opencode-pair-autonomy 1.0.0

package/vendor/mcp/web-agent-mcp/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "web-agent-mcp",
+  "version": "0.1.0",
+  "private": true,
+  "type": "module",
+  "description": "Web-agent MCP server with a CloakBrowser-backed browser adapter.",
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "tsx src/server.ts",
+    "typecheck": "tsc -p tsconfig.json --noEmit",
+    "test": "vitest run"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.17.4",
+    "cloakbrowser": "^0.3.16",
+    "playwright-core": "^1.52.0",
+    "zod": "^3.24.2"
+  },
+  "devDependencies": {
+    "@types/node": "^22.13.10",
+    "tsx": "^4.19.3",
+    "typescript": "^5.8.2",
+    "vitest": "^3.0.8"
+  }
+}

package/vendor/mcp/web-agent-mcp/src/adapters/cloakbrowser/adapter.ts

@@ -0,0 +1,335 @@
+import type { BrowserContext, Page, ViewportSize } from "playwright-core";
+
+export type AdapterProfileMode = "ephemeral" | "persistent";
+export type WaitUntilState = "domcontentloaded" | "load" | "networkidle";
+
+export type AdapterSessionHandle = {
+  contextId: string;
+  pageId: string;
+  context: BrowserContext;
+  page: Page;
+  consoleEntries: AdapterConsoleEntry[];
+  networkEntries: AdapterNetworkEntry[];
+  profileMode: AdapterProfileMode;
+  locale?: string;
+  viewport: ViewportSize;
+};
+
+export type AdapterSessionCreateInput = {
+  sessionId: string;
+  profileMode: AdapterProfileMode;
+  locale: string;
+  timezoneId?: string;
+  userDataDir?: string;
+  profileDirectory?: string;
+  humanize: boolean;
+  launchArgs: string[];
+  viewport: ViewportSize;
+};
+
+export type AdapterNavigationResult = {
+  pageId: string;
+  requestedUrl: string;
+  finalUrl: string;
+  title?: string;
+  elapsedMs: number;
+};
+
+export type AdapterA11yResult = {
+  url: string;
+  title?: string;
+  tree: {
+    role: string;
+    name?: string;
+    children: Array<{
+      role: string;
+      name?: string;
+      tag?: string;
+      text?: string;
+    }>;
+  };
+};
+
+export type AdapterDomResult = {
+  url: string;
+  title?: string;
+  summary: {
+    headings: string[];
+    links: number;
+    buttons: number;
+    forms: number;
+    inputs: number;
+  };
+};
+
+export type AdapterTextResult = {
+  url: string;
+  title?: string;
+  format: "text" | "markdown";
+  content: string;
+  truncated: boolean;
+};
+
+export type AdapterInteractiveElementSummary = {
+  tag: string;
+  type?: string;
+  id?: string;
+  name?: string;
+  placeholder?: string;
+  text?: string;
+  autocomplete?: string;
+  visible: boolean;
+};
+
+export type AdapterFrameSummary = {
+  index: number;
+  name?: string;
+  url: string;
+  title?: string;
+  text_preview: string;
+  truncated: boolean;
+  input_count: number;
+  button_count: number;
+};
+
+export type AdapterPageStateResult = {
+  url: string;
+  title?: string;
+  text: string;
+  truncated: boolean;
+  dom: AdapterDomResult["summary"];
+  inputs: AdapterInteractiveElementSummary[];
+  buttons: AdapterInteractiveElementSummary[];
+  frames: AdapterFrameSummary[];
+  recentNetwork: AdapterNetworkEntry[];
+};
+
+export type AdapterAuthState =
+  | "email_prompt"
+  | "password_prompt"
+  | "phone_selection"
+  | "verification_code"
+  | "trust_prompt"
+  | "authenticated"
+  | "unknown";
+
+export type AdapterAuthStateResult = {
+  url: string;
+  title?: string;
+  state: AdapterAuthState;
+  confidence: "high" | "medium" | "low";
+  summary: string;
+  evidence: string[];
+  suggestedSelectors: string[];
+  frames: AdapterFrameSummary[];
+  recentNetwork: AdapterNetworkEntry[];
+};
+
+export type AdapterScreenshotResult = {
+  url: string;
+  title?: string;
+  bytes: Buffer;
+  mimeType: string;
+  width?: number;
+  height?: number;
+};
+
+export type AdapterActionResult = {
+  url: string;
+  title?: string;
+  verificationHint?: string;
+};
+
+export type AdapterElementBox = {
+  selector: string;
+  x: number;
+  y: number;
+  width: number;
+  height: number;
+  visible: boolean;
+};
+
+export type AdapterConsoleEntry = {
+  type: string;
+  text: string;
+  location?: {
+    url?: string;
+    lineNumber?: number;
+    columnNumber?: number;
+  };
+  timestamp: string;
+};
+
+export type AdapterNetworkEntry = {
+  url: string;
+  method: string;
+  status?: number;
+  resourceType: string;
+  outcome: "response" | "failed";
+  failureText?: string;
+  timestamp: string;
+};
+
+export type AdapterEvaluateResult = {
+  url: string;
+  title?: string;
+  value: unknown;
+};
+
+export type AdapterWaitForNetworkResult = {
+  url: string;
+  title?: string;
+  entry: AdapterNetworkEntry;
+  elapsedMs: number;
+};
+
+export interface CloakBrowserAdapter {
+  createSession(
+    input: AdapterSessionCreateInput,
+  ): Promise<AdapterSessionHandle>;
+  closeSession(session: AdapterSessionHandle): Promise<void>;
+  navigate(
+    session: AdapterSessionHandle,
+    url: string,
+    waitUntil: WaitUntilState,
+  ): Promise<AdapterNavigationResult>;
+  observeA11y(session: AdapterSessionHandle): Promise<AdapterA11yResult>;
+  observeDom(session: AdapterSessionHandle): Promise<AdapterDomResult>;
+  observeText(
+    session: AdapterSessionHandle,
+    format: "text" | "markdown",
+  ): Promise<AdapterTextResult>;
+  inspectPageState(
+    session: AdapterSessionHandle,
+    recentNetworkLimit: number,
+  ): Promise<AdapterPageStateResult>;
+  inspectAuthState(
+    session: AdapterSessionHandle,
+    recentNetworkLimit: number,
+  ): Promise<AdapterAuthStateResult>;
+  takeScreenshot(
+    session: AdapterSessionHandle,
+    mode: "viewport" | "full" | "element",
+    format: "png" | "jpeg",
+    quality?: number,
+    selector?: string,
+  ): Promise<AdapterScreenshotResult>;
+  observeBoxes(
+    session: AdapterSessionHandle,
+    selectors: string[],
+  ): Promise<AdapterElementBox[]>;
+  observeConsole(
+    session: AdapterSessionHandle,
+    limit: number,
+  ): Promise<AdapterConsoleEntry[]>;
+  observeNetwork(
+    session: AdapterSessionHandle,
+    limit: number,
+  ): Promise<AdapterNetworkEntry[]>;
+  waitForNetwork(
+    session: AdapterSessionHandle,
+    input: {
+      urlPattern: string;
+      useRegex: boolean;
+      status?: number;
+      outcome?: AdapterNetworkEntry["outcome"];
+      timeoutMs: number;
+      pollIntervalMs: number;
+    },
+  ): Promise<AdapterWaitForNetworkResult>;
+  evaluateJs(
+    session: AdapterSessionHandle,
+    input: {
+      expression: string;
+      awaitPromise: boolean;
+    },
+  ): Promise<AdapterEvaluateResult>;
+  click(
+    session: AdapterSessionHandle,
+    input: {
+      selector: string;
+      frameSelector?: string;
+      button: "left" | "right" | "middle";
+      clickCount: number;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  fill(
+    session: AdapterSessionHandle,
+    input: {
+      selector: string;
+      frameSelector?: string;
+      value: string;
+      clearFirst: boolean;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  enterCode(
+    session: AdapterSessionHandle,
+    input: {
+      code: string;
+      selector?: string;
+      frameSelector?: string;
+      submit: boolean;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  press(
+    session: AdapterSessionHandle,
+    input: {
+      key: string;
+      selector?: string;
+      frameSelector?: string;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  waitFor(
+    session: AdapterSessionHandle,
+    input: {
+      selector?: string;
+      text?: string;
+      timeoutMs: number;
+    },
+  ): Promise<AdapterActionResult>;
+  wheel(
+    session: AdapterSessionHandle,
+    input: {
+      selector?: string;
+      deltaX: number;
+      deltaY: number;
+      steps: number;
+      stepDelayMs: number;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  drag(
+    session: AdapterSessionHandle,
+    input: {
+      fromSelector: string;
+      toSelector: string;
+      steps: number;
+      timeoutMs?: number;
+    },
+  ): Promise<AdapterActionResult>;
+  swipe(
+    session: AdapterSessionHandle,
+    input: {
+      selector?: string;
+      startX?: number;
+      startY?: number;
+      deltaX: number;
+      deltaY: number;
+      speed: number;
+    },
+  ): Promise<AdapterActionResult>;
+  pinch(
+    session: AdapterSessionHandle,
+    input: {
+      selector?: string;
+      centerX?: number;
+      centerY?: number;
+      scaleFactor: number;
+      speed: number;
+    },
+  ): Promise<AdapterActionResult>;
+}

package/vendor/mcp/web-agent-mcp/src/adapters/cloakbrowser/auth-heuristics.ts

@@ -0,0 +1,324 @@
+import type {
+  AdapterAuthStateResult,
+  AdapterInteractiveElementSummary,
+  AdapterNetworkEntry
+} from "./adapter.js";
+
+export type AuthFrameInspection = {
+  index: number;
+  name?: string;
+  url: string;
+  title?: string;
+  text: string;
+  inputs: AdapterInteractiveElementSummary[];
+  buttons: AdapterInteractiveElementSummary[];
+};
+
+type AuthDocumentInspection = {
+  kind: "page" | "frame";
+  url: string;
+  title?: string;
+  text: string;
+  inputs: AdapterInteractiveElementSummary[];
+  buttons: AdapterInteractiveElementSummary[];
+  frame?: Pick<AuthFrameInspection, "index" | "name">;
+};
+
+type AuthStateClassification = Pick<
+  AdapterAuthStateResult,
+  "state" | "confidence" | "summary" | "evidence" | "suggestedSelectors"
+>;
+
+export function normalizeAuthText(text: string | undefined) {
+  return text?.replace(/\s+/g, " ").trim() ?? "";
+}
+
+function toLowerText(text: string | undefined) {
+  return normalizeAuthText(text).toLowerCase();
+}
+
+function getVisibleInputs(inputs: AdapterInteractiveElementSummary[]) {
+  return inputs.filter((input) => input.visible !== false);
+}
+
+function getButtonTexts(buttons: AdapterInteractiveElementSummary[]) {
+  return buttons
+    .map((button) => normalizeAuthText(button.text))
+    .filter((text): text is string => Boolean(text));
+}
+
+function isAppleAuthDocument(document: AuthDocumentInspection) {
+  return /apple\.com/i.test(document.url) || /apple/i.test(document.title ?? "");
+}
+
+function hasVerificationCodeInputs(document: AuthDocumentInspection) {
+  const visibleInputs = getVisibleInputs(document.inputs);
+  const otpInputs = visibleInputs.filter((input) => {
+    const autocomplete = input.autocomplete?.toLowerCase();
+    const type = input.type?.toLowerCase();
+    return (
+      autocomplete === "one-time-code" ||
+      type === "tel" ||
+      type === "number" ||
+      type === "otp" ||
+      type === "text"
+    );
+  });
+
+  return otpInputs.length >= 4;
+}
+
+function hasPhoneChallengeButtons(document: AuthDocumentInspection) {
+  const buttonTexts = getButtonTexts(document.buttons);
+  const maskedOptions = buttonTexts.filter((text) => /[•*x]/i.test(text) && /\b\d{2}\b/.test(text));
+  const combined = toLowerText([document.text, ...buttonTexts].join(" "));
+
+  return maskedOptions.length >= 2 && /(sms|text|telefon|phone|mesaj)/i.test(combined);
+}
+
+function isTrustPrompt(document: AuthDocumentInspection) {
+  const combined = toLowerText([document.title, document.text, ...getButtonTexts(document.buttons)].join(" "));
+  const hasTrustCopy =
+    /trust this browser|bu tarayiciya guven|bu tarayıcıya güven|trusted browser/i.test(combined);
+  const hasTrustButtons =
+    /(guvenme|güvenme|simdi degil|şimdi değil|trust|don't trust|not now)/i.test(combined);
+
+  return hasTrustCopy || (hasTrustButtons && /(guven|güven|trust)/i.test(combined));
+}
+
+function hasVisiblePasswordInput(document: AuthDocumentInspection) {
+  return getVisibleInputs(document.inputs).some((input) => input.type?.toLowerCase() === "password");
+}
+
+function hasVisibleIdentityInput(document: AuthDocumentInspection) {
+  return getVisibleInputs(document.inputs).some((input) => {
+    const type = input.type?.toLowerCase();
+    return type === "email" || type === "text" || type === "tel";
+  });
+}
+
+function scoreAuthDocument(document: AuthDocumentInspection) {
+  const text = toLowerText([document.title, document.text, ...getButtonTexts(document.buttons)].join(" "));
+  let score = 0;
+
+  if (hasVerificationCodeInputs(document)) {
+    score += 8;
+  }
+  if (hasPhoneChallengeButtons(document)) {
+    score += 7;
+  }
+  if (isTrustPrompt(document)) {
+    score += 7;
+  }
+  if (hasVisiblePasswordInput(document)) {
+    score += 6;
+  }
+  if (hasVisibleIdentityInput(document)) {
+    score += 4;
+  }
+  if (/sign in|giris yap|giriş yap|apple developer/i.test(text)) {
+    score += 2;
+  }
+
+  if (document.kind === "frame" && score > 0) {
+    score += 1;
+  }
+
+  return score;
+}
+
+function pickPrimaryDocument(documents: AuthDocumentInspection[]) {
+  if (documents.length === 0) {
+    throw new Error("Expected at least one auth document to classify");
+  }
+
+  return [...documents].sort((left, right) => scoreAuthDocument(right) - scoreAuthDocument(left))[0] ?? documents[0]!;
+}
+
+function getSuggestedSelectors(state: AuthStateClassification["state"], document: AuthDocumentInspection) {
+  const isApple = isAppleAuthDocument(document);
+  const framePrefix = isApple && document.kind === "frame"
+    ? "iframe#aid-auth-widget-iFrame >> internal:control=enter-frame >> "
+    : "";
+
+  switch (state) {
+    case "verification_code":
+      return isApple && document.kind === "frame"
+        ? [
+            `${framePrefix}input[autocomplete='one-time-code']`,
+            `${framePrefix}input[inputmode='numeric']`,
+            `${framePrefix}input[type='tel']`
+          ]
+        : ["input[autocomplete='one-time-code']", "input[inputmode='numeric']", "input[type='tel']"];
+    case "phone_selection":
+      return isApple && document.kind === "frame"
+        ? [`${framePrefix}text=/SMS|Text|Phone|Telefon/`]
+        : ["text=/SMS|Text|Phone|Telefon/"];
+    case "trust_prompt":
+      return isApple && document.kind === "frame"
+        ? [`${framePrefix}text=/Trust|Güven|Guven/`]
+        : ["text=/Trust|Güven|Guven/"];
+    case "password_prompt":
+      return isApple && document.kind === "frame"
+        ? [`${framePrefix}#password_text_field`, `${framePrefix}input[type='password']`]
+        : ["input[type='password']"];
+    case "email_prompt":
+      return isApple && document.kind === "frame"
+        ? [`${framePrefix}#account_name_text_field`, `${framePrefix}input[type='email']`, `${framePrefix}input[type='text']`]
+        : ["input[type='email']", "input[type='text']"];
+    default:
+      return [];
+  }
+}
+
+export function classifyAuthStateSnapshot(input: {
+  pageUrl: string;
+  pageTitle?: string;
+  pageText: string;
+  pageInputs: AdapterInteractiveElementSummary[];
+  pageButtons: AdapterInteractiveElementSummary[];
+  frames: AuthFrameInspection[];
+  recentNetwork: AdapterNetworkEntry[];
+}): AuthStateClassification {
+  const evidence: string[] = [];
+
+  if (
+    input.pageUrl.includes("developer.apple.com/account") ||
+    input.recentNetwork.some(
+      (entry) => entry.status === 200 && /developer\.apple\.com\/services-account\//i.test(entry.url)
+    )
+  ) {
+    evidence.push("authenticated developer account endpoints loaded");
+    return {
+      state: "authenticated",
+      confidence: "high",
+      summary: "The authenticated destination page is loaded.",
+      evidence,
+      suggestedSelectors: []
+    };
+  }
+
+  const documents: AuthDocumentInspection[] = [
+    {
+      kind: "page",
+      url: input.pageUrl,
+      title: input.pageTitle,
+      text: input.pageText,
+      inputs: input.pageInputs,
+      buttons: input.pageButtons
+    },
+    ...input.frames.map((frame) => ({
+      kind: "frame" as const,
+      url: frame.url,
+      title: frame.title,
+      text: frame.text,
+      inputs: frame.inputs,
+      buttons: frame.buttons,
+      frame: {
+        index: frame.index,
+        name: frame.name
+      }
+    }))
+  ];
+  const primary = pickPrimaryDocument(documents);
+  const primaryText = toLowerText([primary.title, primary.text, ...getButtonTexts(primary.buttons)].join(" "));
+  const networkText = input.recentNetwork.map((entry) => entry.url.toLowerCase()).join(" ");
+
+  if (primary.kind === "frame") {
+    evidence.push(`same-origin auth iframe inspected${primary.frame?.name ? ` (${primary.frame.name})` : ""}`);
+  }
+
+  if (isTrustPrompt(primary)) {
+    evidence.push("browser trust prompt detected from live DOM");
+    return {
+      state: "trust_prompt",
+      confidence: "high",
+      summary: "The flow is asking whether this browser should be trusted.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("trust_prompt", primary)
+    };
+  }
+
+  if (
+    hasPhoneChallengeButtons(primary) ||
+    /telefon numarasi secin|telefon numarası seçin|which phone|receive the code|texted to|sms|phone number/i.test(primaryText)
+  ) {
+    evidence.push("phone challenge options detected from live DOM");
+    return {
+      state: "phone_selection",
+      confidence: "high",
+      summary: "The flow is asking which phone or delivery method should receive the code.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("phone_selection", primary)
+    };
+  }
+
+  if (
+    hasVerificationCodeInputs(primary) ||
+    /verification code|dogrulama kodu|doğrulama kodu|security code|enter the code|iki faktorlu|iki faktörlü/i.test(primaryText)
+  ) {
+    evidence.push("verification code step detected from live DOM");
+    return {
+      state: "verification_code",
+      confidence: "high",
+      summary: "The flow is waiting for a one-time verification code.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("verification_code", primary)
+    };
+  }
+
+  if (hasVisiblePasswordInput(primary) || /password|parola/i.test(primaryText)) {
+    evidence.push("password prompt detected from live DOM");
+    return {
+      state: "password_prompt",
+      confidence: hasVisiblePasswordInput(primary) ? "high" : "medium",
+      summary: "The flow is asking for an account password.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("password_prompt", primary)
+    };
+  }
+
+  if (
+    hasVisibleIdentityInput(primary) ||
+    /email|e-posta|telefon|phone number|sign in|giris yap|giriş yap/i.test(primaryText)
+  ) {
+    evidence.push("identity prompt detected from live DOM");
+    return {
+      state: "email_prompt",
+      confidence: hasVisibleIdentityInput(primary) ? "high" : "medium",
+      summary: "The flow is asking for an email address or phone number.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("email_prompt", primary)
+    };
+  }
+
+  if (/verify\/phone|one-time-code|hsa2/i.test(networkText)) {
+    evidence.push("verification code hints detected from recent network only");
+    return {
+      state: "verification_code",
+      confidence: "low",
+      summary: "The flow may be waiting for a one-time verification code.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("verification_code", primary)
+    };
+  }
+
+  if (/trusteddevice|trusted\/phone|sendcode|delivery/i.test(networkText)) {
+    evidence.push("phone challenge hints detected from recent network only");
+    return {
+      state: "phone_selection",
+      confidence: "low",
+      summary: "The flow may be asking for a phone or code delivery method.",
+      evidence,
+      suggestedSelectors: getSuggestedSelectors("phone_selection", primary)
+    };
+  }
+
+  return {
+    state: "unknown",
+    confidence: "low",
+    summary: "The flow could not be classified from the current page and recent network activity.",
+    evidence,
+    suggestedSelectors: []
+  };
+}