monomind 1.8.0 → 1.9.0

package/packages/@monomind/cli/dist/src/commands/neural.js

@@ -30,7 +30,7 @@ const trainCommand = {
         { command: 'monomind neural train -p security --wasm --contrastive', description: 'Security patterns with contrastive learning' },
     ],
     action: async (ctx) => {
-        const patternType = (ctx.flags.pattern || ctx.flags.patternType || ctx.flags['pattern-type']) || 'coordination';
+        const patternType = ctx.flags['pattern-type'] || 'coordination';
         const epochs = parseInt(ctx.flags.epochs || '50', 10);
         const learningRate = parseFloat(ctx.flags['learning-rate'] || '0.01');
         const batchSize = parseInt(ctx.flags['batch-size'] || '32', 10);
@@ -97,9 +97,29 @@ const trainCommand = {
             let trainingData = [];
             if (dataFile) {
                 const fs = await import('fs');
+                const p = await import('path');
                 if (fs.existsSync(dataFile)) {
+                    // Path containment check
+                    const resolvedData = p.resolve(dataFile);
+                    const cwd = process.cwd();
+                    if (!resolvedData.startsWith(cwd + p.sep) && resolvedData !== cwd) {
+                        spinner.fail(`--data path escapes project directory: ${dataFile}`);
+                        return { success: false, exitCode: 1 };
+                    }
+                    // File size guard
+                    const MAX_TRAINING_BYTES = 50 * 1024 * 1024;
+                    const statResult = fs.statSync(dataFile);
+                    if (statResult.size > MAX_TRAINING_BYTES) {
+                        spinner.fail(`Training data file too large: ${statResult.size} bytes (max ${MAX_TRAINING_BYTES})`);
+                        return { success: false, exitCode: 1 };
+                    }
                     const raw = fs.readFileSync(dataFile, 'utf8');
-                    trainingData = JSON.parse(raw);
+                    const parsedData = JSON.parse(raw);
+                    if (parsedData && typeof parsedData === 'object' && ('__proto__' in parsedData || 'constructor' in parsedData)) {
+                        spinner.fail('Prototype pollution attempt detected in training data');
+                        return { success: false, exitCode: 1 };
+                    }
+                    trainingData = parsedData;
                 }
                 else {
                     spinner.fail(`Training data file not found: ${dataFile}`);
@@ -532,6 +552,10 @@ const patternsCommand = {
                     output.writeln(output.success(`✓ Loaded from: ${persistence.patternsFile}`));
                 }
             }
+            else if (action === 'analyze' && !query) {
+                output.printError('--query is required when --action analyze is used.');
+                return { success: false, exitCode: 1 };
+            }
             else if (action === 'analyze' && query) {
                 // Analyze patterns related to query
                 const related = await findSimilarPatterns(query, { k: limit });
@@ -689,46 +713,9 @@ const optimizeCommand = {
             }
             catch { /* ignore */ }
             if (method === 'quantize') {
-                // Perform real Int8 quantization on pattern embeddings
-                spinner.setText('Quantizing pattern embeddings to Int8...');
-                let quantizedCount = 0;
-                let memoryReduction = 0;
-                for (const pattern of patterns) {
-                    if (pattern.embedding && pattern.embedding.length > 0) {
-                        // Float32 (4 bytes) -> Int8 (1 byte) = 4x reduction
-                        const beforeBytes = pattern.embedding.length * 4;
-                        const afterBytes = pattern.embedding.length; // Int8
-                        memoryReduction += beforeBytes - afterBytes;
-                        quantizedCount++;
-                    }
-                }
-                // Save optimized patterns
-                await flushPatterns();
-                // Get after size
-                let afterSize = beforeSize;
-                try {
-                    const patternFile = path.join(patternDir, 'patterns.json');
-                    if (fs.existsSync(patternFile)) {
-                        afterSize = fs.statSync(patternFile).size;
-                    }
-                }
-                catch { /* ignore */ }
-                spinner.succeed(`Quantized ${quantizedCount} patterns`);
-                output.writeln();
-                output.printTable({
-                    columns: [
-                        { key: 'metric', header: 'Metric', width: 25 },
-                        { key: 'before', header: 'Before', width: 18 },
-                        { key: 'after', header: 'After', width: 18 },
-                    ],
-                    data: [
-                        { metric: 'Pattern Count', before: String(patterns.length), after: String(patterns.length) },
-                        { metric: 'Storage Size', before: `${(beforeSize / 1024).toFixed(1)} KB`, after: `${(afterSize / 1024).toFixed(1)} KB` },
-                        { metric: 'Embedding Memory', before: `${((memoryReduction * 4) / 1024).toFixed(1)} KB`, after: `${(memoryReduction / 1024).toFixed(1)} KB` },
-                        { metric: 'Memory Reduction', before: '-', after: `~${(3.92).toFixed(2)}x (Int8)` },
-                        { metric: 'Precision', before: 'Float32', after: 'Int8 (±0.5%)' },
-                    ],
-                });
+                spinner.fail('Quantization not implemented');
+                output.printWarning('Quantization is not yet implemented. Patterns were not modified.');
+                return { success: false, message: 'Quantization not implemented', exitCode: 1 };
             }
             else if (method === 'analyze') {
                 spinner.succeed('Analysis complete');
@@ -855,10 +842,22 @@ const exportCommand = {
                 },
             };
             // Load patterns from local storage
-            const memoryDir = path.join(process.cwd(), '.monomind', 'memory');
+            const memoryDir = path.join(process.cwd(), '.monomind', 'neural');
             const patternsFile = path.join(memoryDir, 'patterns.json');
             if (fs.existsSync(patternsFile)) {
-                const patterns = JSON.parse(fs.readFileSync(patternsFile, 'utf8'));
+                const MAX_PATTERNS_BYTES = 100 * 1024 * 1024;
+                const patStat = fs.statSync(patternsFile);
+                if (patStat.size > MAX_PATTERNS_BYTES) {
+                    spinner.fail(`patterns.json too large to export safely (${patStat.size} bytes)`);
+                    return { success: false, exitCode: 1 };
+                }
+                const patternsRaw = fs.readFileSync(patternsFile, 'utf8');
+                const patternsJson = JSON.parse(patternsRaw);
+                if (patternsJson && typeof patternsJson === 'object' && ('__proto__' in patternsJson || 'constructor' in patternsJson)) {
+                    spinner.fail('Prototype pollution attempt detected in patterns.json');
+                    return { success: false, exitCode: 1 };
+                }
+                const patterns = patternsJson;
                 for (const pattern of patterns) {
                     // Security: Strip potential PII
                     if (stripPii) {
@@ -921,7 +920,7 @@ const exportCommand = {
                 /sk-ant-[a-zA-Z0-9-]+/, // Anthropic keys
                 /sk-[a-zA-Z0-9]{48}/, // OpenAI keys
                 /AIza[a-zA-Z0-9-_]{35}/, // Google keys
-                /pinata_[a-zA-Z0-9]+/, // Pinata JWT
+                /pinata_[a-zA-Z0-9]{20,}/, // Pinata JWT (min 20 chars to avoid false positives on short names)
                 /-----BEGIN.*KEY-----/, // PEM keys
             ];
             for (const pattern of secretPatterns) {
@@ -932,7 +931,15 @@ const exportCommand = {
             }
             // Output handling
             if (outputFile) {
-                fs.writeFileSync(outputFile, JSON.stringify(exportPackage, null, 2));
+                const resolvedOut = path.resolve(outputFile);
+                const cwd = process.cwd();
+                if (!resolvedOut.startsWith(cwd + path.sep) && resolvedOut !== cwd) {
+                    spinner.fail(`--output path escapes project directory: ${outputFile}`);
+                    return { success: false, exitCode: 1 };
+                }
+                const tmpOutput = outputFile + '.tmp';
+                fs.writeFileSync(tmpOutput, JSON.stringify(exportPackage, null, 2));
+                fs.renameSync(tmpOutput, outputFile);
                 spinner.succeed(`Exported to: ${outputFile}`);
             }
             if (pinToIpfs) {
@@ -962,7 +969,7 @@ const exportCommand = {
                 const result = await response.json();
                 spinner.succeed('Successfully exported to IPFS');
                 output.writeln();
-                output.table({
+                output.printTable({
                     columns: [
                         { key: 'property', header: 'Property', width: 20 },
                         { key: 'value', header: 'Value', width: 50 },
@@ -1033,7 +1040,11 @@ const listCommand = {
                         headers: { 'Accept': 'application/json' },
                     });
                     if (response.ok) {
-                        registry = await response.json();
+                        const MAX_REGISTRY_BYTES = 50 * 1024 * 1024;
+                        const buf = await response.arrayBuffer();
+                        if (buf.byteLength > MAX_REGISTRY_BYTES)
+                            throw new Error(`Registry response too large: ${buf.byteLength} bytes`);
+                        registry = JSON.parse(new TextDecoder().decode(buf));
                         break;
                     }
                 }
@@ -1160,7 +1171,11 @@ const importCommand = {
                             headers: { 'Accept': 'application/json' },
                         });
                         if (response.ok) {
-                            importData = await response.json();
+                            const MAX_IMPORT_BYTES = 50 * 1024 * 1024;
+                            const importBuf = await response.arrayBuffer();
+                            if (importBuf.byteLength > MAX_IMPORT_BYTES)
+                                throw new Error(`Import response too large: ${importBuf.byteLength} bytes`);
+                            importData = JSON.parse(new TextDecoder().decode(importBuf));
                             break;
                         }
                     }
@@ -1178,14 +1193,31 @@ const importCommand = {
                     spinner.fail(`File not found: ${file}`);
                     return { success: false, exitCode: 1 };
                 }
+                // Cap import file size to prevent OOM on attacker-controlled content.
+                const stat = fs.statSync(file);
+                const MAX_IMPORT_BYTES = 50 * 1024 * 1024; // 50 MB
+                if (stat.size > MAX_IMPORT_BYTES) {
+                    spinner.fail(`Import file too large: ${stat.size} bytes (max ${MAX_IMPORT_BYTES})`);
+                    return { success: false, exitCode: 1 };
+                }
                 importData = JSON.parse(fs.readFileSync(file, 'utf8'));
             }
             if (!importData) {
                 spinner.fail('No import data available');
                 return { success: false, exitCode: 1 };
             }
-            // Verify signature if present and requested
-            if (verifySignature && importData.signature && importData.publicKey) {
+            // SECURITY: Verify signature when --verify is set (default true).
+            // Previously two bypasses existed:
+            //   (a) catch-fall-through made any malformed signature/key skip verification
+            //       and proceed to import — fail-OPEN.
+            //   (b) the entire block was guarded on `signature && publicKey`, so an
+            //       attacker who simply omitted those fields skipped verification
+            //       regardless of --verify. Both now fail-CLOSED.
+            if (verifySignature) {
+                if (!importData.signature || !importData.publicKey) {
+                    spinner.fail('SECURITY: --verify requested but payload is unsigned. Aborting (use --no-verify to override).');
+                    return { success: false, exitCode: 1 };
+                }
                 spinner.setText('Verifying Ed25519 signature...');
                 try {
                     const { webcrypto } = crypto;
@@ -1202,7 +1234,11 @@ const importCommand = {
                     output.writeln(output.success('Signature verified'));
                 }
                 catch (err) {
-                    output.writeln(output.warning(`Signature verification skipped: ${err instanceof Error ? err.message : String(err)}`));
+                    // FAIL-CLOSED: any error during verification (malformed key, wrong
+                    // algorithm, runtime not supporting Ed25519, etc.) must reject the
+                    // import, NOT fall through with a warning.
+                    spinner.fail(`SECURITY: Signature verification error: ${err instanceof Error ? err.message : String(err)}. Aborting.`);
+                    return { success: false, exitCode: 1 };
                 }
             }
             // Extract patterns - handle both single model and model registry formats
@@ -1247,8 +1283,8 @@ const importCommand = {
             if (validPatterns.length < patterns.length) {
                 output.writeln(output.warning(`Filtered ${patterns.length - validPatterns.length} suspicious patterns`));
             }
-            // Save to local memory
-            const memoryDir = path.join(process.cwd(), '.monomind', 'memory');
+            // Save to neural store (same location intelligence.ts writes to)
+            const memoryDir = path.join(process.cwd(), '.monomind', 'neural');
             if (!fs.existsSync(memoryDir)) {
                 fs.mkdirSync(memoryDir, { recursive: true });
             }
@@ -1261,10 +1297,14 @@ const importCommand = {
             const existingIds = new Set(existingPatterns.map(p => p.id));
             const newPatterns = validPatterns.filter(p => !existingIds.has(p.id));
             const finalPatterns = merge ? [...existingPatterns, ...newPatterns] : validPatterns;
-            fs.writeFileSync(patternsFile, JSON.stringify(finalPatterns, null, 2));
+            // Unique tmp filename so concurrent invocations don't clobber each other's
+            // .tmp files mid-write (which would produce a corrupt patterns.json on rename).
+            const tmpPatterns = `${patternsFile}.${process.pid}.${Date.now()}.tmp`;
+            fs.writeFileSync(tmpPatterns, JSON.stringify(finalPatterns, null, 2), { flag: 'wx' });
+            fs.renameSync(tmpPatterns, patternsFile);
             spinner.succeed('Import complete');
             output.writeln();
-            output.table({
+            output.printTable({
                 columns: [
                     { key: 'metric', header: 'Metric', width: 25 },
                     { key: 'value', header: 'Value', width: 20 },

package/packages/@monomind/cli/dist/src/commands/performance.js

@@ -21,8 +21,12 @@ const benchmarkCommand = {
     ],
     action: async (ctx) => {
         const suite = ctx.flags.suite || 'all';
-        const iterations = parseInt(ctx.flags.iterations || '100', 10);
-        const warmup = parseInt(ctx.flags.warmup || '10', 10);
+        const MAX_ITERATIONS = 10_000;
+        const MAX_WARMUP = 500;
+        const iterationsRaw = parseInt(ctx.flags.iterations || '100', 10);
+        const warmupRaw = parseInt(ctx.flags.warmup || '10', 10);
+        const iterations = Number.isFinite(iterationsRaw) ? Math.min(Math.max(1, iterationsRaw), MAX_ITERATIONS) : 100;
+        const warmup = Number.isFinite(warmupRaw) ? Math.min(Math.max(0, warmupRaw), MAX_WARMUP) : 10;
         const outputFormat = ctx.flags.output || 'text';
         output.writeln();
         output.writeln(output.bold('Performance Benchmark (Real Measurements)'));
@@ -55,12 +59,14 @@ const benchmarkCommand = {
                 embedTimes.push(performance.now() - start);
             }
             const mean = embedTimes.reduce((a, b) => a + b, 0) / embedTimes.length;
+            const embedTargetMet = mean < 10;
             results.push({
                 operation: 'Embedding Gen',
                 mean: `${mean.toFixed(2)}ms`,
                 p95: `${percentile(embedTimes, 95).toFixed(2)}ms`,
                 p99: `${percentile(embedTimes, 99).toFixed(2)}ms`,
-                improvement: mean < 10 ? output.success('Target met') : output.warning('Below target'),
+                improvement: embedTargetMet ? output.success('Target met') : output.warning('Below target'),
+                targetMet: embedTargetMet,
             });
         }
         // 2. Flash Attention-style Batch Operations
@@ -84,12 +90,14 @@ const benchmarkCommand = {
             // Compare to baseline (single-vector comparison takes ~0.5μs, so 100 vectors baseline ~0.05ms)
             const baselineMs = 0.05;
             const speedup = baselineMs / mean;
+            const flashTargetMet = speedup > 1;
             results.push({
                 operation: 'Flash Attention',
                 mean: `${mean.toFixed(3)}ms`,
                 p95: `${percentile(flashTimes, 95).toFixed(3)}ms`,
                 p99: `${percentile(flashTimes, 99).toFixed(3)}ms`,
-                improvement: speedup > 1 ? output.success(`${speedup.toFixed(2)}x`) : output.dim(`${speedup.toFixed(2)}x`),
+                improvement: flashTargetMet ? output.success(`${speedup.toFixed(2)}x`) : output.dim(`${speedup.toFixed(2)}x`),
+                targetMet: flashTargetMet,
             });
         }
         // 3. HNSW Search Benchmark
@@ -121,12 +129,14 @@ const benchmarkCommand = {
                 // HNSW should be O(log n) ~150x faster
                 const baselineBruteForce = hnswStatus.entryCount * 0.0005;
                 const speedup = baselineBruteForce / (mean / 1000);
+                const hnswTargetMet = speedup > 10;
                 results.push({
                     operation: `HNSW Search (n=${hnswStatus.entryCount})`,
                     mean: `${mean.toFixed(2)}ms`,
                     p95: `${percentile(searchTimes, 95).toFixed(2)}ms`,
                     p99: `${percentile(searchTimes, 99).toFixed(2)}ms`,
-                    improvement: speedup > 10 ? output.success(`~${Math.round(speedup)}x`) : output.dim(`${speedup.toFixed(1)}x`),
+                    improvement: hnswTargetMet ? output.success(`~${Math.round(speedup)}x`) : output.dim(`${speedup.toFixed(1)}x`),
+                    targetMet: hnswTargetMet,
                 });
             }
             else {
@@ -136,6 +146,7 @@ const benchmarkCommand = {
                     p95: 'N/A',
                     p99: 'N/A',
                     improvement: output.warning('No index'),
+                    targetMet: false,
                 });
             }
         }
@@ -150,6 +161,7 @@ const benchmarkCommand = {
                 p95: `${(sonaResult.maxMs * 1000).toFixed(2)}μs`,
                 p99: `${(sonaResult.maxMs * 1000).toFixed(2)}μs`,
                 improvement: sonaResult.targetMet ? output.success('<0.05ms ✓') : output.warning('Above target'),
+                targetMet: sonaResult.targetMet,
             });
         }
         // 5. Memory Store/Retrieve
@@ -168,12 +180,14 @@ const benchmarkCommand = {
                 storeTimes.push(performance.now() - start);
             }
             const mean = storeTimes.reduce((a, b) => a + b, 0) / storeTimes.length;
+            const storeTargetMet = mean < 50;
             results.push({
                 operation: 'Memory Store+Embed',
                 mean: `${mean.toFixed(1)}ms`,
                 p95: `${percentile(storeTimes, 95).toFixed(1)}ms`,
                 p99: `${percentile(storeTimes, 99).toFixed(1)}ms`,
-                improvement: mean < 50 ? output.success('Target met') : output.warning('Slow'),
+                improvement: storeTargetMet ? output.success('Target met') : output.warning('Slow'),
+                targetMet: storeTargetMet,
             });
         }
         const totalTime = ((Date.now() - startTotal) / 1000).toFixed(2);
@@ -195,7 +209,7 @@ const benchmarkCommand = {
                 data: results,
             });
             output.writeln();
-            const allTargetsMet = results.every(r => !r.improvement.includes('warning') && !r.improvement.includes('Slow'));
+            const allTargetsMet = results.every(r => r.targetMet);
             output.printBox([
                 `Suite: ${suite}`,
                 `Iterations: ${iterations}`,
@@ -233,7 +247,7 @@ const profileCommand = {
         const startMem = process.memoryUsage();
         const startTime = process.hrtime.bigint();
         // Sample for a brief period
-        await new Promise(r => setTimeout(r, Math.min(duration * 100, 2000)));
+        await new Promise(r => setTimeout(r, Math.min(duration * 1000, 30_000)));
         const endCpu = process.cpuUsage(startCpu);
         const endMem = process.memoryUsage();
         const endTime = process.hrtime.bigint();
@@ -273,6 +287,10 @@ const profileCommand = {
         });
         output.writeln();
         output.writeln(output.dim(`Profile duration: ${elapsedMs.toFixed(0)}ms`));
+        const outputFile = ctx.flags.output;
+        if (outputFile) {
+            output.printWarning(`--output flag is not yet implemented. Profile data was not saved to ${outputFile}.`);
+        }
         return { success: true };
     },
 };
@@ -474,6 +492,9 @@ const optimizeCommand = {
     ],
     action: async (ctx) => {
         const target = ctx.flags.target || 'all';
+        if (ctx.flags.apply) {
+            output.printWarning('Optimization application is not yet implemented. Showing recommendations only.');
+        }
         output.writeln();
         output.writeln(output.bold('Performance Optimization'));
         output.writeln(output.dim('─'.repeat(50)));
@@ -515,6 +536,7 @@ const bottleneckCommand = {
         { command: 'monomind performance bottleneck -d full', description: 'Full analysis' },
     ],
     action: async (ctx) => {
+        output.printWarning('Bottleneck analysis is using static sample data. Dynamic analysis coming soon.');
         output.writeln();
         output.writeln(output.bold('Bottleneck Analysis'));
         output.writeln(output.dim('─'.repeat(50)));

package/packages/@monomind/cli/dist/src/commands/plugins.js

@@ -388,7 +388,7 @@ const infoCommand = {
         { name: 'registry', short: 'r', type: 'string', description: 'Registry to use' },
     ],
     examples: [
-        { command: 'monomind plugins info -n @monoes/neural', description: 'Show plugin info' },
+        { command: 'monomind plugins info -n @monomind/neural', description: 'Show plugin info' },
     ],
     action: async (ctx) => {
         const name = ctx.flags.name;
@@ -549,33 +549,9 @@ const createCommand = {
         output.writeln();
         output.writeln(output.bold('Creating Plugin'));
         output.writeln(output.dim('─'.repeat(40)));
-        const spinner = output.createSpinner({ text: 'Scaffolding project...', spinner: 'dots' });
-        spinner.start();
-        const files = ['package.json', 'src/index.ts', 'src/hooks.ts', 'README.md', 'tsconfig.json'];
-        for (const file of files) {
-            spinner.setText(`Creating ${file}...`);
-            await new Promise(r => setTimeout(r, 150));
-        }
-        spinner.succeed('Plugin scaffolded');
-        output.writeln();
-        output.printBox([
-            `Plugin: ${name}`,
-            `Template: ${template}`,
-            `Location: ./${name}/`,
-            ``,
-            `Files created:`,
-            `  - package.json`,
-            `  - src/index.ts`,
-            `  - src/hooks.ts`,
-            `  - README.md`,
-            `  - tsconfig.json`,
-            ``,
-            `Next steps:`,
-            `  cd ${name}`,
-            `  npm install`,
-            `  npm run build`,
-        ].join('\n'), 'Success');
-        return { success: true };
+        output.printWarning('Plugin scaffolding is not yet implemented.');
+        output.writeln(output.dim('Use --name to specify your plugin name. File generation coming soon.'));
+        return { success: false, message: 'Not yet implemented', exitCode: 1 };
     },
 };
 // Upgrade subcommand
@@ -587,8 +563,8 @@ const upgradeCommand = {
         { name: 'version', short: 'v', type: 'string', description: 'Target version (default: latest)' },
     ],
     examples: [
-        { command: 'monomind plugins upgrade -n @monoes/neural', description: 'Upgrade to latest' },
-        { command: 'monomind plugins upgrade -n @monoes/neural -v 3.1.0', description: 'Upgrade to specific version' },
+        { command: 'monomind plugins upgrade -n @monomind/neural', description: 'Upgrade to latest' },
+        { command: 'monomind plugins upgrade -n @monomind/neural -v 3.1.0', description: 'Upgrade to specific version' },
     ],
     action: async (ctx) => {
         const name = ctx.flags.name;
@@ -729,7 +705,7 @@ const rateCommand = {
         { name: 'rating', short: 'r', type: 'number', description: 'Rating (1-5)', required: true },
     ],
     examples: [
-        { command: 'monomind plugins rate -n @monoes/embeddings -r 5', description: 'Rate 5 stars' },
+        { command: 'monomind plugins rate -n @monomind/embeddings -r 5', description: 'Rate 5 stars' },
         { command: 'monomind plugins rate -n my-plugin -r 4', description: 'Rate 4 stars' },
     ],
     action: async (ctx) => {
@@ -803,12 +779,12 @@ export const pluginsCommand = {
         output.writeln();
         output.writeln(output.bold('Official Plugins:'));
         output.printList([
-            '@monoes/neural              - Neural patterns and inference (WASM SIMD)',
-            '@monoes/security            - Security scanning and CVE detection',
-            '@monoes/embeddings          - Vector embeddings with hyperbolic support',
-            '@monoes/claims              - Claims-based authorization',
-            '@monoes/performance         - Performance profiling and benchmarks',
-            '@monoes/plugin-gastown-bridge - Gas Town orchestrator integration (WASM-accelerated)',
+            '@monomind/neural              - Neural patterns and inference (WASM SIMD)',
+            '@monomind/security            - Security scanning and CVE detection',
+            '@monomind/embeddings          - Vector embeddings with hyperbolic support',
+            '@monomind/claims              - Claims-based authorization',
+            '@monomind/performance         - Performance profiling and benchmarks',
+            '@monomind/plugin-gastown-bridge - Gas Town orchestrator integration (WASM-accelerated)',
         ]);
         output.writeln();
         output.writeln(output.dim('Run "monomind plugins list --official" to see all official plugins'));

package/packages/@monomind/cli/dist/src/commands/process.js

@@ -6,12 +6,35 @@ import { writeFileSync, readFileSync, unlinkSync, existsSync, mkdirSync } from '
 import { dirname, resolve } from 'path';
 // Helper functions for PID file management
 function writePidFile(pidFile, pid, port) {
-    const dir = dirname(resolve(pidFile));
+    const resolved = resolve(pidFile);
+    const dir = dirname(resolved);
     if (!existsSync(dir)) {
         mkdirSync(dir, { recursive: true });
     }
     const data = JSON.stringify({ pid, port, startedAt: new Date().toISOString() });
-    writeFileSync(resolve(pidFile), data, 'utf-8');
+    // wx flag = O_CREAT | O_EXCL — refuses to follow a pre-staged symlink that
+    // could redirect this write to ~/.ssh/authorized_keys or similar.
+    // mode 0o600 — pid file shouldn't be world-readable.
+    try {
+        writeFileSync(resolved, data, { encoding: 'utf-8', flag: 'wx', mode: 0o600 });
+    }
+    catch (e) {
+        if (e.code === 'EEXIST') {
+            // Stale PID file — caller is expected to have already verified the
+            // referenced process is dead. Unlink and retry once.
+            try {
+                const fs = require('fs');
+                fs.unlinkSync(resolved);
+                writeFileSync(resolved, data, { encoding: 'utf-8', flag: 'wx', mode: 0o600 });
+            }
+            catch (retryErr) {
+                throw retryErr;
+            }
+        }
+        else {
+            throw e;
+        }
+    }
 }
 function readPidFile(pidFile) {
     try {

package/packages/@monomind/cli/dist/src/commands/providers.js

@@ -78,7 +78,10 @@ const configureCommand = {
                 entry = { name: provider, enabled: true };
                 providers.push(entry);
             }
-            // Apply supplied settings
+            // Warn when key is supplied via CLI flag (visible in process table and shell history)
+            if (apiKey !== undefined) {
+                output.writeln(output.warning('  Warning: passing API keys via --key exposes them in process listings and shell history. Prefer setting the environment variable instead.'));
+            }
             if (apiKey !== undefined)
                 entry.apiKey = apiKey;
             if (model !== undefined)
@@ -170,17 +173,46 @@ const testCommand = {
                     test: async () => {
                         const entry = configuredProviders.find((p) => typeof p.name === 'string' && p.name.toLowerCase() === 'ollama');
                         const baseUrl = entry?.baseUrl || 'http://localhost:11434';
+                        let parsedBaseUrl;
+                        try {
+                            parsedBaseUrl = new URL(baseUrl);
+                        }
+                        catch {
+                            return { pass: false, reason: 'Invalid URL in Ollama config' };
+                        }
+                        if (!['http:', 'https:'].includes(parsedBaseUrl.protocol)) {
+                            return { pass: false, reason: 'Only http/https URLs are permitted for Ollama endpoint' };
+                        }
+                        // SSRF defense: block cloud-metadata + RFC1918 private ranges by default.
+                        // Ollama is conventionally local, so allow loopback by default but
+                        // refuse metadata IPs and link-local. Set MONOMIND_OLLAMA_ALLOW_REMOTE=1
+                        // to opt into hitting non-loopback hosts (useful for dev clusters).
+                        const host = parsedBaseUrl.hostname;
+                        const isLoopback = host === 'localhost' || host === '127.0.0.1' || host === '::1' ||
+                            host === '0.0.0.0' || /^127\./.test(host);
+                        const isMetadata = host === '169.254.169.254' || /^169\.254\./.test(host) ||
+                            /^fe80:/i.test(host);
+                        const isPrivateV4 = /^10\./.test(host) ||
+                            /^192\.168\./.test(host) ||
+                            /^172\.(1[6-9]|2\d|3[01])\./.test(host);
+                        if (isMetadata) {
+                            return { pass: false, reason: `Refusing to fetch metadata IP ${host}` };
+                        }
+                        const allowRemote = process.env.MONOMIND_OLLAMA_ALLOW_REMOTE === '1';
+                        if (!isLoopback && (isPrivateV4 || !allowRemote)) {
+                            return { pass: false, reason: `Refusing non-loopback Ollama host ${host}. Set MONOMIND_OLLAMA_ALLOW_REMOTE=1 to override.` };
+                        }
                         try {
                             const controller = new AbortController();
                             const timeout = setTimeout(() => controller.abort(), 3000);
-                            const res = await fetch(baseUrl, { signal: controller.signal });
+                            const res = await fetch(parsedBaseUrl.href, { signal: controller.signal });
                             clearTimeout(timeout);
                             if (res.ok)
-                                return { pass: true, reason: `Reachable at ${baseUrl}` };
-                            return { pass: false, reason: `HTTP ${res.status} from ${baseUrl}` };
+                                return { pass: true, reason: `Reachable at ${parsedBaseUrl.href}` };
+                            return { pass: false, reason: `HTTP ${res.status} from ${parsedBaseUrl.href}` };
                         }
                         catch {
-                            return { pass: false, reason: `Unreachable at ${baseUrl}` };
+                            return { pass: false, reason: `Unreachable at ${parsedBaseUrl.href}` };
                         }
                     },
                 },

package/packages/@monomind/cli/dist/src/commands/replay.js

@@ -20,11 +20,11 @@ const showSubcommand = {
             const reader = new ReplayReader();
             const data = await reader.show(sessionId);
             const asJson = ctx.flags['json'];
-            output.log(asJson ? JSON.stringify(data, null, 2) : `Replay for session ${sessionId}`);
+            output.writeln(asJson ? JSON.stringify(data, null, 2) : `Replay for session ${sessionId}`);
             return { success: true, data };
         }
         catch {
-            output.log(`No replay data for session ${sessionId}`);
+            output.writeln(`No replay data for session ${sessionId}`);
             return { success: true, message: 'No replay data' };
         }
     },
@@ -42,11 +42,11 @@ const listSubcommand = {
             const reader = new ReplayReader();
             const data = await reader.list(ctx.flags['limit']);
             const asJson = ctx.flags['json'];
-            output.log(asJson ? JSON.stringify(data, null, 2) : 'Available replays listed');
+            output.writeln(asJson ? JSON.stringify(data, null, 2) : 'Available replays listed');
             return { success: true, data };
         }
         catch {
-            output.log('No replay sessions available');
+            output.writeln('No replay sessions available');
             return { success: true, message: 'No sessions' };
         }
     },