mstro-app 0.4.2 → 0.4.4

package/dist/server/mcp/security-patterns.d.ts

@@ -1,3 +1,4 @@
+export { classifyRisk, isSensitivePath, requiresAIReview } from './security-analysis.js';
 export interface SecurityPattern {
     pattern: RegExp;
     reason?: string;
@@ -27,11 +28,6 @@ export declare const SAFE_OPERATIONS: SecurityPattern[];
 /**
  * Patterns that trigger AI context review
  * These operations need context analysis to determine if they align with user intent
- *
- * The AI should consider:
- * 1. Did the user explicitly request this operation?
- * 2. Does it make sense given the task at hand?
- * 3. Is the content/action appropriate for the target?
  */
 export declare const NEEDS_AI_REVIEW: SecurityPattern[];
 /**
@@ -44,24 +40,4 @@ export declare function matchesPattern(operation: string, patterns: SecurityPatt
  * from matching safe home-directory patterns.
  */
 export declare function normalizeOperation(operation: string): string;
-export declare function requiresAIReview(operation: string): boolean;
-/**
- * Check if operation targets a sensitive path
- * Used to provide additional context to AI reviewer
- */
-export declare function isSensitivePath(operation: string): SecurityPattern | null;
-/**
- * Classify operation risk level for context-aware review
- *
- * Risk levels indicate how much scrutiny the AI should apply:
- * - critical: Catastrophic if wrong (rm -rf /, fork bombs) - auto-deny
- * - high: Needs clear user intent (sudo, sensitive paths, credentials)
- * - medium: Normal file operations - verify matches user request
- * - low: Safe operations - minimal review needed
- */
-export declare function classifyRisk(operation: string): {
-    isDestructive: boolean;
-    riskLevel: 'low' | 'medium' | 'high' | 'critical';
-    reasons: string[];
-};
 //# sourceMappingURL=security-patterns.d.ts.map

package/dist/server/mcp/security-patterns.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"security-patterns.d.ts","sourceRoot":"","sources":["../../../server/mcp/security-patterns.ts"],"names":[],"mappings":"AAkBA,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EAiB5C,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,gBAAgB,EAAE,eAAe,EA0C7C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EAoC5C,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EAqH5C,CAAC;AAEF;;GAEG;AACH,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,eAAe,GAAG,IAAI,CAOrG;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAQ5D;AAgED,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CA8C3D;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI,CAEzE;AAED;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG;IAC/C,aAAa,EAAE,OAAO,CAAC;IACvB,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAClD,OAAO,EAAE,MAAM,EAAE,CAAC;CACnB,CA8DA"}
+{"version":3,"file":"security-patterns.d.ts","sourceRoot":"","sources":["../../../server/mcp/security-patterns.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAEzF,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EAiB5C,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,gBAAgB,EAAE,eAAe,EAqC7C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EA2D5C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,eAAe,EAoE5C,CAAC;AAIF;;GAEG;AACH,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,GAAG,eAAe,GAAG,IAAI,CAOrG;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAQ5D"}

package/dist/server/mcp/security-patterns.js

@@ -11,8 +11,13 @@
  * - Only truly catastrophic operations (rm -rf /, fork bombs) are auto-denied
  * - Sensitive operations (system paths, credentials) get AI review with context
  * - The question is: "Does this operation make sense given user intent?"
+ *
+ * Analysis logic (requiresAIReview, classifyRisk) lives in security-analysis.ts
+ * and is re-exported here for backward compatibility.
  */
 import { resolve } from 'node:path';
+// Re-export analysis functions for backward compatibility
+export { classifyRisk, isSensitivePath, requiresAIReview } from './security-analysis.js';
 /**
  * Sensitive paths that require AI context review
  * These aren't auto-denied - they need context analysis to determine intent
@@ -45,8 +50,6 @@ export const SENSITIVE_PATHS = [
  * for context review. Only truly never-legitimate commands are here.
  */
 export const CRITICAL_THREATS = [
-    // Deleting root or home - no legitimate dev task requires this
-    // If user really wants this, they can run it manually outside Claude
     {
         pattern: /rm\s+-rf\s+(\/|~)($|\s)/i,
         reason: 'Deleting root (/) or home (~) directory is never a legitimate dev task'
@@ -75,7 +78,6 @@ export const CRITICAL_THREATS = [
         pattern: /chmod\s+000\s+\//i,
         reason: 'Attempting to make system directories inaccessible'
     },
-    // Reverse shells - never legitimate in a dev workflow
     {
         pattern: /\/dev\/tcp\//i,
         reason: 'Reverse shell via /dev/tcp - classic backdoor technique'
@@ -84,8 +86,6 @@ export const CRITICAL_THREATS = [
         pattern: /\bnc\b.*-[elp].*\b\d+\b/i,
         reason: 'Netcat listener/reverse shell - common backdoor technique'
     },
-    // NOTE: curl|bash is NOT here - it goes to Haiku for context review
-    // The question is "did a bad actor inject this?" not "is curl|bash dangerous?"
 ];
 /**
  * Safe operations that can be immediately allowed (confidence: 95%)
@@ -96,14 +96,12 @@ export const SAFE_OPERATIONS = [
     { pattern: /^Read:/i },
     { pattern: /^Glob:/i },
     { pattern: /^Grep:/i },
-    // Write/Edit to user home directory or subdirectories - user requested, allow it
-    // Excludes system paths which go through critical threats check
-    { pattern: /^Write:\s*\/Users\/[^/]+\//i }, // macOS home dirs - Write
-    { pattern: /^Edit:\s*\/Users\/[^/]+\//i }, // macOS home dirs - Edit
-    { pattern: /^Write:\s*\/home\/[^/]+\//i }, // Linux home dirs - Write
-    { pattern: /^Edit:\s*\/home\/[^/]+\//i }, // Linux home dirs - Edit
+    // Write/Edit to user home directory or subdirectories
+    { pattern: /^Write:\s*\/Users\/[^/]+\//i },
+    { pattern: /^Edit:\s*\/Users\/[^/]+\//i },
+    { pattern: /^Write:\s*\/home\/[^/]+\//i },
+    { pattern: /^Edit:\s*\/home\/[^/]+\//i },
     // Safe bash commands - common development workflows
-    // NOTE: curl|bash goes to Haiku for context review, not auto-allowed
     { pattern: /^Bash:\s*(npm|yarn|pnpm|bun)\s+(install|ci|run|test|build|dev|start|lint|format)($|\s)/i },
     { pattern: /^Bash:\s*git\s+(status|log|diff|show|branch|clone|pull|fetch|add|stash|checkout)($|\s)/i },
     { pattern: /^Bash:\s*docker\s+(build|run|ps|logs|compose|images)($|\s)/i },
@@ -117,20 +115,37 @@ export const SAFE_OPERATIONS = [
     { pattern: /^Bash:\s*rm\s+-rf\s+(\.\/)?\.next($|\s)/i },
     { pattern: /^Bash:\s*rm\s+-rf\s+(\.\/)?target($|\s)/i },
     { pattern: /^Bash:\s*rm\s+-rf\s+(\.\/)?__pycache__($|\s)/i },
-    // Write/Edit to temp directories - ephemeral, low risk
+    // Write/Edit to temp directories
     { pattern: /^(Write|Edit):\s*\/tmp\//i },
     { pattern: /^(Write|Edit):\s*\/var\/tmp\//i },
-    // Side-effect-free tools - no dangerous operations possible
+    // Side-effect-free tools
     { pattern: /^(ExitPlanMode|EnterPlanMode|TodoWrite|AskUserQuestion):/i },
+    // Additional common dev commands
+    { pattern: /^Bash:\s*(tsc|tsx|node|bun|deno|npx|bunx)\s/i },
+    { pattern: /^Bash:\s*(vitest|jest|mocha|tap)\s/i },
+    { pattern: /^Bash:\s*(biome|eslint|prettier|tslint)\s+(check|lint|format)/i },
+    { pattern: /^Bash:\s*(make|cmake|ninja|meson)($|\s)/i },
+    { pattern: /^Bash:\s*git\s+(commit|push|tag|remote|rebase|merge|cherry-pick|reset|revert)($|\s)/i },
+    { pattern: /^Bash:\s*git\s+(worktree|submodule|config|clean|gc)($|\s)/i },
+    { pattern: /^Bash:\s*(uname|hostname|whoami|id|groups|uptime|df|du|free|top|ps|lsof|stat|file|readlink)($|\s)/i },
+    { pattern: /^Bash:\s*(mv|cp|touch|ln|basename|dirname|realpath|mktemp|xargs|tee|tr|cut|paste|comm|diff|patch)($|\s)/i },
+    { pattern: /^Bash:\s*(tar|gzip|gunzip|zip|unzip|bzip2)\s/i },
+    { pattern: /^Bash:\s*(ruby|python3?|php|java|javac|scala|kotlinc|swift|rustc|gcc|g\+\+|clang)\s/i },
+    { pattern: /^Bash:\s*(pip|pip3|gem|bundle|composer|maven|gradle|sbt|cargo|rustup)\s/i },
+    { pattern: /^Bash:\s*(gh|hub)\s+(pr|issue|repo|release|run|api)\s/i },
+    { pattern: /^Bash:\s*(flyctl|fly)\s+(status|logs|ssh|deploy|apps|machines|secrets)($|\s)/i },
+    { pattern: /^Bash:\s*(terraform|tofu)\s+(init|plan|apply|validate|fmt|show|output)($|\s)/i },
+    { pattern: /^Bash:\s*wc($|\s)/i },
+    // WebFetch/WebSearch are inherently read-only
+    { pattern: /^WebFetch:/i },
+    { pattern: /^WebSearch:/i },
+    // Agent and NotebookEdit are orchestration-only
+    { pattern: /^Agent:/i },
+    { pattern: /^NotebookEdit:/i },
 ];
 /**
  * Patterns that trigger AI context review
  * These operations need context analysis to determine if they align with user intent
- *
- * The AI should consider:
- * 1. Did the user explicitly request this operation?
- * 2. Does it make sense given the task at hand?
- * 3. Is the content/action appropriate for the target?
  */
 export const NEEDS_AI_REVIEW = [
     // Remote code execution patterns
@@ -139,106 +154,58 @@ export const NEEDS_AI_REVIEW = [
         reason: 'Pipe to shell - verify source is trusted and user intended this'
     },
     // Elevated privileges
-    {
-        pattern: /sudo/i,
-        reason: 'Elevated privileges - verify user intended this action'
-    },
+    { pattern: /sudo/i, reason: 'Elevated privileges - verify user intended this action' },
     // Destructive operations (except safe build artifact cleanup)
-    {
-        pattern: /rm\s+-rf/i,
-        reason: 'Recursive deletion - verify target matches user intent'
-    },
-    // Data exfiltration patterns — piping data to network tools
-    {
-        pattern: /\|\s*(nc|netcat|ncat)\b/i,
-        reason: 'Pipe to netcat - potential data exfiltration'
-    },
-    {
-        pattern: /\bscp\b.*@/i,
-        reason: 'SCP to remote host - potential data exfiltration'
-    },
-    {
-        pattern: /\|\s*curl\b/i,
-        reason: 'Pipe to curl - potential data exfiltration'
-    },
-    {
-        pattern: /curl\b.*-d\s*@/i,
-        reason: 'Curl with file upload - potential data exfiltration'
-    },
+    { pattern: /rm\s+-rf/i, reason: 'Recursive deletion - verify target matches user intent' },
+    // Data exfiltration patterns
+    { pattern: /\|\s*(nc|netcat|ncat)\b/i, reason: 'Pipe to netcat - potential data exfiltration' },
+    { pattern: /\bscp\b.*@/i, reason: 'SCP to remote host - potential data exfiltration' },
+    { pattern: /\|\s*curl\b/i, reason: 'Pipe to curl - potential data exfiltration' },
+    { pattern: /curl\b.*-d\s*@/i, reason: 'Curl with file upload - potential data exfiltration' },
     // ALL Write/Edit operations that aren't to /tmp go through context review
-    // This is the key change: we review based on context, not blanket allow/deny
     {
         pattern: /^(Write|Edit):\s*(?!\/tmp\/|\/var\/tmp\/)/i,
         reason: 'File modification - verify aligns with user request'
     },
-    // Reverse shells and bind shells — network-connected interactive shells
-    {
-        pattern: /\/dev\/tcp\//i,
-        reason: 'Potential reverse shell via /dev/tcp'
-    },
-    {
-        pattern: /\b(nc|netcat|ncat)\b.*-e\s/i,
-        reason: 'Netcat with -e flag - potential reverse shell'
-    },
+    // Reverse shells and bind shells
+    { pattern: /\/dev\/tcp\//i, reason: 'Potential reverse shell via /dev/tcp' },
+    { pattern: /\b(nc|netcat|ncat)\b.*-e\s/i, reason: 'Netcat with -e flag - potential reverse shell' },
     {
         pattern: /\bsocket\b.*\bconnect\b.*\b(dup2|subprocess|exec)\b/i,
         reason: 'Programmatic reverse shell pattern (socket+connect+exec)'
     },
-    {
-        pattern: /\bperl\b.*\bsocket\b.*\bexec\b/i,
-        reason: 'Perl reverse shell pattern'
-    },
+    { pattern: /\bperl\b.*\bsocket\b.*\bexec\b/i, reason: 'Perl reverse shell pattern' },
     // Encoded/obfuscated payloads piped to shell or eval
     {
         pattern: /\b(base64|base32)\b.*-d.*\|\s*(bash|sh)\b/i,
         reason: 'Decoded payload piped to shell - obfuscated command execution'
     },
-    {
-        pattern: /\\x[0-9a-f]{2}.*\|\s*(bash|sh)\b/i,
-        reason: 'Hex-encoded payload piped to shell'
-    },
-    {
-        pattern: /\bexec\b.*\b(base64|b64decode)\b/i,
-        reason: 'Exec with base64 decoding - obfuscated code execution'
-    },
+    { pattern: /\\x[0-9a-f]{2}.*\|\s*(bash|sh)\b/i, reason: 'Hex-encoded payload piped to shell' },
+    { pattern: /\bexec\b.*\b(base64|b64decode)\b/i, reason: 'Exec with base64 decoding - obfuscated code execution' },
     {
         pattern: /\bprintf\b.*\\x[0-9a-f].*\|\s*(bash|sh)\b/i,
         reason: 'Printf hex payload piped to shell'
     },
-    // Cloud metadata / SSRF — accessing cloud instance credentials
-    {
-        pattern: /169\.254\.169\.254/i,
-        reason: 'AWS/Azure IMDS access - potential credential theft'
-    },
-    {
-        pattern: /metadata\.google\.internal/i,
-        reason: 'GCP metadata access - potential credential theft'
-    },
-    // Persistence — writing to shell profiles, cron, authorized_keys via echo/append
+    // Cloud metadata / SSRF
+    { pattern: /169\.254\.169\.254/i, reason: 'AWS/Azure IMDS access - potential credential theft' },
+    { pattern: /metadata\.google\.internal/i, reason: 'GCP metadata access - potential credential theft' },
+    // Persistence mechanisms
     {
         pattern: />>\s*~?\/?.*\/(authorized_keys|\.bashrc|\.bash_profile|\.zshrc|\.profile)/i,
         reason: 'Appending to sensitive file - potential persistence mechanism'
     },
-    {
-        pattern: /\bld\.so\.preload\b/i,
-        reason: 'LD_PRELOAD injection - shared library hijacking'
-    },
+    { pattern: /\bld\.so\.preload\b/i, reason: 'LD_PRELOAD injection - shared library hijacking' },
     // wget with file upload
-    {
-        pattern: /wget\b.*--post-file/i,
-        reason: 'wget file upload - potential data exfiltration'
-    },
+    { pattern: /wget\b.*--post-file/i, reason: 'wget file upload - potential data exfiltration' },
     // pip install from custom index (supply chain attack)
     {
         pattern: /pip\b.*--index-url\s+https?:\/\/(?!pypi\.org)/i,
         reason: 'pip install from non-PyPI index - potential supply chain attack'
     },
     // MCP server manipulation
-    {
-        pattern: /\bclaude\b.*\bmcp\b.*\badd\b/i,
-        reason: 'Adding MCP server - verify source is trusted'
-    },
+    { pattern: /\bclaude\b.*\bmcp\b.*\badd\b/i, reason: 'Adding MCP server - verify source is trusted' },
 ];
+// ── Utility functions ─────────────────────────────────────────
 /**
  * Check if operation matches any pattern in array
  */
@@ -264,176 +231,4 @@ export function normalizeOperation(operation) {
     }
     return operation;
 }
-/** Check if a Bash command contains chain operators that could hide dangerous ops after a safe prefix. */
-function containsChainOperators(operation) {
-    const commandPart = operation.replace(/^Bash:\s*/i, '');
-    return /;|&&|\|\||\n/.test(commandPart);
-}
-/** Check if a Bash command pipes output to known exfiltration/network tools or shells. */
-function containsDangerousPipe(operation) {
-    const commandPart = operation.replace(/^Bash:\s*/i, '');
-    return /\|\s*(nc|netcat|ncat|curl|wget|scp|bash|sh)\b/i.test(commandPart);
-}
-/** Check if a Bash command redirects output to sensitive paths (append or overwrite). */
-function containsSensitiveRedirect(operation) {
-    const commandPart = operation.replace(/^Bash:\s*/i, '');
-    return />>?\s*~?\/?.*\/(authorized_keys|\.bashrc|\.bash_profile|\.zshrc|\.profile|\.ssh\/|\.aws\/|\.gnupg\/|ld\.so\.preload|crontab|sudoers)/i.test(commandPart)
-        || />>?\s*\/etc\//i.test(commandPart);
-}
-/** Check if a Bash command contains subshell or backtick expansion (not simple ${VAR}). */
-function containsBashExpansion(operation) {
-    const commandPart = operation.replace(/^Bash:\s*/i, '');
-    return /`[^`]+`/.test(commandPart) || /\$\([^)]+\)/.test(commandPart);
-}
-/** Check if a Bash command contains any form of shell expansion: ${VAR}, $(...), or backticks. */
-function containsAnyExpansion(operation) {
-    const cmd = operation.replace(/^Bash:\s*/i, '');
-    return /\$\{[^}]+\}/.test(cmd) || /\$\([^)]+\)/.test(cmd) || /`[^`]+`/.test(cmd);
-}
-/** Check if expansion is safely used as an argument to a known-safe command prefix.
- *  e.g., "echo ${HOME}" or "cat ${FILE}" — the expansion can't change the command itself. */
-function isSafeExpansionUse(operation) {
-    const cmd = operation.replace(/^Bash:\s*/i, '').trim();
-    // If the expansion IS the command (first token), it's never safe
-    if (/^(\$\{|\$\(|`)/.test(cmd))
-        return false;
-    // Safe command prefixes where expansion as an argument is harmless
-    const safePrefix = /^(echo|printf|cat|ls|pwd|whoami|date|env|printenv|test|true|false)\s/i;
-    return safePrefix.test(cmd);
-}
-/**
- * Determine if operation requires AI context review
- *
- * The philosophy here is:
- * - SENSITIVE_PATHS: Always require review (credentials, system configs)
- * - SAFE_OPERATIONS: No review needed, UNLESS the bash command contains
- *   chain operators, dangerous pipes, or subshell/backtick expansion
- * - CRITICAL_THREATS: Auto-deny, no review (catastrophic operations)
- * - Everything else: AI reviews context to determine if it matches user intent
- */
-const SAFE_RM_PATTERNS = [
-    /rm\s+-rf\s+(\.\/)?node_modules($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?dist($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?build($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?\.cache($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?\.next($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?target($|\s)/i,
-    /rm\s+-rf\s+(\.\/)?__pycache__($|\s)/i,
-];
-export function requiresAIReview(operation) {
-    // Normalize paths to prevent .. traversal bypass
-    const op = normalizeOperation(operation);
-    // Check sensitive paths BEFORE safe operations — prevents home-dir
-    // safe pattern from masking .ssh, .aws, .bashrc, etc.
-    if (matchesPattern(op, SENSITIVE_PATHS))
-        return true;
-    // Bash commands with any shell expansion (${VAR}, $(...), backticks) are
-    // opaque — the bouncer can't predict what they expand to at runtime.
-    // Route to AI review BEFORE checking CRITICAL_THREATS or SAFE_OPERATIONS,
-    // UNLESS the command is clearly safe (expansion is just an argument to a
-    // known-safe prefix like "echo ${HOME}").
-    if (/^Bash:/i.test(op) && containsAnyExpansion(op) && !isSafeExpansionUse(op)) {
-        return true;
-    }
-    if (matchesPattern(op, SAFE_OPERATIONS)) {
-        // Safe bash commands must not contain chain operators, dangerous pipes,
-        // or subshell/backtick expansion that could hide dangerous operations.
-        // A safe prefix (e.g., "git clone") with chain operators (&&, ;, ||)
-        // means the full command isn't necessarily safe — route to AI review.
-        if (/^Bash:/i.test(op) && (containsChainOperators(op) ||
-            containsDangerousPipe(op) ||
-            containsBashExpansion(op) ||
-            containsSensitiveRedirect(op))) {
-            return true;
-        }
-        return false;
-    }
-    if (matchesPattern(op, CRITICAL_THREATS))
-        return false;
-    if (matchesPattern(op, NEEDS_AI_REVIEW)) {
-        return !SAFE_RM_PATTERNS.some(p => p.test(op));
-    }
-    // Glob patterns and script execution are concerning in Bash commands
-    if (/^Bash:/.test(op)) {
-        if (/\*\*?/.test(op))
-            return true;
-        if (/^Bash:\s*\.\//.test(op))
-            return true;
-    }
-    return false;
-}
-/**
- * Check if operation targets a sensitive path
- * Used to provide additional context to AI reviewer
- */
-export function isSensitivePath(operation) {
-    return matchesPattern(operation, SENSITIVE_PATHS);
-}
-/**
- * Classify operation risk level for context-aware review
- *
- * Risk levels indicate how much scrutiny the AI should apply:
- * - critical: Catastrophic if wrong (rm -rf /, fork bombs) - auto-deny
- * - high: Needs clear user intent (sudo, sensitive paths, credentials)
- * - medium: Normal file operations - verify matches user request
- * - low: Safe operations - minimal review needed
- */
-export function classifyRisk(operation) {
-    // Critical threats are auto-denied
-    const criticalThreat = matchesPattern(operation, CRITICAL_THREATS);
-    if (criticalThreat) {
-        return {
-            isDestructive: true,
-            riskLevel: 'critical',
-            reasons: [criticalThreat.reason || 'Critical threat detected']
-        };
-    }
-    // Sensitive paths need high scrutiny but aren't auto-denied
-    const sensitivePath = matchesPattern(operation, SENSITIVE_PATHS);
-    if (sensitivePath) {
-        return {
-            isDestructive: false, // Not inherently destructive, just sensitive
-            riskLevel: 'high',
-            reasons: [sensitivePath.reason || 'Sensitive path - requires clear user intent']
-        };
-    }
-    // Other patterns that need elevated review
-    const elevatedPatterns = [
-        { pattern: /sudo/i, reason: 'Elevated privileges requested' },
-        { pattern: /DROP\s+(TABLE|DATABASE)/i, reason: 'Database deletion' },
-        { pattern: /chmod\s+777/i, reason: 'Dangerous permissions' },
-        { pattern: /(curl|wget).*\|.*(bash|sh)/i, reason: 'Remote code execution' },
-        { pattern: /pkill|killall/i, reason: 'Process termination' },
-        { pattern: /\|\s*(nc|netcat|ncat)\b/i, reason: 'Data exfiltration via netcat' },
-        { pattern: /\bscp\b.*@/i, reason: 'Data exfiltration via SCP' },
-        { pattern: /curl\b.*-d\s*@/i, reason: 'Data exfiltration via curl file upload' },
-    ];
-    for (const pattern of elevatedPatterns) {
-        if (pattern.pattern.test(operation)) {
-            return {
-                isDestructive: true,
-                riskLevel: 'high',
-                reasons: [pattern.reason || 'Elevated risk operation']
-            };
-        }
-    }
-    // Medium risk: only recursive deletions outside safe dirs
-    // NOTE: Write/Edit are NOT flagged as risky - they're normal dev operations
-    if (/rm\s+-rf/i.test(operation)) {
-        // Check if it's actually safe (build artifacts, temp)
-        if (matchesPattern(operation, SAFE_OPERATIONS)) {
-            return { isDestructive: false, riskLevel: 'low', reasons: [] };
-        }
-        return {
-            isDestructive: true,
-            riskLevel: 'medium',
-            reasons: ['Recursive deletion']
-        };
-    }
-    return {
-        isDestructive: false,
-        riskLevel: 'low',
-        reasons: []
-    };
-}
 //# sourceMappingURL=security-patterns.js.map

package/dist/server/mcp/security-patterns.js.map

@@ -1 +1 @@
-{"version":3,"file":"security-patterns.js","sourceRoot":"","sources":["../../../server/mcp/security-patterns.ts"],"names":[],"mappings":"AAAA,8DAA8D;AAC9D,gEAAgE;AAEhE;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAOpC;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,qFAAqF;IACrF,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,2CAA2C,EAAE;IAC7F,EAAE,OAAO,EAAE,qDAAqD,EAAE,MAAM,EAAE,sCAAsC,EAAE;IAClH,EAAE,OAAO,EAAE,4BAA4B,EAAE,MAAM,EAAE,qCAAqC,EAAE;IACxF,EAAE,OAAO,EAAE,4BAA4B,EAAE,MAAM,EAAE,gCAAgC,EAAE;IACnF,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACxF,EAAE,OAAO,EAAE,6DAA6D,EAAE,MAAM,EAAE,4CAA4C,EAAE;IAEhI,uEAAuE;IACvE,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,wCAAwC,EAAE;IAC9F,EAAE,OAAO,EAAE,iCAAiC,EAAE,MAAM,EAAE,+BAA+B,EAAE;IACvF,EAAE,OAAO,EAAE,mDAAmD,EAAE,MAAM,EAAE,sCAAsC,EAAE;IAChH,EAAE,OAAO,EAAE,+DAA+D,EAAE,MAAM,EAAE,0CAA0C,EAAE;IAEhI,kEAAkE;IAClE,EAAE,OAAO,EAAE,+EAA+E,EAAE,MAAM,EAAE,oCAAoC,EAAE;CAC3I,CAAC;AAEF;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAsB;IACjD,+DAA+D;IAC/D,qEAAqE;IACrE;QACE,OAAO,EAAE,0BAA0B;QACnC,MAAM,EAAE,wEAAwE;KACjF;IACD;QACE,OAAO,EAAE,4BAA4B;QACrC,MAAM,EAAE,6DAA6D;KACtE;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,OAAO,EAAE,SAAS;QAClB,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,OAAO,EAAE,yBAAyB;QAClC,MAAM,EAAE,iEAAiE;KAC1E;IACD;QACE,OAAO,EAAE,qBAAqB;QAC9B,MAAM,EAAE,wDAAwD;KACjE;IACD;QACE,OAAO,EAAE,mBAAmB;QAC5B,MAAM,EAAE,oDAAoD;KAC7D;IACD,sDAAsD;IACtD;QACE,OAAO,EAAE,eAAe;QACxB,MAAM,EAAE,yDAAyD;KAClE;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,MAAM,EAAE,2DAA2D;KACpE;IACD,oEAAoE;IACpE,+EAA+E;CAChF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,oDAAoD;IACpD,EAAE,OAAO,EAAE,SAAS,EAAE;IACtB,EAAE,OAAO,EAAE,SAAS,EAAE;IACtB,EAAE,OAAO,EAAE,SAAS,EAAE;IAEtB,iFAAiF;IACjF,gEAAgE;IAChE,EAAE,OAAO,EAAE,6BAA6B,EAAE,EAAG,0BAA0B;IACvE,EAAE,OAAO,EAAE,4BAA4B,EAAE,EAAI,yBAAyB;IACtE,EAAE,OAAO,EAAE,4BAA4B,EAAE,EAAI,0BAA0B;IACvE,EAAE,OAAO,EAAE,2BAA2B,EAAE,EAAK,yBAAyB;IAEtE,oDAAoD;IACpD,qEAAqE;IACrE,EAAE,OAAO,EAAE,yFAAyF,EAAE;IACtG,EAAE,OAAO,EAAE,yFAAyF,EAAE;IACtG,EAAE,OAAO,EAAE,6DAA6D,EAAE;IAC1E,EAAE,OAAO,EAAE,mFAAmF,EAAE;IAChG,EAAE,OAAO,EAAE,uFAAuF,EAAE;IAEpG,+DAA+D;IAC/D,EAAE,OAAO,EAAE,gDAAgD,EAAE;IAC7D,EAAE,OAAO,EAAE,wCAAwC,EAAE;IACrD,EAAE,OAAO,EAAE,yCAAyC,EAAE;IACtD,EAAE,OAAO,EAAE,2CAA2C,EAAE;IACxD,EAAE,OAAO,EAAE,0CAA0C,EAAE;IACvD,EAAE,OAAO,EAAE,0CAA0C,EAAE;IACvD,EAAE,OAAO,EAAE,+CAA+C,EAAE;IAE5D,uDAAuD;IACvD,EAAE,OAAO,EAAE,2BAA2B,EAAE;IACxC,EAAE,OAAO,EAAE,gCAAgC,EAAE;IAE7C,4DAA4D;IAC5D,EAAE,OAAO,EAAE,2DAA2D,EAAE;CACzE,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,iCAAiC;IACjC;QACE,OAAO,EAAE,+BAA+B;QACxC,MAAM,EAAE,iEAAiE;KAC1E;IAED,sBAAsB;IACtB;QACE,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE,wDAAwD;KACjE;IAED,8DAA8D;IAC9D;QACE,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,wDAAwD;KACjE;IAED,4DAA4D;IAC5D;QACE,OAAO,EAAE,0BAA0B;QACnC,MAAM,EAAE,8CAA8C;KACvD;IACD;QACE,OAAO,EAAE,aAAa;QACtB,MAAM,EAAE,kDAAkD;KAC3D;IACD;QACE,OAAO,EAAE,cAAc;QACvB,MAAM,EAAE,4CAA4C;KACrD;IACD;QACE,OAAO,EAAE,iBAAiB;QAC1B,MAAM,EAAE,qDAAqD;KAC9D;IAED,0EAA0E;IAC1E,6EAA6E;IAC7E;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,qDAAqD;KAC9D;IAED,wEAAwE;IACxE;QACE,OAAO,EAAE,eAAe;QACxB,MAAM,EAAE,sCAAsC;KAC/C;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,MAAM,EAAE,+CAA+C;KACxD;IACD;QACE,OAAO,EAAE,sDAAsD;QAC/D,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,OAAO,EAAE,iCAAiC;QAC1C,MAAM,EAAE,4BAA4B;KACrC;IAED,qDAAqD;IACrD;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,+DAA+D;KACxE;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,MAAM,EAAE,oCAAoC;KAC7C;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,MAAM,EAAE,uDAAuD;KAChE;IACD;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,mCAAmC;KAC5C;IAED,+DAA+D;IAC/D;QACE,OAAO,EAAE,qBAAqB;QAC9B,MAAM,EAAE,oDAAoD;KAC7D;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,MAAM,EAAE,kDAAkD;KAC3D;IAED,iFAAiF;IACjF;QACE,OAAO,EAAE,4EAA4E;QACrF,MAAM,EAAE,+DAA+D;KACxE;IACD;QACE,OAAO,EAAE,sBAAsB;QAC/B,MAAM,EAAE,iDAAiD;KAC1D;IAED,wBAAwB;IACxB;QACE,OAAO,EAAE,sBAAsB;QAC/B,MAAM,EAAE,gDAAgD;KACzD;IAED,sDAAsD;IACtD;QACE,OAAO,EAAE,gDAAgD;QACzD,MAAM,EAAE,iEAAiE;KAC1E;IAED,0BAA0B;IAC1B;QACE,OAAO,EAAE,+BAA+B;QACxC,MAAM,EAAE,8CAA8C;KACvD;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,SAAiB,EAAE,QAA2B;IAC3E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC9D,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,GAAG,KAAK,CAAC;QAChC,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QACxC,OAAO,GAAG,IAAI,KAAK,cAAc,EAAE,CAAC;IACtC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,0GAA0G;AAC1G,SAAS,sBAAsB,CAAC,SAAiB;IAC/C,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AAC1C,CAAC;AAED,0FAA0F;AAC1F,SAAS,qBAAqB,CAAC,SAAiB;IAC9C,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,gDAAgD,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AAC5E,CAAC;AAED,yFAAyF;AACzF,SAAS,yBAAyB,CAAC,SAAiB;IAClD,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,uIAAuI,CAAC,IAAI,CAAC,WAAW,CAAC;WAC3J,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AAC1C,CAAC;AAED,2FAA2F;AAC3F,SAAS,qBAAqB,CAAC,SAAiB;IAC9C,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IACxD,OAAO,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;AACxE,CAAC;AAED,kGAAkG;AAClG,SAAS,oBAAoB,CAAC,SAAiB;IAC7C,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IAChD,OAAO,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACnF,CAAC;AAED;6FAC6F;AAC7F,SAAS,kBAAkB,CAAC,SAAiB;IAC3C,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACvD,iEAAiE;IACjE,IAAI,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,mEAAmE;IACnE,MAAM,UAAU,GAAG,uEAAuE,CAAC;IAC3F,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,gBAAgB,GAAG;IACvB,uCAAuC;IACvC,+BAA+B;IAC/B,gCAAgC;IAChC,kCAAkC;IAClC,iCAAiC;IACjC,iCAAiC;IACjC,sCAAsC;CACvC,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAChD,iDAAiD;IACjD,MAAM,EAAE,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAEzC,mEAAmE;IACnE,sDAAsD;IACtD,IAAI,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC;QAAE,OAAO,IAAI,CAAC;IAErD,yEAAyE;IACzE,qEAAqE;IACrE,0EAA0E;IAC1E,yEAAyE;IACzE,0CAA0C;IAC1C,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,oBAAoB,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC,EAAE,CAAC;QAC9E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,EAAE,CAAC;QACxC,wEAAwE;QACxE,uEAAuE;QACvE,qEAAqE;QACrE,sEAAsE;QACtE,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CACxB,sBAAsB,CAAC,EAAE,CAAC;YAC1B,qBAAqB,CAAC,EAAE,CAAC;YACzB,qBAAqB,CAAC,EAAE,CAAC;YACzB,yBAAyB,CAAC,EAAE,CAAC,CAC9B,EAAE,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,cAAc,CAAC,EAAE,EAAE,gBAAgB,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvD,IAAI,cAAc,CAAC,EAAE,EAAE,eAAe,CAAC,EAAE,CAAC;QACxC,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,qEAAqE;IACrE,IAAI,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;QACtB,IAAI,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,OAAO,IAAI,CAAC;QAClC,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,OAAO,IAAI,CAAC;IAC5C,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,SAAiB;IAC/C,OAAO,cAAc,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB;IAK5C,mCAAmC;IACnC,MAAM,cAAc,GAAG,cAAc,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;IACnE,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,UAAU;YACrB,OAAO,EAAE,CAAC,cAAc,CAAC,MAAM,IAAI,0BAA0B,CAAC;SAC/D,CAAC;IACJ,CAAC;IAED,4DAA4D;IAC5D,MAAM,aAAa,GAAG,cAAc,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IACjE,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO;YACL,aAAa,EAAE,KAAK,EAAE,6CAA6C;YACnE,SAAS,EAAE,MAAM;YACjB,OAAO,EAAE,CAAC,aAAa,CAAC,MAAM,IAAI,6CAA6C,CAAC;SACjF,CAAC;IACJ,CAAC;IAED,2CAA2C;IAC3C,MAAM,gBAAgB,GAAsB;QAC1C,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,+BAA+B,EAAE;QAC7D,EAAE,OAAO,EAAE,0BAA0B,EAAE,MAAM,EAAE,mBAAmB,EAAE;QACpE,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,uBAAuB,EAAE;QAC5D,EAAE,OAAO,EAAE,6BAA6B,EAAE,MAAM,EAAE,uBAAuB,EAAE;QAC3E,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,qBAAqB,EAAE;QAC5D,EAAE,OAAO,EAAE,0BAA0B,EAAE,MAAM,EAAE,8BAA8B,EAAE;QAC/E,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,2BAA2B,EAAE;QAC/D,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,wCAAwC,EAAE;KACjF,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,OAAO;gBACL,aAAa,EAAE,IAAI;gBACnB,SAAS,EAAE,MAAM;gBACjB,OAAO,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,yBAAyB,CAAC;aACvD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,0DAA0D;IAC1D,4EAA4E;IAC5E,IAAI,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAChC,sDAAsD;QACtD,IAAI,cAAc,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,CAAC;YAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;QACjE,CAAC;QACD,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,QAAQ;YACnB,OAAO,EAAE,CAAC,oBAAoB,CAAC;SAChC,CAAC;IACJ,CAAC;IAED,OAAO;QACL,aAAa,EAAE,KAAK;QACpB,SAAS,EAAE,KAAK;QAChB,OAAO,EAAE,EAAE;KACZ,CAAC;AACJ,CAAC"}
+{"version":3,"file":"security-patterns.js","sourceRoot":"","sources":["../../../server/mcp/security-patterns.ts"],"names":[],"mappings":"AAAA,8DAA8D;AAC9D,gEAAgE;AAEhE;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,0DAA0D;AAC1D,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAOzF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,qFAAqF;IACrF,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,2CAA2C,EAAE;IAC7F,EAAE,OAAO,EAAE,qDAAqD,EAAE,MAAM,EAAE,sCAAsC,EAAE;IAClH,EAAE,OAAO,EAAE,4BAA4B,EAAE,MAAM,EAAE,qCAAqC,EAAE;IACxF,EAAE,OAAO,EAAE,4BAA4B,EAAE,MAAM,EAAE,gCAAgC,EAAE;IACnF,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACxF,EAAE,OAAO,EAAE,6DAA6D,EAAE,MAAM,EAAE,4CAA4C,EAAE;IAEhI,uEAAuE;IACvE,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,wCAAwC,EAAE;IAC9F,EAAE,OAAO,EAAE,iCAAiC,EAAE,MAAM,EAAE,+BAA+B,EAAE;IACvF,EAAE,OAAO,EAAE,mDAAmD,EAAE,MAAM,EAAE,sCAAsC,EAAE;IAChH,EAAE,OAAO,EAAE,+DAA+D,EAAE,MAAM,EAAE,0CAA0C,EAAE;IAEhI,kEAAkE;IAClE,EAAE,OAAO,EAAE,+EAA+E,EAAE,MAAM,EAAE,oCAAoC,EAAE;CAC3I,CAAC;AAEF;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAsB;IACjD;QACE,OAAO,EAAE,0BAA0B;QACnC,MAAM,EAAE,wEAAwE;KACjF;IACD;QACE,OAAO,EAAE,4BAA4B;QACrC,MAAM,EAAE,6DAA6D;KACtE;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,OAAO,EAAE,SAAS;QAClB,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,OAAO,EAAE,yBAAyB;QAClC,MAAM,EAAE,iEAAiE;KAC1E;IACD;QACE,OAAO,EAAE,qBAAqB;QAC9B,MAAM,EAAE,wDAAwD;KACjE;IACD;QACE,OAAO,EAAE,mBAAmB;QAC5B,MAAM,EAAE,oDAAoD;KAC7D;IACD;QACE,OAAO,EAAE,eAAe;QACxB,MAAM,EAAE,yDAAyD;KAClE;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,MAAM,EAAE,2DAA2D;KACpE;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,oDAAoD;IACpD,EAAE,OAAO,EAAE,SAAS,EAAE;IACtB,EAAE,OAAO,EAAE,SAAS,EAAE;IACtB,EAAE,OAAO,EAAE,SAAS,EAAE;IAEtB,sDAAsD;IACtD,EAAE,OAAO,EAAE,6BAA6B,EAAE;IAC1C,EAAE,OAAO,EAAE,4BAA4B,EAAE;IACzC,EAAE,OAAO,EAAE,4BAA4B,EAAE;IACzC,EAAE,OAAO,EAAE,2BAA2B,EAAE;IAExC,oDAAoD;IACpD,EAAE,OAAO,EAAE,yFAAyF,EAAE;IACtG,EAAE,OAAO,EAAE,yFAAyF,EAAE;IACtG,EAAE,OAAO,EAAE,6DAA6D,EAAE;IAC1E,EAAE,OAAO,EAAE,mFAAmF,EAAE;IAChG,EAAE,OAAO,EAAE,uFAAuF,EAAE;IAEpG,+DAA+D;IAC/D,EAAE,OAAO,EAAE,gDAAgD,EAAE;IAC7D,EAAE,OAAO,EAAE,wCAAwC,EAAE;IACrD,EAAE,OAAO,EAAE,yCAAyC,EAAE;IACtD,EAAE,OAAO,EAAE,2CAA2C,EAAE;IACxD,EAAE,OAAO,EAAE,0CAA0C,EAAE;IACvD,EAAE,OAAO,EAAE,0CAA0C,EAAE;IACvD,EAAE,OAAO,EAAE,+CAA+C,EAAE;IAE5D,iCAAiC;IACjC,EAAE,OAAO,EAAE,2BAA2B,EAAE;IACxC,EAAE,OAAO,EAAE,gCAAgC,EAAE;IAE7C,yBAAyB;IACzB,EAAE,OAAO,EAAE,2DAA2D,EAAE;IAExE,iCAAiC;IACjC,EAAE,OAAO,EAAE,8CAA8C,EAAE;IAC3D,EAAE,OAAO,EAAE,qCAAqC,EAAE;IAClD,EAAE,OAAO,EAAE,gEAAgE,EAAE;IAC7E,EAAE,OAAO,EAAE,0CAA0C,EAAE;IACvD,EAAE,OAAO,EAAE,sFAAsF,EAAE;IACnG,EAAE,OAAO,EAAE,4DAA4D,EAAE;IACzE,EAAE,OAAO,EAAE,oGAAoG,EAAE;IACjH,EAAE,OAAO,EAAE,0GAA0G,EAAE;IACvH,EAAE,OAAO,EAAE,+CAA+C,EAAE;IAC5D,EAAE,OAAO,EAAE,sFAAsF,EAAE;IACnG,EAAE,OAAO,EAAE,0EAA0E,EAAE;IACvF,EAAE,OAAO,EAAE,wDAAwD,EAAE;IACrE,EAAE,OAAO,EAAE,+EAA+E,EAAE;IAC5F,EAAE,OAAO,EAAE,+EAA+E,EAAE;IAC5F,EAAE,OAAO,EAAE,oBAAoB,EAAE;IAEjC,8CAA8C;IAC9C,EAAE,OAAO,EAAE,aAAa,EAAE;IAC1B,EAAE,OAAO,EAAE,cAAc,EAAE;IAE3B,gDAAgD;IAChD,EAAE,OAAO,EAAE,UAAU,EAAE;IACvB,EAAE,OAAO,EAAE,iBAAiB,EAAE;CAC/B,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAsB;IAChD,iCAAiC;IACjC;QACE,OAAO,EAAE,+BAA+B;QACxC,MAAM,EAAE,iEAAiE;KAC1E;IAED,sBAAsB;IACtB,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,wDAAwD,EAAE;IAEtF,8DAA8D;IAC9D,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,wDAAwD,EAAE;IAE1F,6BAA6B;IAC7B,EAAE,OAAO,EAAE,0BAA0B,EAAE,MAAM,EAAE,8CAA8C,EAAE;IAC/F,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,kDAAkD,EAAE;IACtF,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,4CAA4C,EAAE;IACjF,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,qDAAqD,EAAE;IAE7F,0EAA0E;IAC1E;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,qDAAqD;KAC9D;IAED,iCAAiC;IACjC,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,sCAAsC,EAAE;IAC5E,EAAE,OAAO,EAAE,6BAA6B,EAAE,MAAM,EAAE,+CAA+C,EAAE;IACnG;QACE,OAAO,EAAE,sDAAsD;QAC/D,MAAM,EAAE,0DAA0D;KACnE;IACD,EAAE,OAAO,EAAE,iCAAiC,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAEpF,qDAAqD;IACrD;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,+DAA+D;KACxE;IACD,EAAE,OAAO,EAAE,mCAAmC,EAAE,MAAM,EAAE,oCAAoC,EAAE;IAC9F,EAAE,OAAO,EAAE,mCAAmC,EAAE,MAAM,EAAE,uDAAuD,EAAE;IACjH;QACE,OAAO,EAAE,4CAA4C;QACrD,MAAM,EAAE,mCAAmC;KAC5C;IAED,wBAAwB;IACxB,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,oDAAoD,EAAE;IAChG,EAAE,OAAO,EAAE,6BAA6B,EAAE,MAAM,EAAE,kDAAkD,EAAE;IAEtG,yBAAyB;IACzB;QACE,OAAO,EAAE,4EAA4E;QACrF,MAAM,EAAE,+DAA+D;KACxE;IACD,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,iDAAiD,EAAE;IAE9F,wBAAwB;IACxB,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,gDAAgD,EAAE;IAE7F,sDAAsD;IACtD;QACE,OAAO,EAAE,gDAAgD;QACzD,MAAM,EAAE,iEAAiE;KAC1E;IAED,0BAA0B;IAC1B,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,8CAA8C,EAAE;CACrG,CAAC;AAEF,iEAAiE;AAEjE;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,SAAiB,EAAE,QAA2B;IAC3E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YACpC,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC9D,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,GAAG,KAAK,CAAC;QAChC,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QACxC,OAAO,GAAG,IAAI,KAAK,cAAc,EAAE,CAAC;IACtC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/server/server-setup.d.ts

@@ -0,0 +1,22 @@
+import type { WebSocket as NodeWebSocket } from 'ws';
+import type { WSContext } from './services/websocket/types.js';
+/**
+ * Set the terminal tab title
+ * Format: "mstro: directory_name"
+ */
+export declare function setTerminalTitle(directory: string): void;
+/**
+ * Ensure .claude/settings.json exists with recommended settings
+ * for optimal Claude Code performance with Mstro
+ */
+export declare function ensureClaudeSettings(workingDir: string): void;
+/**
+ * Wrap a ws WebSocket to match our WSContext interface
+ */
+export declare function wrapWebSocket(ws: NodeWebSocket, workingDir: string): WSContext;
+/**
+ * Create a virtual WebSocket context that sends responses through the platform relay.
+ * This allows messages from the web (via platform) to be handled by the same wsHandler.
+ */
+export declare function createPlatformRelayContext(platformSend: (message: unknown) => void, workingDir: string): WSContext;
+//# sourceMappingURL=server-setup.d.ts.map

package/dist/server/server-setup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server-setup.d.ts","sourceRoot":"","sources":["../../server/server-setup.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,SAAS,IAAI,aAAa,EAAE,MAAM,IAAI,CAAA;AACpD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,+BAA+B,CAAA;AAE9D;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAIxD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CA6C7D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,EAAE,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,GAAG,SAAS,CAQ9E;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CACxC,YAAY,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,IAAI,EACxC,UAAU,EAAE,MAAM,GACjB,SAAS,CAiBX"}

package/dist/server/server-setup.js

@@ -0,0 +1,101 @@
+// Copyright (c) 2025-present Mstro, Inc. All rights reserved.
+// Licensed under the MIT License. See LICENSE file for details.
+/**
+ * Server Setup Utilities — Helpers for the main server entry point.
+ *
+ * - ensureClaudeSettings: Ensures .claude/settings.json has recommended defaults
+ * - wrapWebSocket / createPlatformRelayContext: WSContext adapters
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { basename, join } from 'node:path';
+/**
+ * Set the terminal tab title
+ * Format: "mstro: directory_name"
+ */
+export function setTerminalTitle(directory) {
+    const dirName = basename(directory) || directory;
+    const title = `mstro: ${dirName}`;
+    process.stdout.write(`\x1b]0;${title}\x07`);
+}
+/**
+ * Ensure .claude/settings.json exists with recommended settings
+ * for optimal Claude Code performance with Mstro
+ */
+export function ensureClaudeSettings(workingDir) {
+    const claudeDir = join(workingDir, '.claude');
+    const settingsPath = join(claudeDir, 'settings.json');
+    if (!existsSync(claudeDir)) {
+        mkdirSync(claudeDir, { recursive: true });
+    }
+    const recommendedSettings = {
+        env: {
+            CLAUDE_CODE_MAX_OUTPUT_TOKENS: "64000",
+            DISABLE_NONESSENTIAL_TRAFFIC: "1"
+        }
+    };
+    if (!existsSync(settingsPath)) {
+        writeFileSync(settingsPath, JSON.stringify(recommendedSettings, null, 2));
+        console.log(`📝 Created .claude/settings.json with recommended settings`);
+    }
+    else {
+        try {
+            const existingSettings = JSON.parse(readFileSync(settingsPath, 'utf-8'));
+            let updated = false;
+            if (!existingSettings.env) {
+                existingSettings.env = {};
+                updated = true;
+            }
+            if (!existingSettings.env.CLAUDE_CODE_MAX_OUTPUT_TOKENS) {
+                existingSettings.env.CLAUDE_CODE_MAX_OUTPUT_TOKENS = "64000";
+                updated = true;
+            }
+            if (!existingSettings.env.DISABLE_NONESSENTIAL_TRAFFIC) {
+                existingSettings.env.DISABLE_NONESSENTIAL_TRAFFIC = "1";
+                updated = true;
+            }
+            if (updated) {
+                writeFileSync(settingsPath, JSON.stringify(existingSettings, null, 2));
+                console.log(`📝 Updated .claude/settings.json with recommended env settings`);
+            }
+        }
+        catch (_e) {
+            console.warn(`⚠️ Could not parse existing .claude/settings.json, skipping update`);
+        }
+    }
+}
+/**
+ * Wrap a ws WebSocket to match our WSContext interface
+ */
+export function wrapWebSocket(ws, workingDir) {
+    return {
+        send: (data) => ws.send(data),
+        close: () => ws.close(),
+        readyState: ws.readyState,
+        _workingDir: workingDir,
+        _ws: ws
+    };
+}
+/**
+ * Create a virtual WebSocket context that sends responses through the platform relay.
+ * This allows messages from the web (via platform) to be handled by the same wsHandler.
+ */
+export function createPlatformRelayContext(platformSend, workingDir) {
+    return {
+        send: (data) => {
+            try {
+                const response = typeof data === 'string' ? JSON.parse(data) : JSON.parse(data.toString());
+                platformSend(response);
+            }
+            catch (e) {
+                console.error('[PlatformRelay] Failed to parse response:', e);
+            }
+        },
+        close: () => {
+            // No-op for platform relay
+        },
+        readyState: 1, // WebSocket.OPEN
+        _workingDir: workingDir,
+        _isPlatformRelay: true
+    };
+}
+//# sourceMappingURL=server-setup.js.map

package/dist/server/server-setup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server-setup.js","sourceRoot":"","sources":["../../server/server-setup.ts"],"names":[],"mappings":"AAAA,8DAA8D;AAC9D,gEAAgE;AAEhE;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAC5E,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAI1C;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAiB;IAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,CAAA;IAChD,MAAM,KAAK,GAAG,UAAU,OAAO,EAAE,CAAA;IACjC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,KAAK,MAAM,CAAC,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAAkB;IACrD,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC,CAAA;IAC7C,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,CAAA;IAErD,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAC3C,CAAC;IAED,MAAM,mBAAmB,GAAG;QAC1B,GAAG,EAAE;YACH,6BAA6B,EAAE,OAAO;YACtC,4BAA4B,EAAE,GAAG;SAClC;KACF,CAAA;IAED,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC9B,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QACzE,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAA;IAC3E,CAAC;SAAM,CAAC;QACN,IAAI,CAAC;YACH,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAA;YACxE,IAAI,OAAO,GAAG,KAAK,CAAA;YAEnB,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBAC1B,gBAAgB,CAAC,GAAG,GAAG,EAAE,CAAA;gBACzB,OAAO,GAAG,IAAI,CAAA;YAChB,CAAC;YAED,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,6BAA6B,EAAE,CAAC;gBACxD,gBAAgB,CAAC,GAAG,CAAC,6BAA6B,GAAG,OAAO,CAAA;gBAC5D,OAAO,GAAG,IAAI,CAAA;YAChB,CAAC;YACD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,4BAA4B,EAAE,CAAC;gBACvD,gBAAgB,CAAC,GAAG,CAAC,4BAA4B,GAAG,GAAG,CAAA;gBACvD,OAAO,GAAG,IAAI,CAAA;YAChB,CAAC;YAED,IAAI,OAAO,EAAE,CAAC;gBACZ,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;gBACtE,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAA;YAC/E,CAAC;QACH,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,OAAO,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAA;QACpF,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,EAAiB,EAAE,UAAkB;IACjE,OAAO;QACL,IAAI,EAAE,CAAC,IAAqB,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9C,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE;QACvB,UAAU,EAAE,EAAE,CAAC,UAAU;QACzB,WAAW,EAAE,UAAU;QACvB,GAAG,EAAE,EAAE;KACK,CAAA;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,YAAwC,EACxC,UAAkB;IAElB,OAAO;QACL,IAAI,EAAE,CAAC,IAAqB,EAAE,EAAE;YAC9B,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;gBAC1F,YAAY,CAAC,QAAQ,CAAC,CAAA;YACxB,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QACD,KAAK,EAAE,GAAG,EAAE;YACV,2BAA2B;QAC7B,CAAC;QACD,UAAU,EAAE,CAAC,EAAE,iBAAiB;QAChC,WAAW,EAAE,UAAU;QACvB,gBAAgB,EAAE,IAAI;KACV,CAAA;AAChB,CAAC"}