pentesting 0.40.7 → 0.43.0

package/dist/main.js

@@ -13,8 +13,8 @@ import chalk from "chalk";
 import gradient from "gradient-string";
 
 // src/platform/tui/app.tsx
-import { useState as useState4, useCallback as useCallback3, useEffect as useEffect4, useRef as useRef3 } from "react";
-import { Box as Box6, useInput, useApp } from "ink";
+import { useState as useState4, useCallback as useCallback4, useEffect as useEffect4, useRef as useRef4 } from "react";
+import { Box as Box6, useInput as useInput2, useApp } from "ink";
 
 // src/platform/tui/hooks/useAgent.ts
 import { useState as useState2, useEffect as useEffect2, useCallback as useCallback2, useRef as useRef2 } from "react";
@@ -199,6 +199,14 @@ var EXIT_CODES = {
   /** Process killed by SIGKILL */
   SIGKILL: 137
 };
+var PROCESS_ACTIONS = {
+  LIST: "list",
+  STATUS: "status",
+  INTERACT: "interact",
+  PROMOTE: "promote",
+  STOP: "stop",
+  STOP_ALL: "stop_all"
+};
 var PROCESS_ROLES = {
   LISTENER: "listener",
   ACTIVE_SHELL: "active_shell",
@@ -306,7 +314,7 @@ var ORPHAN_PROCESS_NAMES = [
 
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.40.7";
+var APP_VERSION = "0.43.0";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -565,6 +573,11 @@ var UI_COMMANDS = {
   LOGS: "logs",
   LOGS_SHORT: "l",
   CTF: "ctf",
+  AUTO: "auto",
+  GRAPH: "graph",
+  GRAPH_SHORT: "g",
+  PATHS: "paths",
+  PATHS_SHORT: "p",
   EXIT: "exit",
   QUIT: "quit",
   EXIT_SHORT: "q"
@@ -958,6 +971,18 @@ function debugLog(category, message, data) {
 }
 
 // src/shared/utils/command-validator.ts
+var SHELL_OPERATORS = {
+  AND: "&&",
+  OR: "||",
+  SEQUENCE: ";",
+  PIPE: "|",
+  BACKGROUND: "&"
+};
+var SHELL_CHARS = {
+  SINGLE_QUOTE: "'",
+  DOUBLE_QUOTE: '"',
+  BACKTICK: "`"
+};
 function validateCommand(command) {
   if (!command || typeof command !== "string") {
     return { safe: false, error: "Empty or invalid command" };
@@ -997,13 +1022,13 @@ function splitChainedCommands(command) {
   let i = 0;
   while (i < command.length) {
     const ch = command[i];
-    if (ch === "'" && !inDouble) {
+    if (ch === SHELL_CHARS.SINGLE_QUOTE && !inDouble) {
       inSingle = !inSingle;
       current += ch;
       i++;
       continue;
     }
-    if (ch === '"' && !inSingle) {
+    if (ch === SHELL_CHARS.DOUBLE_QUOTE && !inSingle) {
       inDouble = !inDouble;
       current += ch;
       i++;
@@ -1016,7 +1041,7 @@ function splitChainedCommands(command) {
         i += 2;
         continue;
       }
-      if (ch === ";") {
+      if (ch === SHELL_OPERATORS.SEQUENCE) {
         if (current.trim()) parts.push(current.trim());
         current = "";
         i++;
@@ -1342,6 +1367,12 @@ var globalInputHandler = null;
 function setInputHandler(handler) {
   globalInputHandler = handler;
 }
+function clearInputHandler() {
+  globalInputHandler = null;
+}
+function clearCommandEventEmitter() {
+  globalEventEmitter = null;
+}
 async function runCommand(command, args = [], options = {}) {
   const fullCommand = args.length > 0 ? `${command} ${args.join(" ")}` : command;
   const validation = validateCommand(fullCommand);
@@ -1935,7 +1966,10 @@ async function cleanupAllProcesses() {
   if (cleanupDone) return;
   cleanupDone = true;
   const ids = Array.from(backgroundProcesses.keys());
-  if (ids.length === 0) return;
+  if (ids.length === 0) {
+    cleanupDone = false;
+    return;
+  }
   for (const [_id, proc] of backgroundProcesses) {
     if (!proc.hasExited) {
       proc.childPids = discoverAllDescendants(proc.pid);
@@ -1997,6 +2031,7 @@ async function cleanupAllProcesses() {
     } catch {
     }
   }
+  cleanupDone = false;
 }
 function getResourceSummary() {
   const procs = listBackgroundProcesses();
@@ -2175,11 +2210,54 @@ var GRAPH_LIMITS = {
   /** Maximum chains to show in prompt */
   PROMPT_CHAINS: 5,
   /** Maximum unexploited vulns to show in prompt */
-  PROMPT_VULNS: 5
+  PROMPT_VULNS: 5,
+  /** Maximum failed paths to show in prompt */
+  PROMPT_FAILED: 5,
+  /** Maximum DFS depth for chain discovery */
+  MAX_CHAIN_DEPTH: 6,
+  /** Maximum nodes to display in ASCII graph */
+  ASCII_MAX_NODES: 30
+};
+var NODE_TYPE = {
+  HOST: "host",
+  SERVICE: "service",
+  CREDENTIAL: "credential",
+  VULNERABILITY: "vulnerability",
+  ACCESS: "access",
+  LOOT: "loot",
+  OSINT: "osint"
+};
+var NODE_STATUS = {
+  DISCOVERED: "discovered",
+  ATTEMPTED: "attempted",
+  SUCCEEDED: "succeeded",
+  FAILED: "failed"
+};
+var EDGE_STATUS = {
+  UNTESTED: "untested",
+  TESTING: "testing",
+  SUCCEEDED: "succeeded",
+  FAILED: "failed"
+};
+var SEVERITY = {
+  CRITICAL: "critical",
+  HIGH: "high",
+  MEDIUM: "medium",
+  LOW: "low",
+  INFO: "info"
 };
+var IMPACT_WEIGHT = { critical: 4, high: 3, medium: 2, low: 1 };
 var AttackGraph = class {
   nodes = /* @__PURE__ */ new Map();
   edges = [];
+  failedPaths = [];
+  // ─── Core Graph Operations ──────────────────────────────────
+  /** Reset the graph to an empty state. */
+  reset() {
+    this.nodes.clear();
+    this.edges = [];
+    this.failedPaths = [];
+  }
   /**
    * Add a node to the attack graph.
    */
@@ -2191,7 +2269,7 @@ var AttackGraph = class {
         type,
         label,
         data,
-        exploited: false,
+        status: NODE_STATUS.DISCOVERED,
         discoveredAt: Date.now()
       });
     }
@@ -2203,34 +2281,106 @@ var AttackGraph = class {
   addEdge(fromId, toId, relation, confidence = 0.5) {
     const exists = this.edges.some((e) => e.from === fromId && e.to === toId && e.relation === relation);
     if (!exists) {
-      this.edges.push({ from: fromId, to: toId, relation, confidence });
+      this.edges.push({ from: fromId, to: toId, relation, confidence, status: EDGE_STATUS.UNTESTED });
     }
   }
   /**
-   * Mark a node as exploited.
+   * Get node by ID.
    */
-  markExploited(nodeId) {
+  getNode(nodeId) {
+    return this.nodes.get(nodeId);
+  }
+  // ─── Status Management ──────────────────────────────────────
+  /**
+   * Mark a node as being attempted (in-progress attack).
+   */
+  markAttempted(nodeId) {
     const node = this.nodes.get(nodeId);
-    if (node) node.exploited = true;
+    if (node && node.status === NODE_STATUS.DISCOVERED) {
+      node.status = NODE_STATUS.ATTEMPTED;
+      node.attemptedAt = Date.now();
+    }
   }
   /**
-   * Get node by ID.
+   * Mark a node as successfully exploited/achieved.
    */
-  getNode(nodeId) {
-    return this.nodes.get(nodeId);
+  markSucceeded(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (node) {
+      node.status = NODE_STATUS.SUCCEEDED;
+      node.resolvedAt = Date.now();
+    }
+    for (const edge of this.edges) {
+      if (edge.to === nodeId && edge.status === EDGE_STATUS.TESTING) {
+        edge.status = EDGE_STATUS.SUCCEEDED;
+      }
+    }
+  }
+  /**
+   * Mark a node as failed (attack didn't work).
+   */
+  markFailed(nodeId, reason) {
+    const node = this.nodes.get(nodeId);
+    if (node) {
+      node.status = NODE_STATUS.FAILED;
+      node.resolvedAt = Date.now();
+      node.failReason = reason;
+      this.failedPaths.push(`${node.label}${reason ? ` (${reason})` : ""}`);
+    }
+    for (const edge of this.edges) {
+      if (edge.to === nodeId && (edge.status === EDGE_STATUS.TESTING || edge.status === EDGE_STATUS.UNTESTED)) {
+        edge.status = EDGE_STATUS.FAILED;
+        edge.failReason = reason;
+      }
+    }
+  }
+  /**
+   * Mark an edge as being tested.
+   */
+  markEdgeTesting(fromId, toId) {
+    for (const edge of this.edges) {
+      if (edge.from === fromId && edge.to === toId) {
+        edge.status = EDGE_STATUS.TESTING;
+      }
+    }
+  }
+  /**
+   * Mark an edge as failed.
+   */
+  markEdgeFailed(fromId, toId, reason) {
+    for (const edge of this.edges) {
+      if (edge.from === fromId && edge.to === toId) {
+        edge.status = EDGE_STATUS.FAILED;
+        edge.failReason = reason;
+      }
+    }
+    this.failedPaths.push(`${fromId} \u2192 ${toId}${reason ? ` (${reason})` : ""}`);
+  }
+  // Backward-compatible alias
+  markExploited(nodeId) {
+    this.markSucceeded(nodeId);
+  }
+  // ─── Domain-Specific Registration ───────────────────────────
+  /**
+   * Record a host discovery.
+   */
+  addHost(ip, hostname) {
+    return this.addNode(NODE_TYPE.HOST, ip, { ip, hostname });
   }
   /**
    * Record a service discovery and auto-create edges.
    */
   addService(host, port, service, version) {
-    const serviceId = this.addNode("service", `${host}:${port}`, {
+    const hostId = this.addHost(host);
+    const serviceId = this.addNode(NODE_TYPE.SERVICE, `${host}:${port}`, {
       host,
       port,
       service,
       version
     });
+    this.addEdge(hostId, serviceId, "has_service", 0.95);
     if (version) {
-      const vulnId = this.addNode("vulnerability", `CVE search: ${service} ${version}`, {
+      const vulnId = this.addNode(NODE_TYPE.VULNERABILITY, `CVE search: ${service} ${version}`, {
         service,
         version,
         status: GRAPH_STATUS.NEEDS_SEARCH
@@ -2251,7 +2401,7 @@ var AttackGraph = class {
     for (const [id, node] of this.nodes) {
       if (node.type === "service") {
         const svc = String(node.data.service || "");
-        if (["ssh", "ftp", "rdp", "smb", "http", "mysql", "postgresql", "mssql", "winrm"].some((s) => svc.includes(s))) {
+        if (["ssh", "ftp", "rdp", "smb", "http", "mysql", "postgresql", "mssql", "winrm", "vnc", "telnet"].some((s) => svc.includes(s))) {
           this.addEdge(credId, id, "can_try_on", 0.6);
         }
       }
@@ -2290,7 +2440,7 @@ var AttackGraph = class {
       level,
       via
     });
-    this.markExploited(accessId);
+    this.markSucceeded(accessId);
     if (["root", "admin", "SYSTEM", "Administrator"].includes(level)) {
       const lootId = this.addNode("loot", `flags on ${host}`, {
         host,
@@ -2301,104 +2451,302 @@ var AttackGraph = class {
     return accessId;
   }
   /**
-   * Recommend attack chains based on current graph state.
-   * Returns chains sorted by probability (highest first).
+   * Record OSINT discovery (Docker image, GitHub repo, company info, etc.)
    */
-  recommendChains() {
-    const chains = [];
-    for (const edge of this.edges) {
-      if (edge.relation === "can_try_on") {
-        const cred = this.nodes.get(edge.from);
-        const service = this.nodes.get(edge.to);
-        if (cred && service && !service.exploited) {
-          chains.push({
-            steps: [cred, service],
-            description: `Credential spray: ${cred.label} \u2192 ${service.label}`,
-            probability: edge.confidence,
-            impact: "high"
-          });
+  addOSINT(category, detail, data = {}) {
+    const osintId = this.addNode("osint", `${category}: ${detail}`, {
+      category,
+      detail,
+      ...data
+    });
+    for (const [id, node] of this.nodes) {
+      if (node.type === "host" || node.type === "service") {
+        const hostIp = String(node.data.ip || node.data.host || "");
+        const hostname = String(node.data.hostname || "");
+        if (hostIp && detail.includes(hostIp) || hostname && detail.includes(hostname)) {
+          this.addEdge(osintId, id, "relates_to", 0.5);
         }
       }
     }
-    for (const edge of this.edges) {
-      if (edge.relation === "leads_to") {
-        const vuln = this.nodes.get(edge.from);
-        const access = this.nodes.get(edge.to);
-        if (vuln && access && !vuln.exploited) {
-          chains.push({
-            steps: [vuln, access],
-            description: `Exploit: ${vuln.label} \u2192 ${access.label}`,
-            probability: edge.confidence,
-            impact: "critical"
-          });
-        }
-      }
+    return osintId;
+  }
+  // ─── Chain Discovery (DFS) ──────────────────────────────────
+  /**
+   * Find all viable attack paths using DFS.
+   * Only follows edges that are untested or succeeded.
+   * Prioritizes by (probability × impact).
+   */
+  recommendChains() {
+    const chains = [];
+    const visited = /* @__PURE__ */ new Set();
+    const goalTypes = [NODE_TYPE.ACCESS, NODE_TYPE.LOOT];
+    const entryNodes = Array.from(this.nodes.values()).filter(
+      (n) => n.type === NODE_TYPE.HOST || n.type === NODE_TYPE.SERVICE || n.type === NODE_TYPE.CREDENTIAL || n.type === NODE_TYPE.OSINT
+    );
+    for (const entry of entryNodes) {
+      visited.clear();
+      this.dfsChains(entry.id, [], [], visited, chains, goalTypes);
     }
-    for (const edge of this.edges) {
-      if (edge.relation === "can_access") {
-        const access = this.nodes.get(edge.from);
-        const loot = this.nodes.get(edge.to);
-        if (access && loot && access.exploited && !loot.exploited) {
-          chains.push({
-            steps: [access, loot],
-            description: `Collect: ${access.label} \u2192 ${loot.label}`,
-            probability: edge.confidence,
-            impact: "high"
-          });
-        }
-      }
+    const seen = /* @__PURE__ */ new Set();
+    const unique = chains.filter((c) => {
+      if (seen.has(c.description)) return false;
+      seen.add(c.description);
+      return true;
+    });
+    unique.sort(
+      (a, b) => b.probability * (IMPACT_WEIGHT[b.impact] || 1) - a.probability * (IMPACT_WEIGHT[a.impact] || 1)
+    );
+    return unique.slice(0, GRAPH_LIMITS.MAX_CHAINS);
+  }
+  dfsChains(nodeId, path2, pathEdges, visited, results, goalTypes) {
+    if (visited.has(nodeId)) return;
+    if (path2.length >= GRAPH_LIMITS.MAX_CHAIN_DEPTH) return;
+    const node = this.nodes.get(nodeId);
+    if (!node) return;
+    if (node.status === NODE_STATUS.FAILED) return;
+    visited.add(nodeId);
+    path2.push(node);
+    if (goalTypes.includes(node.type) && node.status !== NODE_STATUS.SUCCEEDED && path2.length > 1) {
+      const prob = pathEdges.reduce((acc, e) => acc * e.confidence, 1);
+      const impact = this.estimateImpact(node);
+      results.push({
+        steps: [...path2],
+        edges: [...pathEdges],
+        description: path2.map((n) => n.label).join(" \u2192 "),
+        probability: prob,
+        impact,
+        length: path2.length
+      });
     }
-    const impactWeight = { critical: 4, high: 3, medium: 2, low: 1 };
-    chains.sort(
-      (a, b) => b.probability * (impactWeight[b.impact] || 1) - a.probability * (impactWeight[a.impact] || 1)
+    const outEdges = this.edges.filter(
+      (e) => e.from === nodeId && e.status !== EDGE_STATUS.FAILED
     );
-    return chains.slice(0, GRAPH_LIMITS.MAX_CHAINS);
+    for (const edge of outEdges) {
+      this.dfsChains(edge.to, path2, [...pathEdges, edge], visited, results, goalTypes);
+    }
+    path2.pop();
+    visited.delete(nodeId);
+  }
+  estimateImpact(node) {
+    if (node.type === NODE_TYPE.LOOT) return SEVERITY.CRITICAL;
+    if (node.type === NODE_TYPE.ACCESS) {
+      const level = String(node.data.level || "");
+      if (["root", "SYSTEM", "Administrator", "admin"].includes(level)) return SEVERITY.CRITICAL;
+      return SEVERITY.HIGH;
+    }
+    if (node.type === NODE_TYPE.VULNERABILITY) {
+      const sev = String(node.data.severity || "");
+      if (sev === SEVERITY.CRITICAL) return SEVERITY.CRITICAL;
+      if (sev === SEVERITY.HIGH) return SEVERITY.HIGH;
+      if (sev === SEVERITY.MEDIUM) return SEVERITY.MEDIUM;
+    }
+    return SEVERITY.LOW;
   }
+  // ─── Prompt Generation ──────────────────────────────────────
   /**
    * Format attack graph status for prompt injection.
+   * Provides LLM with:
+   * - Available paths (sorted by probability)
+   * - Failed paths (DO NOT retry)
+   * - Unexploited vulnerabilities
    */
   toPrompt() {
     if (this.nodes.size === 0) return "";
     const lines = ["<attack-graph>"];
     const nodesByType = {};
+    const nodesByStatus = {};
     for (const node of this.nodes.values()) {
       nodesByType[node.type] = (nodesByType[node.type] || 0) + 1;
+      nodesByStatus[node.status] = (nodesByStatus[node.status] || 0) + 1;
     }
     lines.push(`Nodes: ${Object.entries(nodesByType).map(([t, c]) => `${c} ${t}s`).join(", ")}`);
-    lines.push(`Edges: ${this.edges.length} relationships`);
+    lines.push(`Status: ${Object.entries(nodesByStatus).map(([s, c]) => `${c} ${s}`).join(", ")}`);
+    lines.push(`Edges: ${this.edges.length} (${this.edges.filter((e) => e.status === EDGE_STATUS.FAILED).length} failed)`);
     const chains = this.recommendChains();
     if (chains.length > 0) {
       lines.push("");
-      lines.push("RECOMMENDED NEXT ACTIONS:");
+      lines.push("RECOMMENDED ATTACK PATHS (try these):");
       for (let i = 0; i < Math.min(GRAPH_LIMITS.PROMPT_CHAINS, chains.length); i++) {
         const c = chains[i];
         const prob = (c.probability * 100).toFixed(0);
-        lines.push(`  ${i + 1}. [${c.impact.toUpperCase()} | ${prob}%] ${c.description}`);
+        lines.push(`  PATH ${i + 1} [${c.impact.toUpperCase()} | ${prob}%]: ${c.description}`);
+      }
+    }
+    if (this.failedPaths.length > 0) {
+      lines.push("");
+      lines.push("FAILED PATHS (DO NOT RETRY):");
+      for (const fp of this.failedPaths.slice(-GRAPH_LIMITS.PROMPT_FAILED)) {
+        lines.push(`  \u2717 ${fp}`);
       }
     }
-    const unexploitedVulns = Array.from(this.nodes.values()).filter((n) => n.type === "vulnerability" && !n.exploited);
+    const unexploitedVulns = Array.from(this.nodes.values()).filter((n) => n.type === NODE_TYPE.VULNERABILITY && n.status !== NODE_STATUS.SUCCEEDED && n.status !== NODE_STATUS.FAILED);
     if (unexploitedVulns.length > 0) {
       lines.push("");
       lines.push(`UNEXPLOITED VULNERABILITIES (${unexploitedVulns.length}):`);
       for (const v of unexploitedVulns.slice(0, GRAPH_LIMITS.PROMPT_VULNS)) {
-        lines.push(`  - ${v.label} (${v.data.severity || "unknown"})`);
+        const sev = v.data.severity || "unknown";
+        const status = v.status === NODE_STATUS.ATTEMPTED ? " \u23F3 testing" : "";
+        lines.push(`  - ${v.label} (${sev})${status}`);
+      }
+    }
+    const accessNodes = Array.from(this.nodes.values()).filter((n) => n.type === NODE_TYPE.ACCESS && n.status === NODE_STATUS.SUCCEEDED);
+    if (accessNodes.length > 0) {
+      lines.push("");
+      lines.push("ACHIEVED ACCESS:");
+      for (const a of accessNodes) {
+        lines.push(`  \u2713 ${a.label}`);
+      }
+    }
+    const credNodes = Array.from(this.nodes.values()).filter((n) => n.type === NODE_TYPE.CREDENTIAL);
+    if (credNodes.length > 0) {
+      lines.push("");
+      lines.push(`CREDENTIALS (${credNodes.length} \u2014 try on all services):`);
+      for (const c of credNodes) {
+        const source = c.data.source || "unknown";
+        const sprayEdges = this.edges.filter((e) => e.from === c.id && e.relation === "can_try_on");
+        const testedCount = sprayEdges.filter((e) => e.status !== EDGE_STATUS.UNTESTED).length;
+        lines.push(`  \u{1F511} ${c.label} (from: ${source}) [sprayed: ${testedCount}/${sprayEdges.length}]`);
       }
     }
     lines.push("</attack-graph>");
     return lines.join("\n");
   }
+  // ─── TUI Visualization ──────────────────────────────────────
+  /**
+   * Generate ASCII visualization for TUI /graph command.
+   */
+  toASCII() {
+    if (this.nodes.size === 0) return "(Empty attack graph \u2014 no discoveries yet)";
+    const lines = [];
+    lines.push("\u250C\u2500\u2500\u2500 Attack Graph \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
+    const groups = {};
+    for (const node of this.nodes.values()) {
+      if (!groups[node.type]) groups[node.type] = [];
+      groups[node.type].push(node);
+    }
+    const typeIcons = {
+      [NODE_TYPE.HOST]: "\u{1F5A5}",
+      [NODE_TYPE.SERVICE]: "\u2699",
+      [NODE_TYPE.VULNERABILITY]: "\u26A0",
+      [NODE_TYPE.CREDENTIAL]: "\u{1F511}",
+      [NODE_TYPE.ACCESS]: "\u{1F513}",
+      [NODE_TYPE.LOOT]: "\u{1F3F4}",
+      [NODE_TYPE.OSINT]: "\u{1F50D}"
+    };
+    const statusIcons = {
+      [NODE_STATUS.DISCOVERED]: "\u25CB",
+      [NODE_STATUS.ATTEMPTED]: "\u25D0",
+      [NODE_STATUS.SUCCEEDED]: "\u25CF",
+      [NODE_STATUS.FAILED]: "\u2717"
+    };
+    let nodeCount = 0;
+    for (const [type, nodes] of Object.entries(groups)) {
+      if (nodeCount >= GRAPH_LIMITS.ASCII_MAX_NODES) {
+        lines.push(`\u2502  ... and ${this.nodes.size - nodeCount} more nodes`);
+        break;
+      }
+      const icon = typeIcons[type] || "\xB7";
+      lines.push(`\u2502`);
+      lines.push(`\u2502 ${icon} ${type.toUpperCase()} (${nodes.length})`);
+      for (const node of nodes) {
+        if (nodeCount >= GRAPH_LIMITS.ASCII_MAX_NODES) break;
+        const sIcon = statusIcons[node.status] || "?";
+        const fail = node.status === NODE_STATUS.FAILED && node.failReason ? ` \u2014 ${node.failReason}` : "";
+        const outEdges = this.edges.filter((e) => e.from === node.id);
+        const edgeStr = outEdges.length > 0 ? ` \u2192 ${outEdges.map((e) => {
+          const target = this.nodes.get(e.to);
+          const eName = target ? target.label : e.to;
+          const eStatus = e.status === EDGE_STATUS.FAILED ? " \u2717" : e.status === EDGE_STATUS.SUCCEEDED ? " \u2713" : "";
+          return `${eName}${eStatus}`;
+        }).join(", ")}` : "";
+        lines.push(`\u2502   ${sIcon} ${node.label}${fail}${edgeStr}`);
+        nodeCount++;
+      }
+    }
+    const stats = this.getStats();
+    lines.push(`\u2502`);
+    lines.push(`\u251C\u2500\u2500\u2500 Summary \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524`);
+    lines.push(`\u2502 Nodes: ${stats.nodes} | Edges: ${stats.edges} | Succeeded: ${stats.succeeded} | Failed: ${stats.failed} | Chains: ${stats.chains}`);
+    lines.push(`\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518`);
+    return lines.join("\n");
+  }
+  /**
+   * Generate path listing for TUI /paths command.
+   */
+  toPathsList() {
+    const chains = this.recommendChains();
+    if (chains.length === 0) {
+      if (this.nodes.size === 0) return "No attack graph data yet. Start reconnaissance first.";
+      return "No viable attack paths found. All paths may be exhausted or failed.";
+    }
+    const lines = [];
+    lines.push(`\u2500\u2500\u2500 ${chains.length} Attack Paths (sorted by priority) \u2500\u2500\u2500`);
+    lines.push("");
+    for (let i = 0; i < chains.length; i++) {
+      const c = chains[i];
+      const prob = (c.probability * 100).toFixed(0);
+      const impactColors = {
+        [SEVERITY.CRITICAL]: "\u{1F534}",
+        [SEVERITY.HIGH]: "\u{1F7E0}",
+        [SEVERITY.MEDIUM]: "\u{1F7E1}",
+        [SEVERITY.LOW]: "\u{1F7E2}"
+      };
+      const impactIcon = impactColors[c.impact] || "\u26AA";
+      lines.push(`${impactIcon} PATH ${i + 1} [${c.impact.toUpperCase()} | prob: ${prob}% | steps: ${c.length}]`);
+      lines.push(`   ${c.description}`);
+      for (const edge of c.edges) {
+        const statusTag = edge.status === EDGE_STATUS.UNTESTED ? "  ?" : edge.status === EDGE_STATUS.TESTING ? "  \u23F3" : edge.status === EDGE_STATUS.SUCCEEDED ? "  \u2713" : "  \u2717";
+        lines.push(`   ${statusTag} ${edge.from.split(":").pop()} \u2014[${edge.relation}]\u2192 ${edge.to.split(":").pop()}`);
+      }
+      lines.push("");
+    }
+    if (this.failedPaths.length > 0) {
+      lines.push(`\u2500\u2500\u2500 Failed Paths (${this.failedPaths.length}) \u2500\u2500\u2500`);
+      for (const fp of this.failedPaths) {
+        lines.push(`   \u2717 ${fp}`);
+      }
+    }
+    return lines.join("\n");
+  }
+  // ─── Stats ──────────────────────────────────────────────────
   /**
    * Get graph stats for metrics display.
    */
   getStats() {
-    const exploited = Array.from(this.nodes.values()).filter((n) => n.exploited).length;
+    const succeeded = Array.from(this.nodes.values()).filter((n) => n.status === NODE_STATUS.SUCCEEDED).length;
+    const failed = Array.from(this.nodes.values()).filter((n) => n.status === NODE_STATUS.FAILED).length;
     return {
       nodes: this.nodes.size,
       edges: this.edges.length,
-      exploited,
+      succeeded,
+      failed,
       chains: this.recommendChains().length
     };
   }
+  /**
+   * Get all nodes (for serialization or external access).
+   */
+  getAllNodes() {
+    return Array.from(this.nodes.values());
+  }
+  /**
+   * Get all edges (for serialization or external access).
+   */
+  getAllEdges() {
+    return [...this.edges];
+  }
+  /**
+   * Get failed paths list.
+   */
+  getFailedPaths() {
+    return [...this.failedPaths];
+  }
+  /**
+   * Check if the graph has any data.
+   */
+  isEmpty() {
+    return this.nodes.size === 0;
+  }
 };
 
 // src/shared/utils/agent-memory.ts
@@ -2494,6 +2842,10 @@ var WorkingMemory = class {
   getEntries() {
     return [...this.entries];
   }
+  /** Clear all working memory entries. */
+  clear() {
+    this.entries = [];
+  }
 };
 var EpisodicMemory = class {
   events = [];
@@ -2549,6 +2901,10 @@ var EpisodicMemory = class {
     lines.push("</session-timeline>");
     return lines.join("\n");
   }
+  /** Clear all episodic events. */
+  clear() {
+    this.events = [];
+  }
 };
 var MEMORY_DIR = "/tmp/pentesting-memory";
 var MEMORY_FILE = join3(MEMORY_DIR, "persistent-knowledge.json");
@@ -2733,6 +3089,10 @@ var DynamicTechniqueLibrary = class {
   getAll() {
     return [...this.techniques];
   }
+  /** Clear all learned techniques. */
+  clear() {
+    this.techniques = [];
+  }
   /**
    * Format for prompt injection.
    */
@@ -2841,6 +3201,32 @@ var SharedState = class {
       challengeAnalysis: null
     };
   }
+  /**
+   * Reset all state to initial defaults.
+   * Used by /clear command to start a fresh session without recreating the agent.
+   */
+  reset() {
+    this.data = {
+      engagement: null,
+      targets: /* @__PURE__ */ new Map(),
+      findings: [],
+      loot: [],
+      todo: [],
+      actionLog: [],
+      currentPhase: PHASES.RECON,
+      missionSummary: "",
+      missionChecklist: [],
+      ctfMode: true,
+      flags: [],
+      startedAt: Date.now(),
+      deadlineAt: 0,
+      challengeAnalysis: null
+    };
+    this.attackGraph.reset();
+    this.workingMemory.clear();
+    this.episodicMemory.clear();
+    this.dynamicTechniques.clear();
+  }
   // --- Mission & Persistent Context ---
   setMissionSummary(summary) {
     this.data.missionSummary = summary;
@@ -3351,6 +3737,11 @@ var NOISE_CLASSIFICATION = {
 };
 
 // src/shared/utils/binary-analysis.ts
+var RELRO_STATUS = {
+  NO: "no",
+  PARTIAL: "partial",
+  FULL: "full"
+};
 function parseChecksec(output) {
   const info = {};
   if (/x86-64|amd64/i.test(output)) {
@@ -3404,10 +3795,10 @@ function suggestExploitTechniques(info) {
   if (info.pie === true && info.canary === false) {
     suggestions.push("PIE enabled \u2192 Need info leak first (partial overwrite, format string)");
   }
-  if (info.relro === "partial") {
+  if (info.relro === RELRO_STATUS.PARTIAL) {
     suggestions.push("Partial RELRO \u2192 GOT overwrite possible");
   }
-  if (info.relro === "full") {
+  if (info.relro === RELRO_STATUS.FULL) {
     suggestions.push("Full RELRO \u2192 GOT is read-only, try __malloc_hook/__free_hook or stack-based attacks");
   }
   if (info.canary === true) {
@@ -3442,6 +3833,11 @@ function formatBinaryAnalysis(info) {
 }
 
 // src/shared/utils/structured-output.ts
+var PORT_STATE = {
+  OPEN: "open",
+  CLOSED: "closed",
+  FILTERED: "filtered"
+};
 function extractNmapStructured(output) {
   const ports = [];
   const hosts = [];
@@ -3459,8 +3855,8 @@ function extractNmapStructured(output) {
   while ((match = hostRegex.exec(output)) !== null) {
     hosts.push(match[1]);
   }
-  const openCount = ports.filter((p) => p.state === "open").length;
-  const summary = `${hosts.length} host(s), ${openCount} open port(s): ${ports.filter((p) => p.state === "open").map((p) => `${p.port}/${p.service}`).join(", ")}`;
+  const openCount = ports.filter((p) => p.state === PORT_STATE.OPEN).length;
+  const summary = `${hosts.length} host(s), ${openCount} open port(s): ${ports.filter((p) => p.state === PORT_STATE.OPEN).map((p) => `${p.port}/${p.service}`).join(", ")}`;
   return {
     summary,
     structured: { openPorts: ports, hosts }
@@ -4032,7 +4428,7 @@ Resource Safety:
       const action = params.action;
       const processId = params.process_id;
       switch (action) {
-        case "list": {
+        case PROCESS_ACTIONS.LIST: {
           const procs = listBackgroundProcesses();
           if (procs.length === 0) {
             return { success: true, output: "No background processes running.\nNo ports in use." };
@@ -4063,7 +4459,7 @@ Ports in use: ${usedPorts.join(", ")}` : "\nNo ports in use.";
 ${lines.join("\n\n")}${portLine}${eventLines}`
           };
         }
-        case "status": {
+        case PROCESS_ACTIONS.STATUS: {
           if (!processId) return { success: false, output: "", error: "Missing required parameter: process_id" };
           const output = getProcessOutput(processId);
           if (!output) return { success: false, output: "", error: `Process ${processId} not found.` };
@@ -4103,7 +4499,7 @@ ${output.stdout.slice(-SYSTEM_LIMITS.MAX_STDOUT_SLICE) || "(empty)"}
 ${output.stderr.slice(-SYSTEM_LIMITS.MAX_STDERR_SLICE) || "(empty)"}` + connectionHint + interactHint
           };
         }
-        case "interact": {
+        case PROCESS_ACTIONS.INTERACT: {
           if (!processId) return { success: false, output: "", error: "Missing process_id for interact" };
           const cmd = params.command;
           if (!cmd) return { success: false, output: "", error: "Missing command for interact. Provide the command to execute on the target." };
@@ -4121,7 +4517,7 @@ ${result2.newOutput}
 ${result2.output}`
           };
         }
-        case "promote": {
+        case PROCESS_ACTIONS.PROMOTE: {
           if (!processId) return { success: false, output: "", error: "Missing process_id for promote" };
           const desc = params.description;
           const success = promoteToShell(processId, desc);
@@ -4142,11 +4538,11 @@ Next steps:
   5. Begin post-exploitation enumeration: whoami, sudo -l, etc.`
           };
         }
-        case "stop": {
+        case PROCESS_ACTIONS.STOP: {
           if (!processId) return { success: false, output: "", error: "Missing process_id" };
           return stopBackgroundProcess(processId);
         }
-        case "stop_all": {
+        case PROCESS_ACTIONS.STOP_ALL: {
           const procs = listBackgroundProcesses();
           if (procs.length === 0) return { success: true, output: "No background processes to stop." };
           const activeShells = procs.filter((p) => p.role === PROCESS_ROLES.ACTIVE_SHELL && p.isRunning);
@@ -5217,6 +5613,11 @@ async function searchWithPlaywright(query) {
 }
 
 // src/engine/tools-mid.ts
+var PORT_STATE2 = {
+  OPEN: "open",
+  CLOSED: "closed",
+  FILTERED: "filtered"
+};
 function getErrorMessage2(error) {
   return error instanceof Error ? error.message : String(error);
 }
@@ -5249,7 +5650,7 @@ async function parseNmap(xmlPath) {
         const serviceMatch = portMatch[0].match(/<service[^>]*name="([^"]*)"(?:[^>]*version="([^"]*)")?/);
         const service = serviceMatch ? serviceMatch[1] : void 0;
         const version = serviceMatch && serviceMatch[2] ? serviceMatch[2] : void 0;
-        if (state === "open") {
+        if (state === PORT_STATE2.OPEN) {
           ports.push({ port, protocol, state, service, version });
           results.summary.openPorts++;
           if (service) results.summary.servicesFound++;
@@ -5819,6 +6220,54 @@ For CVEs not in this list, use web_search to find them.`
 ];
 
 // src/shared/utils/payload-mutator.ts
+var TRANSFORM_TYPE = {
+  URL: "url",
+  DOUBLE_URL: "double_url",
+  TRIPLE_URL: "triple_url",
+  UNICODE: "unicode",
+  HTML_ENTITY_DEC: "html_entity_dec",
+  HTML_ENTITY_HEX: "html_entity_hex",
+  HEX: "hex",
+  OCTAL: "octal",
+  BASE64: "base64",
+  CASE_SWAP: "case_swap",
+  COMMENT_INSERT: "comment_insert",
+  WHITESPACE_ALT: "whitespace_alt",
+  CHAR_FUNCTION: "char_function",
+  CONCAT_SPLIT: "concat_split",
+  NULL_BYTE: "null_byte",
+  REVERSE: "reverse",
+  UTF8_OVERLONG: "utf8_overlong",
+  MIXED_ENCODING: "mixed_encoding",
+  TAG_ALTERNATIVE: "tag_alternative",
+  EVENT_HANDLER: "event_handler",
+  KEYWORD_BYPASS: "keyword_bypass",
+  SPACE_BYPASS: "space_bypass",
+  NO_QUOTES: "no_quotes",
+  JS_ALTERNATIVE: "js_alternative"
+};
+var PAYLOAD_CONTEXT = {
+  URL_PATH: "url_path",
+  URL_PARAM: "url_param",
+  POST_BODY: "post_body",
+  JSON_BODY: "json_body",
+  XML_BODY: "xml_body",
+  HTML_BODY: "html_body",
+  HTML_ATTR: "html_attr",
+  JS_STRING: "js_string",
+  SQL_STRING: "sql_string",
+  SQL_NUMERIC: "sql_numeric",
+  SHELL_CMD: "shell_cmd",
+  HTTP_HEADER: "http_header",
+  COOKIE: "cookie",
+  GENERIC: "generic"
+};
+var DATABASE_TYPE = {
+  MYSQL: "mysql",
+  MSSQL: "mssql",
+  POSTGRESQL: "pg",
+  ORACLE: "oracle"
+};
 function urlEncode(s) {
   return [...s].map((c) => {
     const code = c.charCodeAt(0);
@@ -5879,12 +6328,12 @@ function whitespaceAlt(s) {
   const alt = alts[Math.floor(Math.random() * alts.length)];
   return s.replace(/ /g, alt);
 }
-function charFunction(s, dbType = "mysql") {
+function charFunction(s, dbType = DATABASE_TYPE.MYSQL) {
   const chars = [...s].map((c) => c.charCodeAt(0));
-  if (dbType === "mysql") {
+  if (dbType === DATABASE_TYPE.MYSQL) {
     return `CHAR(${chars.join(",")})`;
   }
-  if (dbType === "mssql") {
+  if (dbType === DATABASE_TYPE.MSSQL) {
     return chars.map((c) => `CHAR(${c})`).join("+");
   }
   return chars.map((c) => `CHR(${c})`).join("||");
@@ -5969,78 +6418,78 @@ function mutatePayload(request) {
   const activeTransforms = transforms || getDefaultTransforms(context);
   for (const transform of activeTransforms) {
     switch (transform) {
-      case "url":
+      case TRANSFORM_TYPE.URL:
         variants.push({ payload: urlEncode(payload), transform: "url", description: "URL encoded (special chars only)" });
         variants.push({ payload: urlEncodeAll(payload), transform: "url_full", description: "URL encoded (all chars)" });
         break;
-      case "double_url":
+      case TRANSFORM_TYPE.DOUBLE_URL:
         variants.push({ payload: doubleUrlEncode(payload), transform: "double_url", description: "Double URL encoded" });
         break;
-      case "triple_url":
+      case TRANSFORM_TYPE.TRIPLE_URL:
         variants.push({ payload: tripleUrlEncode(payload), transform: "triple_url", description: "Triple URL encoded" });
         break;
-      case "unicode":
+      case TRANSFORM_TYPE.UNICODE:
         variants.push({ payload: unicodeEncode(payload), transform: "unicode", description: "Unicode escape sequences" });
         break;
-      case "html_entity_dec":
+      case TRANSFORM_TYPE.HTML_ENTITY_DEC:
         variants.push({ payload: htmlEntityDec(payload), transform: "html_entity_dec", description: "HTML decimal entities" });
         break;
-      case "html_entity_hex":
+      case TRANSFORM_TYPE.HTML_ENTITY_HEX:
         variants.push({ payload: htmlEntityHex(payload), transform: "html_entity_hex", description: "HTML hex entities" });
         break;
-      case "hex":
+      case TRANSFORM_TYPE.HEX:
         variants.push({ payload: hexEncode(payload), transform: "hex", description: "Hex encoded" });
         break;
-      case "octal":
+      case TRANSFORM_TYPE.OCTAL:
         variants.push({ payload: octalEncode(payload), transform: "octal", description: "Octal encoded" });
         break;
-      case "base64":
+      case TRANSFORM_TYPE.BASE64:
         variants.push({ payload: base64Encode(payload), transform: "base64", description: "Base64 encoded" });
         break;
-      case "case_swap":
+      case TRANSFORM_TYPE.CASE_SWAP:
         for (let i = 0; i < 3; i++) {
           variants.push({ payload: caseSwap(payload), transform: "case_swap", description: `Case variation ${i + 1}` });
         }
         break;
-      case "comment_insert":
+      case TRANSFORM_TYPE.COMMENT_INSERT:
         variants.push({ payload: commentInsert(payload), transform: "comment_insert", description: "SQL comments in keywords" });
         break;
-      case "whitespace_alt":
+      case TRANSFORM_TYPE.WHITESPACE_ALT:
         variants.push({ payload: whitespaceAlt(payload), transform: "whitespace_alt", description: "Alternative whitespace chars" });
         variants.push({ payload: payload.replace(/ /g, "/**/"), transform: "whitespace_comment", description: "Comment as whitespace" });
         variants.push({ payload: payload.replace(/ /g, "+"), transform: "whitespace_plus", description: "Plus as whitespace" });
         break;
-      case "char_function":
+      case TRANSFORM_TYPE.CHAR_FUNCTION:
         variants.push({ payload: charFunction(payload, "mysql"), transform: "char_mysql", description: "MySQL CHAR() encoding" });
         variants.push({ payload: charFunction(payload, "mssql"), transform: "char_mssql", description: "MSSQL CHAR() encoding" });
         variants.push({ payload: charFunction(payload, "pg"), transform: "char_pg", description: "PostgreSQL CHR() encoding" });
         break;
-      case "concat_split":
+      case TRANSFORM_TYPE.CONCAT_SPLIT:
         variants.push({ payload: concatSplit(payload), transform: "concat_split", description: "String split via CONCAT" });
         break;
-      case "null_byte":
+      case TRANSFORM_TYPE.NULL_BYTE:
         variants.push({ payload: nullByteAppend(payload), transform: "null_byte", description: "Null byte appended" });
         variants.push({ payload: payload + "%00.jpg", transform: "null_byte_ext", description: "Null byte + fake extension" });
         break;
-      case "reverse":
+      case TRANSFORM_TYPE.REVERSE:
         variants.push({ payload: reversePayload(payload), transform: "reverse", description: "Reversed (use with rev | sh)" });
         break;
-      case "utf8_overlong":
+      case TRANSFORM_TYPE.UTF8_OVERLONG:
         variants.push({ payload: utf8Overlong(payload), transform: "utf8_overlong", description: "UTF-8 overlong sequences" });
         break;
-      case "mixed_encoding":
+      case TRANSFORM_TYPE.MIXED_ENCODING:
         variants.push({ payload: mixedEncoding(payload), transform: "mixed_encoding", description: "Mixed encoding (partial)" });
         break;
-      case "tag_alternative":
-      case "event_handler":
-      case "js_alternative":
+      case TRANSFORM_TYPE.TAG_ALTERNATIVE:
+      case TRANSFORM_TYPE.EVENT_HANDLER:
+      case TRANSFORM_TYPE.JS_ALTERNATIVE:
         variants.push(...generateXssAlternatives(payload));
         break;
-      case "keyword_bypass":
+      case TRANSFORM_TYPE.KEYWORD_BYPASS:
         variants.push({ payload: keywordBypass(payload), transform: "keyword_bypass", description: "Quote-inserted keyword bypass" });
         variants.push({ payload: spaceBypass(payload), transform: "space_bypass", description: "$IFS space bypass" });
         break;
-      case "space_bypass":
+      case TRANSFORM_TYPE.SPACE_BYPASS:
         variants.push({ payload: payload.replace(/ /g, "${IFS}"), transform: "ifs", description: "$IFS space bypass" });
         variants.push({ payload: payload.replace(/ /g, "%09"), transform: "tab", description: "Tab space bypass" });
         variants.push({ payload: payload.replace(/ /g, "<"), transform: "redirect", description: "Redirect as separator" });
@@ -6062,52 +6511,52 @@ function mutatePayload(request) {
 }
 function getDefaultTransforms(context) {
   switch (context) {
-    case "url_path":
-    case "url_param":
-      return ["url", "double_url", "unicode", "utf8_overlong", "mixed_encoding", "null_byte"];
-    case "html_body":
-      return ["html_entity_dec", "html_entity_hex", "unicode", "tag_alternative", "event_handler", "js_alternative"];
-    case "html_attr":
-      return ["html_entity_dec", "html_entity_hex", "event_handler"];
-    case "js_string":
-      return ["unicode", "hex", "base64", "js_alternative"];
-    case "sql_string":
-    case "sql_numeric":
-      return ["case_swap", "comment_insert", "whitespace_alt", "char_function", "concat_split", "url", "double_url"];
-    case "shell_cmd":
-      return ["keyword_bypass", "space_bypass", "base64", "reverse", "hex", "octal"];
-    case "xml_body":
-      return ["html_entity_dec", "html_entity_hex", "unicode"];
-    case "json_body":
-      return ["unicode"];
-    case "http_header":
-    case "cookie":
-      return ["url", "double_url", "base64"];
+    case PAYLOAD_CONTEXT.URL_PATH:
+    case PAYLOAD_CONTEXT.URL_PARAM:
+      return [TRANSFORM_TYPE.URL, TRANSFORM_TYPE.DOUBLE_URL, TRANSFORM_TYPE.UNICODE, TRANSFORM_TYPE.UTF8_OVERLONG, TRANSFORM_TYPE.MIXED_ENCODING, TRANSFORM_TYPE.NULL_BYTE];
+    case PAYLOAD_CONTEXT.HTML_BODY:
+      return [TRANSFORM_TYPE.HTML_ENTITY_DEC, TRANSFORM_TYPE.HTML_ENTITY_HEX, TRANSFORM_TYPE.UNICODE, TRANSFORM_TYPE.TAG_ALTERNATIVE, TRANSFORM_TYPE.EVENT_HANDLER, TRANSFORM_TYPE.JS_ALTERNATIVE];
+    case PAYLOAD_CONTEXT.HTML_ATTR:
+      return [TRANSFORM_TYPE.HTML_ENTITY_DEC, TRANSFORM_TYPE.HTML_ENTITY_HEX, TRANSFORM_TYPE.EVENT_HANDLER];
+    case PAYLOAD_CONTEXT.JS_STRING:
+      return [TRANSFORM_TYPE.UNICODE, TRANSFORM_TYPE.HEX, TRANSFORM_TYPE.BASE64, TRANSFORM_TYPE.JS_ALTERNATIVE];
+    case PAYLOAD_CONTEXT.SQL_STRING:
+    case PAYLOAD_CONTEXT.SQL_NUMERIC:
+      return [TRANSFORM_TYPE.CASE_SWAP, TRANSFORM_TYPE.COMMENT_INSERT, TRANSFORM_TYPE.WHITESPACE_ALT, TRANSFORM_TYPE.CHAR_FUNCTION, TRANSFORM_TYPE.CONCAT_SPLIT, TRANSFORM_TYPE.URL, TRANSFORM_TYPE.DOUBLE_URL];
+    case PAYLOAD_CONTEXT.SHELL_CMD:
+      return [TRANSFORM_TYPE.KEYWORD_BYPASS, TRANSFORM_TYPE.SPACE_BYPASS, TRANSFORM_TYPE.BASE64, TRANSFORM_TYPE.REVERSE, TRANSFORM_TYPE.HEX, TRANSFORM_TYPE.OCTAL];
+    case PAYLOAD_CONTEXT.XML_BODY:
+      return [TRANSFORM_TYPE.HTML_ENTITY_DEC, TRANSFORM_TYPE.HTML_ENTITY_HEX, TRANSFORM_TYPE.UNICODE];
+    case PAYLOAD_CONTEXT.JSON_BODY:
+      return [TRANSFORM_TYPE.UNICODE];
+    case PAYLOAD_CONTEXT.HTTP_HEADER:
+    case PAYLOAD_CONTEXT.COOKIE:
+      return [TRANSFORM_TYPE.URL, TRANSFORM_TYPE.DOUBLE_URL, TRANSFORM_TYPE.BASE64];
     default:
-      return ["url", "double_url", "html_entity_dec", "unicode", "base64", "case_swap"];
+      return [TRANSFORM_TYPE.URL, TRANSFORM_TYPE.DOUBLE_URL, TRANSFORM_TYPE.HTML_ENTITY_DEC, TRANSFORM_TYPE.UNICODE, TRANSFORM_TYPE.BASE64, TRANSFORM_TYPE.CASE_SWAP];
   }
 }
 function getContextRecommendations(context, variantCount) {
   const recs = [];
   recs.push(`Generated ${variantCount} variants for context: ${context}`);
   switch (context) {
-    case "url_param":
+    case PAYLOAD_CONTEXT.URL_PARAM:
       recs.push("If all URL encoding fails: try HTTP Parameter Pollution (send same param twice)");
       recs.push("Try switching GET \u2192 POST or changing Content-Type");
       recs.push("Check if WebSocket endpoint exists (often unfiltered)");
       break;
-    case "sql_string":
-    case "sql_numeric":
+    case PAYLOAD_CONTEXT.SQL_STRING:
+    case PAYLOAD_CONTEXT.SQL_NUMERIC:
       recs.push("If inline comments fail: try MySQL version comments /*!50000SELECT*/");
       recs.push("Try time-based blind if error/union payloads are blocked");
       recs.push("Use sqlmap with --tamper scripts for automated bypass");
       break;
-    case "html_body":
+    case PAYLOAD_CONTEXT.HTML_BODY:
       recs.push("If common XSS tags blocked: try SVG, MathML, mutation XSS");
       recs.push("Check CSP header \u2014 it determines what JS execution is possible");
       recs.push("Try DOM-based XSS via document.location, innerHTML, postMessage");
       break;
-    case "shell_cmd":
+    case PAYLOAD_CONTEXT.SHELL_CMD:
       recs.push("Use ${IFS} for space, quotes for keyword bypass, base64 for full obfuscation");
       recs.push("Try: echo PAYLOAD_BASE64 | base64 -d | sh");
       recs.push("Variable concatenation: a=c;b=at;$a$b /etc/passwd");
@@ -6237,8 +6686,8 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
       }
     },
     execute: async (p) => {
-      const { existsSync: existsSync9, statSync: statSync2, readdirSync: readdirSync3 } = await import("fs");
-      const { join: join11 } = await import("path");
+      const { existsSync: existsSync10, statSync: statSync2, readdirSync: readdirSync3 } = await import("fs");
+      const { join: join12 } = await import("path");
       const category = p.category || "";
       const search = p.search || "";
       const minSize = p.min_size || 0;
@@ -6284,7 +6733,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         results.push("");
       };
       const scanDir = (dirPath, maxDepth = 3, depth = 0) => {
-        if (depth > maxDepth || !existsSync9(dirPath)) return;
+        if (depth > maxDepth || !existsSync10(dirPath)) return;
         let entries;
         try {
           entries = readdirSync3(dirPath, { withFileTypes: true });
@@ -6293,7 +6742,7 @@ Returns: All available wordlists with their paths, sizes, and categories.`,
         }
         for (const entry of entries) {
           if (entry.name.startsWith(".") || SKIP_DIRS.has(entry.name)) continue;
-          const fullPath = join11(dirPath, entry.name);
+          const fullPath = join12(dirPath, entry.name);
           if (entry.isDirectory()) {
             scanDir(fullPath, maxDepth, depth + 1);
             continue;
@@ -6345,6 +6794,9 @@ var globalCredentialHandler = null;
 function setCredentialHandler(handler) {
   globalCredentialHandler = handler;
 }
+function clearCredentialHandler() {
+  globalCredentialHandler = null;
+}
 async function requestCredential(request) {
   if (!globalCredentialHandler) {
     return {
@@ -7542,6 +7994,11 @@ var FILE_SHARING_CONFIG = {
 };
 
 // src/domains/cloud/tools.ts
+var CLOUD_PROVIDER = {
+  AWS: "aws",
+  AZURE: "azure",
+  GCP: "gcp"
+};
 var CLOUD_TOOLS = [
   {
     name: TOOL_NAMES.AWS_S3_CHECK,
@@ -7564,8 +8021,8 @@ var CLOUD_TOOLS = [
     required: ["provider"],
     execute: async (params) => {
       const provider = params.provider;
-      if (provider === "aws") return await runCommand("curl", ["http://169.254.169.254/latest/meta-data/"]);
-      if (provider === "azure") return await runCommand("curl", ["-H", "Metadata:true", "http://169.254.169.254/metadata/instance?api-version=2021-02-01"]);
+      if (provider === CLOUD_PROVIDER.AWS) return await runCommand("curl", ["http://169.254.169.254/latest/meta-data/"]);
+      if (provider === CLOUD_PROVIDER.AZURE) return await runCommand("curl", ["-H", "Metadata:true", "http://169.254.169.254/metadata/instance?api-version=2021-02-01"]);
       return await runCommand("curl", ["-H", "Metadata-Flavor: Google", "http://metadata.google.internal/computeMetadata/v1/"]);
     }
   }
@@ -8223,6 +8680,12 @@ var LLM_ERROR_TYPES = {
 
 // src/engine/llm-types.ts
 var HTTP_STATUS = { BAD_REQUEST: 400, UNAUTHORIZED: 401, FORBIDDEN: 403, RATE_LIMIT: 429 };
+var NETWORK_ERROR_CODES = {
+  ECONNRESET: "ECONNRESET",
+  ETIMEDOUT: "ETIMEDOUT",
+  ENOTFOUND: "ENOTFOUND",
+  CONNECT_TIMEOUT: "UND_ERR_CONNECT_TIMEOUT"
+};
 var LLMError = class extends Error {
   /** Structured error information */
   errorInfo;
@@ -8245,10 +8708,10 @@ function classifyError(error) {
   if (statusCode === HTTP_STATUS.BAD_REQUEST) {
     return { type: LLM_ERROR_TYPES.INVALID_REQUEST, message: errorMessage, statusCode, isRetryable: false, suggestedAction: "Modify request" };
   }
-  if (e.code === "ECONNRESET" || e.code === "ETIMEDOUT" || e.code === "ENOTFOUND") {
+  if (e.code === NETWORK_ERROR_CODES.ECONNRESET || e.code === NETWORK_ERROR_CODES.ETIMEDOUT || e.code === NETWORK_ERROR_CODES.ENOTFOUND) {
     return { type: LLM_ERROR_TYPES.NETWORK_ERROR, message: errorMessage, isRetryable: true, suggestedAction: "Check network" };
   }
-  if (errorMessage.toLowerCase().includes("timeout") || e.code === "UND_ERR_CONNECT_TIMEOUT") {
+  if (errorMessage.toLowerCase().includes("timeout") || e.code === NETWORK_ERROR_CODES.CONNECT_TIMEOUT) {
     return { type: LLM_ERROR_TYPES.TIMEOUT, message: errorMessage, isRetryable: true, suggestedAction: "Retry" };
   }
   return { type: LLM_ERROR_TYPES.UNKNOWN, message: errorMessage, statusCode, isRetryable: false, suggestedAction: "Analyze error" };
@@ -8594,7 +9057,7 @@ var __filename2 = fileURLToPath3(import.meta.url);
 var __dirname3 = dirname4(__filename2);
 
 // src/engine/state-persistence.ts
-import { writeFileSync as writeFileSync6, readFileSync as readFileSync4, existsSync as existsSync6, readdirSync, statSync, unlinkSync as unlinkSync4 } from "fs";
+import { writeFileSync as writeFileSync6, readFileSync as readFileSync4, existsSync as existsSync6, readdirSync, statSync, unlinkSync as unlinkSync4, rmSync } from "fs";
 import { join as join9 } from "path";
 function saveState(state) {
   const sessionsDir = WORKSPACE.SESSIONS;
@@ -8676,6 +9139,28 @@ function loadState(state) {
     return false;
   }
 }
+function clearWorkspace() {
+  const cleared = [];
+  const errors = [];
+  const dirsToClean = [
+    { path: WORKSPACE.SESSIONS, label: "sessions" },
+    { path: WORKSPACE.DEBUG, label: "debug logs" },
+    { path: WORKSPACE.TEMP, label: "temp files" },
+    { path: WORKSPACE.OUTPUTS, label: "outputs" }
+  ];
+  for (const dir of dirsToClean) {
+    try {
+      if (existsSync6(dir.path)) {
+        rmSync(dir.path, { recursive: true, force: true });
+        ensureDirExists(dir.path);
+        cleared.push(dir.label);
+      }
+    } catch (err) {
+      errors.push(`${dir.label}: ${err instanceof Error ? err.message : String(err)}`);
+    }
+  }
+  return { cleared, errors };
+}
 
 // src/agents/tool-error-enrichment.ts
 function enrichToolErrorContext(ctx) {
@@ -10199,13 +10684,21 @@ var PHASE_TECHNIQUE_MAP = {
 };
 var PromptBuilder = class {
   state;
+  strategist = null;
   constructor(state) {
     this.state = state;
   }
   /**
-   * Build complete prompt for LLM iteration.
+   * Attach a Strategist instance for meta-prompting.
+   * Called by MainAgent after construction.
+   */
+  setStrategist(strategist) {
+    this.strategist = strategist;
+  }
+  /**
+   * Build complete prompt for LLM iteration (async).
    *
-   * Layers (phase-aware, enhanced with improvements #2,#3,#6,#7,#8,#12,#14):
+   * Layers (phase-aware, enhanced with D-CIPHER meta-prompting):
    * 1. base.md — Core identity, rules, autonomy, shell management (~7.6K tok)
    * 2. Phase-specific prompt — current phase's full specialist knowledge (~2K tok)
    * 3. Core methodology — strategy, orchestrator, evasion (always loaded, ~12K tok)
@@ -10221,9 +10714,10 @@ var PromptBuilder = class {
    * 12. Session timeline (#12: episodic memory)
    * 13. Learned techniques (#7: dynamic technique library)
    * 14. Persistent memory (#12: cross-session knowledge)
-   * 15. User context
+   * ★ 15. STRATEGIC DIRECTIVE — LLM-generated tactical instructions (D-CIPHER)
+   * 16. User context
    */
-  build(userInput, phase) {
+  async build(userInput, phase) {
     const fragments = [
       this.loadPromptFile(PROMPT_PATHS.BASE),
       this.loadCtfModePrompt(),
@@ -10246,10 +10740,14 @@ var PromptBuilder = class {
       // #12
       this.getDynamicTechniquesFragment(),
       // #7
-      this.getPersistentMemoryFragment(),
+      this.getPersistentMemoryFragment()
       // #12
-      PROMPT_DEFAULTS.USER_CONTEXT(userInput)
     ];
+    const strategistDirective = await this.getStrategistFragment();
+    if (strategistDirective) {
+      fragments.push(strategistDirective);
+    }
+    fragments.push(PROMPT_DEFAULTS.USER_CONTEXT(userInput));
     return fragments.filter((f) => !!f).join("\n\n");
   }
   /**
@@ -10439,11 +10937,213 @@ ${lines.join("\n")}
     }
     return this.state.persistentMemory.toPrompt(services);
   }
+  // --- D-CIPHER: Strategist Meta-Prompting ---
+  /**
+   * Generate strategic directive via Strategist LLM.
+   * Called every turn. Returns '' if no strategist is attached or call fails.
+   */
+  async getStrategistFragment() {
+    if (!this.strategist) return "";
+    return this.strategist.generateDirective();
+  }
+};
+
+// src/agents/strategist.ts
+import { readFileSync as readFileSync6, existsSync as existsSync9 } from "fs";
+import { join as join11, dirname as dirname6 } from "path";
+import { fileURLToPath as fileURLToPath5 } from "url";
+
+// src/shared/constants/strategist.ts
+var STRATEGIST_LIMITS = {
+  /** Maximum characters of state context sent to Strategist LLM.
+   *  WHY: Keeps Strategist input focused and affordable (~3-5K tokens).
+   *  Full state can be 20K+; Strategist needs summary, not everything. */
+  MAX_INPUT_CHARS: 15e3,
+  /** Maximum characters for the Strategist's response.
+   *  WHY: Directives should be terse and actionable (~500-800 tokens).
+   *  Longer = more cost, less focus. */
+  MAX_OUTPUT_CHARS: 3e3,
+  /** Maximum lines in the directive output.
+   *  WHY: Forces concise, prioritized directives. */
+  MAX_DIRECTIVE_LINES: 40
+};
+
+// src/agents/strategist.ts
+var __dirname5 = dirname6(fileURLToPath5(import.meta.url));
+var STRATEGIST_PROMPT_PATH = join11(__dirname5, "prompts", "strategist-system.md");
+var Strategist = class {
+  llm;
+  state;
+  systemPrompt;
+  // Metrics
+  totalTokenCost = 0;
+  totalCalls = 0;
+  lastDirective = null;
+  constructor(llm, state) {
+    this.llm = llm;
+    this.state = state;
+    this.systemPrompt = this.loadSystemPrompt();
+  }
+  /**
+   * Generate a fresh strategic directive for this turn.
+   * Called every iteration by PromptBuilder.
+   *
+   * @returns Formatted directive string for prompt injection, or '' on failure
+   */
+  async generateDirective() {
+    try {
+      const input = this.buildInput();
+      const directive = await this.callLLM(input);
+      this.lastDirective = directive;
+      this.totalCalls++;
+      debugLog("general", "Strategist directive generated", {
+        tokens: directive.tokenCost,
+        totalCalls: this.totalCalls,
+        contentLength: directive.content.length
+      });
+      return this.formatForPrompt(directive);
+    } catch (err) {
+      debugLog("general", "Strategist failed \u2014 agent will proceed without directive", {
+        error: String(err)
+      });
+      if (this.lastDirective?.content) {
+        return this.formatForPrompt(this.lastDirective, true);
+      }
+      return "";
+    }
+  }
+  // ─── Input Construction ─────────────────────────────────────
+  /**
+   * Build the user message for the Strategist LLM.
+   * Assembles state, memory, attack graph, and timeline into a focused context.
+   */
+  buildInput() {
+    const sections = [];
+    sections.push("## Engagement State");
+    sections.push(this.state.toPrompt());
+    const timeline = this.state.episodicMemory.toPrompt();
+    if (timeline) {
+      sections.push("");
+      sections.push("## Recent Actions");
+      sections.push(timeline);
+    }
+    const failures = this.state.workingMemory.toPrompt();
+    if (failures) {
+      sections.push("");
+      sections.push("## Failed Attempts (DO NOT REPEAT THESE)");
+      sections.push(failures);
+    }
+    const graph = this.state.attackGraph.toPrompt();
+    if (graph) {
+      sections.push("");
+      sections.push("## Attack Graph");
+      sections.push(graph);
+    }
+    const techniques = this.state.dynamicTechniques.toPrompt();
+    if (techniques) {
+      sections.push("");
+      sections.push("## Learned Techniques");
+      sections.push(techniques);
+    }
+    sections.push("");
+    sections.push("## Time");
+    sections.push(this.state.getTimeStatus());
+    const analysis = this.state.getChallengeAnalysis();
+    if (analysis && analysis.primaryType !== "unknown") {
+      sections.push("");
+      sections.push(`## Challenge Type: ${analysis.primaryType.toUpperCase()} (${(analysis.confidence * 100).toFixed(0)}%)`);
+      sections.push(analysis.strategySuggestion);
+    }
+    let input = sections.join("\n");
+    if (input.length > STRATEGIST_LIMITS.MAX_INPUT_CHARS) {
+      input = input.slice(0, STRATEGIST_LIMITS.MAX_INPUT_CHARS) + "\n\n... [state truncated for Strategist context]";
+    }
+    return input;
+  }
+  // ─── LLM Call ───────────────────────────────────────────────
+  async callLLM(input) {
+    const messages = [{
+      role: "user",
+      content: `Analyze this penetration test situation and write a tactical directive for the attack agent.
+
+${input}`
+    }];
+    const response = await this.llm.generateResponse(
+      messages,
+      void 0,
+      // No tools — strategy generation only
+      this.systemPrompt
+    );
+    let content = response.content || "";
+    if (content.length > STRATEGIST_LIMITS.MAX_OUTPUT_CHARS) {
+      content = content.slice(0, STRATEGIST_LIMITS.MAX_OUTPUT_CHARS) + "\n... [directive truncated]";
+    }
+    const cost = response.usage ? response.usage.input_tokens + response.usage.output_tokens : 0;
+    this.totalTokenCost += cost;
+    return {
+      content,
+      generatedAt: Date.now(),
+      tokenCost: cost
+    };
+  }
+  // ─── Formatting ─────────────────────────────────────────────
+  /**
+   * Format directive for injection into the attack agent's system prompt.
+   */
+  formatForPrompt(directive, isStale = false) {
+    if (!directive.content) return "";
+    const age = Math.floor((Date.now() - directive.generatedAt) / 6e4);
+    const staleWarning = isStale ? `
+NOTE: This directive is from ${age}min ago (Strategist call failed this turn). Verify assumptions are still valid.` : "";
+    return [
+      "<strategic-directive>",
+      "TACTICAL DIRECTIVE (generated by Strategist LLM \u2014 follow these priorities):",
+      "",
+      directive.content,
+      staleWarning,
+      "</strategic-directive>"
+    ].filter(Boolean).join("\n");
+  }
+  // ─── System Prompt Loading ──────────────────────────────────
+  loadSystemPrompt() {
+    try {
+      if (existsSync9(STRATEGIST_PROMPT_PATH)) {
+        return readFileSync6(STRATEGIST_PROMPT_PATH, "utf-8");
+      }
+    } catch {
+    }
+    return FALLBACK_SYSTEM_PROMPT;
+  }
+  // ─── Public API ─────────────────────────────────────────────
+  /** Get total token cost of all Strategist calls this session. */
+  getTotalTokenCost() {
+    return this.totalTokenCost;
+  }
+  /** Get number of Strategist calls this session. */
+  getTotalCalls() {
+    return this.totalCalls;
+  }
+  /** Get the most recent directive (for TUI display). */
+  getLastDirective() {
+    return this.lastDirective;
+  }
+  /** Reset strategist state (for /clear command). */
+  reset() {
+    this.lastDirective = null;
+    this.totalTokenCost = 0;
+    this.totalCalls = 0;
+  }
 };
+var FALLBACK_SYSTEM_PROMPT = `You are a penetration testing strategist.
+Analyze the situation and write a precise tactical directive for the attack agent.
+Be specific: name exact tools, commands, and parameters.
+Maximum 30 lines. Prioritize by probability of success.
+NEVER suggest approaches listed in the failed attempts section.`;
 
 // src/agents/main-agent.ts
 var MainAgent = class extends CoreAgent {
   promptBuilder;
+  strategist;
   approvalGate;
   scopeGuard;
   userInput = "";
@@ -10452,6 +11152,8 @@ var MainAgent = class extends CoreAgent {
     this.approvalGate = approvalGate;
     this.scopeGuard = scopeGuard;
     this.promptBuilder = new PromptBuilder(state);
+    this.strategist = new Strategist(this.llm, state);
+    this.promptBuilder.setStrategist(this.strategist);
   }
   /**
    * Public entry point for running the agent.
@@ -10462,7 +11164,8 @@ var MainAgent = class extends CoreAgent {
     this.emitStart(userInput);
     this.initializeTask();
     try {
-      const result2 = await this.run(userInput, this.getCurrentPrompt());
+      const initialPrompt = await this.getCurrentPrompt();
+      const result2 = await this.run(userInput, initialPrompt);
       return result2.output;
     } finally {
       try {
@@ -10478,9 +11181,10 @@ var MainAgent = class extends CoreAgent {
   /**
    * Override step to rebuild prompt dynamically each iteration.
    * This ensures the agent always sees the latest state, phase, and active processes.
+   * The Strategist LLM generates a fresh tactical directive every turn.
    */
   async step(iteration, messages, _unusedPrompt, progress) {
-    const dynamicPrompt = this.getCurrentPrompt();
+    const dynamicPrompt = await this.getCurrentPrompt();
     const result2 = await super.step(iteration, messages, dynamicPrompt, progress);
     this.emitStateChange();
     return result2;
@@ -10509,7 +11213,7 @@ var MainAgent = class extends CoreAgent {
   saveCurrentState() {
     return saveState(this.state);
   }
-  getCurrentPrompt() {
+  async getCurrentPrompt() {
     const phase = this.state.getPhase() || PHASES.RECON;
     return this.promptBuilder.build(this.userInput, phase);
   }
@@ -10554,6 +11258,18 @@ var MainAgent = class extends CoreAgent {
   isCtfMode() {
     return this.state.isCtfMode();
   }
+  /**
+   * Full session reset — clears state, workspace files, and background processes.
+   * Used by /clear command for a complete fresh start.
+   */
+  async resetSession() {
+    await cleanupAllProcesses().catch(() => {
+    });
+    this.state.reset();
+    this.userInput = "";
+    this.strategist.reset();
+    return clearWorkspace();
+  }
   setScope(allowed, exclusions = []) {
     this.state.setScope({
       allowedCidrs: allowed.filter((a) => a.includes("/")),
@@ -10573,6 +11289,10 @@ var MainAgent = class extends CoreAgent {
     });
     this.emitStateChange();
   }
+  /** Get the Strategist instance (for TUI metrics display). */
+  getStrategist() {
+    return this.strategist;
+  }
 };
 
 // src/agents/factory.ts
@@ -10668,13 +11388,13 @@ var THEME = {
     secondary: "#cbd5e1",
     // Brighter slate
     muted: "#94a3b8",
-    // Lighter blue-gray (was too dark)
-    accent: "#38bdf8",
-    // Sky blue
+    // Lighter blue-gray
+    accent: "#1d4ed8",
+    // Blue 700 - deep blue
     highlight: "#ffffff"
     // Pure white
   },
-  // Status colors
+  // Status colors (deep blue-focused)
   status: {
     success: "#10b981",
     // Emerald
@@ -10682,10 +11402,10 @@ var THEME = {
     // Amber
     error: "#ef4444",
     // Red
-    info: "#0ea5e9",
-    // Sky
-    running: "#38bdf8",
-    // Bright Sky
+    info: "#1d4ed8",
+    // Blue 700
+    running: "#1e40af",
+    // Blue 800 (AI activity)
     pending: "#64748b"
     // Slate
   },
@@ -10699,27 +11419,29 @@ var THEME = {
     // Orange
     low: "#eab308",
     // Yellow
-    info: "#3b82f6"
-    // Blue
+    info: "#1d4ed8"
+    // Blue 700
   },
   // Border colors
   border: {
     default: "#1e293b",
-    focus: "#38bdf8",
+    focus: "#3b82f6",
+    // Blue 500 (UI decorative)
     error: "#ef4444",
     success: "#22c55e"
   },
-  // Phase colors
+  // Phase colors (deep blue-focused)
   phase: {
     recon: "#94a3b8",
-    enum: "#38bdf8",
+    enum: "#1d4ed8",
+    // Blue 700 (phase indicator)
     vuln: "#f59e0b",
     exploit: "#ef4444",
     privesc: "#8b5cf6",
     persist: "#22c55e",
     report: "#64748b"
   },
-  // Accent colors
+  // Accent colors (NO cyan/teal - pure blue palette)
   accent: {
     pink: "#f472b6",
     rose: "#fb7185",
@@ -10727,9 +11449,8 @@ var THEME = {
     purple: "#a78bfa",
     violet: "#8b5cf6",
     indigo: "#818cf8",
-    blue: "#60a5fa",
-    cyan: "#22d3ee",
-    teal: "#2dd4bf",
+    blue: "#1d4ed8",
+    // Blue 700 - primary accent
     emerald: "#34d399",
     green: "#4ade80",
     lime: "#a3e635",
@@ -10738,34 +11459,35 @@ var THEME = {
     orange: "#fb923c",
     red: "#f87171"
   },
-  // Gradients
+  // Gradients (deep blue-focused)
   gradient: {
     cyber: [
-      "#38bdf8",
-      // Sky 400
-      "#34c6f4",
-      "#30d0f0",
-      "#2cd9ec",
-      "#28e3e8",
-      "#22d3ee",
-      // Cyan 400
-      "#25dbd6",
-      "#28e4be",
-      "#2dd4bf",
-      // Teal 400
-      "#31dbac",
-      "#34d399"
-      // Emerald 400
+      "#3b82f6",
+      // Blue 500
+      "#3584f4",
+      "#2f86f2",
+      "#2988f0",
+      "#238aee",
+      "#1d8cec",
+      // Mid blue
+      "#1d7ad8",
+      "#1d78c6",
+      "#1d76b4",
+      "#1d74a2",
+      "#1e40af"
+      // Blue 800
     ],
     danger: ["#ef4444", "#7f1d1d"],
     success: ["#22c55e", "#14532d"],
     gold: ["#f59e0b", "#78350f"],
     royal: ["#818cf8", "#312e81"]
   },
-  // Spinner color (Sky blue)
-  spinner: "#38bdf8",
-  // Identity color
-  identity: "#38bdf8"
+  // Spinner color (deep blue — UI feedback)
+  spinner: "#3b82f6",
+  // Blue 500
+  // Identity color (branded accent - deep blue)
+  identity: "#1d4ed8"
+  // Blue 700
 };
 var ASCII_BANNER = `
     ____             __              __  _             
@@ -10811,39 +11533,39 @@ var ICONS = {
 // src/platform/tui/constants/display.ts
 var TUI_DISPLAY_LIMITS = {
   /** Reasoning buffer size for display */
-  reasoningBuffer: 1e3,
+  reasoningBuffer: 2e3,
   /** Reasoning preview length */
-  reasoningPreview: 300,
+  reasoningPreview: 500,
   /** Reasoning history slice for display */
-  reasoningHistorySlice: 500,
+  reasoningHistorySlice: 1e3,
   /** Tool input preview length (for command display) */
-  toolInputPreview: 100,
+  toolInputPreview: 200,
   /** Tool input truncated length */
-  toolInputTruncated: 97,
-  /** Tool output preview length */
-  toolOutputPreview: 500,
+  toolInputTruncated: 197,
+  /** Tool output preview length - increased to show full output */
+  toolOutputPreview: 2e3,
   /** Error message preview length */
-  errorPreview: 300,
+  errorPreview: 500,
   /** Status thought preview length */
-  statusThoughtPreview: 100,
+  statusThoughtPreview: 150,
   /** Status thought truncated length */
-  statusThoughtTruncated: 97,
+  statusThoughtTruncated: 147,
   /** Retry error preview length */
-  retryErrorPreview: 60,
+  retryErrorPreview: 100,
   /** Retry error truncated length */
-  retryErrorTruncated: 57,
+  retryErrorTruncated: 97,
   /** Timer update interval in ms */
   timerInterval: 1e3,
   /** Exit delay in ms */
   exitDelay: 100,
   /** Purpose text max length before truncation */
-  purposeMaxLength: 30,
+  purposeMaxLength: 50,
   /** Purpose text truncated length */
-  purposeTruncated: 27,
+  purposeTruncated: 47,
   /** Tool detail preview length in flow display */
-  toolDetailPreview: 100,
+  toolDetailPreview: 200,
   /** Observe detail preview length in flow display */
-  observeDetailPreview: 80,
+  observeDetailPreview: 150,
   /** Max flow nodes to display */
   maxFlowNodes: 50,
   /** Max stopped processes to show */
@@ -10858,7 +11580,7 @@ var MESSAGE_STYLES = {
     error: THEME.status.error,
     tool: THEME.status.running,
     result: THEME.text.muted,
-    status: THEME.accent.cyan
+    status: THEME.accent.blue
   },
   prefixes: {
     user: "\u276F",
@@ -10871,30 +11593,46 @@ var MESSAGE_STYLES = {
     status: "\u25C8"
   }
 };
+var COMMAND_DEFINITIONS = [
+  { name: "target", alias: "t", args: "<ip>", description: "Set target IP or domain" },
+  { name: "start", alias: "s", args: "[goal]", description: "Start autonomous pentest" },
+  { name: "findings", alias: "f", description: "Show discovered vulnerabilities" },
+  { name: "graph", alias: "g", description: "Visualize the attack graph" },
+  { name: "paths", alias: "p", description: "Show ranked attack paths" },
+  { name: "assets", alias: "a", description: "List background processes" },
+  { name: "logs", alias: "l", args: "<id>", description: "Show logs for an asset" },
+  { name: "ctf", description: "Toggle CTF mode" },
+  { name: "auto", description: "Toggle auto-approve mode" },
+  { name: "clear", alias: "c", description: "Reset session & clean workspace" },
+  { name: "help", alias: "h", description: "Show detailed help" },
+  { name: "exit", alias: "q", description: "Exit the application" }
+];
+function getMatchingCommands(partial) {
+  const lower = partial.toLowerCase();
+  if (!lower) return COMMAND_DEFINITIONS;
+  return COMMAND_DEFINITIONS.filter(
+    (cmd) => cmd.name.startsWith(lower) || cmd.alias && cmd.alias.startsWith(lower)
+  );
+}
 var HELP_TEXT = `
 \u2500\u2500 Commands \u2500\u2500
-/target <ip>     Set target IP/domain
-/start [goal]    Start autonomous pentest (auto-approve enabled)
-/findings        Show discovered vulnerabilities
-/assets          List active background processes (listeners, shells)
-/logs <id>       Show full logs for a specific asset
-/ctf             Toggle CTF mode (default: ON)
-/auto            Toggle auto-approve mode
-/clear           Clear screen
-/exit            Exit
+${COMMAND_DEFINITIONS.map((cmd) => {
+  const usage = `/${cmd.name}${cmd.args ? " " + cmd.args : ""}`;
+  const alias = cmd.alias ? ` (/${cmd.alias})` : "";
+  return `${usage.padEnd(18)}${alias.padEnd(8)} ${cmd.description}`;
+}).join("\n")}
 
 \u2500\u2500 Features \u2500\u2500
 \u2022 Auto-install missing tools (apt/brew)
 \u2022 Transparent command execution
 \u2022 Interactive sudo password input
 \u2022 CTF mode: Auto flag detection & CTF-specific prompts
+\u2022 Attack graph: Tracks discovered paths & prevents repeating failures
 
-\u2500\u2500 Examples \u2500\u2500
-/target 192.168.1.1
-/start "Full pentest on target"
-/findings
-/ctf             (toggle CTF/standard mode)
-/auto            (toggle approval mode)
+\u2500\u2500 Tips \u2500\u2500
+\u2022 Type / and press Tab to autocomplete commands
+\u2022 /clear resets the entire session (messages, state, .pentesting data)
+\u2022 /start automatically enables auto-approve for hands-free operation
 `;
 
 // src/platform/tui/hooks/useAgentState.ts
@@ -11041,10 +11779,10 @@ var useAgentEvents = (agent, eventsRef, state) => {
       setCurrentTokens(tokenAccumRef.current + stepTokens);
     };
     const onFlagFound = (e) => {
-      addMessage("system", `\u{1F3F4} FLAG FOUND: ${e.data.flag}  (total: ${e.data.totalFlags})`);
+      addMessage("system", `[FLAG] ${e.data.flag} (total: ${e.data.totalFlags})`);
     };
     const onPhaseChange = (e) => {
-      addMessage("system", `\u{1F504} Phase: ${e.data.fromPhase} \u2192 ${e.data.toPhase} (${e.data.reason})`);
+      addMessage("system", `[Phase] ${e.data.fromPhase} -> ${e.data.toPhase} (${e.data.reason})`);
       const s = agent.getState();
       setStats({
         phase: e.data.toPhase,
@@ -11113,6 +11851,9 @@ var useAgentEvents = (agent, eventsRef, state) => {
     return () => {
       events.removeAllListeners();
       clearAllTimers();
+      clearInputHandler();
+      clearCredentialHandler();
+      clearCommandEventEmitter();
     };
   }, [
     agent,
@@ -11186,18 +11927,18 @@ Options: ${request.options.join(", ")}`;
 }
 function getCommandEventIcon(eventType) {
   const icons = {
-    [COMMAND_EVENT_TYPES.TOOL_MISSING]: "\u26A0\uFE0F",
-    [COMMAND_EVENT_TYPES.TOOL_INSTALL]: "\u{1F4E6}",
-    [COMMAND_EVENT_TYPES.TOOL_INSTALLED]: "\u2705",
-    [COMMAND_EVENT_TYPES.TOOL_INSTALL_FAILED]: "\u274C",
-    [COMMAND_EVENT_TYPES.TOOL_RETRY]: "\u{1F504}",
-    [COMMAND_EVENT_TYPES.COMMAND_START]: "\u25B6",
-    [COMMAND_EVENT_TYPES.COMMAND_SUCCESS]: "\u2713",
-    [COMMAND_EVENT_TYPES.COMMAND_FAILED]: "\u2717",
-    [COMMAND_EVENT_TYPES.COMMAND_ERROR]: "\u274C",
-    [COMMAND_EVENT_TYPES.INPUT_REQUIRED]: "\u{1F510}"
+    [COMMAND_EVENT_TYPES.TOOL_MISSING]: "[!]",
+    [COMMAND_EVENT_TYPES.TOOL_INSTALL]: "[install]",
+    [COMMAND_EVENT_TYPES.TOOL_INSTALLED]: "[ok]",
+    [COMMAND_EVENT_TYPES.TOOL_INSTALL_FAILED]: "[fail]",
+    [COMMAND_EVENT_TYPES.TOOL_RETRY]: "[retry]",
+    [COMMAND_EVENT_TYPES.COMMAND_START]: "[>]",
+    [COMMAND_EVENT_TYPES.COMMAND_SUCCESS]: "[ok]",
+    [COMMAND_EVENT_TYPES.COMMAND_FAILED]: "[x]",
+    [COMMAND_EVENT_TYPES.COMMAND_ERROR]: "[err]",
+    [COMMAND_EVENT_TYPES.INPUT_REQUIRED]: "[auth]"
   };
-  return icons[eventType] || "\u2022";
+  return icons[eventType] || "[-]";
 }
 
 // src/platform/tui/hooks/useAgent.ts
@@ -11218,6 +11959,7 @@ var useAgent = (shouldAutoApprove, target) => {
     inputRequest,
     setInputRequest,
     stats,
+    setStats,
     lastResponseMetaRef,
     addMessage,
     manageTimer,
@@ -11265,6 +12007,17 @@ var useAgent = (shouldAutoApprove, target) => {
       addMessage("system", "Input cancelled");
     }
   }, [setInputRequest, addMessage]);
+  const refreshStats = useCallback2(() => {
+    const s = agent.getState();
+    setStats({
+      phase: s.getPhase() || PHASES.RECON,
+      targets: s.getTargets().size,
+      findings: s.getFindings().length,
+      todo: s.getTodo().length
+    });
+    resetCumulativeCounters();
+    setCurrentStatus("");
+  }, [agent, setStats, resetCumulativeCounters, setCurrentStatus]);
   return {
     agent,
     messages,
@@ -11280,11 +12033,13 @@ var useAgent = (shouldAutoApprove, target) => {
     executeTask,
     abort,
     cancelInputRequest,
-    addMessage
+    addMessage,
+    refreshStats
   };
 };
 
 // src/platform/tui/components/MessageList.tsx
+import { memo } from "react";
 import { Box as Box2, Text as Text2, Static } from "ink";
 
 // src/platform/tui/components/inline-status.tsx
@@ -11302,7 +12057,7 @@ function formatDuration2(ms) {
 }
 function getRoleColor(role) {
   const roleColors = {
-    listener: THEME.accent.cyan,
+    listener: THEME.accent.blue,
     active_shell: THEME.accent.green,
     server: THEME.accent.blue,
     sniffer: THEME.accent.amber,
@@ -11447,7 +12202,7 @@ function parseStatusContent(content) {
   }
   return null;
 }
-var MessageList = ({ messages }) => {
+var MessageList = memo(({ messages }) => {
   return /* @__PURE__ */ jsx2(Static, { items: messages, children: (msg) => {
     if (msg.type === "status") {
       const statusData = parseStatusContent(msg.content);
@@ -11468,18 +12223,19 @@ var MessageList = ({ messages }) => {
       msg.content
     ] }) }, msg.id);
   } });
-};
+});
 
 // src/platform/tui/components/StatusDisplay.tsx
+import { memo as memo3 } from "react";
 import { Box as Box3, Text as Text4 } from "ink";
 
 // src/platform/tui/components/MusicSpinner.tsx
-import { useState as useState3, useEffect as useEffect3 } from "react";
+import { useState as useState3, useEffect as useEffect3, memo as memo2 } from "react";
 import { Text as Text3 } from "ink";
 import { jsx as jsx3 } from "react/jsx-runtime";
 var FRAMES = ["\u2669", "\u266A", "\u266B", "\u266C", "\u266B", "\u266A"];
-var INTERVAL = 400;
-var MusicSpinner = ({ color }) => {
+var INTERVAL = 600;
+var MusicSpinner = memo2(({ color }) => {
   const [index, setIndex] = useState3(0);
   useEffect3(() => {
     const timer = setInterval(() => {
@@ -11488,11 +12244,11 @@ var MusicSpinner = ({ color }) => {
     return () => clearInterval(timer);
   }, []);
   return /* @__PURE__ */ jsx3(Text3, { color, children: FRAMES[index] });
-};
+});
 
 // src/platform/tui/components/StatusDisplay.tsx
 import { jsx as jsx4, jsxs as jsxs3 } from "react/jsx-runtime";
-var StatusDisplay = ({
+var StatusDisplay = memo3(({
   retryState,
   isProcessing,
   currentStatus,
@@ -11514,7 +12270,7 @@ var StatusDisplay = ({
         " \xB7 ",
         truncateError(retryState.error)
       ] }),
-      /* @__PURE__ */ jsxs3(Text4, { color: THEME.accent.cyan, bold: true, children: [
+      /* @__PURE__ */ jsxs3(Text4, { color: THEME.accent.blue, bold: true, children: [
         " \xB7 ",
         retryState.countdown,
         "s"
@@ -11532,13 +12288,15 @@ var StatusDisplay = ({
       ] })
     ] })
   ] });
-};
+});
 
 // src/platform/tui/components/ChatInput.tsx
-import { Box as Box4, Text as Text5 } from "ink";
+import { useMemo, useCallback as useCallback3, useRef as useRef3, memo as memo4 } from "react";
+import { Box as Box4, Text as Text5, useInput } from "ink";
 import TextInput from "ink-text-input";
 import { jsx as jsx5, jsxs as jsxs4 } from "react/jsx-runtime";
-var ChatInput = ({
+var MAX_SUGGESTIONS = 6;
+var ChatInput = memo4(({
   value,
   onChange,
   onSubmit,
@@ -11548,46 +12306,104 @@ var ChatInput = ({
   setSecretInput,
   onSecretSubmit
 }) => {
-  return /* @__PURE__ */ jsx5(
-    Box4,
-    {
-      borderStyle: "single",
-      borderColor: inputRequest.isActive ? THEME.status.warning : THEME.border.default,
-      paddingX: 1,
-      children: inputRequest.isActive ? /* @__PURE__ */ jsxs4(Box4, { children: [
-        /* @__PURE__ */ jsx5(Text5, { color: THEME.status.warning, children: "\u{1F512}" }),
-        /* @__PURE__ */ jsxs4(Text5, { color: THEME.text.muted, children: [
-          " ",
-          inputRequest.prompt
-        ] }),
-        /* @__PURE__ */ jsx5(
-          TextInput,
-          {
-            value: secretInput,
-            onChange: setSecretInput,
-            onSubmit: onSecretSubmit,
-            placeholder: "...",
-            mask: inputRequest.isPassword ? "\u2022" : void 0
-          }
-        )
-      ] }) : /* @__PURE__ */ jsxs4(Box4, { children: [
-        /* @__PURE__ */ jsx5(Text5, { color: THEME.text.secondary, children: "\u25B8" }),
-        /* @__PURE__ */ jsx5(Text5, { children: " " }),
-        /* @__PURE__ */ jsx5(
-          TextInput,
-          {
-            value,
-            onChange,
-            onSubmit,
-            placeholder
-          }
-        )
-      ] })
-    }
-  );
-};
+  const isSlashMode = value.startsWith("/");
+  const partialCmd = isSlashMode ? value.slice(1).split(" ")[0] : "";
+  const hasArgs = isSlashMode && value.includes(" ");
+  const suggestions = useMemo(() => {
+    if (!isSlashMode || hasArgs) return [];
+    return getMatchingCommands(partialCmd).slice(0, MAX_SUGGESTIONS);
+  }, [isSlashMode, partialCmd, hasArgs]);
+  const showPreview = isSlashMode && !hasArgs && suggestions.length > 0;
+  const suggestionsRef = useRef3(suggestions);
+  suggestionsRef.current = suggestions;
+  const isSlashModeRef = useRef3(isSlashMode);
+  isSlashModeRef.current = isSlashMode;
+  const hasArgsRef = useRef3(hasArgs);
+  hasArgsRef.current = hasArgs;
+  const inputRequestRef = useRef3(inputRequest);
+  inputRequestRef.current = inputRequest;
+  const onChangeRef = useRef3(onChange);
+  onChangeRef.current = onChange;
+  useInput(useCallback3((_input, key) => {
+    if (inputRequestRef.current.isActive) return;
+    if (key.tab && isSlashModeRef.current && !hasArgsRef.current && suggestionsRef.current.length > 0) {
+      const best = suggestionsRef.current[0];
+      const argsHint = best.args ? " " : "";
+      onChangeRef.current(`/${best.name}${argsHint}`);
+    }
+  }, []));
+  return /* @__PURE__ */ jsxs4(Box4, { flexDirection: "column", children: [
+    showPreview && /* @__PURE__ */ jsx5(
+      Box4,
+      {
+        flexDirection: "column",
+        borderStyle: "single",
+        borderColor: THEME.border.default,
+        paddingX: 1,
+        marginBottom: 0,
+        children: suggestions.map((cmd, i) => {
+          const isFirst = i === 0;
+          const nameColor = isFirst ? THEME.text.accent : THEME.text.secondary;
+          const aliasText = cmd.alias ? ` /${cmd.alias}` : "";
+          const argsText = cmd.args ? ` ${cmd.args}` : "";
+          return /* @__PURE__ */ jsxs4(Box4, { children: [
+            /* @__PURE__ */ jsxs4(Text5, { color: nameColor, bold: isFirst, children: [
+              "/",
+              cmd.name
+            ] }),
+            /* @__PURE__ */ jsx5(Text5, { color: THEME.text.muted, children: argsText }),
+            aliasText && /* @__PURE__ */ jsx5(Text5, { color: THEME.text.muted, children: aliasText }),
+            /* @__PURE__ */ jsxs4(Text5, { color: THEME.text.muted, children: [
+              " \u2014 ",
+              cmd.description
+            ] }),
+            isFirst && /* @__PURE__ */ jsx5(Text5, { color: THEME.accent.blue, children: " [Tab]" })
+          ] }, cmd.name);
+        })
+      }
+    ),
+    /* @__PURE__ */ jsx5(
+      Box4,
+      {
+        borderStyle: "single",
+        borderColor: inputRequest.isActive ? THEME.status.warning : THEME.border.default,
+        paddingX: 1,
+        children: inputRequest.isActive ? /* @__PURE__ */ jsxs4(Box4, { children: [
+          /* @__PURE__ */ jsx5(Text5, { color: THEME.status.warning, children: "[auth]" }),
+          /* @__PURE__ */ jsxs4(Text5, { color: THEME.text.muted, children: [
+            " ",
+            inputRequest.prompt
+          ] }),
+          /* @__PURE__ */ jsx5(
+            TextInput,
+            {
+              value: secretInput,
+              onChange: setSecretInput,
+              onSubmit: onSecretSubmit,
+              placeholder: "...",
+              mask: inputRequest.isPassword ? "\u2022" : void 0
+            }
+          )
+        ] }) : /* @__PURE__ */ jsxs4(Box4, { children: [
+          /* @__PURE__ */ jsx5(Text5, { color: THEME.text.secondary, children: "\u25B8" }),
+          /* @__PURE__ */ jsx5(Text5, { children: " " }),
+          /* @__PURE__ */ jsx5(
+            TextInput,
+            {
+              value,
+              onChange,
+              onSubmit,
+              placeholder
+            }
+          )
+        ] })
+      }
+    )
+  ] });
+});
 
 // src/platform/tui/components/footer.tsx
+import { memo as memo5 } from "react";
 import { Box as Box5, Text as Text6 } from "ink";
 import { jsx as jsx6, jsxs as jsxs5 } from "react/jsx-runtime";
 var formatElapsed = (totalSeconds) => {
@@ -11600,7 +12416,7 @@ var formatElapsed = (totalSeconds) => {
   }
   return `${minutes}:${pad(seconds)}`;
 };
-var Footer = ({ phase, targets, findings, todo, elapsedTime, isProcessing }) => {
+var Footer = memo5(({ phase, targets, findings, todo, elapsedTime, isProcessing }) => {
   return /* @__PURE__ */ jsxs5(
     Box5,
     {
@@ -11611,7 +12427,7 @@ var Footer = ({ phase, targets, findings, todo, elapsedTime, isProcessing }) =>
         /* @__PURE__ */ jsxs5(Box5, { gap: 2, children: [
           /* @__PURE__ */ jsxs5(Text6, { color: THEME.text.muted, children: [
             "Phase: ",
-            /* @__PURE__ */ jsx6(Text6, { color: THEME.accent.cyan, children: phase })
+            /* @__PURE__ */ jsx6(Text6, { color: THEME.accent.blue, children: phase })
           ] }),
           /* @__PURE__ */ jsxs5(Text6, { color: THEME.text.muted, children: [
             "Targets: ",
@@ -11633,7 +12449,7 @@ var Footer = ({ phase, targets, findings, todo, elapsedTime, isProcessing }) =>
       ]
     }
   );
-};
+});
 var footer_default = Footer;
 
 // src/platform/tui/app.tsx
@@ -11658,15 +12474,16 @@ var App = ({ autoApprove = false, target }) => {
     executeTask,
     abort,
     cancelInputRequest,
-    addMessage
+    addMessage,
+    refreshStats
   } = useAgent(autoApproveMode, target);
-  const isProcessingRef = useRef3(isProcessing);
+  const isProcessingRef = useRef4(isProcessing);
   isProcessingRef.current = isProcessing;
-  const autoApproveModeRef = useRef3(autoApproveMode);
+  const autoApproveModeRef = useRef4(autoApproveMode);
   autoApproveModeRef.current = autoApproveMode;
-  const inputRequestRef = useRef3(inputRequest);
+  const inputRequestRef = useRef4(inputRequest);
   inputRequestRef.current = inputRequest;
-  const handleExit = useCallback3(() => {
+  const handleExit = useCallback4(() => {
     const ir = inputRequestRef.current;
     if (ir.isActive && ir.resolve) ir.resolve(null);
     cleanupAllProcesses().catch(() => {
@@ -11674,16 +12491,31 @@ var App = ({ autoApprove = false, target }) => {
     exit();
     setTimeout(() => process.exit(0), DISPLAY_LIMITS.EXIT_DELAY);
   }, [exit]);
-  const handleCommand = useCallback3(async (cmd, args) => {
+  const handleCommand = useCallback4(async (cmd, args) => {
     switch (cmd) {
       case UI_COMMANDS.HELP:
       case UI_COMMANDS.HELP_SHORT:
         addMessage("system", HELP_TEXT);
         break;
       case UI_COMMANDS.CLEAR:
-      case UI_COMMANDS.CLEAR_SHORT:
+      case UI_COMMANDS.CLEAR_SHORT: {
+        if (isProcessingRef.current) {
+          addMessage("error", "Cannot /clear while agent is running. Press Esc to abort first.");
+          break;
+        }
         setMessages([]);
+        const result2 = await agent.resetSession();
+        if (result2.cleared.length > 0) {
+          addMessage("system", `[reset] Session cleared: ${result2.cleared.join(", ")}`);
+        } else {
+          addMessage("system", "[reset] Session clean");
+        }
+        if (result2.errors.length > 0) {
+          addMessage("error", `Cleanup errors: ${result2.errors.join("; ")}`);
+        }
+        refreshStats();
         break;
+      }
       case UI_COMMANDS.TARGET:
       case UI_COMMANDS.TARGET_SHORT:
         if (!args[0]) {
@@ -11703,7 +12535,7 @@ var App = ({ autoApprove = false, target }) => {
         if (!autoApproveModeRef.current) {
           setAutoApproveMode(true);
           agent.setAutoApprove(true);
-          addMessage("system", "\u{1F680} Autonomous mode enabled (auto-approve ON)");
+          addMessage("system", "[auto] Autonomous mode enabled");
         }
         addMessage("system", "Starting penetration test...");
         const targets = Array.from(agent.getState().getTargets().keys());
@@ -11741,9 +12573,17 @@ ${procData.stdout || "(no output)"}
         break;
       case UI_COMMANDS.CTF:
         const ctfEnabled = agent.toggleCtfMode();
-        addMessage("system", ctfEnabled ? "\u{1F3F4} CTF mode ON \u2014 flag detection active, CTF prompts loaded" : "\u{1F512} CTF mode OFF \u2014 standard pentest mode");
+        addMessage("system", ctfEnabled ? "[CTF] Mode ON - flag detection active" : "[CTF] Mode OFF - standard pentest");
+        break;
+      case UI_COMMANDS.GRAPH:
+      case UI_COMMANDS.GRAPH_SHORT:
+        addMessage("system", agent.getState().attackGraph.toASCII());
+        break;
+      case UI_COMMANDS.PATHS:
+      case UI_COMMANDS.PATHS_SHORT:
+        addMessage("system", agent.getState().attackGraph.toPathsList());
         break;
-      case "auto":
+      case UI_COMMANDS.AUTO:
         setAutoApproveMode((prev) => {
           const newVal = !prev;
           agent.setAutoApprove(newVal);
@@ -11759,8 +12599,8 @@ ${procData.stdout || "(no output)"}
       default:
         addMessage("error", `Unknown command: /${cmd}`);
     }
-  }, [agent, addMessage, executeTask, setMessages, handleExit]);
-  const handleSubmit = useCallback3(async (value) => {
+  }, [agent, addMessage, executeTask, setMessages, handleExit, refreshStats]);
+  const handleSubmit = useCallback4(async (value) => {
     const trimmed = value.trim();
     if (!trimmed) return;
     setInput("");
@@ -11772,7 +12612,7 @@ ${procData.stdout || "(no output)"}
       await executeTask(trimmed);
     }
   }, [addMessage, executeTask, handleCommand]);
-  const handleSecretSubmit = useCallback3((value) => {
+  const handleSecretSubmit = useCallback4((value) => {
     const ir = inputRequestRef.current;
     if (!ir.isActive || !ir.resolve) return;
     const displayText = ir.isPassword ? "\u2022".repeat(value.length) : value;
@@ -11782,7 +12622,7 @@ ${procData.stdout || "(no output)"}
     setInputRequest({ isActive: false, prompt: "", isPassword: false, resolve: null });
     setSecretInput("");
   }, [addMessage, setInputRequest]);
-  useInput(useCallback3((ch, key) => {
+  useInput2(useCallback4((ch, key) => {
     if (key.escape) {
       if (inputRequestRef.current.isActive) cancelInputRequest();
       else if (isProcessingRef.current) abort();
@@ -11873,7 +12713,7 @@ program.command("interactive", { isDefault: true }).alias("i").description("Star
   console.clear();
   console.log(gradient([...THEME.gradient.cyber]).multiline(ASCII_BANNER));
   console.log(
-    "   " + chalk.hex(THEME.text.secondary)(`v${APP_VERSION}`) + chalk.hex(THEME.text.muted)(" \u2502 ") + chalk.hex(THEME.text.accent)("Type /help for commands") + "\n"
+    "   " + chalk.hex(THEME.text.secondary)(`v${APP_VERSION}`) + chalk.hex(THEME.text.muted)(" \u2502 ") + chalk.hex(THEME.accent.blue)("Type /help for commands") + "\n"
   );
   if (skipPermissions) {
     console.log(chalk.hex(THEME.status.error)("[!] WARNING: Running with --dangerously-skip-permissions"));
@@ -11897,7 +12737,7 @@ program.command("run <objective>").alias("r").description("Run a single objectiv
   if (skipPermissions) {
     console.log(chalk.hex(THEME.status.error)("[!] WARNING: Running with --dangerously-skip-permissions\n"));
   }
-  console.log(chalk.hex(THEME.text.accent)(`[target] Objective: ${objective}
+  console.log(chalk.hex(THEME.accent.blue)(`[target] Objective: ${objective}
 `));
   const agent = AgentFactory.createMainAgent(skipPermissions);
   if (skipPermissions) {
@@ -11919,7 +12759,7 @@ program.command("run <objective>").alias("r").description("Run a single objectiv
     if (options.output) {
       const fs = await import("fs/promises");
       await fs.writeFile(options.output, JSON.stringify({ result: result2 }, null, 2));
-      console.log(chalk.hex(THEME.text.accent)(`
+      console.log(chalk.hex(THEME.accent.blue)(`
 [+] Report saved to: ${options.output}`));
     }
     await shutdown(0);
@@ -11934,7 +12774,7 @@ program.command("scan <target>").description("Quick scan a target").option("-s,
   const opts = program.opts();
   const skipPermissions = opts.dangerouslySkipPermissions || false;
   console.log(gradient([...THEME.gradient.cyber]).multiline(ASCII_BANNER));
-  console.log(chalk.hex(THEME.text.accent)(`
+  console.log(chalk.hex(THEME.accent.blue)(`
 [scan] Target: ${target} (${options.scanType})
 `));
   const agent = AgentFactory.createMainAgent(skipPermissions);
@@ -11958,7 +12798,7 @@ program.command("scan <target>").description("Quick scan a target").option("-s,
 program.command("help-extended").description("Show extended help with examples").action(() => {
   console.log(gradient([...THEME.gradient.cyber]).multiline(ASCII_BANNER));
   console.log(`
-${chalk.hex(THEME.text.accent)(APP_NAME + " - Autonomous Penetration Testing AI")}
+${chalk.hex(THEME.accent.blue)(APP_NAME + " - Autonomous Penetration Testing AI")}
 
 ${chalk.hex(THEME.status.warning)("Usage:")}
 
@@ -11968,24 +12808,24 @@ ${chalk.hex(THEME.status.warning)("Usage:")}
 
 ${chalk.hex(THEME.status.warning)("Commands:")}
 
-  ${chalk.hex(THEME.text.accent)("pentesting")}                       Interactive TUI mode
-  ${chalk.hex(THEME.text.accent)("pentesting run <objective>")}       Run single objective
-  ${chalk.hex(THEME.text.accent)("pentesting scan <target>")}         Quick scan target
+  ${chalk.hex(THEME.accent.blue)("pentesting")}                       Interactive TUI mode
+  ${chalk.hex(THEME.accent.blue)("pentesting run <objective>")}       Run single objective
+  ${chalk.hex(THEME.accent.blue)("pentesting scan <target>")}         Quick scan target
 
 ${chalk.hex(THEME.status.warning)("Options:")}
 
-  ${chalk.hex(THEME.text.accent)("--dangerously-skip-permissions")}    Skip all permission prompts
-  ${chalk.hex(THEME.text.accent)("-t, --target <ip>")}                 Set target
-  ${chalk.hex(THEME.text.accent)("-o, --output <file>")}               Save results to file
+  ${chalk.hex(THEME.accent.blue)("--dangerously-skip-permissions")}    Skip all permission prompts
+  ${chalk.hex(THEME.accent.blue)("-t, --target <ip>")}                 Set target
+  ${chalk.hex(THEME.accent.blue)("-o, --output <file>")}               Save results to file
 
 ${chalk.hex(THEME.status.warning)("Interactive Commands:")}
 
-  ${chalk.hex(THEME.text.accent)("/target <ip>")}     Set target
-  ${chalk.hex(THEME.text.accent)("/start")}           Start autonomous mode
-  ${chalk.hex(THEME.text.accent)("/config")}          Manage configuration
-  ${chalk.hex(THEME.text.accent)("/hint <text>")}     Provide hint
-  ${chalk.hex(THEME.text.accent)("/findings")}        Show findings
-  ${chalk.hex(THEME.text.accent)("/reset")}           Reset session
+  ${chalk.hex(THEME.accent.blue)("/target <ip>")}     Set target
+  ${chalk.hex(THEME.accent.blue)("/start")}           Start autonomous mode
+  ${chalk.hex(THEME.accent.blue)("/config")}          Manage configuration
+  ${chalk.hex(THEME.accent.blue)("/hint <text>")}     Provide hint
+  ${chalk.hex(THEME.accent.blue)("/findings")}        Show findings
+  ${chalk.hex(THEME.accent.blue)("/reset")}           Reset session
 
 ${chalk.hex(THEME.status.warning)("Examples:")}
 
@@ -12000,9 +12840,9 @@ ${chalk.hex(THEME.status.warning)("Examples:")}
 
 ${chalk.hex(THEME.status.warning)("Environment:")}
 
-  ${chalk.hex(THEME.text.accent)("PENTEST_API_KEY")}      Required - LLM API key
-  ${chalk.hex(THEME.text.accent)("PENTEST_BASE_URL")}     Optional - AI API base URL
-  ${chalk.hex(THEME.text.accent)("PENTEST_MODEL")}        Optional - Model override
+  ${chalk.hex(THEME.accent.blue)("PENTEST_API_KEY")}      Required - LLM API key
+  ${chalk.hex(THEME.accent.blue)("PENTEST_BASE_URL")}     Optional - AI API base URL
+  ${chalk.hex(THEME.accent.blue)("PENTEST_MODEL")}        Optional - Model override
 `);
 });
 program.parse();