npm - opencode-api-security-testing - Versions diffs - 5.4.10 → 5.5.0 - Mend

opencode-api-security-testing 5.4.10 → 5.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/agents/api-cyber-supervisor.md +31 -5
package/package.json +1 -1
package/src/index.ts +822 -1

package/agents/api-cyber-supervisor.md CHANGED Viewed

@@ -33,20 +33,46 @@ color: "#FF5733"
 |------|------|------|
 | api_security_scan | 完整扫描 | 全面测试 |
 | api_fuzz_test | 模糊测试 | 发现未知端点 |
-| browser_collect | 浏览器采集 | SPA 应用 |
+| browser_collect | 浏览器采集 | SPA 应用 (**侦察首选**) |
 | js_parse | JS 分析 | 提取 API 模式 |
 | vuln_verify | 漏洞验证 | 确认发现 |
 | graphql_test | GraphQL 测试 | GraphQL 端点 |
 | cloud_storage_test | 云存储测试 | OSS/S3 |
 | idor_test | IDOR 测试 | 越权漏洞 |
 | sqli_test | SQLi 测试 | 注入漏洞 |
+| pentest_planner | 测试规划 | 生成 Todo 清单 |
+## 任务管理 (关键)
+**默认行为**: 在开始任何多步测试之前，先使用 `todowrite` 创建 Todo 清单。
+### 工作流 (不可违背)
+1. **收到请求后立即**: 使用 `pentest_planner` 或手动用 `todowrite` 规划步骤
+2. **开始每个步骤前**: 标记为 `in_progress` (同时只有一个)
+3. **完成每个步骤后**: 立即标记为 `completed` (绝不批量)
+4. **如果发现新目标**: 先更新 Todo 再继续
+### 为什么不可违背
+- **用户可见性**: 用户在右侧面板实时看到进度
+- **防止漂移**: Todo 锚定你到实际请求
+- **自动续写**: 系统在空闲时自动注入未完成任务
 ## 测试流程
-### Phase 1: 侦察
-1. browser_collect 采集动态端点
-2. js_parse 分析 JS 文件
-3. url_discover 发现隐藏端点
+### Phase 1: 侦察 (**必须使用无头浏览器**)
+**第一步永远是 browser_collect**，不是 curl/fetch！
+1. **browser_collect(url, mode="dynamic")** - 使用 Playwright 无头浏览器采集动态端点
+2. js_parse 分析 JS 文件 - 提取 API 路由模式
+3. 基于采集结果发现更多隐藏端点
+> ⚠️ 为什么侦察阶段必须用 browser_collect?
+> - SPA 应用需要执行 JS 才能获取动态路由
+> - curl/fetch 只能获取静态 HTML，会遗漏大量 API 端点
+> - Playwright 可以模拟真实浏览器行为，触发 XHR/Fetch 请求
 ### Phase 2: 分析
 1. 识别技术栈

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "opencode-api-security-testing",
-  "version": "5.4.10",
+  "version": "5.5.0",
   "description": "API Security Testing Plugin for OpenCode - Automated vulnerability scanning and penetration testing",
   "type": "module",
   "main": "src/index.ts",

package/src/index.ts CHANGED Viewed

@@ -432,7 +432,7 @@ class ContextCollector {
     return entries.sort((a, b) => {
       const priorityDiff = PRIORITY_ORDER[a.priority] - PRIORITY_ORDER[b.priority];
-      if (priorityDiff !== 00 return priorityDiff;
+      if (priorityDiff !== 0) return priorityDiff;
       return a.registrationOrder - b.registrationOrder;
     });
   }
@@ -479,6 +479,127 @@ function clearSessionState(sessionID: string | undefined): void {
   }
 }
+// ============================================================================
+// P9 内部触发器 + Todo 持续注入系统 (参考 oh-my-opencode)
+// ============================================================================
+const P9_INTERNAL_INITIATOR = "<!-- P9_INTERNAL_INITIATOR -->";
+// 创建内部 agent 文本 part (不会被 UI 显示)
+function createP9InternalTextPart(text: string) {
+  return {
+    type: "text" as const,
+    text: `${text}\n${P9_INTERNAL_INITIATOR}`,
+  };
+}
+// Todo 持续注入提示
+const P9_CONTINUATION_PROMPT = `[SYSTEM DIRECTIVE: P9 - TODO CONTINUATION]
+渗透测试任务未完成。继续执行下一个待处理任务。
+- 直接执行，不要询问用户
+- 完成每个任务后立即标记为 completed
+- 不要停止直到所有任务完成
+- 如果所有测试已完成，生成最终报告`;
+// 覆盖 todowrite 工具描述 (渗透测试专用)
+const P9_TODOWRITE_DESCRIPTION = `使用此工具创建和管理渗透测试任务清单。
+## 任务格式 (必须)
+每个任务标题必须编码: [阶段] [动作] [目标] - 预期 [结果]
+好的:
+- "[侦察] browser_collect 采集 https://target - 提取 JS 端点"
+- "[认证] sqli_test 测试 /api/login - 检测注入"
+- "[验证] vuln_verify 确认 SQL 注入 - 获取 PoC"
+坏的:
+- "测试登录" (哪个接口? 怎么测? 预期什么?)
+- "扫描目标" (太笼统)
+## 测试阶段
+1. **侦察**: browser_collect → js_parse → 端点发现
+2. **认证**: 登录接口测试 → 认证绕过 → 暴力破解
+3. **漏洞**: SQLi → IDOR → XSS → 信息泄露
+4. **报告**: 生成结构化 Markdown 报告
+## 管理规则
+- 一次只标记一个 in_progress
+- 完成后立即标记 completed
+- 你的 TODO 会被 HOOK([SYSTEM REMINDER - TODO CONTINUATION]) 自动追踪`;
+// Todo 持续状态追踪
+const todoContinuationState = new Map<string, {
+  lastInjectedAt: number;
+  incompleteCount: number;
+  stagnationCount: number;
+}>();
+const CONTINUATION_COOLDOWN_MS = 5000;
+const MAX_STAGNATION_COUNT = 3;
+function getIncompleteCount(todos: Array<{ status: string }>): number {
+  return todos.filter(t =>
+    t.status !== "completed" &&
+    t.status !== "cancelled" &&
+    t.status !== "blocked"
+  ).length;
+}
+// 系统提示 - 渗透测试 Todo 管理 (注入到 system prompt, 参考 oh-my-opencode Sisyphus)
+const PENTEST_TODO_SYSTEM_PROMPT = `<Pentest_Task_Management>
+## 渗透测试 Todo 管理 (关键)
+**默认行为**: 在开始任何渗透测试之前，必须先使用 todowrite 创建 Todo 清单。这是你的首要协调机制。
+### 何时创建 Todo (必须)
+- 多步骤测试 (2+ 步骤) → 始终先创建 Todo
+- 用户提出安全测试请求 → 始终
+- 使用 pentest_planner 工具后 → 立即将输出转为 todowrite 调用
+- 复杂单一任务 → 创建 Todo 拆解
+### 工作流 (不可协商)
+1. **收到请求后立即**: 使用 todowrite 规划原子步骤
+2. **开始每步前**: 标记 in_progress (同时只有一个)
+3. **完成每步后**: 立即标记 completed (绝不批量)
+4. **范围变化时**: 先更新 Todo 再继续
+### 侦察阶段 (必须先使用 Playwright 无头浏览器)
+**侦察阶段必须第一步就使用 browser_collect 工具 (基于 Playwright)！**
+不要用 curl/fetch 做侦察，必须直接上无头浏览器。
+侦察顺序:
+1. browser_collect(url, mode="dynamic") - 用 Playwright 采集 SPA 动态内容
+2. js_parse(file_path) - 分析 JS 文件中的 API 模式
+3. 根据发现使用专业工具深入
+### 为什么这是不可协商的
+- **用户可见性**: 用户在右侧面板实时看到进度
+- **防止漂移**: Todo 锚定你到实际请求
+- **自动继续**: 系统会自动追踪并注入未完成的 Todo，驱动你继续执行
+- **问责制**: 每个 Todo = 明确承诺
+### 反模式 (禁止)
+- 多步测试跳过 Todo - 用户无可见性，步骤被遗忘
+- 批量完成多个 Todo - 失去实时追踪意义
+- 不标记 in_progress 就开始 - 无法知道你在做什么
+- 完成但不标记 completed - 任务对用户显示为未完成
+**未在非琐碎任务上使用 Todo = 不完整的工作。**
+你的 Todo 创建会被 HOOK([SYSTEM REMINDER - TODO CONTINUATION]) 自动追踪。
+</Pentest_Task_Management>`;
+const TODO_HOOK_NOTE = `\n[P9 HOOK NOTE] 你的 Todo 创建会被 HOOK([SYSTEM REMINDER - TODO CONTINUATION]) 自动追踪。当会话空闲且有未完成任务时，系统会自动注入续写提示。`;
 function getConfigPath(ctx: { directory: string }): string {
   return join(ctx.directory, SKILL_DIR, "assets", CONFIG_FILE);
 }
@@ -651,6 +772,272 @@ function resetFailureCount(sessionID: string): void {
   sessionFailures.delete(sessionID);
 }
+// ============================================================================
+// 渗透测试规划引擎 - 根据侦察结果生成测试计划
+// ============================================================================
+interface TestPlanItem {
+  id: string;
+  phase: string;
+  task: string;
+  tool: string;
+  params: Record<string, unknown>;
+  priority: "P0" | "P1" | "P2" | "P3";
+  status: "pending" | "running" | "done" | "skipped";
+  depends_on: string[];
+  reason: string;
+}
+function generateTestPlan(
+  target: string,
+  scope: string,
+  depth: string,
+  reconResults: Record<string, unknown>,
+  customRequirements: string,
+): { target: string; scope: string; depth: string; plan: TestPlanItem[]; summary: Record<string, number> } {
+  const plan: TestPlanItem[] = [];
+  let id = 0;
+  // 分析侦察结果
+  const isSPA = reconResults.is_spa === true;
+  const apiCount = (reconResults.api_paths_found as number) || 0;
+  const framework = reconResults.framework || "Unknown";
+  const secChecks = (reconResults.security_checks as Array<{ endpoint: string; status: number }>) || [];
+  // 发现暴露的端点
+  const exposedEndpoints = secChecks.filter(c => c.status === 200);
+  const hasExposedEndpoints = exposedEndpoints.length > 0;
+  // Phase 1: 侦察 (始终需要)
+  plan.push({
+    id: `T${++id}`,
+    phase: "侦察",
+    task: "JS 文件分析 - 提取 API 端点",
+    tool: "js_parse",
+    params: { file_path: `${target}/js/app.*.js` },
+    priority: "P0",
+    status: "pending",
+    depends_on: [],
+    reason: isSPA ? "SPA 应用，需要从 JS 中提取所有 API 路径" : "分析 JS 文件中的 API 调用模式",
+  });
+  plan.push({
+    id: `T${++id}`,
+    phase: "侦察",
+    task: "API 端点发现 - 完整扫描",
+    tool: "endpoint_batch_test",
+    params: { base_url: target, endpoints: ["/api", "/admin", "/v1", "/v2"], methods: ["GET", "POST"] },
+    priority: "P0",
+    status: "pending",
+    depends_on: [],
+    reason: "发现所有可访问的 API 端点",
+  });
+  // Phase 2: 认证测试 (如果有登录接口)
+  if (scope === "full" || scope === "auth_only") {
+    plan.push({
+      id: `T${++id}`,
+      phase: "认证测试",
+      task: "登录接口 SQL 注入测试",
+      tool: "sql_injection_test",
+      params: { endpoint: `${target}/admin/upms/login/doLogin`, params: ["loginName", "password"], payload_type: "basic" },
+      priority: "P0",
+      status: "pending",
+      depends_on: ["T1"],
+      reason: "登录接口是最常见的 SQL 注入入口",
+    });
+    plan.push({
+      id: `T${++id}`,
+      phase: "认证测试",
+      task: "认证绕过测试",
+      tool: "auth_bypass_test",
+      params: { endpoint: `${target}/admin/upms/sysUser/list`, auth_type: "session" },
+      priority: "P1",
+      status: "pending",
+      depends_on: ["T1"],
+      reason: "测试是否可以绕过认证访问受保护资源",
+    });
+    plan.push({
+      id: `T${++id}`,
+      phase: "认证测试",
+      task: "暴力破解保护检测",
+      tool: "endpoint_batch_test",
+      params: { base_url: target, endpoints: Array(10).fill("/admin/upms/login/doLogin"), methods: ["POST"] },
+      priority: "P1",
+      status: "pending",
+      depends_on: ["T3"],
+      reason: "连续发送登录请求，检测是否有速率限制",
+    });
+  }
+  // Phase 3: 深度测试 (根据 depth 决定)
+  if (depth === "deep" || depth === "stealth") {
+    plan.push({
+      id: `T${++id}`,
+      phase: "深度测试",
+      task: "时间盲注 SQL 注入测试",
+      tool: "sql_injection_test",
+      params: { endpoint: `${target}/admin/upms/login/doLogin`, params: ["loginName"], payload_type: "time_based" },
+      priority: "P1",
+      status: "pending",
+      depends_on: ["T3"],
+      reason: "基础注入未发现时，测试时间盲注",
+    });
+    plan.push({
+      id: `T${++id}`,
+      phase: "深度测试",
+      task: "IDOR 越权测试",
+      tool: "auth_bypass_test",
+      params: { endpoint: `${target}/admin/upms/sysUser/view`, auth_type: "api_key" },
+      priority: "P1",
+      status: "pending",
+      depends_on: ["T4"],
+      reason: "测试用户数据接口是否存在 IDOR 越权",
+    });
+  }
+  // Phase 4: 如果发现暴露端点
+  if (hasExposedEndpoints) {
+    for (const ep of exposedEndpoints) {
+      plan.push({
+        id: `T${++id}`,
+        phase: "暴露端点测试",
+        task: `测试暴露端点: ${ep.endpoint}`,
+        tool: "endpoint_batch_test",
+        params: { base_url: target, endpoints: [ep.endpoint], methods: ["GET", "POST"] },
+        priority: "P0",
+        status: "pending",
+        depends_on: [],
+        reason: `端点 ${ep.endpoint} 返回 HTTP 200，可能存在信息泄露`,
+      });
+    }
+  }
+  // Phase 5: 报告生成 (始终最后)
+  plan.push({
+    id: `T${++id}`,
+    phase: "报告",
+    task: "生成渗透测试报告",
+    tool: "generate_pentest_report",
+    params: { target },
+    priority: "P2",
+    status: "pending",
+    depends_on: plan.map(t => t.id),
+    reason: "所有测试完成后生成最终报告",
+  });
+  // 统计
+  const summary = {
+    total_tasks: plan.length,
+    p0_tasks: plan.filter(t => t.priority === "P0").length,
+    p1_tasks: plan.filter(t => t.priority === "P1").length,
+    p2_tasks: plan.filter(t => t.priority === "P2").length,
+    phases: [...new Set(plan.map(t => t.phase))].length,
+  };
+  return {
+    target,
+    scope,
+    depth,
+    plan,
+    summary,
+  };
+}
+// ============================================================================
+// 自主决策引擎 - 根据当前状态选择最优下一步
+// ============================================================================
+interface NextAction {
+  name: string;
+  tool: string;
+  params: Record<string, unknown>;
+  reason: string;
+  priority: "P0" | "P1" | "P2" | "P3";
+}
+function decideNextActions(state: {
+  target: string;
+  mode: string;
+  focus: string;
+  findings: Array<{ type: string; detail: string; severity: string }>;
+  completed_tasks: string[];
+  api_endpoints: string[];
+  auth_required: boolean;
+  tech_stack: string[];
+  recon_data: Record<string, unknown>;
+}): NextAction[] {
+  const actions: NextAction[] = [];
+  const target = state.target;
+  // 规则 1: 如果发现 SQL 注入线索，深入测试
+  const sqliFindings = state.findings.filter(f => f.type === "sqli");
+  if (sqliFindings.length > 0) {
+    actions.push({
+      name: "深入 SQL 注入测试 (union/error_based)",
+      tool: "sql_injection_test",
+      params: { endpoint: `${target}/admin/upms/login/doLogin`, params: ["loginName"], payload_type: "union" },
+      reason: `已发现 ${sqliFindings.length} 个 SQL 注入线索，需要进一步验证`,
+      priority: "P0",
+    });
+  }
+  // 规则 2: 如果认证正常，尝试认证绕过
+  if (state.auth_required && !state.completed_tasks.includes("test_auth_bypass")) {
+    actions.push({
+      name: "认证绕过测试",
+      tool: "auth_bypass_test",
+      params: { endpoint: `${target}/admin/upms/sysUser/list`, auth_type: "session" },
+      reason: "目标需要认证，测试是否可以绕过",
+      priority: "P0",
+    });
+  }
+  // 规则 3: 如果有多个 API 端点，批量测试
+  if (state.api_endpoints.length > 5) {
+    const untestedEndpoints = state.api_endpoints.filter((ep: string) =>
+      !ep.includes("login") && !ep.includes("doLogin")
+    ).slice(0, 10);
+    actions.push({
+      name: "批量 API 端点测试",
+      tool: "endpoint_batch_test",
+      params: { base_url: target, endpoints: untestedEndpoints, methods: ["GET", "POST"] },
+      reason: `发现 ${state.api_endpoints.length} 个 API 端点，需要批量检测认证和响应状态`,
+      priority: "P1",
+    });
+  }
+  // 规则 4: 如果技术栈包含 Java/Spring，测试 Actuator
+  if (state.tech_stack.some(t => t.includes("Spring") || t.includes("Element"))) {
+    actions.push({
+      name: "Spring Boot Actuator 端点测试",
+      tool: "endpoint_batch_test",
+      params: {
+        base_url: target,
+        endpoints: ["/actuator", "/actuator/env", "/actuator/health", "/actuator/mappings", "/actuator/heapdump"],
+        methods: ["GET"],
+      },
+      reason: "检测 Spring Boot Actuator 端点是否暴露",
+      priority: "P1",
+    });
+  }
+  // 规则 5: 生成报告
+  actions.push({
+    name: "生成渗透测试报告",
+    tool: "generate_pentest_report",
+    params: { target, findings: state.findings },
+    reason: "汇总所有测试结果",
+    priority: "P2",
+  });
+  return actions;
+}
 function detectGiveUpPattern(text: string): boolean {
   return CYBER_SUPERVISOR.give_up_patterns.some(p =>
     text.toLowerCase().includes(p.toLowerCase())
@@ -1663,6 +2050,330 @@ ${f.remediation}
         },
       }),
+      // ========================================
+      // 自主任务编排 + 测试规划
+      // ========================================
+      // 渗透测试规划器 - 先规划后执行 (使用 OpenCode 内置 todowrite)
+      pentest_planner: tool({
+        description: "渗透测试规划器。侦察目标后输出 todowrite 指令，让你使用 OpenCode 内置 Todo 面板追踪测试进度。参数: target(目标URL), scope(测试范围), depth(测试深度)",
+        args: {
+          target: tool.schema.string(),
+          scope: tool.schema.enum(["full", "auth_only", "api_only", "infra_only", "quick"]).optional(),
+          depth: tool.schema.enum(["surface", "deep", "stealth"]).optional(),
+          custom_requirements: tool.schema.string().optional(),
+        },
+        async execute(args) {
+          const target = args.target;
+          const scope = args.scope || "full";
+          const depth = args.depth || "surface";
+          const requirements = args.custom_requirements || "";
+          // Phase 1: 侦察 - 快速探测目标
+          const reconResults: Record<string, unknown> = {};
+          try {
+            // 获取首页
+            const homeResponse = await fetch(target, {
+              headers: { "User-Agent": "Mozilla/5.0" },
+            });
+            reconResults.home_status = homeResponse.status;
+            reconResults.content_type = homeResponse.headers.get("content-type");
+            // 获取 JS 文件列表
+            const homeText = await homeResponse.text();
+            const jsFiles = homeText.match(/\/js\/[^\s"]+\.js/g) || [];
+            reconResults.js_files_count = jsFiles.length;
+            reconResults.is_spa = homeText.includes("app.js") || homeText.includes("chunk~");
+            reconResults.framework = homeText.includes("vue") ? "Vue.js"
+              : homeText.includes("react") ? "React"
+              : homeText.includes("angular") ? "Angular"
+              : "Unknown";
+            // 检测 API 路径
+            const apiPaths = homeText.match(/doUrl\("([^"]+)"/g) || [];
+            reconResults.api_paths_found = apiPaths.length;
+            // 检测常见安全端点
+            const securityChecks: Array<{ endpoint: string; status: number }> = [];
+            const checkEndpoints = ["/api", "/swagger-ui.html", "/actuator/health", "/druid", "/.env"];
+            for (const ep of checkEndpoints) {
+              try {
+                const checkUrl = new URL(ep, target).href;
+                const resp = await fetch(checkUrl, { method: "HEAD" });
+                securityChecks.push({ endpoint: ep, status: resp.status });
+              } catch (e) {
+                securityChecks.push({ endpoint: ep, status: 0 });
+              }
+            }
+            reconResults.security_checks = securityChecks;
+          } catch (error) {
+            reconResults.error = String(error);
+          }
+          // Phase 2: 根据侦察结果生成测试计划
+          const plan = generateTestPlan(target, scope, depth, reconResults, requirements);
+          // Phase 3: 输出 todowrite 指令而非 JSON
+          // 这样 LLM 会调用 OpenCode 内置的 todowrite 工具，显示在右侧面板
+          const todoItems = plan.plan.map(t => {
+            const status = t.priority === "P0" ? "pending" : "pending";
+            return `    { content: "${t.phase}: ${t.task} - 预期${t.reason.includes("泄露") ? "发现/排除信息泄露" : t.reason.includes("注入") ? "确认/排除注入漏洞" : "完成测试"}, 使用 ${t.tool}", status: "${status}", priority: "${t.priority === "P0" ? "high" : t.priority === "P1" ? "medium" : "low"}" }`;
+          }).join(",\n");
+          return `## 侦察完成 - 目标分析结果
+**目标**: ${target}
+**技术栈**: ${reconResults.framework || "Unknown"} | SPA: ${reconResults.is_spa ? "是" : "否"} | JS文件: ${reconResults.js_files_count || 0} | API路径: ${reconResults.api_paths_found || 0}
+**首页状态**: ${reconResults.home_status || "N/A"}
+### 安全端点探测
+${JSON.stringify(reconResults.security_checks || [], null, 2)}
+### 测试计划已生成 (${plan.summary.total_tasks} 项任务)
+**⚠️ 请立即使用 \`todowrite\` 工具创建以下 Todo 清单 (会显示在右侧面板):**
+\`\`\`
+todowrite({
+  todos: [
+${todoItems}
+  ]
+})
+\`\`\`
+创建 Todo 后，系统会自动追踪进度并在你完成每个任务后自动继续下一个。
+从第一个 P0 任务开始执行！`;
+        },
+      }),
+      // 自主渗透测试引擎 - 自动 Hook 下一步 + 最优解选择
+      auto_pentest: tool({
+        description: "自主渗透测试引擎。自动执行侦察->规划->测试->验证全流程，根据每步结果自主选择下一步最优操作。参数: target(目标URL), max_steps(最大步骤数), mode(模式)",
+        args: {
+          target: tool.schema.string(),
+          max_steps: tool.schema.number().optional(),
+          mode: tool.schema.enum(["recon", "full", "stealth", "aggressive"]).optional(),
+          focus: tool.schema.enum(["sqli", "auth", "idor", "xss", "all"]).optional(),
+        },
+        async execute(args) {
+          const target = args.target;
+          const maxSteps = args.max_steps || 10;
+          const mode = args.mode || "full";
+          const focus = args.focus || "all";
+          // 自主编排引擎状态
+          const engineState = {
+            target,
+            mode,
+            focus,
+            current_phase: "recon" as string,
+            step: 0,
+            max_steps: maxSteps,
+            findings: [] as Array<{ type: string; detail: string; severity: string }>,
+            completed_tasks: [] as string[],
+            next_actions: [] as string[],
+            // 自主决策需要的数据
+            recon_data: {} as Record<string, unknown>,
+            api_endpoints: [] as string[],
+            auth_required: false,
+            tech_stack: [] as string[],
+          };
+          // === Phase 1: 侦察 (自动) ===
+          engineState.current_phase = "recon";
+          engineState.step = 1;
+          // 1.1 获取首页
+          try {
+            const homeResponse = await fetch(target);
+            const homeText = await homeResponse.text();
+            engineState.recon_data.home_status = homeResponse.status;
+            engineState.recon_data.is_spa = homeText.includes("chunk~") || homeText.includes("app.");
+            // 检测技术栈
+            if (homeText.includes("vue") || homeText.includes("Vue")) engineState.tech_stack.push("Vue.js");
+            if (homeText.includes("element-ui")) engineState.tech_stack.push("Element UI");
+            if (homeText.includes("axios")) engineState.tech_stack.push("Axios");
+            // 提取 API 端点
+            const apiMatches = homeText.match(/doUrl\("([^"]+)"/g) || [];
+            engineState.api_endpoints = apiMatches.map((m: string) => {
+              const match = m.match(/"([^"]+)"/);
+              return match ? match[1] : "";
+            }).filter(Boolean);
+            engineState.recon_data.api_count = engineState.api_endpoints.length;
+          } catch (error) {
+            engineState.findings.push({
+              type: "recon_error",
+              detail: String(error),
+              severity: "Info",
+            });
+          }
+          // 1.2 提取 JS 中的端点 (如果有主 JS 文件)
+          try {
+            const jsUrl = new URL("/js/app.6ae9dcec.js", target).href;
+            const jsResponse = await fetch(jsUrl);
+            if (jsResponse.status === 200) {
+              const jsText = await jsResponse.text();
+              const doUrlMatches = jsText.match(/doUrl\("([^"]+)"/g) || [];
+              const additionalEndpoints = doUrlMatches.map((m: string) => {
+                const match = m.match(/"([^"]+)"/);
+                return match ? match[1] : "";
+              }).filter(Boolean);
+              engineState.api_endpoints = [...new Set([...engineState.api_endpoints, ...additionalEndpoints])];
+            }
+          } catch (e) {
+            // Ignore JS extraction errors
+          }
+          engineState.completed_tasks.push("recon_homepage");
+          engineState.completed_tasks.push("recon_js_analysis");
+          engineState.completed_tasks.push("recon_api_discovery");
+          // === Phase 2: 根据侦察结果自主决策下一步 ===
+          engineState.current_phase = "analysis";
+          engineState.step = 2;
+          // 2.1 检测认证需求
+          const authEndpoints = engineState.api_endpoints.filter((ep: string) =>
+            !ep.includes("login") && !ep.includes("doLogin")
+          );
+          if (authEndpoints.length > 0) {
+            const testUrl = new URL(authEndpoints[0], target).href;
+            try {
+              const testResponse = await fetch(testUrl, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify({}),
+              });
+              engineState.auth_required = testResponse.status === 401 || testResponse.status === 403;
+            } catch (e) {
+              // Ignore
+            }
+          }
+          engineState.completed_tasks.push("auth_detection");
+          // === Phase 3: 自动选择最优解并生成下一步行动 ===
+          engineState.current_phase = "planning";
+          engineState.step = 3;
+          const nextActions = decideNextActions(engineState);
+          engineState.next_actions = nextActions;
+          // === Phase 4: 执行关键测试 ===
+          engineState.current_phase = "testing";
+          // 4.1 测试登录接口 (如果有)
+          const loginEndpoint = engineState.api_endpoints.find((ep: string) =>
+            ep.includes("login") || ep.includes("doLogin")
+          );
+          if (loginEndpoint) {
+            engineState.step = 4;
+            const loginUrl = new URL(loginEndpoint, target).href;
+            // 测试参数验证
+            try {
+              const emptyResponse = await fetch(loginUrl, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify({}),
+              });
+              const emptyText = await emptyResponse.text();
+              if (emptyText.includes("ARGUMENT_NULL") || emptyText.includes("验证失败")) {
+                engineState.findings.push({
+                  type: "info_leakage",
+                  detail: `登录接口参数验证泄露: ${emptyText.substring(0, 100)}`,
+                  severity: "Low",
+                });
+              }
+            } catch (e) {
+              // Ignore
+            }
+            // SQL 注入快速测试
+            try {
+              const sqliPayloads = ["' OR '1'='1", "admin'--", "1' AND SLEEP(3)--"];
+              for (const payload of sqliPayloads) {
+                const sqliResponse = await fetch(loginUrl, {
+                  method: "POST",
+                  headers: { "Content-Type": "application/json" },
+                  body: JSON.stringify({ loginName: payload, password: "test" }),
+                });
+                const sqliText = await sqliResponse.text();
+                if (sqliText.toLowerCase().includes("sql") || sqliText.toLowerCase().includes("syntax")) {
+                  engineState.findings.push({
+                    type: "sqli",
+                    detail: `SQL 注入可能存在: payload=${payload}, response=${sqliText.substring(0, 100)}`,
+                    severity: "High",
+                  });
+                  break;
+                }
+              }
+            } catch (e) {
+              // Ignore
+            }
+            engineState.completed_tasks.push("test_login_sqli");
+          }
+          // === Phase 5: 生成最终报告 ===
+          engineState.current_phase = "report";
+          engineState.step = 5;
+          const result = {
+            status: "completed",
+            target: engineState.target,
+            mode: engineState.mode,
+            focus: engineState.focus,
+            total_steps: engineState.step,
+            max_steps: engineState.max_steps,
+            // 侦察摘要
+            recon_summary: {
+              tech_stack: engineState.tech_stack,
+              api_endpoints_found: engineState.api_endpoints.length,
+              is_spa: engineState.recon_data.is_spa,
+              auth_required: engineState.auth_required,
+            },
+            // 发现的漏洞
+            findings: engineState.findings,
+            findings_count: engineState.findings.length,
+            // 已完成的任务
+            completed_tasks: engineState.completed_tasks,
+            // 推荐的下一步行动 (自主 Hook)
+            recommended_next_actions: nextActions.map((action, i) => ({
+              step: i + 1,
+              action: action.name,
+              tool: action.tool,
+              params: action.params,
+              reason: action.reason,
+              priority: action.priority,
+            })),
+            // LLM 应该执行的指令
+            instruction_for_llm: nextActions.length > 0
+              ? `根据侦察结果，建议按以下顺序执行:\n${nextActions.map((a, i) => `${i + 1}. [${a.priority}] ${a.name} - 使用 ${a.tool}(${JSON.stringify(a.params)})\n   原因: ${a.reason}`).join("\n")}`
+              : "所有自动化测试已完成，建议手动深入测试。",
+          };
+          return JSON.stringify(result, null, 2);
+        },
+      }),
       // ========================================
       // OpenCode 原生集成工具
       // ========================================
@@ -1892,6 +2603,37 @@ ${LEVEL_PROMPTS[level]}
       return output;
     },
+    // Todo 工具描述覆盖 - 参考 oh-my-opencode 的 todo-description-override hook
+    "tool.definition": async (input, output) => {
+      if (input.toolID === "todowrite") {
+        output.description = `使用此工具创建和管理渗透测试任务清单，实时显示在 OpenCode 右侧面板。
+## Todo 格式 (强制)
+每个 todo 标题必须包含四个要素: WHERE, WHY, HOW, 预期结果。
+格式: "[目标/端点] [操作] - 预期 [结果]"
+好的示例:
+- "https://target/api/login: 使用 sqli_test 测试 SQL 注入 - 预期发现/排除注入漏洞"
+- "JS 文件分析: 使用 js_parse 提取所有 API 端点 - 预期获得完整端点列表"
+- "认证绕过测试: 使用 auth_bypass_test 测试 /api/user - 预期确认/排除绕过可能"
+坏的示例:
+- "测试 SQL 注入" (哪个端点? 什么工具? 什么结果?)
+- "安全测试" (太笼统)
+## 粒度规则
+每个 todo 必须是单个原子操作，可以在 1-3 次工具调用内完成。如果需要更多步骤，拆分它。
+## 任务管理
+- 一次只标记一个 in_progress。完成后再开始下一个。
+- 每完成一项立即标记 completed。
+- 单步简单任务跳过此工具。`;
+      }
+    },
     // 会话事件处理
     event: async (input) => {
       const { event } = input
@@ -1908,6 +2650,77 @@ ${LEVEL_PROMPTS[level]}
         }
       }
+      // 会话空闲 - 触发 Todo 持续注入 (参考 oh-my-opencode 的 todo-continuation-enforcer)
+      if (event.type === "session.idle") {
+        const props = event.properties as Record<string, unknown> | undefined;
+        const sessionID = (props?.info as { id?: string })?.id;
+        if (sessionID) {
+          try {
+            // 获取当前 todo 列表
+            const response = await ctx.client.session.todo({ path: { id: sessionID } });
+            const todos = (response as any)?.data || response || [];
+            const incompleteCount = getIncompleteCount(Array.isArray(todos) ? todos : []);
+            if (incompleteCount === 0) {
+              return; // 没有未完成的 todo，不需要持续注入
+            }
+            // 检查冷却时间和停滞状态
+            const state = todoContinuationState.get(sessionID);
+            const now = Date.now();
+            if (state) {
+              // 冷却期内跳过
+              if (now - state.lastInjectedAt < CONTINUATION_COOLDOWN_MS) {
+                return;
+              }
+              // 停滞检测 (连续未进展)
+              if (state.stagnationCount >= MAX_STAGNATION_COUNT) {
+                console.log(`[api-security-testing] Todo continuation stagnated for session ${sessionID}`);
+                return;
+              }
+              // 更新停滞计数
+              if (state.incompleteCount === incompleteCount) {
+                state.stagnationCount++;
+              } else {
+                state.stagnationCount = 0; // 有进展，重置
+              }
+            }
+            // 构建持续注入 prompt
+            const incompleteTodos = Array.isArray(todos)
+              ? todos.filter((t: any) => t.status !== "completed" && t.status !== "cancelled")
+              : [];
+            const todoList = incompleteTodos
+              .map((t: any) => `- [${t.status || "pending"}] ${t.content || t.text || "Unknown task"}`)
+              .join("\n");
+            const continuationPrompt = `${CONTINUATION_PROMPT}\n\n[状态: ${Array.isArray(todos) ? todos.length - incompleteCount : "?"}/${Array.isArray(todos) ? todos.length : "?"} 已完成, ${incompleteCount} 剩余]\n\n剩余任务:\n${todoList}`;
+            // 注入持续 prompt (参考 oh-my-opencode 的 injectContinuation)
+            await ctx.client.session.promptAsync({
+              path: { id: sessionID },
+              body: {
+                parts: [createP9InternalTextPart(continuationPrompt)],
+              },
+              query: { directory: ctx.directory },
+            } as any);
+            // 更新状态
+            todoContinuationState.set(sessionID, {
+              lastInjectedAt: now,
+              incompleteCount,
+              stagnationCount: state?.stagnationCount || 0,
+            });
+            console.log(`[api-security-testing] Injected todo continuation for session ${sessionID}, ${incompleteCount} tasks remaining`);
+          } catch (err) {
+            console.error(`[api-security-testing] Todo continuation injection failed:`, err);
+          }
+        }
+      }
       // 会话删除或压缩 - 清理状态
       if (event.type === "session.deleted" || event.type === "session.compacted") {
         const props = event.properties as Record<string, unknown> | undefined;
@@ -1923,6 +2736,7 @@ ${LEVEL_PROMPTS[level]}
           clearSessionState(sessionID);
           resetFailureCount(sessionID);
           resetModelFailures(sessionID);
+          todoContinuationState.delete(sessionID);
         }
       }
     },
@@ -1993,6 +2807,13 @@ ${LEVEL_PROMPTS[level]}
       console.log(`[api-security-testing] Injected context via synthetic part, session=${sessionID}, length=${pending.merged.length}`);
     },
+    // 系统 Prompt 注入 - Todo 管理指令 (参考 oh-my-opencode Sisyphus agent)
+    "experimental.chat.system.transform": async (_input, output) => {
+      output.system.push(PENTEST_TODO_SYSTEM_PROMPT);
+      output.system.push(TODO_HOOK_NOTE);
+      console.log(`[api-security-testing] Injected pentest todo management into system prompt`);
+    },
   };
 };