pentesting 0.46.6 → 0.46.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +0 -4
  2. package/dist/main.js +33 -20
  3. package/dist/prompts/base.md +4 -4
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -10,10 +10,6 @@
10
10
 
11
11
  ---
12
12
 
13
- # pentesting — Demo Assets
14
-
15
- Public assets for [pentesting](https://www.npmjs.com/package/pentesting) npm package.
16
-
17
13
  ## TUI Demo
18
14
 
19
15
  ![TUI Demo](https://raw.githubusercontent.com/agnusdei1207/public/main/tui-demo.webp)
package/dist/main.js CHANGED
@@ -311,7 +311,7 @@ var ORPHAN_PROCESS_NAMES = [
311
311
 
312
312
  // src/shared/constants/agent.ts
313
313
  var APP_NAME = "Pentest AI";
314
- var APP_VERSION = "0.46.6";
314
+ var APP_VERSION = "0.46.8";
315
315
  var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
316
316
  var LLM_ROLES = {
317
317
  SYSTEM: "system",
@@ -10216,11 +10216,17 @@ Please decide how to handle this error and continue.`;
10216
10216
  this.emitReasoningEnd(phase);
10217
10217
  }
10218
10218
  if (response.content?.trim()) {
10219
- this.events.emit({
10220
- type: EVENT_TYPES.AI_RESPONSE,
10221
- timestamp: Date.now(),
10222
- data: { content: response.content.trim(), phase }
10223
- });
10219
+ if (!response.reasoning && !callbacks.hadReasoningEnd()) {
10220
+ this.emitReasoningStart(phase);
10221
+ this.emitReasoningDelta(response.content.trim(), phase);
10222
+ this.emitReasoningEnd(phase);
10223
+ } else {
10224
+ this.events.emit({
10225
+ type: EVENT_TYPES.AI_RESPONSE,
10226
+ timestamp: Date.now(),
10227
+ data: { content: response.content.trim(), phase }
10228
+ });
10229
+ }
10224
10230
  }
10225
10231
  messages.push({ role: LLM_ROLES.ASSISTANT, content: response.content });
10226
10232
  const stepDuration = Date.now() - stepStartTime;
@@ -10611,7 +10617,14 @@ ${content}
10611
10617
  var PROMPT_DEFAULTS = {
10612
10618
  NO_SCOPE: "<scope>NO SCOPE DEFINED. STOP.</scope>",
10613
10619
  EMPTY_TODO: "Create initial plan",
10614
- USER_CONTEXT: (context) => `User Context: ${context}`
10620
+ USER_CONTEXT: (context) => `
10621
+ =========================================
10622
+ \u{1F6A8} CRITICAL: USER INPUT (YOUR OBJECTIVE) \u{1F6A8}
10623
+ =========================================
10624
+ "${context}"
10625
+
10626
+ RULE: If the user is just saying hello, asking a question, or did NOT provide a target, use the \`ask_user\` tool to respond and ask for a target. Do NOT start scanning unless a target is explicitly provided.
10627
+ =========================================`
10615
10628
  };
10616
10629
  var PROMPT_CONFIG = {
10617
10630
  ENCODING: "utf-8"
@@ -11562,7 +11575,7 @@ var formatInlineStatus = () => {
11562
11575
  role: p.role,
11563
11576
  description: p.description,
11564
11577
  purpose: p.purpose,
11565
- running: p.isRunning,
11578
+ isRunning: p.isRunning,
11566
11579
  durationMs: p.durationMs,
11567
11580
  listeningPort: p.listeningPort,
11568
11581
  exitCode: p.exitCode
@@ -11906,7 +11919,7 @@ var useAgentEvents = (agent, eventsRef, state) => {
11906
11919
  return;
11907
11920
  }
11908
11921
  const icon = e.data.success ? "\u2713" : "\u2717";
11909
- const rawContent = e.data.success ? e.data.outputSummary || e.data.output || "" : e.data.error || e.data.output || "Unknown error";
11922
+ const rawContent = e.data.success ? e.data.output || "" : e.data.error || e.data.output || "Unknown error";
11910
11923
  if (!rawContent.trim()) {
11911
11924
  addMessage("result", `${icon}`);
11912
11925
  return;
@@ -12269,8 +12282,8 @@ function getRoleColor(role) {
12269
12282
  };
12270
12283
  return roleColors[role] || THEME.gray;
12271
12284
  }
12272
- function StatusIndicator({ running, exitCode }) {
12273
- if (running) {
12285
+ function StatusIndicator({ isRunning, exitCode }) {
12286
+ if (isRunning) {
12274
12287
  return /* @__PURE__ */ jsxs(Text, { color: THEME.primary, children: [
12275
12288
  ICONS.running,
12276
12289
  " "
@@ -12287,13 +12300,13 @@ function StatusIndicator({ running, exitCode }) {
12287
12300
  " "
12288
12301
  ] });
12289
12302
  }
12290
- function ProcessRow({ proc, compact }) {
12303
+ function ProcessRow({ proc, isCompact }) {
12291
12304
  const duration = formatDuration3(proc.durationMs);
12292
12305
  const port = proc.listeningPort ? `:${proc.listeningPort}` : "";
12293
12306
  const purpose = proc.purpose || proc.description || "";
12294
- const truncatedPurpose = compact && purpose.length > TUI_DISPLAY_LIMITS.purposeMaxLength ? purpose.slice(0, TUI_DISPLAY_LIMITS.purposeTruncated) + "..." : purpose;
12307
+ const truncatedPurpose = isCompact && purpose.length > TUI_DISPLAY_LIMITS.purposeMaxLength ? purpose.slice(0, TUI_DISPLAY_LIMITS.purposeTruncated) + "..." : purpose;
12295
12308
  return /* @__PURE__ */ jsxs(Box, { children: [
12296
- /* @__PURE__ */ jsx(StatusIndicator, { running: proc.running, exitCode: proc.exitCode }),
12309
+ /* @__PURE__ */ jsx(StatusIndicator, { isRunning: proc.isRunning, exitCode: proc.exitCode }),
12297
12310
  /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
12298
12311
  "[",
12299
12312
  proc.id,
@@ -12319,13 +12332,13 @@ var InlineStatus = ({
12319
12332
  processes,
12320
12333
  zombies = [],
12321
12334
  health = "healthy",
12322
- compact = true
12335
+ isCompact = true
12323
12336
  }) => {
12324
12337
  if (processes.length === 0 && zombies.length === 0) {
12325
12338
  return /* @__PURE__ */ jsx(Box, { flexDirection: "column", marginBottom: 1, children: /* @__PURE__ */ jsx(Text, { color: THEME.gray, children: "\u2022 No active background processes" }) });
12326
12339
  }
12327
- const running = processes.filter((p) => p.running);
12328
- const stopped = processes.filter((p) => !p.running);
12340
+ const running = processes.filter((p) => p.isRunning);
12341
+ const stopped = processes.filter((p) => !p.isRunning);
12329
12342
  const healthColor = {
12330
12343
  healthy: THEME.gray,
12331
12344
  warning: THEME.yellow,
@@ -12339,16 +12352,16 @@ var InlineStatus = ({
12339
12352
  running.length,
12340
12353
  ")"
12341
12354
  ] }),
12342
- running.map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, compact }, proc.id))
12355
+ running.map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, isCompact }, proc.id))
12343
12356
  ] }),
12344
- stopped.length > 0 && !compact && /* @__PURE__ */ jsxs(Box, { flexDirection: "column", marginTop: running.length > 0 ? 1 : 0, children: [
12357
+ stopped.length > 0 && !isCompact && /* @__PURE__ */ jsxs(Box, { flexDirection: "column", marginTop: running.length > 0 ? 1 : 0, children: [
12345
12358
  /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
12346
12359
  ICONS.completed,
12347
12360
  " Completed (",
12348
12361
  stopped.length,
12349
12362
  ")"
12350
12363
  ] }),
12351
- stopped.slice(0, TUI_DISPLAY_LIMITS.maxStoppedProcesses).map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, compact }, proc.id)),
12364
+ stopped.slice(0, TUI_DISPLAY_LIMITS.maxStoppedProcesses).map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, isCompact }, proc.id)),
12352
12365
  stopped.length > TUI_DISPLAY_LIMITS.maxStoppedProcesses && /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
12353
12366
  " ... and ",
12354
12367
  stopped.length - TUI_DISPLAY_LIMITS.maxStoppedProcesses,
package/dist/prompts/base.md CHANGED
@@ -13,19 +13,19 @@ You have direct access to all tools. **You can write your own code** — if a to
13
13
  ### Intent Classification (Check in Order)
14
14
  1. **Greeting/Small Talk** → Examples: "hi", "hello", "hey", "안녕", "what's up", "how are you"
15
15
  - **Response**: Brief friendly greeting + ask what target they want to attack
16
- - **ZERO TOOL CALLS** just respond with text. Do NOT call update_mission, get_state, or ANY tool.
16
+ - **REQUIRED**: Use the `ask_user` tool to interact and get their next input. Do NOT call update_mission, get_state, or ANY other tool.
17
17
 
18
18
  2. **Question/Help Request** → Examples: "how do I...", "what is...", "can you explain...", "help"
19
19
  - **Response**: Answer the question directly using your knowledge
20
- - **ZERO TOOL CALLS** unless answering requires a data lookup
20
+ - **REQUIRED**: If no pentesting is active, use the `ask_user` tool to deliver your answer and wait for response.
21
21
 
22
22
  3. **Hint/Additional Context** → Examples: contextual info, strategy suggestions, single words that aren't targets
23
23
  - **Response**: Acknowledge, store mentally, ask for clarification if needed
24
- - **ZERO TOOL CALLS** hints are NOT targets
24
+ - **REQUIRED**: Use `ask_user` tool if clarification is needed.
25
25
 
26
26
  4. **Unclear/Ambiguous Input** → Examples: single word that's not a target, incomplete sentences
27
27
  - **Response**: Ask clarifying question: "What target would you like me to attack?"
28
- - **ZERO TOOL CALLS** do NOT assume it's a target and start scanning
28
+ - **REQUIRED**: Use the `ask_user` tool. Do not assume it's a target.
29
29
 
30
30
  5. **Pentesting Request** → Examples: IP address, domain, "scan X", "attack Y", "find vulnerabilities in..."
31
31
  - **Response**: Proceed with reconnaissance and attack workflow
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pentesting",
3
- "version": "0.46.6",
3
+ "version": "0.46.8",
4
4
  "description": "Autonomous Penetration Testing AI Agent",
5
5
  "type": "module",
6
6
  "main": "dist/main.js",