nowaikit 2.5.3 → 3.0.0

package/dist/prompts/capabilities/review-scripts.js

@@ -0,0 +1,160 @@
+const capability = {
+    name: 'review-scripts',
+    title: 'Bulk Script Scan',
+    description: 'Scan ALL scripts on a table or in a scope for issues — covers business rules, script includes, client scripts, UI policies, UI actions, and more',
+    category: 'review',
+    arguments: [
+        {
+            name: 'scope',
+            description: 'Table name (e.g. "incident"), scope name (e.g. "x_myapp"), or "instance" for everything',
+            required: true,
+        },
+        {
+            name: 'severity',
+            description: 'Minimum severity to report: critical, high, or all (default: all)',
+            required: false,
+        },
+    ],
+    recommendedTools: [
+        'list_business_rules',
+        'list_script_includes',
+        'list_client_scripts',
+        'list_ui_policies',
+        'list_ui_actions',
+        'query_records',
+    ],
+    buildPrompt(args) {
+        const scope = args?.scope ?? 'Scan my ServiceNow scripts';
+        const severity = args?.severity ?? 'all';
+        return [
+            {
+                role: 'assistant',
+                content: {
+                    type: 'text',
+                    text: [
+                        '# Bulk Script Scan',
+                        '',
+                        'I am a **ServiceNow bulk script scanner**. I scan ALL script-bearing artifacts',
+                        'on a table, in a scope, or across the entire instance to find security vulnerabilities,',
+                        'performance antipatterns, deprecated APIs, and hardcoded values.',
+                        '',
+                        `## Scan Scope: **${scope}**`,
+                        `## Minimum Severity: **${severity}**`,
+                        '',
+                        severity === 'all'
+                            ? 'I will report all findings regardless of severity.'
+                            : `I will only report **${severity}** severity findings and above.`,
+                        '',
+                        '## Artifacts I Scan',
+                        '',
+                        'I scan ALL script-bearing artifacts in the specified scope:',
+                        '',
+                        '| Artifact | How I Find Them |',
+                        '|----------|-----------------|',
+                        '| **Business Rules** on the table | `list_business_rules` filtered by table |',
+                        '| **Script Includes** in the scope | `list_script_includes` filtered by scope/API name |',
+                        '| **Client Scripts** on the table | `list_client_scripts` filtered by table |',
+                        '| **UI Policy script actions** on the table | `list_ui_policies` filtered by table, then check script fields |',
+                        '| **UI Actions** on the table | `list_ui_actions` filtered by table |',
+                        '| **Catalog Client Scripts** | `query_records` on `catalog_script_client` (if catalog table) |',
+                        '| **ACL advanced scripts** on the table | `query_records` on `sys_security_acl` with script != empty |',
+                        '| **Transform Map scripts** targeting the table | `query_records` on `sys_transform_script` |',
+                        '',
+                        '## What I Check in Every Script',
+                        '',
+                        '### 1. Injection Vulnerabilities',
+                        '- `eval()` or `GlideEvaluator` with user-controlled input',
+                        '- String concatenation in `addQuery()` or `addEncodedQuery()` — use parameterized queries',
+                        '- `Packages.java.*` usage for executing system commands',
+                        '- `GlideSecureEvaluator` bypasses',
+                        '- Unvalidated input in `GlideSysAttachment`, `GlideHTTPRequest`, etc.',
+                        '',
+                        '### 2. Performance Antipatterns',
+                        '- `GlideRecord` queries inside loops (N+1 pattern)',
+                        '- Missing `setLimit()` on queries that only need one record',
+                        '- `getRowCount()` instead of `GlideAggregate`',
+                        '- `current.update()` inside business rules (causes recursive saves)',
+                        '- `g_form.getValue()` / `g_form.setValue()` in tight loops without batching',
+                        '- Synchronous `GlideHTTPRequest` in before business rules',
+                        '- Loading full GlideRecord when only sys_id is needed (`get()` vs `addQuery`+`setLimit`)',
+                        '',
+                        '### 3. Deprecated APIs',
+                        '- `Packages.java.*` — removed in newer versions',
+                        '- `GlideRecord.getDisplayValue()` without field name',
+                        '- `current.variables.*` direct access — use `current.variables.getValue()`',
+                        '- `gs.print()` — use `gs.log()` or `gs.debug()`',
+                        '- `GlideRecord.insert()` returning void (check for boolean return)',
+                        '- `XMLDocument` / `XMLDocument2` deprecated methods',
+                        '',
+                        '### 4. Security Issues',
+                        '- Hardcoded credentials (passwords, API keys, tokens, Bearer strings)',
+                        '- Missing `gs.hasRole()` checks before privileged operations',
+                        '- `setWorkflow(false)` — disables business rules, bypasses security',
+                        '- `gs.setRedirect()` with user-controlled URLs (open redirect)',
+                        '- Client scripts exposing server data via `g_scratchpad` without filtering',
+                        '- XSS in UI Actions, UI Pages, or Service Portal widgets',
+                        '',
+                        '### 5. Hardcoded sys_ids',
+                        '- Any 32-character hex string that looks like a sys_id',
+                        '- Should be replaced with `gs.getProperty()`, system properties, or dynamic lookups',
+                        '- Especially critical in scoped apps (sys_ids differ between instances)',
+                        '',
+                        '## Output Format',
+                        '',
+                        '### Summary Table',
+                        '',
+                        'Counts per severity across all scanned artifacts:',
+                        '',
+                        '| Severity | Count | Artifacts Affected |',
+                        '|----------|-------|--------------------|',
+                        '| Critical | | |',
+                        '| High | | |',
+                        '| Medium | | |',
+                        '| Low | | |',
+                        '| Info | | |',
+                        '',
+                        '### Scan Coverage',
+                        '',
+                        '| Artifact Type | Count Scanned | Issues Found |',
+                        '|---------------|---------------|--------------|',
+                        '',
+                        '### Detailed Findings',
+                        '',
+                        'For each issue:',
+                        '',
+                        '| Field | Description |',
+                        '|-------|-------------|',
+                        '| **Severity** | Critical / High / Medium / Low / Info |',
+                        '| **Category** | Injection, Performance, Deprecated API, Security, Hardcoded |',
+                        '| **Artifact** | Name and type of the script artifact |',
+                        '| **Location** | Line number or section in the script |',
+                        '| **Issue** | What is wrong and why it matters |',
+                        '| **Fix** | How to fix it, with a concrete code example |',
+                        '',
+                        '## Tools I Use',
+                        '',
+                        '| Tool | Purpose |',
+                        '|------|---------|',
+                        '| `list_business_rules` | Fetch all business rules on the table |',
+                        '| `list_script_includes` | Fetch all script includes in the scope |',
+                        '| `list_client_scripts` | Fetch all client scripts on the table |',
+                        '| `list_ui_policies` | Fetch UI policies with script actions |',
+                        '| `list_ui_actions` | Fetch UI actions on the table |',
+                        '| `query_records` | Fetch catalog client scripts, ACL scripts, transform scripts |',
+                        '',
+                        'I will now begin the bulk script scan.',
+                    ].join('\n'),
+                },
+            },
+            {
+                role: 'user',
+                content: {
+                    type: 'text',
+                    text: scope,
+                },
+            },
+        ];
+    },
+};
+export default capability;
+//# sourceMappingURL=review-scripts.js.map

package/dist/prompts/capabilities/review-scripts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"review-scripts.js","sourceRoot":"","sources":["../../../src/prompts/capabilities/review-scripts.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,GAAyB;IACvC,IAAI,EAAE,gBAAgB;IACtB,KAAK,EAAE,kBAAkB;IACzB,WAAW,EACT,kJAAkJ;IACpJ,QAAQ,EAAE,QAAQ;IAClB,SAAS,EAAE;QACT;YACE,IAAI,EAAE,OAAO;YACb,WAAW,EACT,yFAAyF;YAC3F,QAAQ,EAAE,IAAI;SACf;QACD;YACE,IAAI,EAAE,UAAU;YAChB,WAAW,EACT,mEAAmE;YACrE,QAAQ,EAAE,KAAK;SAChB;KACF;IACD,gBAAgB,EAAE;QAChB,qBAAqB;QACrB,sBAAsB;QACtB,qBAAqB;QACrB,kBAAkB;QAClB,iBAAiB;QACjB,eAAe;KAChB;IAED,WAAW,CAAC,IAAI;QACd,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,4BAA4B,CAAC;QAC1D,MAAM,QAAQ,GAAG,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC;QAEzC,OAAO;YACL;gBACE,IAAI,EAAE,WAAoB;gBAC1B,OAAO,EAAE;oBACP,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE;wBACJ,oBAAoB;wBACpB,EAAE;wBACF,gFAAgF;wBAChF,yFAAyF;wBACzF,kEAAkE;wBAClE,EAAE;wBACF,oBAAoB,KAAK,IAAI;wBAC7B,0BAA0B,QAAQ,IAAI;wBACtC,EAAE;wBACF,QAAQ,KAAK,KAAK;4BAChB,CAAC,CAAC,oDAAoD;4BACtD,CAAC,CAAC,wBAAwB,QAAQ,iCAAiC;wBACrE,EAAE;wBACF,qBAAqB;wBACrB,EAAE;wBACF,6DAA6D;wBAC7D,EAAE;wBACF,gCAAgC;wBAChC,gCAAgC;wBAChC,+EAA+E;wBAC/E,0FAA0F;wBAC1F,+EAA+E;wBAC/E,gHAAgH;wBAChH,uEAAuE;wBACvE,gGAAgG;wBAChG,wGAAwG;wBACxG,+FAA+F;wBAC/F,EAAE;wBACF,iCAAiC;wBACjC,EAAE;wBACF,kCAAkC;wBAClC,2DAA2D;wBAC3D,2FAA2F;wBAC3F,yDAAyD;wBACzD,mCAAmC;wBACnC,uEAAuE;wBACvE,EAAE;wBACF,iCAAiC;wBACjC,oDAAoD;wBACpD,6DAA6D;wBAC7D,+CAA+C;wBAC/C,qEAAqE;wBACrE,6EAA6E;wBAC7E,2DAA2D;wBAC3D,0FAA0F;wBAC1F,EAAE;wBACF,wBAAwB;wBACxB,iDAAiD;wBACjD,sDAAsD;wBACtD,4EAA4E;wBAC5E,iDAAiD;wBACjD,oEAAoE;wBACpE,qDAAqD;wBACrD,EAAE;wBACF,wBAAwB;wBACxB,uEAAuE;wBACvE,8DAA8D;wBAC9D,qEAAqE;wBACrE,gEAAgE;wBAChE,4EAA4E;wBAC5E,0DAA0D;wBAC1D,EAAE;wBACF,0BAA0B;wBAC1B,wDAAwD;wBACxD,qFAAqF;wBACrF,yEAAyE;wBACzE,EAAE;wBACF,kBAAkB;wBAClB,EAAE;wBACF,mBAAmB;wBACnB,EAAE;wBACF,mDAAmD;wBACnD,EAAE;wBACF,2CAA2C;wBAC3C,2CAA2C;wBAC3C,kBAAkB;wBAClB,cAAc;wBACd,gBAAgB;wBAChB,aAAa;wBACb,cAAc;wBACd,EAAE;wBACF,mBAAmB;wBACnB,EAAE;wBACF,kDAAkD;wBAClD,kDAAkD;wBAClD,EAAE;wBACF,uBAAuB;wBACvB,EAAE;wBACF,iBAAiB;wBACjB,EAAE;wBACF,yBAAyB;wBACzB,yBAAyB;wBACzB,0DAA0D;wBAC1D,gFAAgF;wBAChF,yDAAyD;wBACzD,yDAAyD;wBACzD,kDAAkD;wBAClD,2DAA2D;wBAC3D,EAAE;wBACF,gBAAgB;wBAChB,EAAE;wBACF,oBAAoB;wBACpB,oBAAoB;wBACpB,mEAAmE;wBACnE,qEAAqE;wBACrE,mEAAmE;wBACnE,gEAAgE;wBAChE,uDAAuD;wBACvD,oFAAoF;wBACpF,EAAE;wBACF,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC;iBACb;aACF;YACD;gBACE,IAAI,EAAE,MAAe;gBACrB,OAAO,EAAE;oBACP,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,KAAK;iBACZ;aACF;SACF,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,eAAe,UAAU,CAAC"}

package/dist/prompts/capabilities/scan-automation.d.ts

@@ -0,0 +1,4 @@
+import type { CapabilityDefinition } from '../types.js';
+declare const capability: CapabilityDefinition;
+export default capability;
+//# sourceMappingURL=scan-automation.d.ts.map

package/dist/prompts/capabilities/scan-automation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-automation.d.ts","sourceRoot":"","sources":["../../../src/prompts/capabilities/scan-automation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAExD,QAAA,MAAM,UAAU,EAAE,oBA2djB,CAAC;AAEF,eAAe,UAAU,CAAC"}

package/dist/prompts/capabilities/scan-automation.js

@@ -0,0 +1,449 @@
+const capability = {
+    name: 'scan-automation',
+    title: 'Automation Conflict Scan',
+    description: 'Automation conflict detection — overlapping business rules and flows, circular triggers, execution order issues',
+    category: 'scan',
+    arguments: [
+        {
+            name: 'table',
+            description: 'Specific table to scan (e.g. "incident", "change_request"). If omitted, scans all tables with automation',
+            required: false,
+        },
+        {
+            name: 'scope',
+            description: 'Application scope to filter: "all" (default) or a specific scope (e.g. "x_myapp")',
+            required: false,
+        },
+    ],
+    recommendedTools: [
+        'query_records',
+        'list_business_rules',
+        'get_business_rule',
+        'list_flows',
+        'get_flow',
+        'list_client_scripts',
+        'get_client_script',
+        'list_script_includes',
+        'get_table_schema',
+    ],
+    buildPrompt(args) {
+        const table = args?.table ?? '';
+        const scope = args?.scope ?? 'all';
+        const tableLabel = table || 'All tables with automation';
+        const scopeLabel = scope === 'all'
+            ? 'Instance-wide (all scopes)'
+            : `Application scope: \`${scope}\``;
+        // ─── Section 1: Automation Inventory ─────────────────────────────────────
+        const inventorySection = [
+            '## 1. Automation Inventory',
+            '',
+            'Use `list_business_rules`, `list_flows`, `list_client_scripts`, and `query_records` to build',
+            'a complete inventory of all automation artifacts:',
+            '',
+            '### Business Rules (sys_script)',
+            table
+                ? `Query all active business rules on \`${table}\`:`
+                : 'Query all active business rules, grouped by table:',
+            '- Count by timing: before, after, async, display',
+            '- Count by operation: insert, update, delete, query',
+            '- Note execution order (100-1000 range, lower runs first)',
+            '- Flag rules with no condition (fire on every operation)',
+            '',
+            '### Flow Designer Flows (sys_hub_flow)',
+            table
+                ? `Query all active flows triggered by record changes on \`${table}\`:`
+                : 'Query all active record-triggered flows, grouped by trigger table:',
+            '- Count by trigger type: record insert, record update, record delete',
+            '- Note trigger conditions',
+            '- Identify flows with inline Script steps',
+            '',
+            '### Client Scripts (sys_script_client)',
+            table
+                ? `Query all active client scripts on \`${table}\`:`
+                : 'Query all active client scripts, grouped by table:',
+            '- Count by type: onLoad, onChange, onSubmit, onCellEdit',
+            '- Note the trigger field for onChange scripts',
+            '',
+            '### Other Automation',
+            '- **Scheduled Jobs** (`sysauto_script`) — recurring scripts that may interact with the same tables',
+            '- **UI Actions** (`sys_ui_action`) — form/list buttons with server-side or client-side scripts',
+            '- **UI Policies** (`sys_ui_policy`) — form behavior rules with script actions',
+            '- **Notifications** (`sysevent_email_action`) — triggered by record changes',
+            '- **Script Actions** (`sysevent_script_action`) — event-driven scripts',
+            '- **Transform Map Scripts** (`sys_transform_script`) — import-related automation',
+            '- **ACL Scripts** — advanced ACL conditions that run on record access',
+            '',
+            '**Output:** Automation inventory matrix',
+            '| Table | BRs (before) | BRs (after) | BRs (async) | Flows | Client Scripts | Other | Total |',
+            '|-------|-------------|-------------|-------------|-------|----------------|-------|-------|',
+        ];
+        // ─── Section 2: Overlapping Triggers ─────────────────────────────────────
+        const overlapSection = [
+            '## 2. Overlapping Trigger Detection',
+            '',
+            'Identify business rules and flows that may conflict because they act on the same',
+            'table, operation, and timing:',
+            '',
+            '### Same-Field Conflicts',
+            '- Two or more **before** business rules that both `setValue()` the same field on the same',
+            '  table during the same operation — the one with the higher order number wins, but this is',
+            '  usually unintentional',
+            '- A **before** business rule and a **flow** that both try to set the same field — the BR',
+            '  fires first, then the flow overwrites it (or vice versa depending on timing)',
+            '- Example: BR sets `priority` based on impact/urgency, then a flow also sets `priority`',
+            '  based on a different algorithm — result depends on execution order',
+            '',
+            '### Condition Overlap Analysis',
+            '- Two rules with the same condition (or no condition) on the same table+operation',
+            '  — one may be redundant, or they may have contradictory effects',
+            '- Rules where one condition is a subset of another (e.g., Rule A fires when state=Active,',
+            '  Rule B fires when state=Active AND priority=1 — both fire on P1 Active records)',
+            '- Rules with mutually exclusive conditions that should be merged into one rule with branching logic',
+            '',
+            '### BR vs Flow Overlap',
+            '**Execution order in ServiceNow save pipeline:**',
+            '```',
+            '1. Client Scripts (onSubmit) — runs in browser before server',
+            '2. Before Business Rules — runs before database write (order 1-1000)',
+            '3. Database write occurs',
+            '4. After Business Rules — runs after database write (order 1-1000)',
+            '5. Async Business Rules — queued for background execution',
+            '6. Flow Designer flows — trigger evaluation and execution',
+            '7. Notifications — email/SMS triggers evaluate',
+            '```',
+            '',
+            '- A **before BR** setting a field and an **after BR** reading that field is fine (correct order)',
+            '- A **before BR** setting a field and a **flow** reading the trigger record\'s field is fine',
+            '  (flow sees the committed value)',
+            '- A **flow** updating a field and an **after BR** on the same table — the flow\'s update triggers',
+            '  the BR again (re-entrant!)',
+            '',
+            '**Output:**',
+            '| Table | Operation | Rule 1 | Rule 2 | Conflict Type | Field(s) | Severity | Recommendation |',
+            '|-------|-----------|--------|--------|---------------|----------|----------|----------------|',
+        ];
+        // ─── Section 3: Circular Triggers ────────────────────────────────────────
+        const circularSection = [
+            '## 3. Circular Trigger Detection',
+            '',
+            'Trace automation chains to find circular dependencies:',
+            '',
+            '### Direct Circular Triggers',
+            '- **After BR on table A updates table B → After BR on table B updates table A**',
+            '  This creates an infinite loop. ServiceNow has a recursion depth limit (typically ~5)',
+            '  but hitting it wastes resources and may cause partial updates.',
+            '- **Flow on table A updates table B → Flow on table B updates table A**',
+            '  Same circular pattern in Flow Designer.',
+            '- **Self-referential:** After BR on table A does `current.update()` → triggers itself again.',
+            '  Common mistake, especially with `current.update()` in after rules.',
+            '',
+            '### Indirect Circular Triggers (3+ hop chains)',
+            '- A → B → C → A — three-table circular chain',
+            '- A → B (via BR) → C (via flow) → A (via notification script) — mixed automation types',
+            '- Build a directed graph of "table A modifies table B" relationships and detect cycles',
+            '',
+            '### How to Detect',
+            '1. For each after BR and flow, identify which tables it writes to (look for `GlideRecord`',
+            '   `.insert()`, `.update()`, `.deleteRecord()` calls, and Update Record flow actions)',
+            '2. Build an adjacency map: `source_table → [target_tables]`',
+            '3. Run cycle detection (DFS) on the graph',
+            '4. Report each cycle with the full chain of automation artifacts involved',
+            '',
+            '### Common Circular Patterns',
+            '- Incident ↔ Task: incident BR creates task, task BR updates parent incident',
+            '- Change ↔ Change Task: change request BR creates tasks, task completion BR updates change',
+            '- CMDB ↔ Discovery: CI update BR triggers re-discovery, discovery updates CI',
+            '- Catalog ↔ Task: request item BR creates tasks, task BR updates request item',
+            '',
+            '**Output:**',
+            '| Cycle | Hop 1 | Hop 2 | Hop 3+ | Automation Chain | Severity | Recommendation |',
+            '|-------|-------|-------|--------|------------------|----------|----------------|',
+        ];
+        // ─── Section 4: Execution Order Issues ───────────────────────────────────
+        const orderSection = [
+            '## 4. Execution Order Issues',
+            '',
+            'Analyze business rule execution order for conflicts:',
+            '',
+            '### Order Number Analysis',
+            '- **Default order (100):** Most OOB and custom BRs use 100. When multiple BRs have order 100',
+            '  on the same table+timing+operation, execution order is **undefined** (nondeterministic).',
+            '  If these BRs depend on each other\'s output, results are unpredictable.',
+            '- **Conflicting explicit orders:** Two BRs with the same explicit order number (e.g., both 200)',
+            '  on the same table+timing — same nondeterminism problem.',
+            '- **Anti-pattern: order 1 or 0:** Setting order to 0 or 1 to "run first" — fragile, creates',
+            '  a race with other rules that also set low orders.',
+            '',
+            '### Dependency Ordering',
+            '- **Read-after-write dependencies:** BR at order 200 reads a field that BR at order 300 sets',
+            '  — the reader runs before the writer, gets stale data. Order should be swapped.',
+            '- **Write-after-write dependencies:** Two BRs both set the same field but at different orders',
+            '  — the last one wins. Is this intentional? Document and verify.',
+            '',
+            '### BR vs Flow Ordering',
+            '- BRs ALWAYS fire before flows in the save pipeline',
+            '- If a flow depends on a field value set by a BR, this works correctly',
+            '- If a BR depends on an action taken by a flow, it will NOT work — the BR runs first',
+            '- If a flow updates the same record, it triggers the BRs again (second save)',
+            '',
+            '### Display BR Ordering',
+            '- Display BRs run when the form loads, before the user sees data',
+            '- Multiple display BRs populating `g_scratchpad` — if they set the same key, last one wins',
+            '- Display BRs with expensive queries slow down form load for all users',
+            '',
+            '**Output:**',
+            '| Table | Timing | Rule 1 (Order) | Rule 2 (Order) | Issue | Impact | Recommendation |',
+            '|-------|--------|----------------|----------------|-------|--------|----------------|',
+        ];
+        // ─── Section 5: Redundant Automation ─────────────────────────────────────
+        const redundantSection = [
+            '## 5. Redundant Automation Detection',
+            '',
+            'Find duplicated logic across different automation mechanisms:',
+            '',
+            '### BR + Flow Duplication',
+            '- A business rule and a flow on the same table doing the same thing',
+            '  (e.g., both sending a notification when state changes to "Resolved")',
+            '- Common during migration from BRs to Flow Designer — old BR not deactivated',
+            '- Result: duplicate emails, double updates, or conflicting field values',
+            '',
+            '### Client + Server Duplication',
+            '- Client script validation (onSubmit) that is also enforced by a before BR',
+            '  — server-side validation is correct, client-side is a UX enhancement.',
+            '  This is acceptable but should be documented. Flag cases where logic differs.',
+            '- Client script setting a field (onChange) that is also set by a before BR',
+            '  — the BR overwrites the client script\'s value, making the client script useless',
+            '',
+            '### Notification Duplication',
+            '- A notification AND a flow both sending emails on the same condition',
+            '- A notification AND a business rule both calling `gs.eventQueue()` for the same event',
+            '- Multiple notifications with overlapping conditions on the same table',
+            '',
+            '### Scheduled Job Overlap',
+            '- Two scheduled jobs that query and update the same table on similar schedules',
+            '- A scheduled job doing work that a BR or flow already handles in real-time',
+            '',
+            '**Output:**',
+            '| Table | Duplicate 1 (Type) | Duplicate 2 (Type) | Overlapping Logic | Recommendation |',
+            '|-------|--------------------|--------------------|-------------------|----------------|',
+        ];
+        // ─── Section 6: Performance Hotspots ─────────────────────────────────────
+        const hotspotSection = [
+            '## 6. Performance Hotspots',
+            '',
+            'Identify tables and operations where automation density creates performance risks:',
+            '',
+            '### Automation Density',
+            '- Tables with **>10 active business rules** — high density, every save runs all of them',
+            '- Tables with **>5 before-insert rules** — slows down record creation',
+            '- Tables with **>5 after-update rules** — every field change triggers all of them',
+            '  (unless conditions are well-scoped)',
+            '- Tables where total automation count (BRs + flows + client scripts) exceeds **20**',
+            '',
+            '### Heavy Save Chains',
+            '- Before insert chain: how many BRs fire on insert? What is the total estimated execution time?',
+            '- After update chain: how many BRs + flows fire on update? Do any of them trigger additional saves?',
+            '- The "cascade factor": one user save → N business rules → M of them do `current.update()` or',
+            '  update other tables → triggers additional rules on those tables',
+            '',
+            '### Script Performance',
+            '- BRs with GlideRecord queries in their scripts that run on every save (no caching)',
+            '- BRs that call external APIs synchronously (before rules block the save transaction)',
+            '- BRs with complex condition scripts instead of simple condition filters',
+            '  (condition scripts run on every save to check if the rule should fire)',
+            '',
+            '### Client-Side Performance',
+            '- Tables with >5 onChange client scripts — every field change fires all of them',
+            '- onLoad client scripts with synchronous GlideAjax calls — blocks form rendering',
+            '- Client scripts loading large datasets into g_scratchpad',
+            '',
+            '**Output:**',
+            '| Table | Total Automation | Before Insert | After Update | Cascade Factor | Risk Level | Recommendation |',
+            '|-------|------------------|---------------|--------------|----------------|------------|----------------|',
+        ];
+        // ─── Section 7: Async vs Sync Mismatch ──────────────────────────────────
+        const asyncSection = [
+            '## 7. Async vs Sync Mismatch',
+            '',
+            'Identify automation running in the wrong execution mode:',
+            '',
+            '### Should Be Async',
+            '- **Before/After BRs with external callouts:** REST calls, SOAP calls, LDAP lookups.',
+            '  These block the user\'s save transaction. Move to async BR or flow.',
+            '- **After BRs that send emails directly:** Use event queue + notification instead',
+            '  (`gs.eventQueue()` → event handler → notification)',
+            '- **After BRs that update large record sets:** Updating 100+ records in an after BR',
+            '  blocks the user. Move to async BR or scheduled job.',
+            '- **Before BRs with heavy computation:** Complex calculations, parsing, or data',
+            '  transformation that takes > 1 second. Consider caching or async approach.',
+            '',
+            '### Should Be Sync (But Is Async)',
+            '- **Async BRs that set fields on the triggering record:** `current.update()` in async BRs',
+            '  happens after the record is already committed. If another user or process reads the record',
+            '  between the original save and the async update, they see stale data.',
+            '- **Async BRs for data validation:** If validation fails asynchronously, the invalid record',
+            '  is already saved. Validation MUST be in a before BR.',
+            '- **Async BRs for field calculation:** If calculated fields need to be visible immediately',
+            '  after save (e.g., priority derived from impact+urgency), use a before BR.',
+            '',
+            '### Async BR Limitations',
+            '- `current` in async BRs is a snapshot from the time of trigger — not the live record.',
+            '  If another process updates the record between trigger and execution, the async BR works',
+            '  with stale data.',
+            '- `previous` is available in async BRs but is also a snapshot.',
+            '- Async BRs cannot abort the triggering transaction (record is already saved).',
+            '- Async BRs run as the user who triggered them, but outside the original transaction scope.',
+            '',
+            '**Output:**',
+            '| Rule Name | Table | Current Mode | Recommended Mode | Reason | Impact | Recommendation |',
+            '|-----------|-------|-------------- |------------------|--------|--------|----------------|',
+        ];
+        // ─── Section 8: Cross-Scope Conflicts ────────────────────────────────────
+        const crossScopeSection = [
+            '## 8. Cross-Scope Conflicts',
+            '',
+            'Analyze conflicts between global scope and scoped app automation:',
+            '',
+            '### Global vs Scoped BRs',
+            '- Global BRs on tables that are also targeted by scoped app BRs',
+            '  — both fire on the same operation, potentially conflicting',
+            '- Global BRs that cannot be overridden by scoped apps (no condition filter)',
+            '- Scoped app BRs that assume global BRs do not exist (fragile assumption)',
+            '',
+            '### Scope Access Issues',
+            '- Scoped app BRs accessing tables outside their scope via cross-scope privileges',
+            '  — if the cross-scope access is revoked, the BR silently fails',
+            '- Scoped app flows accessing global Script Includes — version dependency risk',
+            '- Global BRs calling scoped app Script Includes — breaks if the scoped app is uninstalled',
+            '',
+            '### Upgrade Conflict Risks',
+            '- Custom BRs on OOB tables with the same condition as OOB BRs — ServiceNow upgrades',
+            '  may change OOB BR behavior, causing unexpected interactions with custom rules',
+            '- Custom BRs with order numbers that interleave with OOB BRs — upgrade may insert new',
+            '  OOB rules that change the effective execution sequence',
+            '- Customized OOB BRs (modified base system rules) — will be flagged in upgrade previews',
+            '',
+            '**Output:**',
+            '| Table | Global Rule | Scoped Rule | Scope | Conflict Type | Risk | Recommendation |',
+            '|-------|-------------|-------------|-------|---------------|------|----------------|',
+        ];
+        // ─── Build sections ──────────────────────────────────────────────────────
+        const sections = [
+            inventorySection,
+            overlapSection,
+            circularSection,
+            orderSection,
+            redundantSection,
+            hotspotSection,
+            asyncSection,
+            crossScopeSection,
+        ];
+        // ─── Report Format ───────────────────────────────────────────────────────
+        const reportFormat = [
+            '## Automation Conflict Report Format',
+            '',
+            'Compile ALL findings into this structure:',
+            '',
+            '```',
+            'AUTOMATION CONFLICT SCAN REPORT',
+            '================================',
+            `Table Focus: ${tableLabel}`,
+            `Scope: ${scopeLabel}`,
+            'Date: [current date]',
+            '',
+            'EXECUTIVE SUMMARY',
+            '- Tables scanned: X',
+            '- Total automation rules found: X',
+            '- Conflicts detected: X',
+            '- Circular triggers: X',
+            '- Performance hotspots: X',
+            '- Redundant rules: X',
+            '- Overall risk: [Low / Medium / High / Critical]',
+            '',
+            'CONFLICT MATRIX',
+            'A visual matrix showing which automation artifacts interact on each table:',
+            '',
+            '  Table: incident',
+            '  ┌─────────────────────┬────────────────┬──────────────────┐',
+            '  │ Before Insert       │ After Insert   │ Flows (Insert)   │',
+            '  ├─────────────────────┼────────────────┼──────────────────┤',
+            '  │ Set Priority (100)  │ Create Task    │ Notify Assignee  │',
+            '  │ Validate Fields(200)│ Send Email     │ Update CMDB      │',
+            '  │                     │ ↑ conflicts ↑  │                  │',
+            '  └─────────────────────┴────────────────┴──────────────────┘',
+            '',
+            'DETAILED FINDINGS',
+            '-----------------',
+            'Each finding MUST include:',
+            '  Finding ID:      AUTO-XXXX',
+            '  Severity:        Critical / High / Medium / Low',
+            '  Category:        Overlap / Circular / Order / Redundant / Performance / Async / Cross-Scope',
+            '  Table:           Affected table',
+            '  Rules Involved:  List of conflicting rules with types and orders',
+            '  Evidence:        [specific conflict details: fields, conditions, execution trace]',
+            '  Impact:          [data corruption, performance, unpredictable behavior]',
+            '  Recommendation:  [merge rules, adjust order, convert to async, deactivate, etc.]',
+            '',
+            'SEVERITY DEFINITIONS',
+            '  CRITICAL — Active data corruption or infinite loop risk',
+            '  HIGH     — Conflicting rules causing unpredictable behavior',
+            '  MEDIUM   — Performance risk or redundant automation',
+            '  LOW      — Best practice violation; no immediate impact',
+            '',
+            'REMEDIATION PRIORITIES',
+            '1. [Circular triggers and infinite loops — fix immediately]',
+            '2. [Field-level conflicts — resolve within 1 week]',
+            '3. [Performance hotspots — optimize within 2 weeks]',
+            '4. [Redundant automation — clean up in next sprint]',
+            '```',
+        ];
+        return [
+            {
+                role: 'assistant',
+                content: {
+                    type: 'text',
+                    text: [
+                        '# Capability: Automation Conflict Scan',
+                        '',
+                        `**Table Focus:** ${tableLabel}`,
+                        `**Scope:** ${scopeLabel}`,
+                        '',
+                        'This capability detects conflicts, overlaps, and issues across ALL automation',
+                        'mechanisms in ServiceNow: business rules, flows, client scripts, scheduled jobs,',
+                        'UI actions, notifications, and more. Automation conflicts are one of the most',
+                        'common causes of data corruption, performance degradation, and unpredictable',
+                        'behavior in ServiceNow instances.',
+                        '',
+                        '**Platform Knowledge:**',
+                        '- Business rules fire BEFORE flows in the ServiceNow save pipeline',
+                        '- BR execution order: lower order number runs first (range 1-1000, default 100)',
+                        '- When multiple BRs have the same order number, execution order is nondeterministic',
+                        '- After BRs that call `current.update()` trigger another full save pipeline cycle',
+                        '- Flows trigger after all BRs complete; flow-initiated record updates trigger BRs again',
+                        '- Client scripts run in the browser before the server save pipeline begins',
+                        '- Async BRs and flows run outside the user\'s transaction context',
+                        '',
+                        ...sections.flatMap(s => [...s, '']),
+                        ...reportFormat,
+                        '',
+                        '---',
+                        '',
+                        'Beginning automation conflict scan. Every finding must include its Finding ID,',
+                        'severity, category, involved rules, concrete evidence, and a specific recommendation.',
+                    ].join('\n'),
+                },
+            },
+            {
+                role: 'user',
+                content: {
+                    type: 'text',
+                    text: table
+                        ? `Run an automation conflict scan on the \`${table}\` table. Find overlapping rules, circular triggers, execution order issues, and performance hotspots. Give me a structured conflict report.`
+                        : `Run an automation conflict scan across all tables. Find overlapping rules, circular triggers, execution order issues, and performance hotspots. Give me a structured conflict report.`,
+                },
+            },
+        ];
+    },
+};
+export default capability;
+//# sourceMappingURL=scan-automation.js.map

package/dist/prompts/capabilities/scan-automation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-automation.js","sourceRoot":"","sources":["../../../src/prompts/capabilities/scan-automation.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,GAAyB;IACvC,IAAI,EAAE,iBAAiB;IACvB,KAAK,EAAE,0BAA0B;IACjC,WAAW,EACT,iHAAiH;IACnH,QAAQ,EAAE,MAAM;IAEhB,SAAS,EAAE;QACT;YACE,IAAI,EAAE,OAAO;YACb,WAAW,EACT,0GAA0G;YAC5G,QAAQ,EAAE,KAAK;SAChB;QACD;YACE,IAAI,EAAE,OAAO;YACb,WAAW,EACT,mFAAmF;YACrF,QAAQ,EAAE,KAAK;SAChB;KACF;IAED,gBAAgB,EAAE;QAChB,eAAe;QACf,qBAAqB;QACrB,mBAAmB;QACnB,YAAY;QACZ,UAAU;QACV,qBAAqB;QACrB,mBAAmB;QACnB,sBAAsB;QACtB,kBAAkB;KACnB;IAED,WAAW,CAAC,IAAI;QACd,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,KAAK,CAAC;QAEnC,MAAM,UAAU,GAAG,KAAK,IAAI,4BAA4B,CAAC;QACzD,MAAM,UAAU,GACd,KAAK,KAAK,KAAK;YACb,CAAC,CAAC,4BAA4B;YAC9B,CAAC,CAAC,wBAAwB,KAAK,IAAI,CAAC;QAExC,4EAA4E;QAE5E,MAAM,gBAAgB,GAAG;YACvB,4BAA4B;YAC5B,EAAE;YACF,8FAA8F;YAC9F,mDAAmD;YACnD,EAAE;YACF,iCAAiC;YACjC,KAAK;gBACH,CAAC,CAAC,wCAAwC,KAAK,KAAK;gBACpD,CAAC,CAAC,oDAAoD;YACxD,kDAAkD;YAClD,qDAAqD;YACrD,2DAA2D;YAC3D,0DAA0D;YAC1D,EAAE;YACF,wCAAwC;YACxC,KAAK;gBACH,CAAC,CAAC,2DAA2D,KAAK,KAAK;gBACvE,CAAC,CAAC,oEAAoE;YACxE,sEAAsE;YACtE,2BAA2B;YAC3B,2CAA2C;YAC3C,EAAE;YACF,wCAAwC;YACxC,KAAK;gBACH,CAAC,CAAC,wCAAwC,KAAK,KAAK;gBACpD,CAAC,CAAC,oDAAoD;YACxD,yDAAyD;YACzD,+CAA+C;YAC/C,EAAE;YACF,sBAAsB;YACtB,oGAAoG;YACpG,gGAAgG;YAChG,+EAA+E;YAC/E,6EAA6E;YAC7E,wEAAwE;YACxE,kFAAkF;YAClF,uEAAuE;YACvE,EAAE;YACF,yCAAyC;YACzC,+FAA+F;YAC/F,8FAA8F;SAC/F,CAAC;QAEF,4EAA4E;QAE5E,MAAM,cAAc,GAAG;YACrB,qCAAqC;YACrC,EAAE;YACF,kFAAkF;YAClF,+BAA+B;YAC/B,EAAE;YACF,0BAA0B;YAC1B,2FAA2F;YAC3F,4FAA4F;YAC5F,yBAAyB;YACzB,0FAA0F;YAC1F,gFAAgF;YAChF,yFAAyF;YACzF,sEAAsE;YACtE,EAAE;YACF,gCAAgC;YAChC,mFAAmF;YACnF,kEAAkE;YAClE,2FAA2F;YAC3F,mFAAmF;YACnF,qGAAqG;YACrG,EAAE;YACF,wBAAwB;YACxB,kDAAkD;YAClD,KAAK;YACL,8DAA8D;YAC9D,sEAAsE;YACtE,0BAA0B;YAC1B,oEAAoE;YACpE,2DAA2D;YAC3D,2DAA2D;YAC3D,gDAAgD;YAChD,KAAK;YACL,EAAE;YACF,kGAAkG;YAClG,8FAA8F;YAC9F,mCAAmC;YACnC,mGAAmG;YACnG,8BAA8B;YAC9B,EAAE;YACF,aAAa;YACb,gGAAgG;YAChG,gGAAgG;SACjG,CAAC;QAEF,4EAA4E;QAE5E,MAAM,eAAe,GAAG;YACtB,kCAAkC;YAClC,EAAE;YACF,wDAAwD;YACxD,EAAE;YACF,8BAA8B;YAC9B,iFAAiF;YACjF,wFAAwF;YACxF,kEAAkE;YAClE,yEAAyE;YACzE,2CAA2C;YAC3C,8FAA8F;YAC9F,sEAAsE;YACtE,EAAE;YACF,gDAAgD;YAChD,8CAA8C;YAC9C,wFAAwF;YACxF,wFAAwF;YACxF,EAAE;YACF,mBAAmB;YACnB,2FAA2F;YAC3F,uFAAuF;YACvF,6DAA6D;YAC7D,2CAA2C;YAC3C,2EAA2E;YAC3E,EAAE;YACF,8BAA8B;YAC9B,8EAA8E;YAC9E,4FAA4F;YAC5F,8EAA8E;YAC9E,+EAA+E;YAC/E,EAAE;YACF,aAAa;YACb,mFAAmF;YACnF,mFAAmF;SACpF,CAAC;QAEF,4EAA4E;QAE5E,MAAM,YAAY,GAAG;YACnB,8BAA8B;YAC9B,EAAE;YACF,sDAAsD;YACtD,EAAE;YACF,2BAA2B;YAC3B,8FAA8F;YAC9F,4FAA4F;YAC5F,2EAA2E;YAC3E,iGAAiG;YACjG,2DAA2D;YAC3D,6FAA6F;YAC7F,qDAAqD;YACrD,EAAE;YACF,yBAAyB;YACzB,8FAA8F;YAC9F,kFAAkF;YAClF,+FAA+F;YAC/F,kEAAkE;YAClE,EAAE;YACF,yBAAyB;YACzB,qDAAqD;YACrD,wEAAwE;YACxE,sFAAsF;YACtF,8EAA8E;YAC9E,EAAE;YACF,yBAAyB;YACzB,kEAAkE;YAClE,4FAA4F;YAC5F,wEAAwE;YACxE,EAAE;YACF,aAAa;YACb,wFAAwF;YACxF,wFAAwF;SACzF,CAAC;QAEF,4EAA4E;QAE5E,MAAM,gBAAgB,GAAG;YACvB,sCAAsC;YACtC,EAAE;YACF,+DAA+D;YAC/D,EAAE;YACF,2BAA2B;YAC3B,qEAAqE;YACrE,wEAAwE;YACxE,8EAA8E;YAC9E,yEAAyE;YACzE,EAAE;YACF,iCAAiC;YACjC,4EAA4E;YAC5E,yEAAyE;YACzE,gFAAgF;YAChF,4EAA4E;YAC5E,oFAAoF;YACpF,EAAE;YACF,8BAA8B;YAC9B,uEAAuE;YACvE,wFAAwF;YACxF,wEAAwE;YACxE,EAAE;YACF,2BAA2B;YAC3B,gFAAgF;YAChF,6EAA6E;YAC7E,EAAE;YACF,aAAa;YACb,0FAA0F;YAC1F,0FAA0F;SAC3F,CAAC;QAEF,4EAA4E;QAE5E,MAAM,cAAc,GAAG;YACrB,4BAA4B;YAC5B,EAAE;YACF,oFAAoF;YACpF,EAAE;YACF,wBAAwB;YACxB,yFAAyF;YACzF,uEAAuE;YACvE,mFAAmF;YACnF,uCAAuC;YACvC,qFAAqF;YACrF,EAAE;YACF,uBAAuB;YACvB,iGAAiG;YACjG,qGAAqG;YACrG,+FAA+F;YAC/F,mEAAmE;YACnE,EAAE;YACF,wBAAwB;YACxB,qFAAqF;YACrF,uFAAuF;YACvF,0EAA0E;YAC1E,0EAA0E;YAC1E,EAAE;YACF,6BAA6B;YAC7B,iFAAiF;YACjF,kFAAkF;YAClF,2DAA2D;YAC3D,EAAE;YACF,aAAa;YACb,4GAA4G;YAC5G,4GAA4G;SAC7G,CAAC;QAEF,2EAA2E;QAE3E,MAAM,YAAY,GAAG;YACnB,8BAA8B;YAC9B,EAAE;YACF,0DAA0D;YAC1D,EAAE;YACF,qBAAqB;YACrB,sFAAsF;YACtF,uEAAuE;YACvE,mFAAmF;YACnF,sDAAsD;YACtD,qFAAqF;YACrF,uDAAuD;YACvD,iFAAiF;YACjF,6EAA6E;YAC7E,EAAE;YACF,mCAAmC;YACnC,2FAA2F;YAC3F,8FAA8F;YAC9F,wEAAwE;YACxE,6FAA6F;YAC7F,wDAAwD;YACxD,4FAA4F;YAC5F,6EAA6E;YAC7E,EAAE;YACF,0BAA0B;YAC1B,wFAAwF;YACxF,2FAA2F;YAC3F,oBAAoB;YACpB,gEAAgE;YAChE,gFAAgF;YAChF,6FAA6F;YAC7F,EAAE;YACF,aAAa;YACb,4FAA4F;YAC5F,6FAA6F;SAC9F,CAAC;QAEF,4EAA4E;QAE5E,MAAM,iBAAiB,GAAG;YACxB,6BAA6B;YAC7B,EAAE;YACF,mEAAmE;YACnE,EAAE;YACF,0BAA0B;YAC1B,iEAAiE;YACjE,8DAA8D;YAC9D,6EAA6E;YAC7E,2EAA2E;YAC3E,EAAE;YACF,yBAAyB;YACzB,kFAAkF;YAClF,iEAAiE;YACjE,+EAA+E;YAC/E,2FAA2F;YAC3F,EAAE;YACF,4BAA4B;YAC5B,qFAAqF;YACrF,iFAAiF;YACjF,uFAAuF;YACvF,0DAA0D;YAC1D,yFAAyF;YACzF,EAAE;YACF,aAAa;YACb,uFAAuF;YACvF,uFAAuF;SACxF,CAAC;QAEF,4EAA4E;QAE5E,MAAM,QAAQ,GAAe;YAC3B,gBAAgB;YAChB,cAAc;YACd,eAAe;YACf,YAAY;YACZ,gBAAgB;YAChB,cAAc;YACd,YAAY;YACZ,iBAAiB;SAClB,CAAC;QAEF,4EAA4E;QAE5E,MAAM,YAAY,GAAG;YACnB,sCAAsC;YACtC,EAAE;YACF,2CAA2C;YAC3C,EAAE;YACF,KAAK;YACL,iCAAiC;YACjC,kCAAkC;YAClC,gBAAgB,UAAU,EAAE;YAC5B,UAAU,UAAU,EAAE;YACtB,sBAAsB;YACtB,EAAE;YACF,mBAAmB;YACnB,qBAAqB;YACrB,mCAAmC;YACnC,yBAAyB;YACzB,wBAAwB;YACxB,2BAA2B;YAC3B,sBAAsB;YACtB,kDAAkD;YAClD,EAAE;YACF,iBAAiB;YACjB,4EAA4E;YAC5E,EAAE;YACF,mBAAmB;YACnB,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,EAAE;YACF,mBAAmB;YACnB,mBAAmB;YACnB,4BAA4B;YAC5B,8BAA8B;YAC9B,mDAAmD;YACnD,+FAA+F;YAC/F,mCAAmC;YACnC,oEAAoE;YACpE,qFAAqF;YACrF,2EAA2E;YAC3E,oFAAoF;YACpF,EAAE;YACF,sBAAsB;YACtB,2DAA2D;YAC3D,+DAA+D;YAC/D,uDAAuD;YACvD,2DAA2D;YAC3D,EAAE;YACF,wBAAwB;YACxB,6DAA6D;YAC7D,oDAAoD;YACpD,qDAAqD;YACrD,qDAAqD;YACrD,KAAK;SACN,CAAC;QAEF,OAAO;YACL;gBACE,IAAI,EAAE,WAAoB;gBAC1B,OAAO,EAAE;oBACP,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE;wBACJ,wCAAwC;wBACxC,EAAE;wBACF,oBAAoB,UAAU,EAAE;wBAChC,cAAc,UAAU,EAAE;wBAC1B,EAAE;wBACF,+EAA+E;wBAC/E,kFAAkF;wBAClF,+EAA+E;wBAC/E,8EAA8E;wBAC9E,mCAAmC;wBACnC,EAAE;wBACF,yBAAyB;wBACzB,oEAAoE;wBACpE,iFAAiF;wBACjF,qFAAqF;wBACrF,mFAAmF;wBACnF,yFAAyF;wBACzF,4EAA4E;wBAC5E,mEAAmE;wBACnE,EAAE;wBACF,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;wBACpC,GAAG,YAAY;wBACf,EAAE;wBACF,KAAK;wBACL,EAAE;wBACF,gFAAgF;wBAChF,uFAAuF;qBACxF,CAAC,IAAI,CAAC,IAAI,CAAC;iBACb;aACF;YACD;gBACE,IAAI,EAAE,MAAe;gBACrB,OAAO,EAAE;oBACP,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,KAAK;wBACT,CAAC,CAAC,4CAA4C,KAAK,8IAA8I;wBACjM,CAAC,CAAC,uLAAuL;iBAC5L;aACF;SACF,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,eAAe,UAAU,CAAC"}