opencode-swarm 7.74.1 → 7.74.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/index.js +598 -106
- package/dist/commands/command-dispatch.d.ts +0 -3
- package/dist/index.js +1811 -1169
- package/dist/services/config-doctor.d.ts +15 -0
- package/dist/services/external-content-scanner.d.ts +67 -0
- package/package.json +1 -1
|
@@ -102,6 +102,21 @@ export declare function applySafeAutoFixes(directory: string, result: ConfigDoct
|
|
|
102
102
|
appliedFixes: ConfigFix[];
|
|
103
103
|
updatedConfigPath: string | null;
|
|
104
104
|
};
|
|
105
|
+
/** Summary data from a previous config-doctor artifact */
|
|
106
|
+
export interface DoctorArtifactSummary {
|
|
107
|
+
/** ISO 8601 timestamp of the previous run */
|
|
108
|
+
timestamp: string;
|
|
109
|
+
/** Total number of findings in the previous run */
|
|
110
|
+
findingsCount: number;
|
|
111
|
+
/** Number of auto-fixable findings in the previous run */
|
|
112
|
+
autoFixableCount: number;
|
|
113
|
+
}
|
|
114
|
+
/**
|
|
115
|
+
* Read the last-run config-doctor artifact from .swarm/config-doctor.json.
|
|
116
|
+
* Returns a compact summary or null if the artifact does not exist or cannot be parsed.
|
|
117
|
+
* Fail-open: any I/O or parse error silently returns null.
|
|
118
|
+
*/
|
|
119
|
+
export declare function readDoctorArtifact(directory: string): DoctorArtifactSummary | null;
|
|
105
120
|
/**
|
|
106
121
|
* Write doctor result to .swarm directory for GUI consumption
|
|
107
122
|
*/
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* External content scanner — shared ingress point for arbitrary external text.
|
|
3
|
+
*
|
|
4
|
+
* Reuses the prompt-injection and unsafe-instruction patterns from
|
|
5
|
+
* external-skill-validator.ts to scan network-fetched content (gitingest,
|
|
6
|
+
* web_search, future network tools) before it enters the LLM context.
|
|
7
|
+
*
|
|
8
|
+
* Provides a single shared interface: `scanExternalContent(text, options?)`.
|
|
9
|
+
* This ensures consistent threat detection across all external sources
|
|
10
|
+
* and closes the asymmetry documented in issue #1278.
|
|
11
|
+
*
|
|
12
|
+
* Uses an `_internals` DI seam for testability — no `mock.module` leakage.
|
|
13
|
+
*/
|
|
14
|
+
import { type ValidationFinding } from './external-skill-validator';
|
|
15
|
+
/** Result from scanning external content for injection and unsafe instructions. */
|
|
16
|
+
export interface ExternalContentScanResult {
|
|
17
|
+
/** Whether threats were detected. */
|
|
18
|
+
clean: boolean;
|
|
19
|
+
/** Individual findings from the scan. */
|
|
20
|
+
findings: ValidationFinding[];
|
|
21
|
+
/** Threats found: 'none', 'warning', or 'error'. */
|
|
22
|
+
threatLevel: 'none' | 'warning' | 'error';
|
|
23
|
+
/** The original text (for comparison). */
|
|
24
|
+
originalLength: number;
|
|
25
|
+
/** The neutralized text with threat markers wrapped. */
|
|
26
|
+
neutralized: string;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Apply invisible-format-character detection to raw text.
|
|
30
|
+
*
|
|
31
|
+
* Unlike the other patterns, invisible format chars are detected by counting
|
|
32
|
+
* occurrences in the raw string (not via regex .test), because we need the
|
|
33
|
+
* match string and they are multi-codepoint.
|
|
34
|
+
*
|
|
35
|
+
* Returns an array of findings (empty if none found).
|
|
36
|
+
* Each finding includes the individual match string (not concatenated),
|
|
37
|
+
* so callers can neutralize each occurrence at its original position.
|
|
38
|
+
*/
|
|
39
|
+
declare function scanInvisibleFormatChars(text: string): ValidationFinding[];
|
|
40
|
+
/**
|
|
41
|
+
* Neutralize threat patterns in text by wrapping them with delimiters.
|
|
42
|
+
* This makes them visible to the LLM as data, not instructions.
|
|
43
|
+
*/
|
|
44
|
+
declare function neutralizeThreatPatterns(text: string, findings: ValidationFinding[]): string;
|
|
45
|
+
/**
|
|
46
|
+
* Scan arbitrary external content for prompt-injection and unsafe-instruction threats.
|
|
47
|
+
*
|
|
48
|
+
* Returns a structured result with:
|
|
49
|
+
* - `clean`: boolean indicating no error-severity findings
|
|
50
|
+
* - `findings`: all detected findings
|
|
51
|
+
* - `threatLevel`: aggregated threat assessment
|
|
52
|
+
* - `neutralized`: the text with threat patterns wrapped for safety
|
|
53
|
+
*
|
|
54
|
+
* @param text - The external content to scan (arbitrary length, typically from API)
|
|
55
|
+
* @param options - Optional: { trustLevel = 'low' }
|
|
56
|
+
* - 'low': warnings are treated as errors
|
|
57
|
+
* - 'medium'/'high': warnings stay warnings
|
|
58
|
+
*/
|
|
59
|
+
export declare function scanExternalContent(text: string, options?: {
|
|
60
|
+
trustLevel?: 'low' | 'medium' | 'high';
|
|
61
|
+
maxLength?: number;
|
|
62
|
+
}): ExternalContentScanResult;
|
|
63
|
+
export declare const _internals: {
|
|
64
|
+
scanInvisibleFormatChars: typeof scanInvisibleFormatChars;
|
|
65
|
+
neutralizeThreatPatterns: typeof neutralizeThreatPatterns;
|
|
66
|
+
};
|
|
67
|
+
export {};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "opencode-swarm",
|
|
3
|
-
"version": "7.74.
|
|
3
|
+
"version": "7.74.3",
|
|
4
4
|
"description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|