monomind 1.11.13 → 1.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (389) hide show
  1. package/.claude/agents/generated/channel-intelligence-director.md +87 -0
  2. package/.claude/agents/generated/chief-growth-officer.md +88 -0
  3. package/.claude/agents/generated/content-seo-strategist.md +90 -0
  4. package/.claude/agents/generated/developer-community-strategist.md +91 -0
  5. package/.claude/agents/generated/outreach-partnership-strategist.md +90 -0
  6. package/.claude/agents/generated/social-media-strategist.md +91 -0
  7. package/.claude/agents/generated/video-visual-strategist.md +90 -0
  8. package/.claude/commands/mastermind/idea.md +1 -1
  9. package/.claude/helpers/auto-memory-hook.mjs +13 -4
  10. package/.claude/helpers/control-start.cjs +5 -0
  11. package/.claude/helpers/event-logger.cjs +114 -0
  12. package/.claude/helpers/handlers/adr-draft-handler.cjs +19 -5
  13. package/.claude/helpers/handlers/agent-start-handler.cjs +13 -4
  14. package/.claude/helpers/handlers/compact-handler.cjs +2 -0
  15. package/.claude/helpers/handlers/edit-handler.cjs +1 -1
  16. package/.claude/helpers/handlers/gates-handler.cjs +3 -0
  17. package/.claude/helpers/handlers/graph-status-handler.cjs +14 -8
  18. package/.claude/helpers/handlers/loops-status-handler.cjs +5 -2
  19. package/.claude/helpers/handlers/route-handler.cjs +13 -6
  20. package/.claude/helpers/handlers/session-handler.cjs +11 -4
  21. package/.claude/helpers/handlers/session-restore-handler.cjs +21 -11
  22. package/.claude/helpers/handlers/task-handler.cjs +13 -5
  23. package/.claude/helpers/intelligence.cjs +7 -2
  24. package/.claude/helpers/loop-tracker.cjs +15 -3
  25. package/.claude/helpers/memory.cjs +6 -1
  26. package/.claude/helpers/router.cjs +5 -2
  27. package/.claude/helpers/session.cjs +2 -0
  28. package/.claude/helpers/statusline.cjs +10 -2
  29. package/.claude/helpers/utils/micro-agents.cjs +20 -4
  30. package/.claude/scheduled_tasks.lock +1 -1
  31. package/.claude/settings.json +92 -1
  32. package/.claude/skills/mastermind/_protocol.md +23 -13
  33. package/.claude/skills/mastermind/architect.md +6 -9
  34. package/.claude/skills/mastermind/build.md +3 -3
  35. package/.claude/skills/mastermind/content.md +3 -3
  36. package/.claude/skills/mastermind/createorg.md +2 -2
  37. package/.claude/skills/mastermind/finance.md +3 -3
  38. package/.claude/skills/mastermind/idea.md +5 -3
  39. package/.claude/skills/mastermind/marketing.md +3 -3
  40. package/.claude/skills/mastermind/monitor.md +2 -2
  41. package/.claude/skills/mastermind/release.md +3 -3
  42. package/.claude/skills/mastermind/research.md +3 -3
  43. package/.claude/skills/mastermind/review.md +3 -3
  44. package/.claude/skills/mastermind/runorg.md +153 -86
  45. package/.claude/skills/mastermind/sales.md +3 -3
  46. package/README.md +286 -129
  47. package/package.json +19 -2
  48. package/packages/@monomind/cli/README.md +286 -129
  49. package/packages/@monomind/cli/bundled-graph/dist/src/build.js +73 -0
  50. package/packages/@monomind/cli/bundled-graph/dist/src/cluster.js +120 -0
  51. package/packages/@monomind/cli/bundled-graph/package.json +57 -0
  52. package/packages/@monomind/cli/dist/src/agents/halt-signal.d.ts +25 -0
  53. package/packages/@monomind/cli/dist/src/agents/halt-signal.js +76 -0
  54. package/packages/@monomind/cli/dist/src/agents/index.d.ts +18 -0
  55. package/packages/@monomind/cli/dist/src/agents/index.js +13 -0
  56. package/packages/@monomind/cli/dist/src/agents/managed-agent.d.ts +41 -0
  57. package/packages/@monomind/cli/dist/src/agents/managed-agent.js +69 -0
  58. package/packages/@monomind/cli/dist/src/agents/prompt-experiment.d.ts +23 -0
  59. package/packages/@monomind/cli/dist/src/agents/prompt-experiment.js +49 -0
  60. package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.d.ts +22 -0
  61. package/packages/@monomind/cli/dist/src/agents/prompt-version-manager.js +80 -0
  62. package/packages/@monomind/cli/dist/src/agents/registry-builder.js +2 -0
  63. package/packages/@monomind/cli/dist/src/agents/registry-query.d.ts +71 -0
  64. package/packages/@monomind/cli/dist/src/agents/registry-query.js +125 -0
  65. package/packages/@monomind/cli/dist/src/agents/score-decay.d.ts +19 -0
  66. package/packages/@monomind/cli/dist/src/agents/score-decay.js +22 -0
  67. package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.d.ts +13 -0
  68. package/packages/@monomind/cli/dist/src/agents/shared-instructions-loader.js +40 -0
  69. package/packages/@monomind/cli/dist/src/agents/specialization-scorer.d.ts +54 -0
  70. package/packages/@monomind/cli/dist/src/agents/specialization-scorer.js +212 -0
  71. package/packages/@monomind/cli/dist/src/agents/termination-watcher.d.ts +30 -0
  72. package/packages/@monomind/cli/dist/src/agents/termination-watcher.js +84 -0
  73. package/packages/@monomind/cli/dist/src/agents/trigger-index.d.ts +20 -0
  74. package/packages/@monomind/cli/dist/src/agents/trigger-index.js +38 -0
  75. package/packages/@monomind/cli/dist/src/agents/trigger-scanner.d.ts +64 -0
  76. package/packages/@monomind/cli/dist/src/agents/trigger-scanner.js +308 -0
  77. package/packages/@monomind/cli/dist/src/agents/version-diff.d.ts +18 -0
  78. package/packages/@monomind/cli/dist/src/agents/version-diff.js +64 -0
  79. package/packages/@monomind/cli/dist/src/agents/version-store.d.ts +60 -0
  80. package/packages/@monomind/cli/dist/src/agents/version-store.js +235 -0
  81. package/packages/@monomind/cli/dist/src/autopilot-state.js +10 -5
  82. package/packages/@monomind/cli/dist/src/benchmarks/benchmark-runner.js +13 -0
  83. package/packages/@monomind/cli/dist/src/benchmarks/metric-evaluators.js +20 -9
  84. package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.d.ts +45 -0
  85. package/packages/@monomind/cli/dist/src/benchmarks/pretrain/index.js +404 -0
  86. package/packages/@monomind/cli/dist/src/browser/actions.js +10 -3
  87. package/packages/@monomind/cli/dist/src/browser/browser.js +12 -2
  88. package/packages/@monomind/cli/dist/src/browser/cdp.js +21 -3
  89. package/packages/@monomind/cli/dist/src/browser/har.js +27 -5
  90. package/packages/@monomind/cli/dist/src/commands/agent-wasm.d.ts +14 -0
  91. package/packages/@monomind/cli/dist/src/commands/agent-wasm.js +333 -0
  92. package/packages/@monomind/cli/dist/src/commands/agent.js +11 -8
  93. package/packages/@monomind/cli/dist/src/commands/analyze.js +36 -21
  94. package/packages/@monomind/cli/dist/src/commands/autopilot.js +12 -4
  95. package/packages/@monomind/cli/dist/src/commands/benchmark.js +51 -8
  96. package/packages/@monomind/cli/dist/src/commands/browse.js +5 -2
  97. package/packages/@monomind/cli/dist/src/commands/claims.js +29 -11
  98. package/packages/@monomind/cli/dist/src/commands/cleanup.js +25 -5
  99. package/packages/@monomind/cli/dist/src/commands/config.js +15 -7
  100. package/packages/@monomind/cli/dist/src/commands/daemon.js +6 -0
  101. package/packages/@monomind/cli/dist/src/commands/deployment.js +34 -19
  102. package/packages/@monomind/cli/dist/src/commands/doctor.js +151 -20
  103. package/packages/@monomind/cli/dist/src/commands/guidance.js +15 -2
  104. package/packages/@monomind/cli/dist/src/commands/hive-mind.js +37 -14
  105. package/packages/@monomind/cli/dist/src/commands/hooks.js +42 -25
  106. package/packages/@monomind/cli/dist/src/commands/init.js +9 -4
  107. package/packages/@monomind/cli/dist/src/commands/issues.js +29 -26
  108. package/packages/@monomind/cli/dist/src/commands/mcp.js +11 -5
  109. package/packages/@monomind/cli/dist/src/commands/memory.js +10 -0
  110. package/packages/@monomind/cli/dist/src/commands/migrate.js +5 -5
  111. package/packages/@monomind/cli/dist/src/commands/monograph.js +18 -5
  112. package/packages/@monomind/cli/dist/src/commands/monovector/backup.js +8 -2
  113. package/packages/@monomind/cli/dist/src/commands/monovector/benchmark.js +20 -7
  114. package/packages/@monomind/cli/dist/src/commands/monovector/import.js +15 -0
  115. package/packages/@monomind/cli/dist/src/commands/monovector/migrate.js +4 -1
  116. package/packages/@monomind/cli/dist/src/commands/monovector/optimize.js +11 -0
  117. package/packages/@monomind/cli/dist/src/commands/monovector/setup.js +11 -1
  118. package/packages/@monomind/cli/dist/src/commands/neural.js +1 -1
  119. package/packages/@monomind/cli/dist/src/commands/performance.js +20 -7
  120. package/packages/@monomind/cli/dist/src/commands/platforms.js +90 -8
  121. package/packages/@monomind/cli/dist/src/commands/plugins.js +12 -5
  122. package/packages/@monomind/cli/dist/src/commands/process.js +33 -10
  123. package/packages/@monomind/cli/dist/src/commands/progress.js +5 -3
  124. package/packages/@monomind/cli/dist/src/commands/providers.js +5 -5
  125. package/packages/@monomind/cli/dist/src/commands/replay.js +8 -2
  126. package/packages/@monomind/cli/dist/src/commands/route.js +27 -7
  127. package/packages/@monomind/cli/dist/src/commands/security.js +4 -0
  128. package/packages/@monomind/cli/dist/src/commands/session.js +12 -1
  129. package/packages/@monomind/cli/dist/src/commands/start.js +11 -4
  130. package/packages/@monomind/cli/dist/src/commands/status.js +7 -4
  131. package/packages/@monomind/cli/dist/src/commands/swarm.js +27 -13
  132. package/packages/@monomind/cli/dist/src/commands/task.js +26 -11
  133. package/packages/@monomind/cli/dist/src/commands/tokens.js +7 -2
  134. package/packages/@monomind/cli/dist/src/commands/transfer-store.js +36 -22
  135. package/packages/@monomind/cli/dist/src/commands/ui.js +68 -0
  136. package/packages/@monomind/cli/dist/src/commands/update.js +15 -3
  137. package/packages/@monomind/cli/dist/src/commands/workflow.js +39 -6
  138. package/packages/@monomind/cli/dist/src/consensus/audit-writer.js +18 -7
  139. package/packages/@monomind/cli/dist/src/consensus/index.d.ts +7 -0
  140. package/packages/@monomind/cli/dist/src/consensus/index.js +6 -0
  141. package/packages/@monomind/cli/dist/src/consensus/vote-signer.js +25 -8
  142. package/packages/@monomind/cli/dist/src/context/context-provider.d.ts +44 -0
  143. package/packages/@monomind/cli/dist/src/context/context-provider.js +25 -0
  144. package/packages/@monomind/cli/dist/src/context/git-state-provider.d.ts +12 -0
  145. package/packages/@monomind/cli/dist/src/context/git-state-provider.js +34 -0
  146. package/packages/@monomind/cli/dist/src/context/index.d.ts +12 -0
  147. package/packages/@monomind/cli/dist/src/context/index.js +12 -0
  148. package/packages/@monomind/cli/dist/src/context/project-conventions-provider.d.ts +15 -0
  149. package/packages/@monomind/cli/dist/src/context/project-conventions-provider.js +19 -0
  150. package/packages/@monomind/cli/dist/src/context/prompt-assembler.d.ts +26 -0
  151. package/packages/@monomind/cli/dist/src/context/prompt-assembler.js +93 -0
  152. package/packages/@monomind/cli/dist/src/context/task-history-provider.d.ts +24 -0
  153. package/packages/@monomind/cli/dist/src/context/task-history-provider.js +32 -0
  154. package/packages/@monomind/cli/dist/src/context/user-preferences-provider.d.ts +14 -0
  155. package/packages/@monomind/cli/dist/src/context/user-preferences-provider.js +27 -0
  156. package/packages/@monomind/cli/dist/src/dlq/dlq-reader.d.ts +31 -0
  157. package/packages/@monomind/cli/dist/src/dlq/dlq-reader.js +81 -0
  158. package/packages/@monomind/cli/dist/src/dlq/dlq-writer.d.ts +24 -0
  159. package/packages/@monomind/cli/dist/src/dlq/dlq-writer.js +65 -0
  160. package/packages/@monomind/cli/dist/src/dlq/index.d.ts +10 -0
  161. package/packages/@monomind/cli/dist/src/dlq/index.js +7 -0
  162. package/packages/@monomind/cli/dist/src/eval/dataset-manager.d.ts +33 -0
  163. package/packages/@monomind/cli/dist/src/eval/dataset-manager.js +107 -0
  164. package/packages/@monomind/cli/dist/src/eval/dataset-runner.d.ts +23 -0
  165. package/packages/@monomind/cli/dist/src/eval/dataset-runner.js +59 -0
  166. package/packages/@monomind/cli/dist/src/eval/index.d.ts +10 -0
  167. package/packages/@monomind/cli/dist/src/eval/index.js +7 -0
  168. package/packages/@monomind/cli/dist/src/eval/trace-collector.d.ts +40 -0
  169. package/packages/@monomind/cli/dist/src/eval/trace-collector.js +102 -0
  170. package/packages/@monomind/cli/dist/src/index.js +7 -3
  171. package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.d.ts +68 -0
  172. package/packages/@monomind/cli/dist/src/infrastructure/in-memory-repositories.js +264 -0
  173. package/packages/@monomind/cli/dist/src/init/executor.js +14 -11
  174. package/packages/@monomind/cli/dist/src/init/shared-instructions-generator.js +20 -4
  175. package/packages/@monomind/cli/dist/src/init/statusline-generator.js +33 -12
  176. package/packages/@monomind/cli/dist/src/interactive/interrupt.d.ts +22 -0
  177. package/packages/@monomind/cli/dist/src/interactive/interrupt.js +71 -0
  178. package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.d.ts +25 -0
  179. package/packages/@monomind/cli/dist/src/mcp/deprecation-injector.js +48 -0
  180. package/packages/@monomind/cli/dist/src/mcp/tool-registry.d.ts +61 -0
  181. package/packages/@monomind/cli/dist/src/mcp/tool-registry.js +246 -0
  182. package/packages/@monomind/cli/dist/src/mcp-tools/a2a-tools.js +98 -13
  183. package/packages/@monomind/cli/dist/src/mcp-tools/agent-tools.js +16 -3
  184. package/packages/@monomind/cli/dist/src/mcp-tools/analyze-tools.js +80 -17
  185. package/packages/@monomind/cli/dist/src/mcp-tools/browser-tools.js +84 -22
  186. package/packages/@monomind/cli/dist/src/mcp-tools/claims-tools.js +35 -7
  187. package/packages/@monomind/cli/dist/src/mcp-tools/config-tools.js +82 -17
  188. package/packages/@monomind/cli/dist/src/mcp-tools/coordination-tools.js +37 -4
  189. package/packages/@monomind/cli/dist/src/mcp-tools/daa-tools.js +49 -7
  190. package/packages/@monomind/cli/dist/src/mcp-tools/embeddings-tools.js +45 -18
  191. package/packages/@monomind/cli/dist/src/mcp-tools/github-tools.js +75 -25
  192. package/packages/@monomind/cli/dist/src/mcp-tools/guidance-tools.js +32 -10
  193. package/packages/@monomind/cli/dist/src/mcp-tools/hive-mind-tools.js +91 -20
  194. package/packages/@monomind/cli/dist/src/mcp-tools/hooks-tools.js +188 -29
  195. package/packages/@monomind/cli/dist/src/mcp-tools/memory-tools.js +25 -7
  196. package/packages/@monomind/cli/dist/src/mcp-tools/monograph-compat.js +11 -2
  197. package/packages/@monomind/cli/dist/src/mcp-tools/monograph-tools.js +148 -26
  198. package/packages/@monomind/cli/dist/src/mcp-tools/neural-tools.js +44 -9
  199. package/packages/@monomind/cli/dist/src/mcp-tools/performance-tools.js +45 -10
  200. package/packages/@monomind/cli/dist/src/mcp-tools/progress-tools.js +7 -4
  201. package/packages/@monomind/cli/dist/src/mcp-tools/request-tracker.js +15 -1
  202. package/packages/@monomind/cli/dist/src/mcp-tools/security-tools.js +61 -9
  203. package/packages/@monomind/cli/dist/src/mcp-tools/session-tools.js +45 -14
  204. package/packages/@monomind/cli/dist/src/mcp-tools/swarm-tools.js +15 -3
  205. package/packages/@monomind/cli/dist/src/mcp-tools/system-tools.js +14 -7
  206. package/packages/@monomind/cli/dist/src/mcp-tools/task-tools.js +52 -10
  207. package/packages/@monomind/cli/dist/src/mcp-tools/terminal-tools.js +40 -6
  208. package/packages/@monomind/cli/dist/src/mcp-tools/transfer-tools.js +37 -4
  209. package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.d.ts +9 -0
  210. package/packages/@monomind/cli/dist/src/mcp-tools/wasm-agent-tools.js +230 -0
  211. package/packages/@monomind/cli/dist/src/mcp-tools/workflow-tools.js +29 -6
  212. package/packages/@monomind/cli/dist/src/memory/ewc-consolidation.js +26 -10
  213. package/packages/@monomind/cli/dist/src/memory/intelligence.js +80 -19
  214. package/packages/@monomind/cli/dist/src/memory/memory-bridge.js +21 -2
  215. package/packages/@monomind/cli/dist/src/memory/memory-initializer.js +67 -3
  216. package/packages/@monomind/cli/dist/src/memory/sona-optimizer.js +14 -4
  217. package/packages/@monomind/cli/dist/src/model/complexity-scorer.d.ts +21 -0
  218. package/packages/@monomind/cli/dist/src/model/complexity-scorer.js +106 -0
  219. package/packages/@monomind/cli/dist/src/model/index.d.ts +4 -0
  220. package/packages/@monomind/cli/dist/src/model/index.js +4 -0
  221. package/packages/@monomind/cli/dist/src/model/model-settings.d.ts +22 -0
  222. package/packages/@monomind/cli/dist/src/model/model-settings.js +33 -0
  223. package/packages/@monomind/cli/dist/src/model/model-tier-resolver.d.ts +24 -0
  224. package/packages/@monomind/cli/dist/src/model/model-tier-resolver.js +65 -0
  225. package/packages/@monomind/cli/dist/src/monovector/capabilities.d.ts +34 -0
  226. package/packages/@monomind/cli/dist/src/monovector/capabilities.js +37 -0
  227. package/packages/@monomind/cli/dist/src/monovector/command-outcomes.js +43 -7
  228. package/packages/@monomind/cli/dist/src/monovector/coverage-router.js +8 -4
  229. package/packages/@monomind/cli/dist/src/monovector/coverage-tools.js +6 -3
  230. package/packages/@monomind/cli/dist/src/monovector/diff-classifier.js +13 -0
  231. package/packages/@monomind/cli/dist/src/monovector/route-outcomes.d.ts +2 -1
  232. package/packages/@monomind/cli/dist/src/monovector/route-outcomes.js +46 -4
  233. package/packages/@monomind/cli/dist/src/observability/replay-reader.d.ts +1 -1
  234. package/packages/@monomind/cli/dist/src/orchestration/index.d.ts +7 -0
  235. package/packages/@monomind/cli/dist/src/orchestration/index.js +6 -0
  236. package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.d.ts +11 -0
  237. package/packages/@monomind/cli/dist/src/orchestration/mode-dispatcher.js +31 -0
  238. package/packages/@monomind/cli/dist/src/orchestration/routing-modes.d.ts +68 -0
  239. package/packages/@monomind/cli/dist/src/orchestration/routing-modes.js +180 -0
  240. package/packages/@monomind/cli/dist/src/plugins/manager.js +8 -3
  241. package/packages/@monomind/cli/dist/src/plugins/store/discovery.js +46 -2
  242. package/packages/@monomind/cli/dist/src/plugins/store/search.js +5 -4
  243. package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.d.ts +7 -0
  244. package/packages/@monomind/cli/dist/src/plugins/tests/demo-plugin-store.js +126 -0
  245. package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.d.ts +12 -0
  246. package/packages/@monomind/cli/dist/src/plugins/tests/standalone-test.js +188 -0
  247. package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.d.ts +7 -0
  248. package/packages/@monomind/cli/dist/src/plugins/tests/test-plugin-store.js +206 -0
  249. package/packages/@monomind/cli/dist/src/production/circuit-breaker.js +17 -3
  250. package/packages/@monomind/cli/dist/src/production/error-handler.js +3 -0
  251. package/packages/@monomind/cli/dist/src/production/monitoring.js +20 -3
  252. package/packages/@monomind/cli/dist/src/production/rate-limiter.js +13 -4
  253. package/packages/@monomind/cli/dist/src/production/retry.js +17 -9
  254. package/packages/@monomind/cli/dist/src/routing/embed-worker.js +6 -2
  255. package/packages/@monomind/cli/dist/src/routing/embedder.js +0 -0
  256. package/packages/@monomind/cli/dist/src/routing/llm-caller.js +13 -2
  257. package/packages/@monomind/cli/dist/src/routing/route-layer-factory.js +18 -3
  258. package/packages/@monomind/cli/dist/src/runtime/headless.d.ts +60 -0
  259. package/packages/@monomind/cli/dist/src/runtime/headless.js +284 -0
  260. package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.d.ts +50 -0
  261. package/packages/@monomind/cli/dist/src/services/agentic-flow-bridge.js +95 -0
  262. package/packages/@monomind/cli/dist/src/services/claim-service.d.ts +1 -0
  263. package/packages/@monomind/cli/dist/src/services/claim-service.js +8 -0
  264. package/packages/@monomind/cli/dist/src/services/config-file-manager.js +14 -2
  265. package/packages/@monomind/cli/dist/src/services/container-worker-pool.d.ts +197 -0
  266. package/packages/@monomind/cli/dist/src/services/container-worker-pool.js +623 -0
  267. package/packages/@monomind/cli/dist/src/services/headless-worker-executor.js +18 -2
  268. package/packages/@monomind/cli/dist/src/services/index.d.ts +13 -0
  269. package/packages/@monomind/cli/dist/src/services/index.js +11 -0
  270. package/packages/@monomind/cli/dist/src/services/worker-daemon.js +53 -12
  271. package/packages/@monomind/cli/dist/src/services/worker-queue.d.ts +201 -0
  272. package/packages/@monomind/cli/dist/src/services/worker-queue.js +594 -0
  273. package/packages/@monomind/cli/dist/src/swarm/communication-graph.d.ts +25 -0
  274. package/packages/@monomind/cli/dist/src/swarm/communication-graph.js +77 -0
  275. package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.d.ts +31 -0
  276. package/packages/@monomind/cli/dist/src/swarm/flow-enforcer.js +61 -0
  277. package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.d.ts +19 -0
  278. package/packages/@monomind/cli/dist/src/swarm/flow-visualizer.js +68 -0
  279. package/packages/@monomind/cli/dist/src/transfer/anonymization/index.d.ts +0 -3
  280. package/packages/@monomind/cli/dist/src/transfer/anonymization/index.js +16 -1
  281. package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.d.ts +13 -0
  282. package/packages/@monomind/cli/dist/src/transfer/deploy-seraphine.js +205 -0
  283. package/packages/@monomind/cli/dist/src/transfer/export.js +8 -0
  284. package/packages/@monomind/cli/dist/src/transfer/ipfs/upload.js +33 -3
  285. package/packages/@monomind/cli/dist/src/transfer/serialization/cfp.js +9 -3
  286. package/packages/@monomind/cli/dist/src/transfer/storage/gcs.js +37 -3
  287. package/packages/@monomind/cli/dist/src/transfer/store/discovery.js +45 -3
  288. package/packages/@monomind/cli/dist/src/transfer/store/download.js +5 -0
  289. package/packages/@monomind/cli/dist/src/transfer/store/publish.js +13 -1
  290. package/packages/@monomind/cli/dist/src/transfer/store/registry.d.ts +8 -0
  291. package/packages/@monomind/cli/dist/src/transfer/store/registry.js +30 -5
  292. package/packages/@monomind/cli/dist/src/transfer/store/search.js +20 -5
  293. package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.d.ts +12 -0
  294. package/packages/@monomind/cli/dist/src/transfer/store/tests/standalone-test.js +190 -0
  295. package/packages/@monomind/cli/dist/src/transfer/test-seraphine.d.ts +6 -0
  296. package/packages/@monomind/cli/dist/src/transfer/test-seraphine.js +105 -0
  297. package/packages/@monomind/cli/dist/src/transfer/tests/test-store.d.ts +7 -0
  298. package/packages/@monomind/cli/dist/src/transfer/tests/test-store.js +214 -0
  299. package/packages/@monomind/cli/dist/src/update/checker.js +59 -7
  300. package/packages/@monomind/cli/dist/src/update/executor.js +50 -3
  301. package/packages/@monomind/cli/dist/src/update/index.js +18 -1
  302. package/packages/@monomind/cli/dist/src/update/rate-limiter.d.ts +6 -0
  303. package/packages/@monomind/cli/dist/src/update/rate-limiter.js +79 -7
  304. package/packages/@monomind/cli/dist/src/update/validator.js +52 -1
  305. package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.d.ts +10 -0
  306. package/packages/@monomind/cli/dist/src/workflow/condition-evaluator.js +82 -0
  307. package/packages/@monomind/cli/dist/src/workflow/context-resolver.d.ts +12 -0
  308. package/packages/@monomind/cli/dist/src/workflow/context-resolver.js +23 -0
  309. package/packages/@monomind/cli/dist/src/workflow/dag-builder.d.ts +17 -0
  310. package/packages/@monomind/cli/dist/src/workflow/dag-builder.js +129 -0
  311. package/packages/@monomind/cli/dist/src/workflow/dag-executor.d.ts +9 -0
  312. package/packages/@monomind/cli/dist/src/workflow/dag-executor.js +116 -0
  313. package/packages/@monomind/cli/dist/src/workflow/dag-types.d.ts +41 -0
  314. package/packages/@monomind/cli/dist/src/workflow/dag-types.js +8 -0
  315. package/packages/@monomind/cli/dist/src/workflow/dsl-parser.d.ts +12 -0
  316. package/packages/@monomind/cli/dist/src/workflow/dsl-parser.js +20 -0
  317. package/packages/@monomind/cli/dist/src/workflow/dsl-schema.d.ts +165 -0
  318. package/packages/@monomind/cli/dist/src/workflow/dsl-schema.js +82 -0
  319. package/packages/@monomind/cli/dist/src/workflow/index.d.ts +13 -0
  320. package/packages/@monomind/cli/dist/src/workflow/index.js +11 -0
  321. package/packages/@monomind/cli/dist/src/workflow/template-engine.d.ts +11 -0
  322. package/packages/@monomind/cli/dist/src/workflow/template-engine.js +40 -0
  323. package/packages/@monomind/cli/dist/src/workflow/workflow-executor.d.ts +29 -0
  324. package/packages/@monomind/cli/dist/src/workflow/workflow-executor.js +227 -0
  325. package/packages/@monomind/cli/package.json +9 -10
  326. package/packages/@monomind/guidance/dist/adversarial.d.ts +284 -0
  327. package/packages/@monomind/guidance/dist/adversarial.js +572 -0
  328. package/packages/@monomind/guidance/dist/analyzer.d.ts +530 -0
  329. package/packages/@monomind/guidance/dist/analyzer.js +2518 -0
  330. package/packages/@monomind/guidance/dist/artifacts.d.ts +283 -0
  331. package/packages/@monomind/guidance/dist/artifacts.js +356 -0
  332. package/packages/@monomind/guidance/dist/authority.d.ts +290 -0
  333. package/packages/@monomind/guidance/dist/authority.js +558 -0
  334. package/packages/@monomind/guidance/dist/capabilities.d.ts +209 -0
  335. package/packages/@monomind/guidance/dist/capabilities.js +485 -0
  336. package/packages/@monomind/guidance/dist/coherence.d.ts +233 -0
  337. package/packages/@monomind/guidance/dist/coherence.js +372 -0
  338. package/packages/@monomind/guidance/dist/compiler.d.ts +87 -0
  339. package/packages/@monomind/guidance/dist/compiler.js +419 -0
  340. package/packages/@monomind/guidance/dist/conformance-kit.d.ts +225 -0
  341. package/packages/@monomind/guidance/dist/conformance-kit.js +629 -0
  342. package/packages/@monomind/guidance/dist/continue-gate.d.ts +214 -0
  343. package/packages/@monomind/guidance/dist/continue-gate.js +353 -0
  344. package/packages/@monomind/guidance/dist/crypto-utils.d.ts +17 -0
  345. package/packages/@monomind/guidance/dist/crypto-utils.js +24 -0
  346. package/packages/@monomind/guidance/dist/evolution.d.ts +282 -0
  347. package/packages/@monomind/guidance/dist/evolution.js +500 -0
  348. package/packages/@monomind/guidance/dist/gates.d.ts +79 -0
  349. package/packages/@monomind/guidance/dist/gates.js +302 -0
  350. package/packages/@monomind/guidance/dist/gateway.d.ts +206 -0
  351. package/packages/@monomind/guidance/dist/gateway.js +452 -0
  352. package/packages/@monomind/guidance/dist/generators.d.ts +153 -0
  353. package/packages/@monomind/guidance/dist/generators.js +682 -0
  354. package/packages/@monomind/guidance/dist/headless.d.ts +177 -0
  355. package/packages/@monomind/guidance/dist/headless.js +342 -0
  356. package/packages/@monomind/guidance/dist/hooks.d.ts +109 -0
  357. package/packages/@monomind/guidance/dist/hooks.js +347 -0
  358. package/packages/@monomind/guidance/dist/index.d.ts +205 -0
  359. package/packages/@monomind/guidance/dist/index.js +321 -0
  360. package/packages/@monomind/guidance/dist/ledger.d.ts +162 -0
  361. package/packages/@monomind/guidance/dist/ledger.js +375 -0
  362. package/packages/@monomind/guidance/dist/manifest-validator.d.ts +289 -0
  363. package/packages/@monomind/guidance/dist/manifest-validator.js +838 -0
  364. package/packages/@monomind/guidance/dist/memory-gate.d.ts +222 -0
  365. package/packages/@monomind/guidance/dist/memory-gate.js +382 -0
  366. package/packages/@monomind/guidance/dist/meta-governance.d.ts +265 -0
  367. package/packages/@monomind/guidance/dist/meta-governance.js +348 -0
  368. package/packages/@monomind/guidance/dist/optimizer.d.ts +104 -0
  369. package/packages/@monomind/guidance/dist/optimizer.js +329 -0
  370. package/packages/@monomind/guidance/dist/persistence.d.ts +189 -0
  371. package/packages/@monomind/guidance/dist/persistence.js +464 -0
  372. package/packages/@monomind/guidance/dist/proof.d.ts +185 -0
  373. package/packages/@monomind/guidance/dist/proof.js +238 -0
  374. package/packages/@monomind/guidance/dist/retriever.d.ts +116 -0
  375. package/packages/@monomind/guidance/dist/retriever.js +394 -0
  376. package/packages/@monomind/guidance/dist/ruvbot-integration.d.ts +370 -0
  377. package/packages/@monomind/guidance/dist/ruvbot-integration.js +738 -0
  378. package/packages/@monomind/guidance/dist/temporal.d.ts +426 -0
  379. package/packages/@monomind/guidance/dist/temporal.js +658 -0
  380. package/packages/@monomind/guidance/dist/trust.d.ts +283 -0
  381. package/packages/@monomind/guidance/dist/trust.js +473 -0
  382. package/packages/@monomind/guidance/dist/truth-anchors.d.ts +276 -0
  383. package/packages/@monomind/guidance/dist/truth-anchors.js +488 -0
  384. package/packages/@monomind/guidance/dist/types.d.ts +378 -0
  385. package/packages/@monomind/guidance/dist/types.js +10 -0
  386. package/packages/@monomind/guidance/dist/uncertainty.d.ts +372 -0
  387. package/packages/@monomind/guidance/dist/uncertainty.js +619 -0
  388. package/packages/@monomind/guidance/dist/wasm-kernel.d.ts +48 -0
  389. package/packages/@monomind/guidance/dist/wasm-kernel.js +158 -0
@@ -0,0 +1,230 @@
1
+ /**
2
+ * WASM Agent MCP Tools
3
+ *
4
+ * Exposes @monoes/rvagent-wasm operations via MCP protocol.
5
+ * All tools gracefully degrade when the WASM package is not installed.
6
+ */
7
+ async function loadAgentWasm() {
8
+ const mod = await import('../monovector/agent-wasm.js');
9
+ return mod;
10
+ }
11
+ export const wasmAgentTools = [
12
+ {
13
+ name: 'wasm_agent_create',
14
+ description: 'Create a sandboxed WASM agent with virtual filesystem (no OS access). Optionally use a gallery template.',
15
+ inputSchema: {
16
+ type: 'object',
17
+ properties: {
18
+ template: { type: 'string', description: 'Gallery template name (coder, researcher, tester, reviewer, security, swarm)' },
19
+ model: { type: 'string', description: 'Model identifier (default: anthropic:claude-sonnet-4-20250514)' },
20
+ instructions: { type: 'string', description: 'System instructions for the agent' },
21
+ maxTurns: { type: 'number', description: 'Max conversation turns (default: 50)' },
22
+ },
23
+ },
24
+ handler: async (args) => {
25
+ try {
26
+ const wasm = await loadAgentWasm();
27
+ if (args.template) {
28
+ const info = await wasm.createAgentFromTemplate(args.template);
29
+ return { content: [{ type: 'text', text: JSON.stringify({ success: true, agent: info, source: 'gallery' }, null, 2) }] };
30
+ }
31
+ const info = await wasm.createWasmAgent({
32
+ model: args.model,
33
+ instructions: args.instructions,
34
+ maxTurns: args.maxTurns,
35
+ });
36
+ return { content: [{ type: 'text', text: JSON.stringify({ success: true, agent: info }, null, 2) }] };
37
+ }
38
+ catch (err) {
39
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
40
+ }
41
+ },
42
+ },
43
+ {
44
+ name: 'wasm_agent_prompt',
45
+ description: 'Send a prompt to a WASM agent and get a response.',
46
+ inputSchema: {
47
+ type: 'object',
48
+ properties: {
49
+ agentId: { type: 'string', description: 'WASM agent ID' },
50
+ input: { type: 'string', description: 'User prompt to send' },
51
+ },
52
+ required: ['agentId', 'input'],
53
+ },
54
+ handler: async (args) => {
55
+ try {
56
+ const wasm = await loadAgentWasm();
57
+ const result = await wasm.promptWasmAgent(args.agentId, args.input);
58
+ return { content: [{ type: 'text', text: result }] };
59
+ }
60
+ catch (err) {
61
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
62
+ }
63
+ },
64
+ },
65
+ {
66
+ name: 'wasm_agent_tool',
67
+ description: 'Execute a tool on a WASM agent sandbox. Tools: read_file, write_file, edit_file, write_todos, list_files. Use flat format: {tool, path, content, ...}.',
68
+ inputSchema: {
69
+ type: 'object',
70
+ properties: {
71
+ agentId: { type: 'string', description: 'WASM agent ID' },
72
+ toolName: { type: 'string', description: 'Tool name (read_file, write_file, edit_file, write_todos, list_files)' },
73
+ toolInput: { type: 'object', description: 'Tool parameters (flat: {path, content, old_string, new_string, todos})' },
74
+ },
75
+ required: ['agentId', 'toolName'],
76
+ },
77
+ handler: async (args) => {
78
+ try {
79
+ const wasm = await loadAgentWasm();
80
+ // Flat format: {tool: 'write_file', path: '...', content: '...'}
81
+ const toolCall = {
82
+ tool: args.toolName,
83
+ ...(args.toolInput ?? {}),
84
+ };
85
+ const result = await wasm.executeWasmTool(args.agentId, toolCall);
86
+ return { content: [{ type: 'text', text: JSON.stringify(result) }] };
87
+ }
88
+ catch (err) {
89
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
90
+ }
91
+ },
92
+ },
93
+ {
94
+ name: 'wasm_agent_list',
95
+ description: 'List all active WASM agents.',
96
+ inputSchema: { type: 'object', properties: {} },
97
+ handler: async () => {
98
+ try {
99
+ const wasm = await loadAgentWasm();
100
+ const agents = wasm.listWasmAgents();
101
+ return { content: [{ type: 'text', text: JSON.stringify({ agents, count: agents.length }, null, 2) }] };
102
+ }
103
+ catch (err) {
104
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
105
+ }
106
+ },
107
+ },
108
+ {
109
+ name: 'wasm_agent_terminate',
110
+ description: 'Terminate a WASM agent and free resources.',
111
+ inputSchema: {
112
+ type: 'object',
113
+ properties: {
114
+ agentId: { type: 'string', description: 'WASM agent ID' },
115
+ },
116
+ required: ['agentId'],
117
+ },
118
+ handler: async (args) => {
119
+ try {
120
+ const wasm = await loadAgentWasm();
121
+ const ok = wasm.terminateWasmAgent(args.agentId);
122
+ return { content: [{ type: 'text', text: JSON.stringify({ success: ok }) }] };
123
+ }
124
+ catch (err) {
125
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
126
+ }
127
+ },
128
+ },
129
+ {
130
+ name: 'wasm_agent_files',
131
+ description: 'Get a WASM agent\'s available tools and info.',
132
+ inputSchema: {
133
+ type: 'object',
134
+ properties: {
135
+ agentId: { type: 'string', description: 'WASM agent ID' },
136
+ },
137
+ required: ['agentId'],
138
+ },
139
+ handler: async (args) => {
140
+ try {
141
+ const wasm = await loadAgentWasm();
142
+ const tools = wasm.getWasmAgentTools(args.agentId);
143
+ const info = wasm.getWasmAgent(args.agentId);
144
+ return { content: [{ type: 'text', text: JSON.stringify({ tools, fileCount: info?.fileCount ?? 0, turnCount: info?.turnCount ?? 0 }, null, 2) }] };
145
+ }
146
+ catch (err) {
147
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
148
+ }
149
+ },
150
+ },
151
+ {
152
+ name: 'wasm_agent_export',
153
+ description: 'Export a WASM agent\'s full state (config, filesystem, conversation) as JSON.',
154
+ inputSchema: {
155
+ type: 'object',
156
+ properties: {
157
+ agentId: { type: 'string', description: 'WASM agent ID' },
158
+ },
159
+ required: ['agentId'],
160
+ },
161
+ handler: async (args) => {
162
+ try {
163
+ const wasm = await loadAgentWasm();
164
+ const state = wasm.exportWasmState(args.agentId);
165
+ return { content: [{ type: 'text', text: state }] };
166
+ }
167
+ catch (err) {
168
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
169
+ }
170
+ },
171
+ },
172
+ {
173
+ name: 'wasm_gallery_list',
174
+ description: 'List all available WASM agent gallery templates (Coder, Researcher, Tester, Reviewer, Security, Swarm).',
175
+ inputSchema: { type: 'object', properties: {} },
176
+ handler: async () => {
177
+ try {
178
+ const wasm = await loadAgentWasm();
179
+ const templates = await wasm.listGalleryTemplates();
180
+ return { content: [{ type: 'text', text: JSON.stringify({ templates, count: templates.length }, null, 2) }] };
181
+ }
182
+ catch (err) {
183
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
184
+ }
185
+ },
186
+ },
187
+ {
188
+ name: 'wasm_gallery_search',
189
+ description: 'Search WASM agent gallery templates by query.',
190
+ inputSchema: {
191
+ type: 'object',
192
+ properties: {
193
+ query: { type: 'string', description: 'Search query' },
194
+ },
195
+ required: ['query'],
196
+ },
197
+ handler: async (args) => {
198
+ try {
199
+ const wasm = await loadAgentWasm();
200
+ const results = await wasm.searchGalleryTemplates(args.query);
201
+ return { content: [{ type: 'text', text: JSON.stringify({ results, count: results.length }, null, 2) }] };
202
+ }
203
+ catch (err) {
204
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
205
+ }
206
+ },
207
+ },
208
+ {
209
+ name: 'wasm_gallery_create',
210
+ description: 'Create a WASM agent from a gallery template.',
211
+ inputSchema: {
212
+ type: 'object',
213
+ properties: {
214
+ template: { type: 'string', description: 'Template name (coder, researcher, tester, reviewer, security, swarm)' },
215
+ },
216
+ required: ['template'],
217
+ },
218
+ handler: async (args) => {
219
+ try {
220
+ const wasm = await loadAgentWasm();
221
+ const info = await wasm.createAgentFromTemplate(args.template);
222
+ return { content: [{ type: 'text', text: JSON.stringify({ success: true, agent: info, template: args.template }, null, 2) }] };
223
+ }
224
+ catch (err) {
225
+ return { content: [{ type: 'text', text: JSON.stringify({ error: String(err) }) }], isError: true };
226
+ }
227
+ },
228
+ },
229
+ ];
230
+ //# sourceMappingURL=wasm-agent-tools.js.map
@@ -98,7 +98,12 @@ export const workflowTools = [
98
98
  handler: async (input) => {
99
99
  const store = loadWorkflowStore();
100
100
  const template = input.template;
101
- const task = input.task;
101
+ // Cap task description to prevent DoS via unbounded string stored in
102
+ // workflow record and serialised to disk.
103
+ const MAX_WORKFLOW_TASK_LEN = 16 * 1024;
104
+ const rawTask = input.task;
105
+ const task = typeof rawTask === 'string' && rawTask.length > MAX_WORKFLOW_TASK_LEN
106
+ ? rawTask.slice(0, MAX_WORKFLOW_TASK_LEN) : rawTask;
102
107
  const options = input.options || {};
103
108
  const dryRun = options.dryRun;
104
109
  // Build workflow from template or inline
@@ -192,7 +197,19 @@ export const workflowTools = [
192
197
  handler: async (input) => {
193
198
  const store = loadWorkflowStore();
194
199
  const workflowId = `workflow-${Date.now()}-${randomBytes(6).toString('hex')}`;
195
- const steps = (input.steps || []).map((s, i) => ({
200
+ // Cap string fields before storing to disk.
201
+ const MAX_WF_NAME_LEN = 512;
202
+ const MAX_WF_DESC_LEN = 16 * 1024;
203
+ const MAX_WF_STEPS = 500;
204
+ const rawWfName = input.name;
205
+ const wfName = typeof rawWfName === 'string' && rawWfName.length > MAX_WF_NAME_LEN
206
+ ? rawWfName.slice(0, MAX_WF_NAME_LEN) : rawWfName;
207
+ const rawWfDesc = input.description;
208
+ const wfDesc = typeof rawWfDesc === 'string' && rawWfDesc.length > MAX_WF_DESC_LEN
209
+ ? rawWfDesc.slice(0, MAX_WF_DESC_LEN) : rawWfDesc;
210
+ const rawSteps = input.steps || [];
211
+ const cappedSteps = rawSteps.slice(0, MAX_WF_STEPS);
212
+ const steps = cappedSteps.map((s, i) => ({
196
213
  stepId: `step-${i + 1}`,
197
214
  name: s.name || `Step ${i + 1}`,
198
215
  type: s.type || 'task',
@@ -201,8 +218,8 @@ export const workflowTools = [
201
218
  }));
202
219
  const workflow = {
203
220
  workflowId,
204
- name: input.name,
205
- description: input.description,
221
+ name: wfName,
222
+ description: wfDesc,
206
223
  steps,
207
224
  status: steps.length > 0 ? 'ready' : 'draft',
208
225
  currentStep: 0,
@@ -355,8 +372,14 @@ export const workflowTools = [
355
372
  }
356
373
  // Sort by creation date (newest first)
357
374
  workflows.sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
358
- // Apply limit
359
- const limit = input.limit || 20;
375
+ // Apply limit — cap to 1 000 to prevent returning the full (potentially
376
+ // large) in-memory workflow store in one response, which could cause OOM
377
+ // or excessive serialisation latency.
378
+ const MAX_WORKFLOW_LIMIT = 1_000;
379
+ const rawLimit = typeof input.limit === 'number' ? input.limit : 20;
380
+ const limit = Number.isFinite(rawLimit) && rawLimit > 0
381
+ ? Math.min(Math.floor(rawLimit), MAX_WORKFLOW_LIMIT)
382
+ : 20;
360
383
  const totalCount = workflows.length;
361
384
  workflows = workflows.slice(0, limit);
362
385
  return {
@@ -145,7 +145,12 @@ export class EWCConsolidator {
145
145
  for (const newPattern of newPatterns) {
146
146
  if (!newPattern.embedding || newPattern.embedding.length === 0)
147
147
  continue;
148
- const existingPattern = this.patterns.get(newPattern.id);
148
+ // Cap pattern ID length: unbounded IDs fill both the Map key and the
149
+ // modifiedPatterns/protectedPatterns result arrays without any limit.
150
+ const patternId = typeof newPattern.id === 'string'
151
+ ? newPattern.id.slice(0, 256)
152
+ : String(newPattern.id).slice(0, 256);
153
+ const existingPattern = this.patterns.get(patternId);
149
154
  if (existingPattern) {
150
155
  // Calculate EWC penalty for updating existing pattern
151
156
  const penalty = this.getPenalty(existingPattern.weights, newPattern.embedding, fisher);
@@ -153,19 +158,19 @@ export class EWCConsolidator {
153
158
  const importanceScore = this.calculateImportance(existingPattern);
154
159
  if (importanceScore > this.config.importanceThreshold && penalty > this.config.lambda) {
155
160
  // Protect high-importance patterns with high penalty
156
- result.protectedPatterns.push(newPattern.id);
161
+ result.protectedPatterns.push(patternId);
157
162
  // Apply constrained update: blend old and new based on importance
158
163
  const blendFactor = 1 - importanceScore;
159
164
  const blendedWeights = this.blendWeights(existingPattern.weights, newPattern.embedding, blendFactor, fisher);
160
165
  existingPattern.weights = blendedWeights;
161
166
  existingPattern.lastUpdated = Date.now();
162
- result.modifiedPatterns.push(newPattern.id);
167
+ result.modifiedPatterns.push(patternId);
163
168
  }
164
169
  else {
165
170
  // Low importance or low penalty: allow full update
166
171
  existingPattern.weights = newPattern.embedding.slice(0, this.config.dimensions);
167
172
  existingPattern.lastUpdated = Date.now();
168
- result.modifiedPatterns.push(newPattern.id);
173
+ result.modifiedPatterns.push(patternId);
169
174
  }
170
175
  // Update Fisher diagonal for this pattern
171
176
  existingPattern.fisherDiagonal = fisher;
@@ -174,7 +179,7 @@ export class EWCConsolidator {
174
179
  else {
175
180
  // New pattern: add directly
176
181
  const weights = {
177
- id: newPattern.id,
182
+ id: patternId,
178
183
  weights: newPattern.embedding.slice(0, this.config.dimensions),
179
184
  fisherDiagonal: fisher,
180
185
  importance: 0.5,
@@ -184,8 +189,8 @@ export class EWCConsolidator {
184
189
  type: newPattern.type,
185
190
  description: newPattern.description
186
191
  };
187
- this.patterns.set(newPattern.id, weights);
188
- result.modifiedPatterns.push(newPattern.id);
192
+ this.patterns.set(patternId, weights);
193
+ result.modifiedPatterns.push(patternId);
189
194
  }
190
195
  result.patternsConsolidated++;
191
196
  }
@@ -209,7 +214,10 @@ export class EWCConsolidator {
209
214
  return result;
210
215
  }
211
216
  catch (error) {
212
- result.error = error instanceof Error ? error.message : String(error);
217
+ // Sanitize: strip filesystem paths and cap length so internal error
218
+ // messages are not reflected verbatim into CallerResult.error.
219
+ const rawMsg = error instanceof Error ? error.message : String(error);
220
+ result.error = rawMsg.replace(/\/[^\s:]+(\/|(?=\s|:|$))/g, '<path>/').slice(0, 500);
213
221
  result.duration = performance.now() - startTime;
214
222
  return result;
215
223
  }
@@ -513,6 +521,10 @@ export class EWCConsolidator {
513
521
  if (!fs.existsSync(this.config.storagePath)) {
514
522
  throw new Error('No persisted state found');
515
523
  }
524
+ const fileSize = fs.statSync(this.config.storagePath).size;
525
+ if (fileSize > 50 * 1024 * 1024) {
526
+ throw new Error(`EWC state file too large (${fileSize} bytes); refusing to load`);
527
+ }
516
528
  const content = fs.readFileSync(this.config.storagePath, 'utf-8');
517
529
  const state = JSON.parse(content);
518
530
  // Validate version
@@ -551,8 +563,12 @@ export class EWCConsolidator {
551
563
  this.patterns.set(id, pattern);
552
564
  }
553
565
  }
554
- // Restore history
555
- this.consolidationHistory = Array.isArray(state.consolidationHistory) ? state.consolidationHistory : [];
566
+ // Restore history — cap to last 100 entries so a crafted state file cannot
567
+ // bloat the in-memory array (each entry is a small object, but the array is
568
+ // summed on every getConsolidationStats() call which is O(n)).
569
+ this.consolidationHistory = Array.isArray(state.consolidationHistory)
570
+ ? state.consolidationHistory.slice(-100)
571
+ : [];
556
572
  // Update config from persisted values, clamped to a sensible range to
557
573
  // prevent negative/NaN lambda from inverting the regularization sign.
558
574
  if (state.config && typeof state.config.lambda === 'number'
@@ -10,7 +10,7 @@
10
10
  *
11
11
  * @module v1/cli/intelligence
12
12
  */
13
- import { existsSync, mkdirSync, readFileSync, writeFileSync, renameSync } from 'node:fs';
13
+ import { existsSync, mkdirSync, readFileSync, statSync, writeFileSync, renameSync } from 'node:fs';
14
14
  import { homedir } from 'node:os';
15
15
  import { join } from 'node:path';
16
16
  // ============================================================================
@@ -332,7 +332,7 @@ class LocalReasoningBank {
332
332
  loadFromDisk() {
333
333
  try {
334
334
  const path = getPatternsPath();
335
- if (existsSync(path)) {
335
+ if (existsSync(path) && statSync(path).size <= 50 * 1024 * 1024) {
336
336
  const data = JSON.parse(readFileSync(path, 'utf-8'));
337
337
  if (Array.isArray(data)) {
338
338
  // Validate each persisted pattern. The patterns file is part of the
@@ -393,9 +393,10 @@ class LocalReasoningBank {
393
393
  renameSync(tmp, path);
394
394
  this.dirty = false;
395
395
  }
396
- catch (error) {
396
+ catch {
397
397
  // Log but don't throw - persistence failures shouldn't break training
398
- console.error('Failed to persist patterns:', error);
398
+ // Do not reflect raw error to avoid leaking internal paths
399
+ console.error('Failed to persist patterns');
399
400
  }
400
401
  }
401
402
  /**
@@ -548,7 +549,7 @@ let globalStats = {
548
549
  function loadPersistedStats() {
549
550
  try {
550
551
  const path = getStatsPath();
551
- if (existsSync(path)) {
552
+ if (existsSync(path) && statSync(path).size <= 10 * 1024 * 1024) {
552
553
  const data = JSON.parse(readFileSync(path, 'utf-8'));
553
554
  if (data && typeof data === 'object') {
554
555
  globalStats.trajectoriesRecorded = data.trajectoriesRecorded ?? 0;
@@ -599,7 +600,7 @@ async function _doInitializeIntelligence(config) {
599
600
  // Seed neural learned patterns from @monomind/neural's LearningBridge flush.
600
601
  // This is the A→B bridge reader: connects the automatic learning loop to routing.
601
602
  const neuralPatternsPath = join(getDataDir(), 'patterns.json');
602
- if (existsSync(neuralPatternsPath)) {
603
+ if (existsSync(neuralPatternsPath) && statSync(neuralPatternsPath).size <= 50 * 1024 * 1024) {
603
604
  try {
604
605
  const { generateEmbedding: genEmb } = await import('./memory-initializer.js').catch(() => ({ generateEmbedding: null }));
605
606
  const raw = readFileSync(neuralPatternsPath, 'utf-8');
@@ -804,6 +805,10 @@ export async function recordTrajectory(steps, verdict) {
804
805
  }
805
806
  }
806
807
  export async function findSimilarPatterns(query, options) {
808
+ // Cap query length to prevent OOM via embedding generation on unbounded input
809
+ if (typeof query === 'string' && query.length > 2000) {
810
+ query = query.slice(0, 2000);
811
+ }
807
812
  if (!reasoningBank) {
808
813
  const init = await initializeIntelligence();
809
814
  if (!init.success)
@@ -943,9 +948,11 @@ export function benchmarkAdaptation(iterations = 1000) {
943
948
  if (!sonaCoordinator) {
944
949
  return { totalMs: 0, avgMs: 0, minMs: 0, maxMs: 0, targetMet: false };
945
950
  }
951
+ // Cap iterations to prevent OOM/CPU exhaustion from unbounded caller input
952
+ const safeIterations = Math.min(Math.max(1, iterations >>> 0), 100_000);
946
953
  const times = [];
947
954
  const testEmbedding = Array.from({ length: 384 }, () => Math.random());
948
- for (let i = 0; i < iterations; i++) {
955
+ for (let i = 0; i < safeIterations; i++) {
949
956
  const start = performance.now();
950
957
  sonaCoordinator.recordSignal({
951
958
  type: 'test',
@@ -956,7 +963,7 @@ export function benchmarkAdaptation(iterations = 1000) {
956
963
  times.push(performance.now() - start);
957
964
  }
958
965
  const totalMs = times.reduce((a, b) => a + b, 0);
959
- const avgMs = totalMs / iterations;
966
+ const avgMs = totalMs / safeIterations;
960
967
  const minMs = Math.min(...times);
961
968
  const maxMs = Math.max(...times);
962
969
  return {
@@ -980,21 +987,75 @@ function loadSonaRoutingPatterns() {
980
987
  const sonaPath = join(process.cwd(), '.swarm', 'sona-patterns.json');
981
988
  if (!existsSync(sonaPath))
982
989
  return [];
990
+ if (statSync(sonaPath).size > 10 * 1024 * 1024)
991
+ return [];
983
992
  const raw = JSON.parse(readFileSync(sonaPath, 'utf-8'));
984
993
  const persisted = raw;
985
- if (!persisted.patterns || typeof persisted.patterns !== 'object')
994
+ if (!persisted.patterns || typeof persisted.patterns !== 'object' || Array.isArray(persisted.patterns))
986
995
  return [];
987
996
  const now = Date.now();
988
- return Object.entries(persisted.patterns).map(([key, p]) => ({
989
- id: `sona:${key}`,
990
- type: p.agent ?? 'routing',
991
- content: (p.keywords ?? [key]).join(' '),
992
- confidence: p.confidence ?? 0.5,
993
- usageCount: (p.successCount ?? 0) + (p.failureCount ?? 0),
994
- embedding: [],
995
- createdAt: p.createdAt ?? now,
996
- lastUsedAt: now,
997
- }));
997
+ const results = [];
998
+ // Cap total entries to prevent DoS via an unbounded patterns map.
999
+ // sona-patterns.json is written by the SONA optimizer but could be
1000
+ // replaced by a malicious IPFS bundle — validate every field before use.
1001
+ const MAX_SONA_ENTRIES = 500;
1002
+ let entryCount = 0;
1003
+ for (const [key, p] of Object.entries(persisted.patterns)) {
1004
+ // Prototype pollution guard — skip __proto__ / constructor / prototype keys.
1005
+ if (key === '__proto__' || key === 'constructor' || key === 'prototype')
1006
+ continue;
1007
+ if (typeof key !== 'string' || key.length === 0 || key.length > 256)
1008
+ continue;
1009
+ if (entryCount++ >= MAX_SONA_ENTRIES)
1010
+ break;
1011
+ if (!p || typeof p !== 'object')
1012
+ continue;
1013
+ // Validate keywords: must be a bounded array of short strings.
1014
+ const rawKw = p.keywords;
1015
+ let keywords;
1016
+ if (rawKw === undefined) {
1017
+ keywords = [key];
1018
+ }
1019
+ else if (Array.isArray(rawKw) && rawKw.length <= 64
1020
+ && rawKw.every(k => typeof k === 'string' && k.length > 0 && k.length <= 128)) {
1021
+ keywords = rawKw;
1022
+ }
1023
+ else {
1024
+ continue; // malformed keywords — skip entry
1025
+ }
1026
+ // Validate agent string.
1027
+ const agent = p.agent;
1028
+ if (agent !== undefined && (typeof agent !== 'string' || agent.length === 0 || agent.length > 128))
1029
+ continue;
1030
+ // Validate confidence is a finite number in [0, 1].
1031
+ const rawConf = p.confidence;
1032
+ const confidence = rawConf !== undefined ? rawConf : 0.5;
1033
+ if (typeof confidence !== 'number' || !Number.isFinite(confidence) || confidence < 0 || confidence > 1)
1034
+ continue;
1035
+ // Validate usage counts are safe integers.
1036
+ const sc = p.successCount ?? 0;
1037
+ const fc = p.failureCount ?? 0;
1038
+ if (typeof sc !== 'number' || !Number.isFinite(sc) || sc < 0 || sc > 1e9)
1039
+ continue;
1040
+ if (typeof fc !== 'number' || !Number.isFinite(fc) || fc < 0 || fc > 1e9)
1041
+ continue;
1042
+ // Validate createdAt is a reasonable epoch ms value.
1043
+ const rawTs = p.createdAt;
1044
+ const createdAt = (rawTs !== undefined && typeof rawTs === 'number' && Number.isFinite(rawTs) && rawTs >= 0 && rawTs <= 9.9e12)
1045
+ ? rawTs
1046
+ : now;
1047
+ results.push({
1048
+ id: `sona:${key}`,
1049
+ type: agent ?? 'routing',
1050
+ content: keywords.join(' '),
1051
+ confidence,
1052
+ usageCount: sc + fc,
1053
+ embedding: [],
1054
+ createdAt,
1055
+ lastUsedAt: now,
1056
+ });
1057
+ }
1058
+ return results;
998
1059
  }
999
1060
  catch {
1000
1061
  return [];
@@ -404,8 +404,12 @@ async function getOrBuildHnswIndex(db) {
404
404
  _hnswIndexBuilt = true; // Lock prevents concurrent re-build
405
405
  try {
406
406
  const memPkg = await import('@monoes/memory');
407
- if (!memPkg?.HNSWIndex)
407
+ if (!memPkg?.HNSWIndex) {
408
+ // Release the lock so a later retry can succeed if the package becomes available.
409
+ _hnswIndexBuilt = false;
410
+ _hnswBuildFailedAt = Date.now();
408
411
  return null;
412
+ }
409
413
  const rows = db.prepare(`SELECT id, embedding FROM memory_entries WHERE status = 'active' AND (expires_at IS NULL OR expires_at > ?) AND embedding IS NOT NULL`).all(Date.now());
410
414
  const valid = [];
411
415
  for (const row of rows) {
@@ -447,7 +451,22 @@ export async function bridgeStoreEntry(options) {
447
451
  if (!ctx)
448
452
  return null;
449
453
  try {
450
- const { key, value, namespace = 'default', tags: rawTags = [], ttl } = options;
454
+ const rawKey = options.key;
455
+ const rawValue = options.value;
456
+ // SECURITY: defensive caps so no caller — current or future — can pass an
457
+ // unbounded string directly into embedder.embed (hash fallback is O(n)) or
458
+ // inflate the AgentDB row beyond practical limits.
459
+ // Memory-tools already validates to 1 MB; these caps are a last-resort
460
+ // backstop for any internal caller that forgets to pre-truncate.
461
+ const BRIDGE_MAX_KEY_LEN = 4 * 1024; // 4 KB — generous for any realistic key
462
+ const BRIDGE_MAX_VALUE_LEN = 1024 * 1024; // 1 MB — matches memory-tools validator
463
+ const key = typeof rawKey === 'string' && rawKey.length > BRIDGE_MAX_KEY_LEN
464
+ ? rawKey.slice(0, BRIDGE_MAX_KEY_LEN) : rawKey;
465
+ const value = typeof rawValue === 'string' && rawValue.length > BRIDGE_MAX_VALUE_LEN
466
+ ? rawValue.slice(0, BRIDGE_MAX_VALUE_LEN) : rawValue;
467
+ const namespace = options.namespace ?? 'default';
468
+ const rawTags = options.tags ?? [];
469
+ const ttl = options.ttl;
451
470
  // SECURITY: cap tags array length and per-tag length. Without these, any
452
471
  // memory_store caller (every spawned agent) could submit
453
472
  // tags: new Array(1e5).fill("x".repeat(1e4)) → ~1GB persisted blob,