pentesting 0.73.2 → 0.73.3

package/dist/{chunk-YFDJI3GO.js → chunk-GLO6TOJN.js}

@@ -65,6 +65,8 @@ var PROCESS_EVENTS = {
   CONNECTION_DETECTED: "connection_detected",
   ROLE_CHANGED: "role_changed",
   COMMAND_SENT: "command_sent",
+  SHELL_UPGRADE_ATTEMPTED: "shell_upgrade_attempted",
+  SHELL_STABILIZED: "shell_stabilized",
   STOPPED: "stopped",
   DIED: "died",
   ZOMBIE_CLEANED: "zombie_cleaned"

package/dist/{chunk-KBJPZDIL.js → chunk-UB7RW6LM.js}

@@ -18,7 +18,7 @@ import {
   getProcessEventLog,
   logEvent,
   setProcess
-} from "./chunk-YFDJI3GO.js";
+} from "./chunk-GLO6TOJN.js";
 
 // src/shared/constants/time/conversions.ts
 var MS_PER_MINUTE = 6e4;
@@ -235,7 +235,7 @@ var INPUT_PROMPT_PATTERNS = [
 
 // src/shared/constants/agent.ts
 var APP_NAME = "Pentest AI";
-var APP_VERSION = "0.73.2";
+var APP_VERSION = "0.73.3";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -509,6 +509,18 @@ var TOOL_NAMES = {
   READ_FILE: "read_file",
   WRITE_FILE: "write_file",
   BG_PROCESS: "bg_process",
+  LISTENER_START: "listener_start",
+  LISTENER_STATUS: "listener_status",
+  SHELL_PROMOTE: "shell_promote",
+  SHELL_EXEC: "shell_exec",
+  SHELL_CHECK: "shell_check",
+  SHELL_UPGRADE: "shell_upgrade",
+  EXPLOIT_CREDENTIAL_CHECK: "exploit_credential_check",
+  EXPLOIT_ARTIFACT_CHECK: "exploit_artifact_check",
+  EXPLOIT_FOOTHOLD_CHECK: "exploit_foothold_check",
+  PWN_CRASH_REPRO: "pwn_crash_repro",
+  PWN_OFFSET_CHECK: "pwn_offset_check",
+  PWN_PAYLOAD_SMOKE: "pwn_payload_smoke",
   // Intelligence & Research
   PARSE_NMAP: "parse_nmap",
   SEARCH_CVE: "search_cve",
@@ -1507,6 +1519,57 @@ function splitByPipe(command) {
 }
 
 // src/shared/utils/command-validator/redirect.ts
+function isAllowedRedirectPath(target) {
+  return SAFE_REDIRECT_PATHS.some((pathPrefix) => target.startsWith(pathPrefix));
+}
+function updateQuoteState(ch, state3) {
+  if (ch === "'" && !state3.inDouble) {
+    state3.inSingle = !state3.inSingle;
+    return true;
+  }
+  if (ch === '"' && !state3.inSingle) {
+    state3.inDouble = !state3.inDouble;
+    return true;
+  }
+  return false;
+}
+function extractFileDescriptor(command, operatorIndex) {
+  let fd = "";
+  let b = operatorIndex - 1;
+  while (b >= 0 && /\d/.test(command[b])) {
+    fd = command[b] + fd;
+    b--;
+  }
+  return fd;
+}
+function skipSpaces(command, start) {
+  let index = start;
+  while (index < command.length && /\s/.test(command[index])) index++;
+  return index;
+}
+function readRedirectTarget(command, start) {
+  let i = start;
+  let target = "";
+  let targetInSingle = false;
+  let targetInDouble = false;
+  while (i < command.length) {
+    const ch = command[i];
+    if (ch === "'" && !targetInDouble) {
+      targetInSingle = !targetInSingle;
+      i++;
+      continue;
+    }
+    if (ch === '"' && !targetInSingle) {
+      targetInDouble = !targetInDouble;
+      i++;
+      continue;
+    }
+    if (!targetInSingle && !targetInDouble && /[\s|;&<>]/.test(ch)) break;
+    target += ch;
+    i++;
+  }
+  return { target, nextIndex: i };
+}
 function stripRedirects(segment) {
   return segment.replace(/\d*>\s*&\d+/g, "").replace(/\d*>>\s*\S+/g, "").replace(/\d*>\s*\S+/g, "").replace(/<\s*\S+/g, "").trim();
 }
@@ -1515,8 +1578,7 @@ function validateRedirects(command) {
   for (const { type, target } of redirects) {
     if (type === ">" || type === ">>") {
       if (target.startsWith("&") || target === "/dev/null") continue;
-      const isAllowed = SAFE_REDIRECT_PATHS.some((p) => target.startsWith(p));
-      if (!isAllowed) {
+      if (!isAllowedRedirectPath(target)) {
         return {
           isSafe: false,
           error: `Redirect to '${target}' is not in allowed paths`,
@@ -1524,8 +1586,7 @@ function validateRedirects(command) {
         };
       }
     } else if (type === "<") {
-      const isAllowed = SAFE_REDIRECT_PATHS.some((p) => target.startsWith(p));
-      if (!isAllowed) {
+      if (!isAllowedRedirectPath(target)) {
         return {
           isSafe: false,
           error: `Input redirect from '${target}' is not in allowed paths`,
@@ -1538,55 +1599,23 @@ function validateRedirects(command) {
 }
 function extractRedirectTargets(command) {
   const redirects = [];
-  let inSingle = false;
-  let inDouble = false;
+  const quoteState = { inSingle: false, inDouble: false };
   let i = 0;
   while (i < command.length) {
     const ch = command[i];
-    if (ch === "'" && !inDouble) {
-      inSingle = !inSingle;
+    if (updateQuoteState(ch, quoteState)) {
       i++;
       continue;
     }
-    if (ch === '"' && !inSingle) {
-      inDouble = !inDouble;
-      i++;
-      continue;
-    }
-    if (!inSingle && !inDouble) {
+    if (!quoteState.inSingle && !quoteState.inDouble) {
       if (ch === ">" || ch === "<") {
         const isAppend = ch === ">" && command[i + 1] === ">";
         const type = isAppend ? ">>" : ch;
         const jump = isAppend ? 2 : 1;
-        let fd = "";
-        if (ch === ">") {
-          let b = i - 1;
-          while (b >= 0 && /\d/.test(command[b])) {
-            fd = command[b] + fd;
-            b--;
-          }
-        }
-        i += jump;
-        while (i < command.length && /\s/.test(command[i])) i++;
-        let target = "";
-        let targetInSingle = false;
-        let targetInDouble = false;
-        while (i < command.length) {
-          const tc = command[i];
-          if (tc === "'" && !targetInDouble) {
-            targetInSingle = !targetInSingle;
-            i++;
-            continue;
-          }
-          if (tc === '"' && !targetInSingle) {
-            targetInDouble = !targetInDouble;
-            i++;
-            continue;
-          }
-          if (!targetInSingle && !targetInDouble && /[\s|;&<>]/.test(tc)) break;
-          target += tc;
-          i++;
-        }
+        const fd = ch === ">" ? extractFileDescriptor(command, i) : "";
+        const targetStart = skipSpaces(command, i + jump);
+        const { target, nextIndex } = readRedirectTarget(command, targetStart);
+        i = nextIndex;
         if (target) {
           redirects.push({ type, fd, target });
         }
@@ -1946,76 +1975,115 @@ function getTorBrowserArgs() {
 }
 
 // src/shared/utils/config/tor/wrapper.ts
+function wrapCurl(command, socks) {
+  if (!/\bcurl\b/.test(command)) return null;
+  if (/--socks5|--proxy\b|-x\s/.test(command)) return command;
+  return command.replace(/\bcurl\b/, `curl --socks5-hostname ${socks}`);
+}
+function wrapWget(command, socks) {
+  if (!/\bwget\b/.test(command)) return null;
+  if (/--execute.*proxy|http_proxy|https_proxy/i.test(command)) return command;
+  return command.replace(
+    /\bwget\b/,
+    `wget -e use_proxy=yes -e http_proxy=socks5h://${socks} -e https_proxy=socks5h://${socks}`
+  );
+}
+function wrapSqlmap(command) {
+  if (!/\bsqlmap\b/.test(command)) return null;
+  if (/--tor\b|--proxy\b/.test(command)) return command;
+  return command.replace(
+    /\bsqlmap\b/,
+    `sqlmap --tor --tor-type=SOCKS5 --tor-port=${TOR_PROXY.SOCKS_PORT}`
+  );
+}
+function wrapGobuster(command, socks) {
+  if (!/\bgobuster\b/.test(command)) return null;
+  if (/--proxy\b/.test(command)) return command;
+  return command.replace(/\bgobuster\b/, `gobuster --proxy socks5://${socks}`);
+}
+function wrapFfuf(command, socks) {
+  if (!/\bffuf\b/.test(command)) return null;
+  if (/-x\s/.test(command)) return command;
+  return command.replace(/\bffuf\b/, `ffuf -x socks5://${socks}`);
+}
+function wrapNmap(command, wrapperPrefix) {
+  if (!/\bnmap\b/.test(command)) return null;
+  let nmapCmd = command;
+  nmapCmd = nmapCmd.replace(/\s-s[SAXFN]\b/g, " -sT");
+  if (!/\s-Pn\b/.test(nmapCmd)) {
+    nmapCmd = nmapCmd.replace(/\bnmap\b/, "nmap -Pn");
+  }
+  return `${wrapperPrefix} ${nmapCmd}`;
+}
 function wrapCommandForTor(command) {
   if (!isTorEnabled()) return command;
-  const SOCKS = `${TOR_PROXY.SOCKS_HOST}:${TOR_PROXY.SOCKS_PORT}`;
-  if (/\bcurl\b/.test(command)) {
-    if (/--socks5|--proxy\b|-x\s/.test(command)) return command;
-    return command.replace(/\bcurl\b/, `curl --socks5-hostname ${SOCKS}`);
-  }
-  if (/\bwget\b/.test(command)) {
-    if (/--execute.*proxy|http_proxy|https_proxy/i.test(command)) return command;
-    return command.replace(
-      /\bwget\b/,
-      `wget -e use_proxy=yes -e http_proxy=socks5h://${SOCKS} -e https_proxy=socks5h://${SOCKS}`
-    );
-  }
-  if (/\bsqlmap\b/.test(command)) {
-    if (/--tor\b|--proxy\b/.test(command)) return command;
-    return command.replace(
-      /\bsqlmap\b/,
-      `sqlmap --tor --tor-type=SOCKS5 --tor-port=${TOR_PROXY.SOCKS_PORT}`
-    );
-  }
-  if (/\bgobuster\b/.test(command)) {
-    if (/--proxy\b/.test(command)) return command;
-    return command.replace(/\bgobuster\b/, `gobuster --proxy socks5://${SOCKS}`);
-  }
-  if (/\bffuf\b/.test(command)) {
-    if (/-x\s/.test(command)) return command;
-    return command.replace(/\bffuf\b/, `ffuf -x socks5://${SOCKS}`);
-  }
-  if (/\bnmap\b/.test(command)) {
-    let nmapCmd = command;
-    nmapCmd = nmapCmd.replace(/\s-s[SAXFN]\b/g, " -sT");
-    if (!/\s-Pn\b/.test(nmapCmd)) {
-      nmapCmd = nmapCmd.replace(/\bnmap\b/, "nmap -Pn");
+  const socks = `${TOR_PROXY.SOCKS_HOST}:${TOR_PROXY.SOCKS_PORT}`;
+  const wrapperPrefix = `${TOR_PROXY.WRAPPER_CMD} ${TOR_PROXY.WRAPPER_FLAGS}`;
+  const handlers = [
+    () => wrapCurl(command, socks),
+    () => wrapWget(command, socks),
+    () => wrapSqlmap(command),
+    () => wrapGobuster(command, socks),
+    () => wrapFfuf(command, socks),
+    () => wrapNmap(command, wrapperPrefix)
+  ];
+  for (const handler of handlers) {
+    const wrapped = handler();
+    if (wrapped !== null) {
+      return wrapped;
     }
-    return `${TOR_PROXY.WRAPPER_CMD} ${TOR_PROXY.WRAPPER_FLAGS} ${nmapCmd}`;
   }
-  return `${TOR_PROXY.WRAPPER_CMD} ${TOR_PROXY.WRAPPER_FLAGS} ${command}`;
+  return `${wrapperPrefix} ${command}`;
 }
 
 // src/shared/utils/config/tor/leak-detector.ts
+function checkPingLeakRisk(command) {
+  if (!/\bping\b/.test(command)) return null;
+  return {
+    safe: false,
+    reason: "ping uses ICMP \u2014 bypasses Tor, real IP exposed to target",
+    suggestion: "Use TCP probe instead: curl --socks5-hostname 127.0.0.1:9050 -s --connect-timeout 5 http://<target>:<port>"
+  };
+}
+function checkTracerouteLeakRisk(command) {
+  if (!/\btraceroute\b|\btracepath\b|\bmtr\b/.test(command)) return null;
+  return {
+    safe: false,
+    reason: "traceroute/tracepath/mtr uses ICMP/UDP \u2014 bypasses Tor, real IP exposed",
+    suggestion: "Skip traceroute when Tor is enabled (reveals all hops including your IP)"
+  };
+}
+function checkDnsLeakRisk(command) {
+  if (!/\bdig\b/.test(command) && !/\bnslookup\b/.test(command) && !/(?:^|[;&|\s])host(?:\s|$)/.test(command)) {
+    return null;
+  }
+  return {
+    safe: false,
+    reason: "dig/host/nslookup use UDP \u2014 DNS query bypasses Tor, real IP visible to DNS server",
+    suggestion: `Use DNS-over-HTTPS: curl --socks5-hostname ${TOR_PROXY.SOCKS_HOST}:${TOR_PROXY.SOCKS_PORT} "https://dns.google/resolve?name=<host>&type=A"`
+  };
+}
+function checkNmapUdpLeakRisk(command) {
+  if (!/\bnmap\b/.test(command) || !/\s-sU\b/.test(command)) return null;
+  return {
+    safe: false,
+    reason: "nmap -sU (UDP scan) bypasses Tor \u2014 UDP is not routed through SOCKS5",
+    suggestion: `Skip UDP scan with Tor ON. Use TCP scan: ${TOR_PROXY.WRAPPER_CMD} ${TOR_PROXY.WRAPPER_FLAGS} nmap -sT -Pn`
+  };
+}
 function checkTorLeakRisk(command) {
   if (!isTorEnabled()) return { safe: true };
-  if (/\bping\b/.test(command)) {
-    return {
-      safe: false,
-      reason: "ping uses ICMP \u2014 bypasses Tor, real IP exposed to target",
-      suggestion: "Use TCP probe instead: curl --socks5-hostname 127.0.0.1:9050 -s --connect-timeout 5 http://<target>:<port>"
-    };
-  }
-  if (/\btraceroute\b|\btracepath\b|\bmtr\b/.test(command)) {
-    return {
-      safe: false,
-      reason: "traceroute/tracepath/mtr uses ICMP/UDP \u2014 bypasses Tor, real IP exposed",
-      suggestion: "Skip traceroute when Tor is enabled (reveals all hops including your IP)"
-    };
-  }
-  if (/\bdig\b/.test(command) || /\bnslookup\b/.test(command) || /(?:^|[;&|\s])host(?:\s|$)/.test(command)) {
-    return {
-      safe: false,
-      reason: "dig/host/nslookup use UDP \u2014 DNS query bypasses Tor, real IP visible to DNS server",
-      suggestion: `Use DNS-over-HTTPS: curl --socks5-hostname ${TOR_PROXY.SOCKS_HOST}:${TOR_PROXY.SOCKS_PORT} "https://dns.google/resolve?name=<host>&type=A"`
-    };
-  }
-  if (/\bnmap\b/.test(command) && /\s-sU\b/.test(command)) {
-    return {
-      safe: false,
-      reason: "nmap -sU (UDP scan) bypasses Tor \u2014 UDP is not routed through SOCKS5",
-      suggestion: `Skip UDP scan with Tor ON. Use TCP scan: ${TOR_PROXY.WRAPPER_CMD} ${TOR_PROXY.WRAPPER_FLAGS} nmap -sT -Pn`
-    };
+  const checks = [
+    checkPingLeakRisk,
+    checkTracerouteLeakRisk,
+    checkDnsLeakRisk,
+    checkNmapUdpLeakRisk
+  ];
+  for (const check of checks) {
+    const risk = check(command);
+    if (risk) {
+      return risk;
+    }
   }
   return { safe: true };
 }
@@ -2606,7 +2674,7 @@ async function cleanupAllProcesses() {
     cleanupDone = false;
     return;
   }
-  const { getBackgroundProcessesMap: getBackgroundProcessesMap2 } = await import("./process-registry-GSHEX2LT.js");
+  const { getBackgroundProcessesMap: getBackgroundProcessesMap2 } = await import("./process-registry-QIW7ZIUT.js");
   const backgroundProcesses = getBackgroundProcessesMap2();
   terminateAllNatively(backgroundProcesses, "SIGTERM");
   await new Promise((r) => setTimeout(r, SYSTEM_LIMITS.CLEANUP_BATCH_WAIT_MS));
@@ -2674,43 +2742,35 @@ function cleanupOrphanProcesses() {
 
 // src/engine/process/resource-summary.ts
 import { existsSync as existsSync5, readFileSync as readFileSync5 } from "fs";
-function getResourceSummary() {
-  const procs = listBackgroundProcesses();
-  const running = procs.filter((p) => p.isRunning);
-  const exited = procs.filter((p) => !p.isRunning);
-  const ports = getUsedPorts();
-  const recentEvents = getProcessEventLog().slice(-SYSTEM_LIMITS.RECENT_EVENTS_IN_SUMMARY);
-  if (running.length === 0 && exited.length === 0 && recentEvents.length === 0) return "";
-  const lines = [];
-  if (running.length > 0) {
-    lines.push(`Active Assets (${running.length}):`);
-    for (const p of running) {
-      const dur = Math.round(p.durationMs / 1e3);
-      const portInfo = p.listeningPort ? ` port:${p.listeningPort}` : "";
-      const childInfo = p.childPids.length > 0 ? ` children:${p.childPids.join(",")}` : "";
-      const interactiveFlag = p.isInteractive ? ` ${STATUS_MARKERS.INTERACTIVE}` : "";
-      const roleIcon = PROCESS_ICONS[p.role] || PROCESS_ICONS[PROCESS_ROLES.BACKGROUND];
-      let lastOutput = "";
-      try {
-        if (p.stdoutFile && existsSync5(p.stdoutFile)) {
-          const content = readFileSync5(p.stdoutFile, "utf-8");
-          const outputLines = content.trim().split("\n");
-          lastOutput = outputLines.slice(-SYSTEM_LIMITS.RECENT_OUTPUT_LINES).join(" | ").replace(/\n/g, " ");
-        }
-      } catch {
+function formatActiveProcesses(running, lines) {
+  if (running.length === 0) return;
+  lines.push(`Active Assets (${running.length}):`);
+  for (const p of running) {
+    const dur = Math.round(p.durationMs / 1e3);
+    const portInfo = p.listeningPort ? ` port:${p.listeningPort}` : "";
+    const childInfo = p.childPids.length > 0 ? ` children:${p.childPids.join(",")}` : "";
+    const interactiveFlag = p.isInteractive ? ` ${STATUS_MARKERS.INTERACTIVE}` : "";
+    const roleIcon = PROCESS_ICONS[p.role] || PROCESS_ICONS[PROCESS_ROLES.BACKGROUND];
+    let lastOutput = "";
+    try {
+      if (p.stdoutFile && existsSync5(p.stdoutFile)) {
+        const content = readFileSync5(p.stdoutFile, "utf-8");
+        const outputLines = content.trim().split("\n");
+        lastOutput = outputLines.slice(-SYSTEM_LIMITS.RECENT_OUTPUT_LINES).join(" | ").replace(/\n/g, " ");
       }
-      const outputSnippet = lastOutput ? `
-    > Log: ${lastOutput}` : "";
-      lines.push(`  ${roleIcon} [${p.id}] PID:${p.pid}${portInfo}${childInfo}${interactiveFlag} [${p.role}] ${p.purpose} (${dur}s)${outputSnippet}`);
+    } catch {
     }
+    const outputSnippet = lastOutput ? `
+    > Log: ${lastOutput}` : "";
+    lines.push(`  ${roleIcon} [${p.id}] PID:${p.pid}${portInfo}${childInfo}${interactiveFlag} [${p.role}] ${p.purpose} (${dur}s)${outputSnippet}`);
   }
+}
+function formatZombies(exited, lines) {
   const orphans = [];
   for (const p of exited) {
     if (p.childPids.length > 0) {
       const aliveChildren = p.childPids.filter((pid) => isPidAlive(pid));
-      if (aliveChildren.length > 0) {
-        orphans.push({ id: p.id, childPids: aliveChildren });
-      }
+      if (aliveChildren.length > 0) orphans.push({ id: p.id, childPids: aliveChildren });
     }
   }
   if (orphans.length > 0) {
@@ -2721,10 +2781,8 @@ ${STATUS_MARKERS.WARNING} SUSPECTED ZOMBIES (Orphaned Children):`);
     }
     lines.push(`  \u2192 Recommendation: Run bg_process({ action: "stop", process_id: "ID" }) to clean up.`);
   }
-  if (ports.length > 0) {
-    lines.push(`
-Ports In Use: ${ports.join(", ")}`);
-  }
+}
+function formatActiveShells(running, lines) {
   const activeShells = running.filter((p) => p.role === PROCESS_ROLES.ACTIVE_SHELL);
   if (activeShells.length > 0) {
     lines.push(`
@@ -2733,19 +2791,39 @@ Ports In Use: ${ports.join(", ")}`);
       lines.push(`  \u2192 [${s.id}] Use interact to execute commands. Upgrade if unstable.`);
     }
   }
-  if (exited.length > 0) {
-    lines.push(`Exited Processes (${exited.length}):`);
-    for (const p of exited) {
-      lines.push(`  ${STATUS_MARKERS.EXITED} [${p.id}] exit:${p.exitCode} [${p.role}] ${p.description}`);
-    }
+}
+function formatExitedProcesses(exited, lines) {
+  if (exited.length === 0) return;
+  lines.push(`Exited Processes (${exited.length}):`);
+  for (const p of exited) {
+    lines.push(`  ${STATUS_MARKERS.EXITED} [${p.id}] exit:${p.exitCode} [${p.role}] ${p.description}`);
   }
-  if (recentEvents.length > 0) {
-    lines.push(`Recent Process Events:`);
-    for (const e of recentEvents.slice(-SYSTEM_LIMITS.RECENT_EVENTS_DISPLAY)) {
-      const ago = Math.round((Date.now() - e.timestamp) / 1e3);
-      lines.push(`  ${ago}s ago: [${e.event}] ${e.detail}`);
-    }
+}
+function formatRecentEvents(recentEvents, lines) {
+  if (recentEvents.length === 0) return;
+  lines.push(`Recent Process Events:`);
+  for (const e of recentEvents.slice(-SYSTEM_LIMITS.RECENT_EVENTS_DISPLAY)) {
+    const ago = Math.round((Date.now() - e.timestamp) / 1e3);
+    lines.push(`  ${ago}s ago: [${e.event}] ${e.detail}`);
   }
+}
+function getResourceSummary() {
+  const procs = listBackgroundProcesses();
+  const running = procs.filter((p) => p.isRunning);
+  const exited = procs.filter((p) => !p.isRunning);
+  const ports = getUsedPorts();
+  const recentEvents = getProcessEventLog().slice(-SYSTEM_LIMITS.RECENT_EVENTS_IN_SUMMARY);
+  if (running.length === 0 && exited.length === 0 && recentEvents.length === 0) return "";
+  const lines = [];
+  formatActiveProcesses(running, lines);
+  formatZombies(exited, lines);
+  if (ports.length > 0) {
+    lines.push(`
+Ports In Use: ${ports.join(", ")}`);
+  }
+  formatActiveShells(running, lines);
+  formatExitedProcesses(exited, lines);
+  formatRecentEvents(recentEvents, lines);
   return lines.join("\n");
 }
 
@@ -3604,6 +3682,7 @@ var StateSerializer = class {
     const lines = [];
     this.formatContextAndMission(state3, lines);
     this.formatArtifactsAndObjectives(state3, lines);
+    this.formatDelegatedTasks(state3, lines);
     this.formatTargets(state3, lines);
     this.formatFindings(state3, lines);
     this.formatLoot(state3, lines);
@@ -3625,6 +3704,34 @@ var StateSerializer = class {
       }
     }
   }
+  static formatDelegatedTasks(state3, lines) {
+    const activeTasks = state3.getActiveDelegatedTasks();
+    if (activeTasks.length === 0) return;
+    lines.push(`Delegated Tasks (${activeTasks.length} active):`);
+    for (const task of activeTasks.slice(0, DISPLAY_LIMITS.COMPACT_LIST_ITEMS)) {
+      const waiting = task.waitingOn ? ` waiting:${task.waitingOn}` : "";
+      const workerType = task.nextWorkerType || task.workerType;
+      const worker = workerType ? ` worker:${workerType}` : "";
+      lines.push(`  [${task.status}] ${task.task}${worker}${waiting}`);
+      lines.push(`    summary: ${task.summary}`);
+      if (task.parentTaskId || task.rootTaskId) {
+        const chainParts = [
+          task.parentTaskId ? `parent:${task.parentTaskId}` : "",
+          task.rootTaskId ? `root:${task.rootTaskId}` : ""
+        ].filter(Boolean);
+        lines.push(`    chain: ${chainParts.join(" ")}`);
+      }
+      if (task.assets.length > 0) {
+        lines.push(`    assets: ${task.assets.join(", ")}`);
+      }
+      if (task.sessions.length > 0) {
+        lines.push(`    sessions: ${task.sessions.join(", ")}`);
+      }
+      if (task.resumeHint) {
+        lines.push(`    resume: ${task.resumeHint}`);
+      }
+    }
+  }
   static formatContextAndMission(state3, lines) {
     const engagement = state3.getEngagement();
     const scope = state3.getScope();
@@ -3761,7 +3868,8 @@ function saveState(state3) {
     actionLog: state3.getRecentActions(AGENT_LIMITS.MAX_ACTION_LOG),
     currentPhase: state3.getPhase(),
     missionSummary: state3.getMissionSummary(),
-    missionChecklist: state3.getMissionChecklist()
+    missionChecklist: state3.getMissionChecklist(),
+    delegatedTasks: state3.getDelegatedTasks()
   };
   const sessionFile = join5(sessionsDir, FILE_PATTERNS.session());
   const json = JSON.stringify(snapshot, null, 2);
@@ -3832,6 +3940,11 @@ function loadState(state3) {
     if (snapshot.missionChecklist?.length > 0) {
       state3.restoreMissionChecklist(snapshot.missionChecklist);
     }
+    if (Array.isArray(snapshot.delegatedTasks)) {
+      for (const task of snapshot.delegatedTasks) {
+        state3.restoreDelegatedTask(task);
+      }
+    }
     return true;
   } catch (err) {
     debugLog("general", `Failed to load state: ${err}`);
@@ -3922,6 +4035,7 @@ export {
   COMMAND_EVENT_TYPES,
   UI_COMMANDS,
   generateId,
+  generatePrefixedId,
   WorkingMemory,
   EpisodicMemory,
   saveSessionSnapshot,