(key)) {
|
|
1007
|
+
return { action, error: 'Invalid key' };
|
|
1008
|
+
}
|
|
1009
|
+
const existed = Object.hasOwn(state.sharedMemory, key);
|
|
939
1010
|
delete state.sharedMemory[key];
|
|
940
1011
|
saveHiveState(state);
|
|
941
1012
|
return {
|
|
@@ -251,10 +251,13 @@ const MEMORY_FILE = 'store.json';
|
|
|
251
251
|
function getMemoryPath() {
|
|
252
252
|
return join(getProjectCwd(), MEMORY_DIR, MEMORY_FILE);
|
|
253
253
|
}
|
|
254
|
+
// Maximum size of the legacy JSON memory store before reads are skipped.
|
|
255
|
+
// Matches the guard in memory-tools.ts (loadLegacyStore) which loads the same file.
|
|
256
|
+
const MAX_MEMORY_STORE_BYTES = 50 * 1024 * 1024; // 50 MB
|
|
254
257
|
function loadMemoryStore() {
|
|
255
258
|
try {
|
|
256
259
|
const path = getMemoryPath();
|
|
257
|
-
if (existsSync(path)) {
|
|
260
|
+
if (existsSync(path) && statSync(path).size <= MAX_MEMORY_STORE_BYTES) {
|
|
258
261
|
const data = readFileSync(path, 'utf-8');
|
|
259
262
|
return JSON.parse(data);
|
|
260
263
|
}
|
|
@@ -511,8 +514,18 @@ export const hooksPreEdit = {
|
|
|
511
514
|
required: ['filePath'],
|
|
512
515
|
},
|
|
513
516
|
handler: async (params) => {
|
|
514
|
-
|
|
515
|
-
|
|
517
|
+
// Cap filePath: passed to suggestAgentsForFile (O(n) regex) and reflected in
|
|
518
|
+
// response. Cap operation to prevent oversized strings in recommendations.
|
|
519
|
+
const MAX_PRE_EDIT_PATH_LEN = 4 * 1024;
|
|
520
|
+
const MAX_PRE_EDIT_OP_LEN = 64;
|
|
521
|
+
const rawFilePath = params.filePath;
|
|
522
|
+
const filePath = typeof rawFilePath === 'string' && rawFilePath.length > MAX_PRE_EDIT_PATH_LEN
|
|
523
|
+
? rawFilePath.slice(0, MAX_PRE_EDIT_PATH_LEN)
|
|
524
|
+
: rawFilePath;
|
|
525
|
+
const rawOperation = params.operation || 'update';
|
|
526
|
+
const operation = typeof rawOperation === 'string' && rawOperation.length > MAX_PRE_EDIT_OP_LEN
|
|
527
|
+
? rawOperation.slice(0, MAX_PRE_EDIT_OP_LEN)
|
|
528
|
+
: rawOperation;
|
|
516
529
|
const suggestedAgents = suggestAgentsForFile(filePath);
|
|
517
530
|
const ext = getFileExtension(filePath);
|
|
518
531
|
return {
|
|
@@ -548,9 +561,20 @@ export const hooksPostEdit = {
|
|
|
548
561
|
required: ['filePath'],
|
|
549
562
|
},
|
|
550
563
|
handler: async (params) => {
|
|
551
|
-
|
|
564
|
+
// Cap filePath: interpolated into taskId and task text forwarded to
|
|
565
|
+
// bridgeRecordFeedback (which calls generateEmbedding — O(n) hash fallback).
|
|
566
|
+
// Cap agent: stored in feedback record and forwarded to bridge.
|
|
567
|
+
const MAX_POST_EDIT_PATH_LEN = 4 * 1024;
|
|
568
|
+
const MAX_POST_EDIT_AGENT_LEN = 256;
|
|
569
|
+
const rawFilePath = params.filePath;
|
|
570
|
+
const filePath = typeof rawFilePath === 'string' && rawFilePath.length > MAX_POST_EDIT_PATH_LEN
|
|
571
|
+
? rawFilePath.slice(0, MAX_POST_EDIT_PATH_LEN)
|
|
572
|
+
: rawFilePath;
|
|
552
573
|
const success = params.success !== false;
|
|
553
|
-
const
|
|
574
|
+
const rawAgent = params.agent;
|
|
575
|
+
const agent = typeof rawAgent === 'string' && rawAgent.length > MAX_POST_EDIT_AGENT_LEN
|
|
576
|
+
? rawAgent.slice(0, MAX_POST_EDIT_AGENT_LEN)
|
|
577
|
+
: rawAgent;
|
|
554
578
|
// Wire recordFeedback through bridge (issue #1209)
|
|
555
579
|
let feedbackResult = null;
|
|
556
580
|
try {
|
|
@@ -593,7 +617,14 @@ export const hooksPreCommand = {
|
|
|
593
617
|
required: ['command'],
|
|
594
618
|
},
|
|
595
619
|
handler: async (params) => {
|
|
596
|
-
|
|
620
|
+
// Cap command length: assessCommandRisk runs O(n) string searches, and the
|
|
621
|
+
// raw command is reflected verbatim in the response. Limit to 4 KB which
|
|
622
|
+
// is far beyond any realistic shell command.
|
|
623
|
+
const MAX_CMD_LEN = 4 * 1024;
|
|
624
|
+
const rawCommand = params.command;
|
|
625
|
+
const command = typeof rawCommand === 'string' && rawCommand.length > MAX_CMD_LEN
|
|
626
|
+
? rawCommand.slice(0, MAX_CMD_LEN)
|
|
627
|
+
: rawCommand;
|
|
597
628
|
const assessment = assessCommandRisk(command);
|
|
598
629
|
const riskLevel = assessment.level >= 0.8 ? 'critical'
|
|
599
630
|
: assessment.level >= 0.6 ? 'high'
|
|
@@ -627,7 +658,16 @@ export const hooksPostCommand = {
|
|
|
627
658
|
required: ['command'],
|
|
628
659
|
},
|
|
629
660
|
handler: async (params) => {
|
|
630
|
-
|
|
661
|
+
// Cap command: it is stored in JSON memory store (line 824), forwarded to
|
|
662
|
+
// bridgeStoreEntry which calls generateEmbedding by default — O(n) hash
|
|
663
|
+
// fallback, and reflected verbatim in the response. The recordCommand path
|
|
664
|
+
// already caps to 200 chars; apply a consistent 4 KB cap here that still
|
|
665
|
+
// covers any realistic shell command.
|
|
666
|
+
const MAX_POST_CMD_LEN = 4 * 1024;
|
|
667
|
+
const rawPostCommand = params.command;
|
|
668
|
+
const command = typeof rawPostCommand === 'string' && rawPostCommand.length > MAX_POST_CMD_LEN
|
|
669
|
+
? rawPostCommand.slice(0, MAX_POST_CMD_LEN)
|
|
670
|
+
: rawPostCommand;
|
|
631
671
|
const exitCode = params.exitCode || 0;
|
|
632
672
|
const success = exitCode === 0;
|
|
633
673
|
// Record the real exit code in the time-windowed command-outcome store so
|
|
@@ -690,8 +730,19 @@ export const hooksRoute = {
|
|
|
690
730
|
required: ['task'],
|
|
691
731
|
},
|
|
692
732
|
handler: async (params) => {
|
|
693
|
-
|
|
694
|
-
|
|
733
|
+
// Cap task and context lengths: both are forwarded to generateEmbedding
|
|
734
|
+
// via bridgeRouteTask, and task is used in extractKeywords + stored in
|
|
735
|
+
// route-outcomes.jsonl. 16 KB matches the cap in hooksPatternSearch.
|
|
736
|
+
const MAX_ROUTE_TASK_LEN = 16 * 1024;
|
|
737
|
+
const MAX_ROUTE_CTX_LEN = 4 * 1024;
|
|
738
|
+
const rawTask = params.task;
|
|
739
|
+
const task = typeof rawTask === 'string' && rawTask.length > MAX_ROUTE_TASK_LEN
|
|
740
|
+
? rawTask.slice(0, MAX_ROUTE_TASK_LEN)
|
|
741
|
+
: rawTask;
|
|
742
|
+
const rawContext = params.context;
|
|
743
|
+
const context = typeof rawContext === 'string' && rawContext.length > MAX_ROUTE_CTX_LEN
|
|
744
|
+
? rawContext.slice(0, MAX_ROUTE_CTX_LEN)
|
|
745
|
+
: rawContext;
|
|
695
746
|
const useSemanticRouter = params.useSemanticRouter !== false;
|
|
696
747
|
// Phase 5: Try AgentDB's SemanticRouter / LearningSystem first
|
|
697
748
|
if (useSemanticRouter) {
|
|
@@ -956,8 +1007,23 @@ export const hooksPreTask = {
|
|
|
956
1007
|
required: ['taskId', 'description'],
|
|
957
1008
|
},
|
|
958
1009
|
handler: async (params) => {
|
|
959
|
-
|
|
960
|
-
|
|
1010
|
+
// Cap taskId: it is used as a suffix in SQLite memory keys (heuristic:${taskId},
|
|
1011
|
+
// routing-decision:${taskId}, textual_gradient:${taskId}) and as sourceId/targetId
|
|
1012
|
+
// in causal-graph edges persisted to SQLite. An uncapped ID can inflate the DB key
|
|
1013
|
+
// column and every JSON payload that includes the ID.
|
|
1014
|
+
const MAX_TASK_ID_LEN = 256;
|
|
1015
|
+
const rawTaskId = params.taskId;
|
|
1016
|
+
const taskId = typeof rawTaskId === 'string' && rawTaskId.length > MAX_TASK_ID_LEN
|
|
1017
|
+
? rawTaskId.slice(0, MAX_TASK_ID_LEN)
|
|
1018
|
+
: rawTaskId;
|
|
1019
|
+
// Cap description: it is forwarded to generateEmbedding twice (ERL heuristics
|
|
1020
|
+
// + TextGrad gradient queries) and used in O(n) keyword extraction.
|
|
1021
|
+
// 16 KB matches the cap applied in hooks_route and hooksPatternSearch.
|
|
1022
|
+
const MAX_PRE_TASK_DESC_LEN = 16 * 1024;
|
|
1023
|
+
const rawDescription = params.description;
|
|
1024
|
+
const description = typeof rawDescription === 'string' && rawDescription.length > MAX_PRE_TASK_DESC_LEN
|
|
1025
|
+
? rawDescription.slice(0, MAX_PRE_TASK_DESC_LEN)
|
|
1026
|
+
: rawDescription;
|
|
961
1027
|
const filePath = params.filePath;
|
|
962
1028
|
const suggestion = suggestAgentsForTask(description);
|
|
963
1029
|
// Determine complexity
|
|
@@ -1047,16 +1113,26 @@ export const hooksPostTask = {
|
|
|
1047
1113
|
required: ['taskId'],
|
|
1048
1114
|
},
|
|
1049
1115
|
handler: async (params) => {
|
|
1050
|
-
|
|
1116
|
+
// Cap taskId for the same reason as hooks_pre_task: it flows into SQLite memory keys
|
|
1117
|
+
// (heuristic:${taskId}, routing-decision:${taskId}, textual_gradient:${taskId}) and
|
|
1118
|
+
// into causal-graph edge IDs persisted to the DB. Without a cap an attacker can
|
|
1119
|
+
// inflate every row that stores the raw ID.
|
|
1120
|
+
const MAX_POST_TASK_ID_LEN = 256;
|
|
1121
|
+
const rawPostTaskId = params.taskId;
|
|
1122
|
+
const taskId = typeof rawPostTaskId === 'string' && rawPostTaskId.length > MAX_POST_TASK_ID_LEN
|
|
1123
|
+
? rawPostTaskId.slice(0, MAX_POST_TASK_ID_LEN)
|
|
1124
|
+
: rawPostTaskId;
|
|
1051
1125
|
// The success flag, when the caller asserts it (--success true), is taken as
|
|
1052
1126
|
// ground truth. But callers usually do NOT pass it. Rather than treating every
|
|
1053
1127
|
// unverified task as "unknown" (and thus excluding it from learning), we now
|
|
1054
1128
|
// derive a MEASURED success signal from the real command exit codes recorded by
|
|
1055
1129
|
// post-command within a recent time window. post-command appends each exit code
|
|
1056
1130
|
// to the command-outcome store keyed by timestamp; deriveRecentSuccess returns:
|
|
1057
|
-
// true → recent commands exist and
|
|
1058
|
-
// false → recent commands exist and
|
|
1131
|
+
// true → recent commands exist and the LAST command exited 0 (final-state heuristic)
|
|
1132
|
+
// false → recent commands exist and the LAST command exited non-zero
|
|
1059
1133
|
// null → no recent commands (genuinely no signal → stays unknown)
|
|
1134
|
+
// Note: "final-state" not "all must pass" — intermediate failures (e.g. grep no-match,
|
|
1135
|
+
// test-then-fix cycles) are intentionally ignored; the last exit code decides.
|
|
1060
1136
|
// Precedence: an explicit --success ALWAYS wins; the derived signal only fills
|
|
1061
1137
|
// in when no explicit flag is given; only when there is also no recent command
|
|
1062
1138
|
// signal does the outcome stay unknown (and excluded from SONA + route join,
|
|
@@ -1073,9 +1149,23 @@ export const hooksPostTask = {
|
|
|
1073
1149
|
successSource = 'derived-commands';
|
|
1074
1150
|
}
|
|
1075
1151
|
}
|
|
1076
|
-
|
|
1152
|
+
// Cap agent: forwarded to bridgeRecordFeedback where it is stored in the
|
|
1153
|
+
// feedback record and used as a tag string in the JSON store. An uncapped
|
|
1154
|
+
// agent value inflates the on-disk store entry.
|
|
1155
|
+
const MAX_POST_TASK_AGENT_LEN = 256;
|
|
1156
|
+
const rawPostTaskAgent = params.agent;
|
|
1157
|
+
const agent = typeof rawPostTaskAgent === 'string' && rawPostTaskAgent.length > MAX_POST_TASK_AGENT_LEN
|
|
1158
|
+
? rawPostTaskAgent.slice(0, MAX_POST_TASK_AGENT_LEN)
|
|
1159
|
+
: rawPostTaskAgent;
|
|
1077
1160
|
const quality = params.quality || (success ? 0.85 : 0.3);
|
|
1078
1161
|
const startTime = Date.now();
|
|
1162
|
+
// Cap task description: passed to generateEmbedding via bridgeRecordFeedback
|
|
1163
|
+
// and persisted to route-outcomes.jsonl. 16 KB matches hooks_route cap.
|
|
1164
|
+
const MAX_POST_TASK_LEN = 16 * 1024;
|
|
1165
|
+
const rawPostTask = params.task;
|
|
1166
|
+
const cappedPostTask = typeof rawPostTask === 'string' && rawPostTask.length > MAX_POST_TASK_LEN
|
|
1167
|
+
? rawPostTask.slice(0, MAX_POST_TASK_LEN)
|
|
1168
|
+
: rawPostTask;
|
|
1079
1169
|
// Phase 3: Wire recordFeedback through bridge → LearningSystem + ReasoningBank
|
|
1080
1170
|
let feedbackResult = null;
|
|
1081
1171
|
try {
|
|
@@ -1087,7 +1177,7 @@ export const hooksPostTask = {
|
|
|
1087
1177
|
agent,
|
|
1088
1178
|
// B1.2: thread the real task description into the SONA trajectory so the
|
|
1089
1179
|
// embedder encodes meaning, not the opaque task ID.
|
|
1090
|
-
task:
|
|
1180
|
+
task: cappedPostTask || undefined,
|
|
1091
1181
|
// B1.3: only feed the SONA LoRA update when the outcome is actually known.
|
|
1092
1182
|
outcomeKnown,
|
|
1093
1183
|
duration: params.duration || undefined,
|
|
@@ -1114,7 +1204,7 @@ export const hooksPostTask = {
|
|
|
1114
1204
|
// B1.3: also gate this sibling learning sink on a known outcome — an unverified
|
|
1115
1205
|
// task must not train the router as a success either. When the caller did not
|
|
1116
1206
|
// assert success, the outcome is unknown and we skip persisting a labeled sample.
|
|
1117
|
-
const taskText =
|
|
1207
|
+
const taskText = cappedPostTask || '';
|
|
1118
1208
|
const outcomeKeywords = extractKeywords(taskText);
|
|
1119
1209
|
let outcomePersisted = false;
|
|
1120
1210
|
if (outcomeKnown && taskText && agent && agent.length <= 100 && /^[a-zA-Z0-9_-]+$/.test(agent)) {
|
|
@@ -1260,7 +1350,13 @@ export const hooksExplain = {
|
|
|
1260
1350
|
required: ['task'],
|
|
1261
1351
|
},
|
|
1262
1352
|
handler: async (params) => {
|
|
1263
|
-
|
|
1353
|
+
// Cap task: forwarded to suggestAgentsForTask (O(n) keyword loop + extractKeywords),
|
|
1354
|
+
// .toLowerCase() (O(n)), and reflected verbatim in the response.
|
|
1355
|
+
const MAX_EXPLAIN_TASK_LEN = 16 * 1024;
|
|
1356
|
+
const rawExplainTask = params.task;
|
|
1357
|
+
const task = typeof rawExplainTask === 'string' && rawExplainTask.length > MAX_EXPLAIN_TASK_LEN
|
|
1358
|
+
? rawExplainTask.slice(0, MAX_EXPLAIN_TASK_LEN)
|
|
1359
|
+
: rawExplainTask;
|
|
1264
1360
|
const suggestion = suggestAgentsForTask(task);
|
|
1265
1361
|
const taskLower = task.toLowerCase();
|
|
1266
1362
|
// Determine matched patterns
|
|
@@ -1366,6 +1462,12 @@ export const hooksPretrain = {
|
|
|
1366
1462
|
// For code files, count lines and extract imports
|
|
1367
1463
|
if (['.ts', '.js', '.py', '.go', '.rs', '.java'].includes(ext)) {
|
|
1368
1464
|
try {
|
|
1465
|
+
// Skip very large files (minified bundles, generated code) to prevent OOM.
|
|
1466
|
+
// 1 MB is generous for a source file; anything larger is unlikely to have
|
|
1467
|
+
// useful import patterns in the first 30 lines anyway.
|
|
1468
|
+
const MAX_CODE_FILE_BYTES = 1 * 1024 * 1024;
|
|
1469
|
+
if (statSync(full).size > MAX_CODE_FILE_BYTES)
|
|
1470
|
+
continue;
|
|
1369
1471
|
const content = readFileSync(full, 'utf-8');
|
|
1370
1472
|
const lines = content.split('\n');
|
|
1371
1473
|
totalLines += lines.length;
|
|
@@ -1553,8 +1655,9 @@ export const hooksTransfer = {
|
|
|
1553
1655
|
// Try to load patterns from source project's memory store
|
|
1554
1656
|
const sourceMemoryPath = join(resolvedSource, MEMORY_DIR, MEMORY_FILE);
|
|
1555
1657
|
let sourceStore = { entries: {}, version: '3.0.0' };
|
|
1658
|
+
const MAX_SOURCE_STORE_BYTES = 50 * 1024 * 1024; // 50 MB — matches other store readers
|
|
1556
1659
|
try {
|
|
1557
|
-
if (existsSync(sourceMemoryPath)) {
|
|
1660
|
+
if (existsSync(sourceMemoryPath) && statSync(sourceMemoryPath).size <= MAX_SOURCE_STORE_BYTES) {
|
|
1558
1661
|
sourceStore = JSON.parse(readFileSync(sourceMemoryPath, 'utf-8'));
|
|
1559
1662
|
}
|
|
1560
1663
|
}
|
|
@@ -2054,8 +2157,18 @@ export const hooksTrajectoryStart = {
|
|
|
2054
2157
|
required: ['task'],
|
|
2055
2158
|
},
|
|
2056
2159
|
handler: async (params) => {
|
|
2057
|
-
|
|
2058
|
-
|
|
2160
|
+
// Cap task and agent lengths to prevent the trajectory map from accumulating
|
|
2161
|
+
// large strings (up to MAX_TRAJECTORIES × uncapped length = potential GB of RAM).
|
|
2162
|
+
const MAX_TASK_LEN = 4 * 1024; // 4 KB — same cap as trajectory-step fields
|
|
2163
|
+
const MAX_AGENT_LEN = 256;
|
|
2164
|
+
const rawTask = params.task;
|
|
2165
|
+
const task = typeof rawTask === 'string' && rawTask.length > MAX_TASK_LEN
|
|
2166
|
+
? rawTask.slice(0, MAX_TASK_LEN)
|
|
2167
|
+
: rawTask;
|
|
2168
|
+
const rawAgent = params.agent || 'coder';
|
|
2169
|
+
const agent = typeof rawAgent === 'string' && rawAgent.length > MAX_AGENT_LEN
|
|
2170
|
+
? rawAgent.slice(0, MAX_AGENT_LEN)
|
|
2171
|
+
: rawAgent;
|
|
2059
2172
|
const trajectoryId = `traj-${Date.now()}-${Math.random().toString(36).substring(7)}`;
|
|
2060
2173
|
const startedAt = new Date().toISOString();
|
|
2061
2174
|
// Create real trajectory entry in memory
|
|
@@ -2100,14 +2213,28 @@ export const hooksTrajectoryStep = {
|
|
|
2100
2213
|
},
|
|
2101
2214
|
handler: async (params) => {
|
|
2102
2215
|
const trajectoryId = params.trajectoryId;
|
|
2103
|
-
|
|
2104
|
-
|
|
2216
|
+
// Cap action and result strings to prevent unbounded in-memory growth when
|
|
2217
|
+
// trajectory-step is called many times with large payloads.
|
|
2218
|
+
const MAX_STEP_STRING_LEN = 4 * 1024; // 4 KB per field
|
|
2219
|
+
const MAX_STEPS_PER_TRAJECTORY = 1000;
|
|
2220
|
+
const rawAction = params.action;
|
|
2221
|
+
const rawResult = params.result || 'success';
|
|
2222
|
+
const action = typeof rawAction === 'string' && rawAction.length > MAX_STEP_STRING_LEN
|
|
2223
|
+
? rawAction.slice(0, MAX_STEP_STRING_LEN)
|
|
2224
|
+
: rawAction;
|
|
2225
|
+
const result = typeof rawResult === 'string' && rawResult.length > MAX_STEP_STRING_LEN
|
|
2226
|
+
? rawResult.slice(0, MAX_STEP_STRING_LEN)
|
|
2227
|
+
: rawResult;
|
|
2105
2228
|
const quality = params.quality || 0.85;
|
|
2106
2229
|
const timestamp = new Date().toISOString();
|
|
2107
2230
|
const stepId = `step-${Date.now()}`;
|
|
2108
2231
|
// Add step to real trajectory if it exists
|
|
2109
2232
|
const trajectory = activeTrajectories.get(trajectoryId);
|
|
2110
2233
|
if (trajectory) {
|
|
2234
|
+
if (trajectory.steps.length >= MAX_STEPS_PER_TRAJECTORY) {
|
|
2235
|
+
// Drop the oldest step to keep the array bounded
|
|
2236
|
+
trajectory.steps.shift();
|
|
2237
|
+
}
|
|
2111
2238
|
trajectory.steps.push({
|
|
2112
2239
|
action,
|
|
2113
2240
|
result,
|
|
@@ -2275,8 +2402,18 @@ export const hooksPatternStore = {
|
|
|
2275
2402
|
required: ['pattern'],
|
|
2276
2403
|
},
|
|
2277
2404
|
handler: async (params) => {
|
|
2278
|
-
|
|
2279
|
-
|
|
2405
|
+
// Cap pattern and type lengths to prevent DoS via large embedding generation
|
|
2406
|
+
// and unbounded database writes. 16 KB matches the cap in neural_patterns store.
|
|
2407
|
+
const MAX_PATTERN_LEN = 16 * 1024; // 16 KB
|
|
2408
|
+
const MAX_TYPE_LEN = 256;
|
|
2409
|
+
const rawPattern = params.pattern;
|
|
2410
|
+
const pattern = typeof rawPattern === 'string' && rawPattern.length > MAX_PATTERN_LEN
|
|
2411
|
+
? rawPattern.slice(0, MAX_PATTERN_LEN)
|
|
2412
|
+
: rawPattern;
|
|
2413
|
+
const rawType = params.type || 'general';
|
|
2414
|
+
const type = typeof rawType === 'string' && rawType.length > MAX_TYPE_LEN
|
|
2415
|
+
? rawType.slice(0, MAX_TYPE_LEN)
|
|
2416
|
+
: rawType;
|
|
2280
2417
|
const confidence = params.confidence || 0.8;
|
|
2281
2418
|
const metadata = params.metadata;
|
|
2282
2419
|
const timestamp = new Date().toISOString();
|
|
@@ -2342,8 +2479,18 @@ export const hooksPatternSearch = {
|
|
|
2342
2479
|
required: ['query'],
|
|
2343
2480
|
},
|
|
2344
2481
|
handler: async (params) => {
|
|
2345
|
-
|
|
2346
|
-
|
|
2482
|
+
// Cap query length to prevent DoS via large embedding generation (same
|
|
2483
|
+
// class of bug fixed in neural_patterns search and hooksPatternStore).
|
|
2484
|
+
const MAX_SEARCH_QUERY_LEN = 16 * 1024; // 16 KB — matches neural_patterns cap
|
|
2485
|
+
const MAX_TOP_K = 100;
|
|
2486
|
+
const rawQuery = params.query;
|
|
2487
|
+
const query = typeof rawQuery === 'string' && rawQuery.length > MAX_SEARCH_QUERY_LEN
|
|
2488
|
+
? rawQuery.slice(0, MAX_SEARCH_QUERY_LEN)
|
|
2489
|
+
: rawQuery;
|
|
2490
|
+
const rawTopK = params.topK;
|
|
2491
|
+
const topK = Number.isFinite(rawTopK) && rawTopK > 0
|
|
2492
|
+
? Math.min(Math.floor(rawTopK), MAX_TOP_K)
|
|
2493
|
+
: 5;
|
|
2347
2494
|
const minConfidence = params.minConfidence || 0.3;
|
|
2348
2495
|
const namespace = params.namespace || 'pattern';
|
|
2349
2496
|
// Phase 3: Try ReasoningBank search via bridge first
|
|
@@ -3119,7 +3266,13 @@ export const hooksModelRoute = {
|
|
|
3119
3266
|
required: ['task'],
|
|
3120
3267
|
},
|
|
3121
3268
|
handler: async (params) => {
|
|
3122
|
-
|
|
3269
|
+
// Cap task: analyzeComplexityFallback calls .toLowerCase() and O(n) .includes()
|
|
3270
|
+
// for each keyword; an unbounded task string causes event-loop DoS.
|
|
3271
|
+
const MAX_MODEL_ROUTE_TASK_LEN = 16 * 1024;
|
|
3272
|
+
const rawTask = params.task;
|
|
3273
|
+
const task = typeof rawTask === 'string' && rawTask.length > MAX_MODEL_ROUTE_TASK_LEN
|
|
3274
|
+
? rawTask.slice(0, MAX_MODEL_ROUTE_TASK_LEN)
|
|
3275
|
+
: rawTask;
|
|
3123
3276
|
// Native neural model-router removed in the lean build — keyword complexity heuristic.
|
|
3124
3277
|
const complexity = analyzeComplexityFallback(task);
|
|
3125
3278
|
return {
|
|
@@ -3147,7 +3300,13 @@ export const hooksModelOutcome = {
|
|
|
3147
3300
|
required: ['task', 'model', 'outcome'],
|
|
3148
3301
|
},
|
|
3149
3302
|
handler: async (params) => {
|
|
3150
|
-
|
|
3303
|
+
// Cap task: even though the response only reflects task.slice(0, 50), an
|
|
3304
|
+
// unbounded task string causes unnecessary memory allocation before the slice.
|
|
3305
|
+
const MAX_MODEL_OUTCOME_TASK_LEN = 16 * 1024;
|
|
3306
|
+
const rawOutcomeTask = params.task;
|
|
3307
|
+
const task = typeof rawOutcomeTask === 'string' && rawOutcomeTask.length > MAX_MODEL_OUTCOME_TASK_LEN
|
|
3308
|
+
? rawOutcomeTask.slice(0, MAX_MODEL_OUTCOME_TASK_LEN)
|
|
3309
|
+
: rawOutcomeTask;
|
|
3151
3310
|
const model = params.model;
|
|
3152
3311
|
// RLVR: derive effective outcome from verifier exit_code when provided
|
|
3153
3312
|
// Source: https://github.com/opendilab/awesome-RLVR
|
|
@@ -35,6 +35,10 @@ function ensureMemoryDir() {
|
|
|
35
35
|
const MAX_KEY_LENGTH = 1024;
|
|
36
36
|
const MAX_VALUE_SIZE = 1024 * 1024; // 1MB
|
|
37
37
|
const MAX_QUERY_LENGTH = 4096;
|
|
38
|
+
const MAX_NAMESPACE_LENGTH = 256;
|
|
39
|
+
const MAX_AGENT_ID_LENGTH = 256;
|
|
40
|
+
const MAX_TAGS_COUNT = 50;
|
|
41
|
+
const MAX_TAG_LENGTH = 256;
|
|
38
42
|
function validateMemoryInput(key, value, query) {
|
|
39
43
|
if (key && key.length > MAX_KEY_LENGTH) {
|
|
40
44
|
throw new Error(`Key exceeds maximum length of ${MAX_KEY_LENGTH} characters`);
|
|
@@ -166,10 +170,14 @@ export const memoryTools = [
|
|
|
166
170
|
await ensureInitialized();
|
|
167
171
|
const { storeEntry } = await getMemoryFunctions();
|
|
168
172
|
const key = input.key;
|
|
169
|
-
const
|
|
173
|
+
const rawNamespace = input.namespace || 'default';
|
|
174
|
+
const namespace = typeof rawNamespace === 'string' && rawNamespace.length > MAX_NAMESPACE_LENGTH
|
|
175
|
+
? rawNamespace.slice(0, MAX_NAMESPACE_LENGTH) : rawNamespace;
|
|
170
176
|
const rawValue = input.value;
|
|
171
177
|
const value = typeof rawValue === 'string' ? rawValue : (rawValue !== undefined ? JSON.stringify(rawValue) : '');
|
|
172
|
-
const
|
|
178
|
+
const rawTags = input.tags || [];
|
|
179
|
+
// Cap tags count and individual tag length to prevent store inflation
|
|
180
|
+
const tags = rawTags.slice(0, MAX_TAGS_COUNT).map(t => typeof t === 'string' && t.length > MAX_TAG_LENGTH ? t.slice(0, MAX_TAG_LENGTH) : t);
|
|
173
181
|
const ttl = input.ttl;
|
|
174
182
|
const upsert = input.upsert || false;
|
|
175
183
|
if (!value) {
|
|
@@ -233,8 +241,12 @@ export const memoryTools = [
|
|
|
233
241
|
await ensureInitialized();
|
|
234
242
|
const { getEntry } = await getMemoryFunctions();
|
|
235
243
|
const key = input.key;
|
|
236
|
-
const
|
|
237
|
-
const
|
|
244
|
+
const rawNs = input.namespace || 'default';
|
|
245
|
+
const namespace = typeof rawNs === 'string' && rawNs.length > MAX_NAMESPACE_LENGTH
|
|
246
|
+
? rawNs.slice(0, MAX_NAMESPACE_LENGTH) : rawNs;
|
|
247
|
+
const rawAgentId = input.agentId;
|
|
248
|
+
const agentId = typeof rawAgentId === 'string' && rawAgentId.length > MAX_AGENT_ID_LENGTH
|
|
249
|
+
? rawAgentId.slice(0, MAX_AGENT_ID_LENGTH) : rawAgentId;
|
|
238
250
|
validateMemoryInput(key);
|
|
239
251
|
try {
|
|
240
252
|
const result = await getEntry({ key, namespace, agentId });
|
|
@@ -296,7 +308,9 @@ export const memoryTools = [
|
|
|
296
308
|
await ensureInitialized();
|
|
297
309
|
const { searchEntries } = await getMemoryFunctions();
|
|
298
310
|
const query = input.query;
|
|
299
|
-
const
|
|
311
|
+
const rawSearchNs = input.namespace || 'default';
|
|
312
|
+
const namespace = typeof rawSearchNs === 'string' && rawSearchNs.length > MAX_NAMESPACE_LENGTH
|
|
313
|
+
? rawSearchNs.slice(0, MAX_NAMESPACE_LENGTH) : rawSearchNs;
|
|
300
314
|
const limit = Math.min(Math.max(input.limit || 10, 1), 1000);
|
|
301
315
|
const threshold = input.threshold || 0.3;
|
|
302
316
|
validateMemoryInput(undefined, undefined, query);
|
|
@@ -359,7 +373,9 @@ export const memoryTools = [
|
|
|
359
373
|
await ensureInitialized();
|
|
360
374
|
const { deleteEntry } = await getMemoryFunctions();
|
|
361
375
|
const key = input.key;
|
|
362
|
-
const
|
|
376
|
+
const rawDelNs = input.namespace || 'default';
|
|
377
|
+
const namespace = typeof rawDelNs === 'string' && rawDelNs.length > MAX_NAMESPACE_LENGTH
|
|
378
|
+
? rawDelNs.slice(0, MAX_NAMESPACE_LENGTH) : rawDelNs;
|
|
363
379
|
validateMemoryInput(key);
|
|
364
380
|
try {
|
|
365
381
|
const result = await deleteEntry({ key, namespace });
|
|
@@ -398,7 +414,9 @@ export const memoryTools = [
|
|
|
398
414
|
handler: async (input) => {
|
|
399
415
|
await ensureInitialized();
|
|
400
416
|
const { listEntries } = await getMemoryFunctions();
|
|
401
|
-
const
|
|
417
|
+
const rawListNs = input.namespace;
|
|
418
|
+
const namespace = typeof rawListNs === 'string' && rawListNs.length > MAX_NAMESPACE_LENGTH
|
|
419
|
+
? rawListNs.slice(0, MAX_NAMESPACE_LENGTH) : rawListNs;
|
|
402
420
|
const limit = Math.min(Math.max(input.limit || 50, 1), 1000);
|
|
403
421
|
const offset = input.offset || 0;
|
|
404
422
|
try {
|