network-ai 5.8.9 → 5.9.0

package/INTEGRATION_GUIDE.md

@@ -564,4 +564,4 @@ Run these before declaring the integration production-ready:
 
 ---
 
-*Network-AI v5.8.9 · MIT License · https://github.com/Jovancoding/Network-AI*
+*Network-AI v5.9.0 · MIT License · https://github.com/Jovancoding/Network-AI*

package/README.md

@@ -5,7 +5,7 @@
 [![Website](https://img.shields.io/badge/website-network--ai.org-4b9df2?style=flat&logo=web&logoColor=white)](https://network-ai.org/)
 [![CI](https://github.com/Jovancoding/Network-AI/actions/workflows/ci.yml/badge.svg)](https://github.com/Jovancoding/Network-AI/actions/workflows/ci.yml)
 [![CodeQL](https://github.com/Jovancoding/Network-AI/actions/workflows/codeql.yml/badge.svg)](https://github.com/Jovancoding/Network-AI/actions/workflows/codeql.yml)
-[![Release](https://img.shields.io/badge/release-v5.8.9-blue.svg)](https://github.com/Jovancoding/Network-AI/releases)
+[![Release](https://img.shields.io/badge/release-v5.9.0-blue.svg)](https://github.com/Jovancoding/Network-AI/releases)
 [![npm](https://img.shields.io/npm/dw/network-ai.svg?label=npm%20downloads)](https://www.npmjs.com/package/network-ai)
 [![Tests](https://img.shields.io/badge/tests-3136%20passing-brightgreen.svg)](#testing)
 [![Adapters](https://img.shields.io/badge/frameworks-29%20supported-blueviolet.svg)](#adapter-system)

package/SKILL.md

@@ -754,7 +754,7 @@ The following findings are drawn from the **MAESTRO Agent Security Threat** fram
 
 | Control | How Network-AI addresses it |
 |---|---|
-| **Exact version pinning** | npm `package.json` uses exact `"version": "5.8.9"` — no semver range specifiers; `clawhub install network-ai` pins to a specific published version |
+| **Exact version pinning** | npm `package.json` uses exact `"version": "5.9.0"` — no semver range specifiers; `clawhub install network-ai` pins to a specific published version |
 | **Zero transitive dependency drift** | All bundled Python scripts use Python stdlib only — `pip install` is never required; there are no third-party packages to drift, be compromised upstream, or introduce CVEs |
 | **Signed, tagged releases** | Every release is committed with a signed Git tag (`v5.7.x`); commit hash is verifiable against CHANGELOG.md; GitHub releases link tag → diff → changelog entry |
 | **Supply chain monitoring** | npm package continuously scored by Socket.dev (score A); any new dependency or permission change triggers an alert |
@@ -767,7 +767,7 @@ This skill is scanned on every publish. The following Notes are flagged by desig
 
 | Finding | Severity | Why it recurs | Documented control |
 |---------|----------|---------------|--------------------|  
-| **ASI01** Agent Goal Hijack | High | Orchestrator skill forces 3-sub-task decomposition by design | Use this skill only when multi-agent orchestration is desired; disable for simple one-shot tasks |
+| **ASI01** Agent Goal Hijack | High | Orchestrator skill performs multi-step decomposition and delegation by design | Use this skill only when multi-agent orchestration is desired; for simple requests the scope guard responds directly without decomposing |
 | **ASI03** Identity and Privilege Abuse (advisory tokens) | Medium | Grant tokens are advisory scoring outputs only — caller-supplied `--agent` identity is not cryptographically verified; skill explicitly warns tokens must not be used as real authorization for PAYMENTS, DATABASE, or FILE_EXPORT | Tokens are explicitly marked advisory in SKILL.md and source; require separate platform auth and human approval before any real database, payment, email, or export action |
 | **ASI03** Identity and Privilege Abuse (local grant state) | Low | The permission system creates persistent local state (`active_grants.json`, `audit_log.jsonl`, `.signing_key`) — security-relevant files that are purpose-aligned but accessible to anyone with `data/` access | Keep the skill directory private; back up or delete local grant state when no longer needed; do not share `data/` casually; restrict OS-level permissions on `data/` on shared machines |
 | **ASI03** Identity and Privilege Abuse (token integrity) | ~~High~~ Resolved | Token payload had no integrity protection — active_grants.json could be edited to forge elevated grants | Fixed in v5.5.2 — `check_permission.py` HMAC-SHA256 signs each grant (`_sig` field, stdlib `hmac`+`hashlib`, key at `data/.signing_key`); `validate_token.py` verifies before accepting; tampered tokens rejected with `"Token signature invalid"` |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "network-ai",
-  "version": "5.8.9",
+  "version": "5.9.0",
   "description": "AI agent orchestration framework for TypeScript/Node.js - 29 adapters (LangChain, AutoGen, CrewAI, OpenAI Assistants, LlamaIndex, Semantic Kernel, Haystack, DSPy, Agno, MCP, OpenClaw, A2A, Codex, MiniMax, NemoClaw, APS, Copilot, LangGraph, Anthropic Computer Use, OpenAI Agents SDK, Vertex AI, Pydantic AI, Browser Agent, Hermes, Orchestrator, RLM + streaming variants). Built-in CLI, security, swarm intelligence, real-time streaming, and agentic workflow patterns.",
   "homepage": "https://network-ai.org",
   "main": "dist/index.js",

package/scripts/check_permission.py

@@ -620,7 +620,10 @@ def audit_summary(last_n: int = 20, as_json: bool = False) -> int:
     Summarize recent permission requests, grants, and denials.
 
     Parses data/audit_log.jsonl and produces per-agent and per-resource
-    breakdowns plus recent activity.
+    breakdowns plus recent activity.  Denial counts are read directly from
+    ``permission_denied`` log entries — they are NOT inferred as
+    requests minus grants.  This preserves accuracy when log lines are
+    missing, replayed, or arrive out of order.
     """
     if not AUDIT_LOG.exists():
         if as_json:
@@ -656,29 +659,34 @@ def audit_summary(last_n: int = 20, as_json: bool = False) -> int:
     # Aggregate stats
     total_requests = 0
     total_grants = 0
+    total_denials = 0
     by_agent: dict[str, dict[str, int]] = {}
     by_resource: dict[str, dict[str, int]] = {}
 
     for entry in entries:
         action = entry.get("action", "")
         details = entry.get("details", {})
-        agent_id = details.get("agent_id", "unknown")
-        resource_type = details.get("resource_type", "unknown")
+        agent_id = details.get("agent_id", details.get("agentId", "unknown"))
+        resource_type = details.get("resource_type", details.get("resourceType", "unknown"))
 
         if action == "permission_request":
             total_requests += 1
-            by_agent.setdefault(agent_id, {"requests": 0, "grants": 0})
+            by_agent.setdefault(agent_id, {"requests": 0, "grants": 0, "denials": 0})
             by_agent[agent_id]["requests"] += 1
-            by_resource.setdefault(resource_type, {"requests": 0, "grants": 0})
+            by_resource.setdefault(resource_type, {"requests": 0, "grants": 0, "denials": 0})
             by_resource[resource_type]["requests"] += 1
         elif action == "permission_granted":
             total_grants += 1
-            by_agent.setdefault(agent_id, {"requests": 0, "grants": 0})
+            by_agent.setdefault(agent_id, {"requests": 0, "grants": 0, "denials": 0})
             by_agent[agent_id]["grants"] += 1
-            by_resource.setdefault(resource_type, {"requests": 0, "grants": 0})
+            by_resource.setdefault(resource_type, {"requests": 0, "grants": 0, "denials": 0})
             by_resource[resource_type]["grants"] += 1
-
-    total_denials = total_requests - total_grants
+        elif action == "permission_denied":
+            total_denials += 1
+            by_agent.setdefault(agent_id, {"requests": 0, "grants": 0, "denials": 0})
+            by_agent[agent_id]["denials"] += 1
+            by_resource.setdefault(resource_type, {"requests": 0, "grants": 0, "denials": 0})
+            by_resource[resource_type]["denials"] += 1
 
     # Recent entries (last N)
     recent = entries[-last_n:]
@@ -700,6 +708,7 @@ def audit_summary(last_n: int = 20, as_json: bool = False) -> int:
             "total_requests": total_requests,
             "total_grants": total_grants,
             "total_denials": total_denials,
+            "denial_source": "explicit_permission_denied_events",
             "time_range": {"first": first_ts, "last": last_ts},
             "by_agent": by_agent,
             "by_resource": by_resource,
@@ -725,7 +734,7 @@ def audit_summary(last_n: int = 20, as_json: bool = False) -> int:
             print(f"  {'Agent':<20} {'Requests':>10} {'Grants':>10} {'Denials':>10}")
             print(f"  {'-'*50}")
             for agent_id, stats in sorted(by_agent.items()):
-                denials = stats["requests"] - stats["grants"]
+                denials = stats["denials"]
                 print(f"  {agent_id:<20} {stats['requests']:>10} {stats['grants']:>10} {denials:>10}")
 
         if by_resource:
@@ -734,7 +743,7 @@ def audit_summary(last_n: int = 20, as_json: bool = False) -> int:
             print(f"  {'Resource':<20} {'Requests':>10} {'Grants':>10} {'Denials':>10}")
             print(f"  {'-'*50}")
             for resource_type, stats in sorted(by_resource.items()):
-                denials = stats["requests"] - stats["grants"]
+                denials = stats["denials"]
                 print(f"  {resource_type:<20} {stats['requests']:>10} {stats['grants']:>10} {denials:>10}")
 
         print(f"\n  Recent Activity (last {min(last_n, len(recent))}):")