pentesting 0.46.7 → 0.46.8

package/dist/main.js

@@ -311,7 +311,7 @@ var ORPHAN_PROCESS_NAMES = [
 
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.46.7";
+var APP_VERSION = "0.46.8";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -10216,11 +10216,17 @@ Please decide how to handle this error and continue.`;
       this.emitReasoningEnd(phase);
     }
     if (response.content?.trim()) {
-      this.events.emit({
-        type: EVENT_TYPES.AI_RESPONSE,
-        timestamp: Date.now(),
-        data: { content: response.content.trim(), phase }
-      });
+      if (!response.reasoning && !callbacks.hadReasoningEnd()) {
+        this.emitReasoningStart(phase);
+        this.emitReasoningDelta(response.content.trim(), phase);
+        this.emitReasoningEnd(phase);
+      } else {
+        this.events.emit({
+          type: EVENT_TYPES.AI_RESPONSE,
+          timestamp: Date.now(),
+          data: { content: response.content.trim(), phase }
+        });
+      }
     }
     messages.push({ role: LLM_ROLES.ASSISTANT, content: response.content });
     const stepDuration = Date.now() - stepStartTime;
@@ -10611,7 +10617,14 @@ ${content}
 var PROMPT_DEFAULTS = {
   NO_SCOPE: "<scope>NO SCOPE DEFINED. STOP.</scope>",
   EMPTY_TODO: "Create initial plan",
-  USER_CONTEXT: (context) => `User Context: ${context}`
+  USER_CONTEXT: (context) => `
+=========================================
+\u{1F6A8} CRITICAL: USER INPUT (YOUR OBJECTIVE) \u{1F6A8}
+=========================================
+"${context}"
+
+RULE: If the user is just saying hello, asking a question, or did NOT provide a target, use the \`ask_user\` tool to respond and ask for a target. Do NOT start scanning unless a target is explicitly provided.
+=========================================`
 };
 var PROMPT_CONFIG = {
   ENCODING: "utf-8"
@@ -11562,7 +11575,7 @@ var formatInlineStatus = () => {
       role: p.role,
       description: p.description,
       purpose: p.purpose,
-      running: p.isRunning,
+      isRunning: p.isRunning,
       durationMs: p.durationMs,
       listeningPort: p.listeningPort,
       exitCode: p.exitCode
@@ -11906,7 +11919,7 @@ var useAgentEvents = (agent, eventsRef, state) => {
         return;
       }
       const icon = e.data.success ? "\u2713" : "\u2717";
-      const rawContent = e.data.success ? e.data.outputSummary || e.data.output || "" : e.data.error || e.data.output || "Unknown error";
+      const rawContent = e.data.success ? e.data.output || "" : e.data.error || e.data.output || "Unknown error";
       if (!rawContent.trim()) {
         addMessage("result", `${icon}`);
         return;
@@ -12269,8 +12282,8 @@ function getRoleColor(role) {
   };
   return roleColors[role] || THEME.gray;
 }
-function StatusIndicator({ running, exitCode }) {
-  if (running) {
+function StatusIndicator({ isRunning, exitCode }) {
+  if (isRunning) {
     return /* @__PURE__ */ jsxs(Text, { color: THEME.primary, children: [
       ICONS.running,
       " "
@@ -12287,13 +12300,13 @@ function StatusIndicator({ running, exitCode }) {
     " "
   ] });
 }
-function ProcessRow({ proc, compact }) {
+function ProcessRow({ proc, isCompact }) {
   const duration = formatDuration3(proc.durationMs);
   const port = proc.listeningPort ? `:${proc.listeningPort}` : "";
   const purpose = proc.purpose || proc.description || "";
-  const truncatedPurpose = compact && purpose.length > TUI_DISPLAY_LIMITS.purposeMaxLength ? purpose.slice(0, TUI_DISPLAY_LIMITS.purposeTruncated) + "..." : purpose;
+  const truncatedPurpose = isCompact && purpose.length > TUI_DISPLAY_LIMITS.purposeMaxLength ? purpose.slice(0, TUI_DISPLAY_LIMITS.purposeTruncated) + "..." : purpose;
   return /* @__PURE__ */ jsxs(Box, { children: [
-    /* @__PURE__ */ jsx(StatusIndicator, { running: proc.running, exitCode: proc.exitCode }),
+    /* @__PURE__ */ jsx(StatusIndicator, { isRunning: proc.isRunning, exitCode: proc.exitCode }),
     /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
       "[",
       proc.id,
@@ -12319,13 +12332,13 @@ var InlineStatus = ({
   processes,
   zombies = [],
   health = "healthy",
-  compact = true
+  isCompact = true
 }) => {
   if (processes.length === 0 && zombies.length === 0) {
     return /* @__PURE__ */ jsx(Box, { flexDirection: "column", marginBottom: 1, children: /* @__PURE__ */ jsx(Text, { color: THEME.gray, children: "\u2022 No active background processes" }) });
   }
-  const running = processes.filter((p) => p.running);
-  const stopped = processes.filter((p) => !p.running);
+  const running = processes.filter((p) => p.isRunning);
+  const stopped = processes.filter((p) => !p.isRunning);
   const healthColor = {
     healthy: THEME.gray,
     warning: THEME.yellow,
@@ -12339,16 +12352,16 @@ var InlineStatus = ({
         running.length,
         ")"
       ] }),
-      running.map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, compact }, proc.id))
+      running.map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, isCompact }, proc.id))
     ] }),
-    stopped.length > 0 && !compact && /* @__PURE__ */ jsxs(Box, { flexDirection: "column", marginTop: running.length > 0 ? 1 : 0, children: [
+    stopped.length > 0 && !isCompact && /* @__PURE__ */ jsxs(Box, { flexDirection: "column", marginTop: running.length > 0 ? 1 : 0, children: [
       /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
         ICONS.completed,
         " Completed (",
         stopped.length,
         ")"
       ] }),
-      stopped.slice(0, TUI_DISPLAY_LIMITS.maxStoppedProcesses).map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, compact }, proc.id)),
+      stopped.slice(0, TUI_DISPLAY_LIMITS.maxStoppedProcesses).map((proc) => /* @__PURE__ */ jsx(ProcessRow, { proc, isCompact }, proc.id)),
       stopped.length > TUI_DISPLAY_LIMITS.maxStoppedProcesses && /* @__PURE__ */ jsxs(Text, { color: THEME.gray, children: [
         "  ... and ",
         stopped.length - TUI_DISPLAY_LIMITS.maxStoppedProcesses,

package/dist/prompts/base.md

@@ -13,19 +13,19 @@ You have direct access to all tools. **You can write your own code** — if a to
 ### Intent Classification (Check in Order)
 1. **Greeting/Small Talk** → Examples: "hi", "hello", "hey", "안녕", "what's up", "how are you"
    - **Response**: Brief friendly greeting + ask what target they want to attack
-   - **ZERO TOOL CALLS** — just respond with text. Do NOT call update_mission, get_state, or ANY tool.
+   - **REQUIRED**: Use the `ask_user` tool to interact and get their next input. Do NOT call update_mission, get_state, or ANY other tool.
 
 2. **Question/Help Request** → Examples: "how do I...", "what is...", "can you explain...", "help"
    - **Response**: Answer the question directly using your knowledge
-   - **ZERO TOOL CALLS** unless answering requires a data lookup
+   - **REQUIRED**: If no pentesting is active, use the `ask_user` tool to deliver your answer and wait for response. 
 
 3. **Hint/Additional Context** → Examples: contextual info, strategy suggestions, single words that aren't targets
    - **Response**: Acknowledge, store mentally, ask for clarification if needed
-   - **ZERO TOOL CALLS** — hints are NOT targets
+   - **REQUIRED**: Use `ask_user` tool if clarification is needed. 
 
 4. **Unclear/Ambiguous Input** → Examples: single word that's not a target, incomplete sentences
    - **Response**: Ask clarifying question: "What target would you like me to attack?"
-   - **ZERO TOOL CALLS** — do NOT assume it's a target and start scanning
+   - **REQUIRED**: Use the `ask_user` tool. Do not assume it's a target.
 
 5. **Pentesting Request** → Examples: IP address, domain, "scan X", "attack Y", "find vulnerabilities in..."
    - **Response**: Proceed with reconnaissance and attack workflow

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pentesting",
-  "version": "0.46.7",
+  "version": "0.46.8",
   "description": "Autonomous Penetration Testing AI Agent",
   "type": "module",
   "main": "dist/main.js",