npm - pentesting - Versions diffs - 0.73.7 → 0.73.9 - Mend

pentesting 0.73.7 → 0.73.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md +17 -185
package/dist/{agent-tool-EZF2ILH6.js → agent-tool-S6IMN7AQ.js} +3 -3
package/dist/{chunk-FJ7PENUK.js → chunk-6M7LXEMY.js} +1527 -3
package/dist/{chunk-UIYY4RLA.js → chunk-DDLHDNOM.js} +84 -990
package/dist/{chunk-KAUE3MSR.js → chunk-S5ZMXFHR.js} +18 -0
package/dist/main.js +623 -37
package/dist/{persistence-7LJFJXK5.js → persistence-VW7NUTP4.js} +2 -2
package/dist/{process-registry-7XV46TDC.js → process-registry-4Y3HB4YQ.js} +1 -1
package/dist/prompts/llm/input-processor-system.md +9 -0
package/package.json +1 -1

package/dist/{chunk-FJ7PENUK.js → chunk-6M7LXEMY.js} RENAMED Viewed

@@ -13,13 +13,14 @@ import {
   getAllProcesses,
   getBackgroundProcessesMap,
   getLimits,
+  getOptionalRuntimeSection,
   getProcess,
   getProcessEventLog,
   getRequiredRuntimeSection,
   getRuntimeSectionOr,
   logEvent,
   setProcess
-} from "./chunk-KAUE3MSR.js";
+} from "./chunk-S5ZMXFHR.js";
 // src/shared/constants/time/conversions.ts
 var MS_PER_MINUTE = 6e4;
@@ -347,7 +348,7 @@ var INPUT_PROMPT_PATTERNS = [
 ];
 // src/shared/constants/agent.ts
-var APP_VERSION = "0.73.7";
+var APP_VERSION = "0.73.9";
 var APP_DESCRIPTION = "Autonomous Penetration Testing AI Agent";
 var LLM_ROLES = {
   SYSTEM: "system",
@@ -841,6 +842,8 @@ var UI_COMMANDS = {
   START_SHORT: "s",
   FINDINGS: "findings",
   FINDINGS_SHORT: "f",
+  REPORT: "report",
+  REPORT_SHORT: "r",
   ASSETS: "assets",
   ASSETS_SHORT: "a",
   LOGS: "logs",
@@ -2798,7 +2801,7 @@ async function cleanupAllProcesses() {
     cleanupDone = false;
     return;
   }
-  const { getBackgroundProcessesMap: getBackgroundProcessesMap2 } = await import("./process-registry-7XV46TDC.js");
+  const { getBackgroundProcessesMap: getBackgroundProcessesMap2 } = await import("./process-registry-4Y3HB4YQ.js");
   const backgroundProcesses = getBackgroundProcessesMap2();
   terminateAllNatively(backgroundProcesses, "SIGTERM");
   await new Promise((r) => setTimeout(r, SYSTEM_LIMITS.CLEANUP_BATCH_WAIT_MS));
@@ -3383,6 +3386,28 @@ function matchesServiceProfile(serviceProfile, services) {
 // src/shared/utils/agent-memory/session-snapshot.ts
 import { existsSync as existsSync7, readFileSync as readFileSync7, writeFileSync as writeFileSync4, unlinkSync as unlinkSync4 } from "fs";
 import { join as join3 } from "path";
+// src/agents/memory-rollout-config.ts
+var DEFAULT_BRANCH_MEMORY_ROLLOUT = {
+  main_prompt: true,
+  strategist: true,
+  delegated_prompt: true,
+  resume_hints: true
+};
+function getMemoryRolloutConfig() {
+  return getOptionalRuntimeSection("memory_rollout") ?? {};
+}
+function getBranchMemoryRollout() {
+  return {
+    ...DEFAULT_BRANCH_MEMORY_ROLLOUT,
+    ...getMemoryRolloutConfig().branch_memory ?? {}
+  };
+}
+function isBranchMemoryEnabled(target) {
+  return getBranchMemoryRollout()[target];
+}
+// src/shared/utils/agent-memory/session-snapshot.ts
 var SNAPSHOT_FILE = join3(WORKSPACE.MEMORY, SPECIAL_FILES.SESSION_SNAPSHOT);
 function saveSessionSnapshot(snapshot) {
   try {
@@ -3413,6 +3438,10 @@ function snapshotToPrompt() {
     "NEXT PRIORITIES (resume here):",
     ...snap.next.map((n, i) => `  ${i + 1}. ${n}`)
   ];
+  if (isBranchMemoryEnabled("resume_hints") && snap.resumeHints && snap.resumeHints.length > 0) {
+    lines.push("", "RESUME HINTS:");
+    snap.resumeHints.forEach((hint) => lines.push(`  \u21AA ${hint}`));
+  }
   if (snap.credentials.length > 0) {
     lines.push("", "USABLE CREDENTIALS:");
     snap.credentials.forEach((c) => lines.push(`  \u{1F511} ${c}`));
@@ -3595,6 +3624,1491 @@ var PersistentMemory = class {
   }
 };
+// src/shared/utils/attack-graph/types.ts
+var GRAPH_STATUS = {
+  NEEDS_SEARCH: "needs_search",
+  POTENTIAL: "potential"
+};
+var GRAPH_LIMITS = {
+  /** Maximum recommended attack chains to return */
+  MAX_CHAINS: 10,
+  /** Maximum chains to show in prompt */
+  PROMPT_CHAINS: 5,
+  /** Maximum unexploited vulns to show in prompt */
+  PROMPT_VULNS: 5,
+  /** Maximum failed paths to show in prompt */
+  PROMPT_FAILED: 5,
+  /** Maximum DFS depth for chain discovery */
+  MAX_CHAIN_DEPTH: 6,
+  /** Maximum nodes to display in ASCII graph */
+  ASCII_MAX_NODES: 30
+};
+var NODE_TYPE = {
+  HOST: "host",
+  SERVICE: "service",
+  CREDENTIAL: "credential",
+  VULNERABILITY: "vulnerability",
+  ACCESS: "access",
+  LOOT: "loot",
+  OSINT: "osint",
+  // ─── Active Directory Node Types (2차 — Hard/Insane support) ───
+  /** AD domain object (e.g. DOMAIN.LOCAL) */
+  DOMAIN: "domain",
+  /** AD user or computer account */
+  USER_ACCOUNT: "user-account",
+  /** Group Policy Object — may grant code exec if writable */
+  GPO: "gpo",
+  /** ACL entry — WriteDACL/GenericAll/etc. on another object */
+  ACL: "acl",
+  /** ADCS certificate template — ESC1-13 attack surface */
+  CERTIFICATE_TEMPLATE: "certificate-template"
+};
+var NODE_STATUS = {
+  DISCOVERED: "discovered",
+  ATTEMPTED: "attempted",
+  SUCCEEDED: "succeeded",
+  FAILED: "failed"
+};
+var EDGE_STATUS = {
+  UNTESTED: "untested",
+  TESTING: "testing",
+  SUCCEEDED: "succeeded",
+  FAILED: "failed"
+};
+var IMPACT_WEIGHT = {
+  critical: 4,
+  high: 3,
+  medium: 2,
+  low: 1
+};
+// src/shared/utils/attack-graph/node.ts
+function generateNodeId(type, label) {
+  return `${type}:${label}`.toLowerCase().replace(/\s+/g, "_");
+}
+function createNode(type, label, data = {}, status = NODE_STATUS.DISCOVERED) {
+  const id = generateNodeId(type, label);
+  return {
+    id,
+    type,
+    label,
+    data,
+    status,
+    discoveredAt: Date.now()
+  };
+}
+function canMarkAttempted(node) {
+  return node.status === NODE_STATUS.DISCOVERED;
+}
+// src/shared/utils/attack-graph/edge.ts
+function createEdge(from, to, relation, confidence = 0.5, status = EDGE_STATUS.UNTESTED) {
+  return {
+    from,
+    to,
+    relation,
+    confidence,
+    status
+  };
+}
+function edgeExists(edges, fromId, toId, relation) {
+  return edges.some(
+    (e) => e.from === fromId && e.to === toId && e.relation === relation
+  );
+}
+function getIncomingEdges(edges, nodeId) {
+  return edges.filter((e) => e.to === nodeId);
+}
+function markEdgeSucceeded(edge) {
+  return {
+    ...edge,
+    status: EDGE_STATUS.SUCCEEDED
+  };
+}
+function markEdgeFailed(edge, reason) {
+  return {
+    ...edge,
+    status: EDGE_STATUS.FAILED,
+    failReason: reason
+  };
+}
+function isTestableEdge(edge) {
+  return edge.status === EDGE_STATUS.UNTESTED || edge.status === EDGE_STATUS.TESTING;
+}
+// src/shared/utils/attack-graph/factories/host-service.ts
+function createHostNode(ip, hostname) {
+  return createNode(NODE_TYPE.HOST, ip, { ip, hostname });
+}
+function createServiceNode(host, port, service, version) {
+  const hostId = generateNodeId(NODE_TYPE.HOST, host);
+  const node = createNode(
+    NODE_TYPE.SERVICE,
+    `${host}:${port}`,
+    { host, port, service, version }
+  );
+  const hostEdge = createEdge(hostId, node.id, "has_service", 0.95);
+  return { node, hostEdge };
+}
+function findTargetServices(nodes, target) {
+  const results = [];
+  for (const node of nodes.values()) {
+    if (node.type === NODE_TYPE.SERVICE && node.label.includes(target)) {
+      results.push(node);
+    }
+  }
+  return results;
+}
+// src/shared/utils/attack-graph/factories/credential-exploit.ts
+var AUTH_SERVICES = [
+  "ssh",
+  "ftp",
+  "rdp",
+  "smb",
+  "http",
+  "mysql",
+  "postgresql",
+  "mssql",
+  "winrm",
+  "vnc",
+  "telnet"
+];
+var HIGH_PRIVILEGE_LEVELS = ["root", "admin", "SYSTEM", "Administrator"];
+function createCredentialNode(username, password, source) {
+  return createNode(
+    NODE_TYPE.CREDENTIAL,
+    `${username}:***`,
+    { username, password, source }
+  );
+}
+function createCredentialSprayEdges(credId, nodes) {
+  const edges = [];
+  for (const [id, node] of nodes) {
+    if (node.type === NODE_TYPE.SERVICE) {
+      const svc = String(node.data.service || "");
+      if (AUTH_SERVICES.some((s) => svc.includes(s))) {
+        edges.push(createEdge(credId, id, "can_try_on", 0.6));
+      }
+    }
+  }
+  return edges;
+}
+function createVulnerabilityNode(title, target, severity, hasExploit = false) {
+  return createNode(
+    NODE_TYPE.VULNERABILITY,
+    title,
+    { target, severity, hasExploit }
+  );
+}
+function createVersionSearchNode(service, version) {
+  return createNode(
+    NODE_TYPE.VULNERABILITY,
+    `CVE search: ${service} ${version}`,
+    { service, version, status: GRAPH_STATUS.NEEDS_SEARCH }
+  );
+}
+function createAccessNode(host, level, via) {
+  return createNode(
+    NODE_TYPE.ACCESS,
+    `${level}@${host}`,
+    { host, level, via }
+  );
+}
+function createPotentialAccessNode(exploitTitle) {
+  return createNode(
+    NODE_TYPE.ACCESS,
+    `shell via ${exploitTitle}`,
+    { via: exploitTitle, status: GRAPH_STATUS.POTENTIAL }
+  );
+}
+function isHighPrivilege(level) {
+  return HIGH_PRIVILEGE_LEVELS.includes(level);
+}
+// src/shared/utils/attack-graph/factories/osint-loot.ts
+function createLootNode(host) {
+  return createNode(
+    NODE_TYPE.LOOT,
+    `flags on ${host}`,
+    { host, status: GRAPH_STATUS.NEEDS_SEARCH }
+  );
+}
+function createOSINTNode(category, detail, data = {}) {
+  return createNode(
+    NODE_TYPE.OSINT,
+    `${category}: ${detail}`,
+    { category, detail, ...data }
+  );
+}
+function findOSINTRelatedNodes(nodes, detail) {
+  const results = [];
+  for (const [id, node] of nodes) {
+    if (node.type === NODE_TYPE.HOST || node.type === NODE_TYPE.SERVICE) {
+      const hostIp = String(node.data.ip || node.data.host || "");
+      const hostname = String(node.data.hostname || "");
+      if (hostIp && detail.includes(hostIp) || hostname && detail.includes(hostname)) {
+        results.push({ id, node });
+      }
+    }
+  }
+  return results;
+}
+function formatFailedPath(from, to, reason) {
+  return `${from} \u2192 ${to}${reason ? ` (${reason})` : ""}`;
+}
+function formatFailedNode(label, reason) {
+  return `${label}${reason ? ` (${reason})` : ""}`;
+}
+// src/shared/utils/attack-graph/chain-discovery.ts
+var IMPACT_WEIGHT_MAP = {
+  [NODE_TYPE.LOOT]: SEVERITIES.CRITICAL,
+  [NODE_TYPE.DOMAIN]: SEVERITIES.CRITICAL,
+  [NODE_TYPE.CERTIFICATE_TEMPLATE]: SEVERITIES.HIGH
+};
+function recommendChains(nodes, edges) {
+  const chains = [];
+  const visited = /* @__PURE__ */ new Set();
+  const goalTypes = [
+    NODE_TYPE.ACCESS,
+    NODE_TYPE.LOOT,
+    NODE_TYPE.DOMAIN,
+    NODE_TYPE.CERTIFICATE_TEMPLATE
+  ];
+  const entryNodeTypes = [
+    NODE_TYPE.HOST,
+    NODE_TYPE.SERVICE,
+    NODE_TYPE.CREDENTIAL,
+    NODE_TYPE.OSINT
+  ];
+  const entryNodes = Array.from(nodes.values()).filter(
+    (n) => entryNodeTypes.includes(n.type)
+  );
+  const ctx = { nodes, edges, goalTypes, results: chains };
+  for (const entry of entryNodes) {
+    visited.clear();
+    dfsChains(entry.id, [], [], visited, ctx);
+  }
+  return prioritizeChains(chains);
+}
+function prioritizeChains(chains) {
+  const seen = /* @__PURE__ */ new Set();
+  const unique = chains.filter((c) => {
+    if (seen.has(c.description)) return false;
+    seen.add(c.description);
+    return true;
+  });
+  unique.sort(
+    (a, b) => b.probability * (IMPACT_WEIGHT[b.impact] || 1) - a.probability * (IMPACT_WEIGHT[a.impact] || 1)
+  );
+  return unique.slice(0, GRAPH_LIMITS.MAX_CHAINS);
+}
+function dfsChains(nodeId, path4, pathEdges, visited, ctx) {
+  const { nodes, edges, goalTypes, results } = ctx;
+  const node = nodes.get(nodeId);
+  if (!node || visited.has(nodeId) || path4.length >= GRAPH_LIMITS.MAX_CHAIN_DEPTH || node.status === NODE_STATUS.FAILED) {
+    return;
+  }
+  visited.add(nodeId);
+  path4.push(node);
+  if (isGoalReached(node, goalTypes, path4)) {
+    results.push(buildChain(path4, pathEdges, node));
+  }
+  const outEdges = edges.filter((e) => e.from === nodeId && e.status !== EDGE_STATUS.FAILED);
+  for (const edge of outEdges) {
+    dfsChains(edge.to, path4, [...pathEdges, edge], visited, ctx);
+  }
+  path4.pop();
+  visited.delete(nodeId);
+}
+function isGoalReached(node, goalTypes, path4) {
+  return goalTypes.includes(node.type) && node.status !== NODE_STATUS.SUCCEEDED && path4.length > 1;
+}
+function buildChain(path4, edges, targetNode) {
+  return {
+    steps: [...path4],
+    edges: [...edges],
+    description: path4.map((n) => n.label).join(" \u2192 "),
+    probability: edges.reduce((acc, e) => acc * e.confidence, 1),
+    impact: estimateImpact(targetNode),
+    length: path4.length
+  };
+}
+function estimateImpact(node) {
+  if (IMPACT_WEIGHT_MAP[node.type]) return IMPACT_WEIGHT_MAP[node.type];
+  if (node.type === NODE_TYPE.ACCESS) {
+    const level = String(node.data.level || "");
+    return ["root", "SYSTEM", "Administrator", "admin"].includes(level) ? SEVERITIES.CRITICAL : SEVERITIES.HIGH;
+  }
+  if (node.type === NODE_TYPE.VULNERABILITY) {
+    const sev = String(node.data.severity || "").toLowerCase();
+    if (sev === "critical") return SEVERITIES.CRITICAL;
+    if (sev === "high") return SEVERITIES.HIGH;
+    if (sev === "medium") return SEVERITIES.MEDIUM;
+  }
+  return SEVERITIES.LOW;
+}
+function extractSuccessfulChain(nodes, edges) {
+  const succeededNodes = Array.from(nodes.values()).filter((n) => n.status === NODE_STATUS.SUCCEEDED);
+  if (succeededNodes.length < 2) return null;
+  const succeededEdges = edges.filter((e) => e.status === EDGE_STATUS.SUCCEEDED);
+  const { chainLabels, toolsUsed } = traceSucceededPath(succeededNodes, succeededEdges, nodes);
+  if (chainLabels.length < 2) return null;
+  const serviceProfile = succeededNodes.length > 0 ? succeededNodes.map((n) => abstractifyLabel(n.label)).filter(Boolean).join(" + ") : "unknown";
+  return {
+    serviceProfile,
+    chainSummary: chainLabels.join(" \u2192 "),
+    toolsUsed: [...new Set(toolsUsed.filter(Boolean))]
+  };
+}
+function traceSucceededPath(succeededNodes, succeededEdges, nodes) {
+  const labels = [];
+  const tools = [];
+  const visited = /* @__PURE__ */ new Set();
+  const incomingTargets = new Set(succeededEdges.map((e) => e.to));
+  const entryNodes = succeededNodes.filter((n) => !incomingTargets.has(n.id));
+  const queue = entryNodes.length > 0 ? [entryNodes[0]] : [succeededNodes[0]];
+  while (queue.length > 0) {
+    const current = queue.shift();
+    if (visited.has(current.id)) continue;
+    visited.add(current.id);
+    labels.push(abstractifyLabel(current.label));
+    if (current.technique) tools.push(current.technique.split(" ")[0]);
+    const nextEdges = succeededEdges.filter((e) => e.from === current.id);
+    for (const edge of nextEdges) {
+      const nextNode = nodes.get(edge.to);
+      if (nextNode?.status === NODE_STATUS.SUCCEEDED) {
+        if (edge.action) tools.push(edge.action.split(" ")[0]);
+        queue.push(nextNode);
+      }
+    }
+  }
+  return { chainLabels: labels, toolsUsed: tools };
+}
+function abstractifyLabel(label) {
+  let result = label.replace(/^(host|service|vulnerability|access|loot|osint|credential|cve_search):/i, "").replace(/^https?:\/\/|^ftp:\/\//gi, "").replace(/\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(:\d+)?\b/g, "").replace(/:\d{2,5}\b/g, "").replace(/\b[0-9a-f]{16,}\b/gi, "").replace(/(\d+\.\d+)\.\d+/g, "$1.x").trim().replace(/\s+/g, " ");
+  return result || label;
+}
+// src/shared/utils/attack-graph/prompt-formatter.ts
+function formatGraphForPrompt(nodes, edges, failedPaths) {
+  if (nodes.size === 0) return "";
+  const lines = ["<attack-graph>"];
+  const nodesByType = {};
+  const nodesByStatus = {};
+  for (const node of nodes.values()) {
+    nodesByType[node.type] = (nodesByType[node.type] || 0) + 1;
+    nodesByStatus[node.status] = (nodesByStatus[node.status] || 0) + 1;
+  }
+  lines.push(`Nodes: ${Object.entries(nodesByType).map(([t, c]) => `${c} ${t}s`).join(", ")}`);
+  lines.push(`Status: ${Object.entries(nodesByStatus).map(([s, c]) => `${c} ${s}`).join(", ")}`);
+  lines.push(`Edges: ${edges.length} (${edges.filter((e) => e.status === EDGE_STATUS.FAILED).length} failed)`);
+  const chains = recommendChains(nodes, edges);
+  if (chains.length > 0) {
+    lines.push("");
+    lines.push("RECOMMENDED ATTACK PATHS (try these):");
+    for (let i = 0; i < Math.min(GRAPH_LIMITS.PROMPT_CHAINS, chains.length); i++) {
+      const c = chains[i];
+      const prob = (c.probability * 100).toFixed(0);
+      lines.push(`  PATH ${i + 1} [${c.impact.toUpperCase()} | ${prob}%]: ${c.description}`);
+    }
+  }
+  if (failedPaths.length > 0) {
+    lines.push("");
+    lines.push("FAILED PATHS (DO NOT RETRY):");
+    for (const fp of failedPaths.slice(-GRAPH_LIMITS.PROMPT_FAILED)) {
+      lines.push(`  \u2717 ${fp}`);
+    }
+  }
+  const unexploitedVulns = Array.from(nodes.values()).filter((n) => n.type === NODE_TYPE.VULNERABILITY && n.status !== NODE_STATUS.SUCCEEDED && n.status !== NODE_STATUS.FAILED);
+  if (unexploitedVulns.length > 0) {
+    lines.push("");
+    lines.push(`UNEXPLOITED VULNERABILITIES (${unexploitedVulns.length}):`);
+    for (const v of unexploitedVulns.slice(0, GRAPH_LIMITS.PROMPT_VULNS)) {
+      const sev = v.data.severity || "unknown";
+      const status = v.status === NODE_STATUS.ATTEMPTED ? " \u23F3 testing" : "";
+      lines.push(`  - ${v.label} (${sev})${status}`);
+    }
+  }
+  const accessNodes = Array.from(nodes.values()).filter((n) => n.type === NODE_TYPE.ACCESS && n.status === NODE_STATUS.SUCCEEDED);
+  if (accessNodes.length > 0) {
+    lines.push("");
+    lines.push("ACHIEVED ACCESS:");
+    for (const a of accessNodes) {
+      lines.push(`  \u2713 ${a.label}`);
+    }
+  }
+  const credNodes = Array.from(nodes.values()).filter((n) => n.type === NODE_TYPE.CREDENTIAL);
+  if (credNodes.length > 0) {
+    lines.push("");
+    lines.push(`CREDENTIALS (${credNodes.length} \u2014 try on all services):`);
+    for (const c of credNodes) {
+      const source = c.data.source || "unknown";
+      const sprayEdges = edges.filter((e) => e.from === c.id && e.relation === "can_try_on");
+      const testedCount = sprayEdges.filter((e) => e.status !== EDGE_STATUS.UNTESTED).length;
+      lines.push(`  \u{1F511} ${c.label} (from: ${source}) [sprayed: ${testedCount}/${sprayEdges.length}]`);
+    }
+  }
+  lines.push("</attack-graph>");
+  return lines.join("\n");
+}
+// src/shared/utils/attack-graph/formatters/icons.ts
+var TYPE_ICONS = {
+  [NODE_TYPE.HOST]: "\u{1F5A5}",
+  [NODE_TYPE.SERVICE]: "\u2699",
+  [NODE_TYPE.VULNERABILITY]: "\u26A0",
+  [NODE_TYPE.CREDENTIAL]: "\u{1F511}",
+  [NODE_TYPE.ACCESS]: "\u{1F513}",
+  [NODE_TYPE.LOOT]: "\u{1F3F4}",
+  [NODE_TYPE.OSINT]: "\u{1F50D}",
+  // AD node icons (2차 — Hard/Insane support)
+  [NODE_TYPE.DOMAIN]: "\u{1F3F0}",
+  [NODE_TYPE.USER_ACCOUNT]: "\u{1F464}",
+  [NODE_TYPE.GPO]: "\u{1F4CB}",
+  [NODE_TYPE.ACL]: "\u{1F510}",
+  [NODE_TYPE.CERTIFICATE_TEMPLATE]: "\u{1F4DC}"
+};
+var STATUS_ICONS = {
+  [NODE_STATUS.DISCOVERED]: "\u25CB",
+  [NODE_STATUS.ATTEMPTED]: "\u25D0",
+  [NODE_STATUS.SUCCEEDED]: "\u25CF",
+  [NODE_STATUS.FAILED]: "\u2717"
+};
+// src/shared/utils/attack-graph/formatters/stats.ts
+function getGraphStats(nodes, edges) {
+  const succeeded = Array.from(nodes.values()).filter((n) => n.status === NODE_STATUS.SUCCEEDED).length;
+  const failed = Array.from(nodes.values()).filter((n) => n.status === NODE_STATUS.FAILED).length;
+  return {
+    nodes: nodes.size,
+    edges: edges.length,
+    succeeded,
+    failed,
+    chains: recommendChains(nodes, edges).length
+  };
+}
+// src/shared/utils/attack-graph/formatters/graph-ascii.ts
+function formatGraphAsASCII(nodes, edges) {
+  if (nodes.size === 0) return "(Empty attack graph \u2014 no discoveries yet)";
+  const lines = [];
+  lines.push("\u250C\u2500\u2500\u2500 Attack Graph \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510");
+  const groups = {};
+  for (const node of nodes.values()) {
+    if (!groups[node.type]) groups[node.type] = [];
+    groups[node.type].push(node);
+  }
+  const typeSummary = Object.entries(groups).map(([t, ns]) => `${TYPE_ICONS[t] || "\xB7"} ${ns.length}`).join("  ");
+  lines.push(`\u2502 ${typeSummary}`);
+  for (const [type, typeNodes] of Object.entries(groups)) {
+    const icon = TYPE_ICONS[type] || "\xB7";
+    lines.push(`\u2502`);
+    lines.push(`\u2502 ${icon} ${type.toUpperCase()} (${typeNodes.length})`);
+    for (const node of typeNodes) {
+      const sIcon = STATUS_ICONS[node.status] || "?";
+      const fail = node.status === NODE_STATUS.FAILED && node.failReason ? ` \u2014 ${node.failReason}` : "";
+      let detail = "";
+      if (type === NODE_TYPE.CREDENTIAL) {
+        const source = node.data.source ? ` (from: ${node.data.source})` : "";
+        detail = source;
+      } else if (type === NODE_TYPE.VULNERABILITY) {
+        const sev = node.data.severity ? ` [${String(node.data.severity).toUpperCase()}]` : "";
+        const exploit = node.data.hasExploit ? " [EXPLOIT]" : "";
+        const target = node.data.target ? ` \u2192 ${node.data.target}` : "";
+        detail = `${sev}${exploit}${target}`;
+      } else if (type === NODE_TYPE.ACCESS) {
+        const via = node.data.via ? ` via ${node.data.via}` : "";
+        detail = via;
+      } else if (type === NODE_TYPE.SERVICE) {
+        const ver = node.data.version ? ` (${node.data.version})` : "";
+        detail = ver;
+      }
+      const outEdges = edges.filter((e) => e.from === node.id);
+      const edgeStr = outEdges.length > 0 ? ` \u2192 ${outEdges.map((e) => {
+        const target = nodes.get(e.to);
+        const eName = target ? target.label : e.to;
+        const eStatus = e.status === EDGE_STATUS.FAILED ? " \u2717" : e.status === EDGE_STATUS.SUCCEEDED ? " \u2713" : "";
+        return `${eName}${eStatus}`;
+      }).join(", ")}` : "";
+      lines.push(`\u2502   ${sIcon} ${node.label}${detail}${fail}${edgeStr}`);
+    }
+  }
+  const succeededNodes = Array.from(nodes.values()).filter((n) => n.status === NODE_STATUS.SUCCEEDED);
+  if (succeededNodes.length > 0) {
+    lines.push(`\u2502`);
+    lines.push(`\u251C\u2500\u2500\u2500 Exploited \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524`);
+    for (const n of succeededNodes) {
+      const via = n.data.via ? ` via ${n.data.via}` : "";
+      lines.push(`\u2502 \u25CF ${n.label}${via}`);
+    }
+  }
+  const stats = getGraphStats(nodes, edges);
+  lines.push(`\u2502`);
+  lines.push(`\u251C\u2500\u2500\u2500 Summary \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2524`);
+  lines.push(`\u2502 Nodes: ${stats.nodes} | Edges: ${stats.edges} | Succeeded: ${stats.succeeded} | Failed: ${stats.failed} | Chains: ${stats.chains}`);
+  lines.push(`\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518`);
+  return lines.join("\n");
+}
+// src/shared/utils/attack-graph/formatters/paths-list.ts
+function formatPathsList(nodes, edges, failedPaths) {
+  const chains = recommendChains(nodes, edges);
+  if (chains.length === 0) {
+    if (nodes.size === 0) return "No attack graph data yet. Start reconnaissance first.";
+    return "No viable attack paths found. All paths may be exhausted or failed.";
+  }
+  const lines = [];
+  lines.push(`\u2500\u2500\u2500 ${chains.length} Attack Paths (sorted by priority) \u2500\u2500\u2500`);
+  lines.push("");
+  for (let i = 0; i < chains.length; i++) {
+    const c = chains[i];
+    const prob = (c.probability * 100).toFixed(0);
+    const impactColors = {
+      [SEVERITIES.CRITICAL]: "\u{1F534}",
+      [SEVERITIES.HIGH]: "\u{1F7E0}",
+      [SEVERITIES.MEDIUM]: "\u{1F7E1}",
+      [SEVERITIES.LOW]: "\u{1F7E2}"
+    };
+    const impactIcon = impactColors[c.impact] || "\u26AA";
+    lines.push(`${impactIcon} PATH ${i + 1} [${c.impact.toUpperCase()} | prob: ${prob}% | steps: ${c.length}]`);
+    lines.push(`   ${c.description}`);
+    for (const edge of c.edges) {
+      const statusTag = edge.status === EDGE_STATUS.UNTESTED ? "  ?" : edge.status === EDGE_STATUS.TESTING ? "  \u23F3" : edge.status === EDGE_STATUS.SUCCEEDED ? "  \u2713" : "  \u2717";
+      lines.push(`   ${statusTag} ${edge.from.split(":").pop()} \u2014[${edge.relation}]\u2192 ${edge.to.split(":").pop()}`);
+    }
+    lines.push("");
+  }
+  if (failedPaths.length > 0) {
+    lines.push(`\u2500\u2500\u2500 Failed Paths (${failedPaths.length}) \u2500\u2500\u2500`);
+    for (const fp of failedPaths) {
+      lines.push(`   \u2717 ${fp}`);
+    }
+  }
+  return lines.join("\n");
+}
+// src/shared/utils/attack-graph/operations/infrastructure.ts
+function registerHost(graph, ip, hostname) {
+  const node = createHostNode(ip, hostname);
+  if (!graph.nodes.has(node.id)) {
+    graph.nodes.set(node.id, node);
+  }
+  return node.id;
+}
+function registerService(graph, host, port, service, version) {
+  const hostId = registerHost(graph, host);
+  const { node, hostEdge } = createServiceNode(host, port, service, version);
+  if (!graph.nodes.has(node.id)) {
+    graph.nodes.set(node.id, node);
+  }
+  if (hostEdge && !edgeExists(graph.edges, hostEdge.from, hostEdge.to, hostEdge.relation)) {
+    graph.edges.push(hostEdge);
+  }
+  if (version) {
+    const vulnNode = createVersionSearchNode(service, version);
+    if (!graph.nodes.has(vulnNode.id)) {
+      graph.nodes.set(vulnNode.id, vulnNode);
+    }
+    graph.addEdge(node.id, vulnNode.id, "may_have", 0.3);
+  }
+  return node.id;
+}
+// src/shared/utils/attack-graph/operations/security.ts
+function registerCredential(graph, username, password, source) {
+  const node = createCredentialNode(username, password, source);
+  if (!graph.nodes.has(node.id)) {
+    graph.nodes.set(node.id, node);
+  }
+  const sprayEdges = createCredentialSprayEdges(node.id, graph.nodes);
+  for (const edge of sprayEdges) {
+    if (!edgeExists(graph.edges, edge.from, edge.to, edge.relation)) {
+      graph.edges.push(edge);
+    }
+  }
+  return node.id;
+}
+function registerVulnerability(graph, title, target, severity, hasExploit = false) {
+  const vulnNode = createVulnerabilityNode(title, target, severity, hasExploit);
+  if (!graph.nodes.has(vulnNode.id)) {
+    graph.nodes.set(vulnNode.id, vulnNode);
+  }
+  const targetServices = findTargetServices(graph.nodes, target);
+  for (const svc of targetServices) {
+    graph.addEdge(svc.id, vulnNode.id, "has_vulnerability", 0.8);
+  }
+  if (hasExploit) {
+    const accessNode = createPotentialAccessNode(title);
+    if (!graph.nodes.has(accessNode.id)) {
+      graph.nodes.set(accessNode.id, accessNode);
+    }
+    graph.addEdge(vulnNode.id, accessNode.id, "leads_to", 0.7);
+  }
+  return vulnNode.id;
+}
+function registerAccess(graph, host, level, via) {
+  const accessNode = createAccessNode(host, level, via);
+  if (!graph.nodes.has(accessNode.id)) {
+    graph.nodes.set(accessNode.id, accessNode);
+  }
+  const node = graph.nodes.get(accessNode.id);
+  if (node) {
+    node.status = NODE_STATUS.SUCCEEDED;
+    node.resolvedAt = Date.now();
+    const incomingEdges = getIncomingEdges(graph.edges, accessNode.id);
+    for (const edge of incomingEdges) {
+      Object.assign(edge, markEdgeSucceeded(edge));
+    }
+  }
+  if (isHighPrivilege(level)) {
+    const lootNode = createLootNode(host);
+    if (!graph.nodes.has(lootNode.id)) {
+      graph.nodes.set(lootNode.id, lootNode);
+    }
+    graph.addEdge(accessNode.id, lootNode.id, "can_access", 0.9);
+  }
+  return accessNode.id;
+}
+// src/shared/utils/attack-graph/operations/discovery.ts
+function registerOSINT(graph, category, detail, data = {}) {
+  const osintNode = createOSINTNode(category, detail, data);
+  if (!graph.nodes.has(osintNode.id)) {
+    graph.nodes.set(osintNode.id, osintNode);
+  }
+  const relatedNodes = findOSINTRelatedNodes(graph.nodes, detail);
+  for (const { id } of relatedNodes) {
+    graph.addEdge(osintNode.id, id, "relates_to", 0.5);
+  }
+  return osintNode.id;
+}
+// src/shared/utils/attack-graph/status-management.ts
+function markNodeAttemptedInGraph(nodes, nodeId) {
+  const node = nodes.get(nodeId);
+  if (node && canMarkAttempted(node)) {
+    node.status = NODE_STATUS.ATTEMPTED;
+    node.attemptedAt = Date.now();
+  }
+}
+function markNodeSucceededInGraph(nodes, edges, nodeId) {
+  const node = nodes.get(nodeId);
+  if (node) {
+    node.status = NODE_STATUS.SUCCEEDED;
+    node.resolvedAt = Date.now();
+    const incomingEdges = getIncomingEdges(edges, nodeId);
+    for (const edge of incomingEdges) {
+      if (edge.status === EDGE_STATUS.TESTING) {
+        Object.assign(edge, markEdgeSucceeded(edge));
+      }
+    }
+  }
+}
+function markNodeFailedInGraph(nodes, edges, nodeId, reason, callbacks) {
+  const node = nodes.get(nodeId);
+  if (node) {
+    node.status = NODE_STATUS.FAILED;
+    node.resolvedAt = Date.now();
+    node.failReason = reason;
+    callbacks.onFailedPath(formatFailedNode(node.label, reason));
+    const incomingEdges = getIncomingEdges(edges, nodeId);
+    for (const edge of incomingEdges) {
+      if (isTestableEdge(edge)) {
+        Object.assign(edge, markEdgeFailed(edge, reason));
+      }
+    }
+  }
+}
+function markEdgeTestingInList(edges, fromId, toId) {
+  for (const edge of edges) {
+    if (edge.from === fromId && edge.to === toId) {
+      edge.status = EDGE_STATUS.TESTING;
+    }
+  }
+}
+function markEdgeFailedInList(edges, fromId, toId, reason, callbacks) {
+  for (const edge of edges) {
+    if (edge.from === fromId && edge.to === toId) {
+      edge.status = EDGE_STATUS.FAILED;
+      edge.failReason = reason;
+    }
+  }
+  callbacks.onFailedPath(formatFailedPath(fromId, toId, reason));
+}
+// src/shared/utils/attack-graph/store.ts
+var AttackGraphStore = class {
+  nodes = /* @__PURE__ */ new Map();
+  edges = [];
+  failedPaths = [];
+  /** Reset the store to an empty state. */
+  reset() {
+    this.nodes.clear();
+    this.edges = [];
+    this.failedPaths = [];
+  }
+  /**
+   * Set/update a node with IMP-1 cap.
+   * Evicts oldest 'discovered' node when limit reached.
+   */
+  setNode(id, node) {
+    if (!this.nodes.has(id) && this.nodes.size >= AGENT_LIMITS.MAX_ATTACK_NODES) {
+      const oldestDiscovered = Array.from(this.nodes.entries()).find(([, n]) => n.status === "discovered");
+      if (oldestDiscovered) {
+        this.nodes.delete(oldestDiscovered[0]);
+      }
+    }
+    this.nodes.set(id, node);
+  }
+  /** Get node by ID. */
+  getNode(id) {
+    return this.nodes.get(id);
+  }
+  /** Check if node exists. */
+  hasNode(id) {
+    return this.nodes.has(id);
+  }
+  /**
+   * Add an edge with IMP-15 deduplication and IMP-1 cap.
+   * Deduplication key: from + to + relation.
+   */
+  addEdge(edge) {
+    const isDuplicate = this.edges.some(
+      (e) => e.from === edge.from && e.to === edge.to && e.relation === edge.relation
+    );
+    if (isDuplicate) return;
+    this.edges.push(edge);
+    if (this.edges.length > AGENT_LIMITS.MAX_ATTACK_EDGES) {
+      const prunableIdx = this.edges.findIndex(
+        (e) => e.status === "failed" || e.status === "untested"
+      );
+      if (prunableIdx >= 0) {
+        this.edges.splice(prunableIdx, 1);
+      }
+    }
+  }
+  /**
+   * Record a failed path with IMP-1 cap.
+   * Keeps only the most recent MAX_FAILED_PATHS entries.
+   */
+  recordFailedPath(path4) {
+    this.failedPaths.push(path4);
+    if (this.failedPaths.length > AGENT_LIMITS.MAX_FAILED_PATHS) {
+      this.failedPaths = this.failedPaths.slice(-AGENT_LIMITS.MAX_FAILED_PATHS);
+    }
+  }
+  /** Get internal nodes map reference (for operations). */
+  getNodesMap() {
+    return this.nodes;
+  }
+  /** Get internal edges list reference (for operations). */
+  getEdgesList() {
+    return this.edges;
+  }
+  /** Get failed paths list. */
+  getFailedPaths() {
+    return this.failedPaths;
+  }
+  /** Get all nodes as array. */
+  getAllNodes() {
+    return Array.from(this.nodes.values());
+  }
+  /** Get all edges as array. */
+  getAllEdges() {
+    return [...this.edges];
+  }
+};
+// src/shared/utils/attack-graph/core.ts
+var AttackGraph = class {
+  store = new AttackGraphStore();
+  // ─── Core Graph Operations ──────────────────────────────────
+  /** Reset the graph to an empty state. */
+  reset() {
+    this.store.reset();
+  }
+  /**
+   * Add a node to the attack graph.
+   */
+  addNode(type, label, data = {}) {
+    const node = createNode(type, label, data);
+    if (!this.store.hasNode(node.id)) {
+      this.store.setNode(node.id, node);
+    }
+    return node.id;
+  }
+  /**
+   * Add an edge (relationship) between two nodes.
+   */
+  addEdge(fromId, toId, relation, confidence = 0.5) {
+    if (!edgeExists(this.store.getEdgesList(), fromId, toId, relation)) {
+      this.store.addEdge(createEdge(fromId, toId, relation, confidence));
+    }
+  }
+  /**
+   * Get node by ID.
+   */
+  getNode(nodeId) {
+    return this.store.getNode(nodeId);
+  }
+  // ─── Status Management ──────────────────────────────────────
+  /**
+   * Mark a node as being attempted (in-progress attack).
+   */
+  markAttempted(nodeId) {
+    markNodeAttemptedInGraph(this.store.getNodesMap(), nodeId);
+  }
+  /**
+   * Mark a node as successfully exploited/achieved.
+   */
+  markSucceeded(nodeId) {
+    markNodeSucceededInGraph(this.store.getNodesMap(), this.store.getEdgesList(), nodeId);
+  }
+  /**
+   * Mark a node as failed (attack didn't work).
+   */
+  markFailed(nodeId, reason) {
+    markNodeFailedInGraph(this.store.getNodesMap(), this.store.getEdgesList(), nodeId, reason, {
+      onFailedPath: (path4) => this.store.recordFailedPath(path4)
+    });
+  }
+  /**
+   * Mark an edge as being tested.
+   */
+  markEdgeTesting(fromId, toId) {
+    markEdgeTestingInList(this.store.getEdgesList(), fromId, toId);
+  }
+  /**
+   * Mark an edge as failed.
+   */
+  markEdgeFailed(fromId, toId, reason) {
+    markEdgeFailedInList(this.store.getEdgesList(), fromId, toId, reason, {
+      onFailedPath: (path4) => this.store.recordFailedPath(path4)
+    });
+  }
+  // ─── Domain-Specific Registration ───────────────────────────
+  /** Internal graph container for domain operations */
+  get graphContainer() {
+    return {
+      nodes: this.store.getNodesMap(),
+      edges: this.store.getEdgesList(),
+      addEdge: this.addEdge.bind(this),
+      markSucceeded: this.markSucceeded.bind(this)
+    };
+  }
+  /**
+   * Record a host discovery.
+   */
+  addHost(ip, hostname) {
+    return registerHost(this.graphContainer, ip, hostname);
+  }
+  /**
+   * Record a service discovery and auto-create edges.
+   */
+  addService(host, port, service, version) {
+    return registerService(this.graphContainer, host, port, service, version);
+  }
+  /**
+   * Record a credential discovery and create spray edges.
+   */
+  addCredential(username, password, source) {
+    return registerCredential(this.graphContainer, username, password, source);
+  }
+  /**
+   * Record a vulnerability finding.
+   */
+  addVulnerability(title, target, severity, hasExploit = false) {
+    return registerVulnerability(this.graphContainer, title, target, severity, hasExploit);
+  }
+  /**
+   * Record gained access.
+   */
+  addAccess(host, level, via) {
+    return registerAccess(this.graphContainer, host, level, via);
+  }
+  /**
+   * Record OSINT discovery (Docker image, GitHub repo, company info, etc.)
+   */
+  addOSINT(category, detail, data = {}) {
+    return registerOSINT(this.graphContainer, category, detail, data);
+  }
+  /**
+   * Record an Active Directory object (domain, user-account, GPO, ACL, certificate-template).
+   *
+   * WHY: AD attacks chain through complex object relationships (ACL → user → cert → DA).
+   * Tracking these as graph nodes lets the Strategist see multi-hop AD paths.
+   *
+   * type: 'domain' | 'user-account' | 'gpo' | 'acl' | 'certificate-template'
+   * label: human-readable name (e.g. "CORP.LOCAL", "svc_sql", "ESC1-vulnerable")
+   * data: freeform metadata (members, rights, target, confidence, etc.)
+   */
+  addDomainObject(type, label, data = {}) {
+    return this.addNode(type, label, { adObject: true, ...data });
+  }
+  // ─── Chain Discovery (DFS) ──────────────────────────────────
+  /**
+   * Find all viable attack paths using DFS.
+   */
+  recommendChains() {
+    return recommendChains(this.store.getNodesMap(), this.store.getEdgesList());
+  }
+  // ─── Prompt Generation ──────────────────────────────────────
+  /**
+   * Format attack graph status for prompt injection.
+   */
+  toPrompt() {
+    return formatGraphForPrompt(this.store.getNodesMap(), this.store.getEdgesList(), this.store.getFailedPaths());
+  }
+  // ─── TUI Visualization ──────────────────────────────────────
+  /**
+   * Generate ASCII visualization for TUI /graph command.
+   */
+  toASCII() {
+    return formatGraphAsASCII(this.store.getNodesMap(), this.store.getEdgesList());
+  }
+  /**
+   * Generate path listing for TUI /paths command.
+   */
+  toPathsList() {
+    return formatPathsList(this.store.getNodesMap(), this.store.getEdgesList(), this.store.getFailedPaths());
+  }
+  // ─── Stats ──────────────────────────────────────────────────
+  /**
+   * Get graph stats for metrics display.
+   */
+  getStats() {
+    return getGraphStats(this.store.getNodesMap(), this.store.getEdgesList());
+  }
+  /**
+   * Get all nodes.
+   */
+  getAllNodes() {
+    return this.store.getAllNodes();
+  }
+  /**
+   * Get all edges.
+   */
+  getAllEdges() {
+    return this.store.getAllEdges();
+  }
+  /**
+   * Get failed paths list.
+   */
+  getFailedPaths() {
+    return this.store.getFailedPaths();
+  }
+  /**
+   * Check if the graph has any data.
+   */
+  isEmpty() {
+    return this.store.getNodesMap().size === 0;
+  }
+};
+// src/shared/utils/agent-memory/branch-index.ts
+var IPV4_HOST_PATTERN = /\b(\d{1,3}(?:\.\d{1,3}){3})(?::(\d+))?\b/;
+var DEFAULT_BRANCH_CONFIDENCE = 25;
+var MEMORY_FAILURE_CONFIDENCE = 40;
+var GRAPH_RECOMMENDATION_CONFIDENCE_MULTIPLIER = 100;
+var ACCESS_CONFIDENCE = 100;
+function buildMemoryBranchIndex(state3) {
+  const builder = new MemoryBranchIndexBuilder(state3);
+  return builder.build();
+}
+var MemoryBranchIndexBuilder = class {
+  constructor(state3) {
+    this.state = state3;
+    this.buildServiceLookup();
+  }
+  branches = /* @__PURE__ */ new Map();
+  serviceLookup = /* @__PURE__ */ new Map();
+  build() {
+    this.addTargetBranches();
+    this.addFindingBranches();
+    this.addWorkingMemoryBranches();
+    this.addDelegatedBranches();
+    this.addAttackGraphBranches();
+    this.addAttackGraphRecommendations();
+    return {
+      branches: Array.from(this.branches.values()).map((branch) => this.finalizeBranch(branch)).sort((a, b) => b.touchedAt - a.touchedAt)
+    };
+  }
+  buildServiceLookup() {
+    for (const target of this.state.getAllTargets()) {
+      for (const port of target.ports) {
+        this.serviceLookup.set(this.serviceLookupKey(target.ip, port.port), port.service);
+      }
+    }
+  }
+  addTargetBranches() {
+    for (const target of this.state.getAllTargets()) {
+      if (target.ports.length === 0) {
+        this.touchBranch({ host: target.ip }, "canonical_state", DEFAULT_BRANCH_CONFIDENCE);
+        continue;
+      }
+      for (const port of target.ports) {
+        this.touchBranch({
+          host: target.ip,
+          service: port.service,
+          port: port.port
+        }, "canonical_state", DEFAULT_BRANCH_CONFIDENCE);
+      }
+    }
+  }
+  addFindingBranches() {
+    for (const finding of this.state.getFindings()) {
+      const affectedTargets = finding.affected.map((affected) => this.parseBranchTarget(affected)).filter((target) => target !== null);
+      if (affectedTargets.length === 0) {
+        continue;
+      }
+      for (const target of affectedTargets) {
+        const branch = this.touchBranch({
+          host: target.host,
+          service: target.service ?? this.lookupService(target.host, target.port),
+          port: target.port,
+          vectorType: "vuln",
+          vectorId: finding.title
+        }, "canonical_state", finding.confidence, finding.foundAt);
+        this.pushUnique(branch.findings, finding.title);
+      }
+    }
+  }
+  addWorkingMemoryBranches() {
+    for (const entry of this.state.workingMemory.getEntries()) {
+      if (entry.fingerprint) {
+        this.addFailureEntry(entry, entry.fingerprint);
+      }
+    }
+  }
+  addFailureEntry(entry, fingerprint) {
+    const rawCommand = typeof entry.context.command === "string" ? entry.context.command : "";
+    const target = this.parseBranchTarget(rawCommand) ?? this.parseBranchTarget(fingerprint.target);
+    if (!target) {
+      return;
+    }
+    const resolvedPort = target.port ?? this.lookupPort(target.host, target.service);
+    const resolvedService = target.service ?? this.lookupService(target.host, resolvedPort);
+    const branch = this.touchBranch({
+      host: target.host,
+      service: resolvedService,
+      port: resolvedPort
+    }, "memory", MEMORY_FAILURE_CONFIDENCE, entry.timestamp);
+    this.pushUnique(branch.recentAttempts, entry.content);
+    this.pushUnique(branch.recentFailures, entry.content);
+    if (fingerprint.hypothesizedReason) {
+      this.pushUnique(branch.blockers, fingerprint.hypothesizedReason);
+    }
+  }
+  addDelegatedBranches() {
+    const activeExecution = this.state.getActiveDelegatedExecution();
+    if (activeExecution?.target) {
+      this.addDelegatedBranch(activeExecution.target, activeExecution.task, activeExecution.updatedAt);
+    }
+    for (const task of this.state.getDelegatedTasks()) {
+      if (!task.target) {
+        continue;
+      }
+      const branch = this.addDelegatedBranch(task.target, task.summary || task.task, task.updatedAt);
+      this.pushUnique(branch.nextCandidates, task.suggestedNext);
+      if (task.resumeHint) {
+        this.pushUnique(branch.blockers, task.resumeHint);
+      }
+    }
+  }
+  addDelegatedBranch(targetValue, detail, touchedAt) {
+    const target = this.parseBranchTarget(targetValue) ?? { host: targetValue };
+    const branch = this.touchBranch({
+      host: target.host,
+      service: target.service ?? this.lookupService(target.host, target.port),
+      port: target.port
+    }, "delegated", DEFAULT_BRANCH_CONFIDENCE, touchedAt);
+    this.pushUnique(branch.nextCandidates, detail);
+    return branch;
+  }
+  addAttackGraphBranches() {
+    const nodes = this.state.attackGraph.getAllNodes();
+    const edges = this.state.attackGraph.getAllEdges();
+    const nodesById = new Map(nodes.map((node) => [node.id, node]));
+    for (const node of nodes) {
+      this.addAttackNode(node);
+    }
+    for (const edge of edges) {
+      this.addCredentialSprayEdge(edge, nodesById);
+    }
+    for (const failedPath of this.state.attackGraph.getFailedPaths()) {
+      const target = this.parseBranchTarget(failedPath);
+      if (!target) {
+        continue;
+      }
+      const branch = this.touchBranch({
+        host: target.host,
+        service: target.service ?? this.lookupService(target.host, target.port),
+        port: target.port
+      }, "graph", MEMORY_FAILURE_CONFIDENCE);
+      this.pushUnique(branch.blockers, failedPath);
+    }
+  }
+  addAttackNode(node) {
+    if (node.type === NODE_TYPE.SERVICE) {
+      const branch = this.touchBranch({
+        host: this.readString(node.data.host) || node.label,
+        service: this.readString(node.data.service),
+        port: this.readNumber(node.data.port)
+      }, "graph", DEFAULT_BRANCH_CONFIDENCE, node.discoveredAt);
+      this.pushUnique(branch.nextCandidates, `Service discovered: ${node.label}`);
+      return;
+    }
+    if (node.type === NODE_TYPE.VULNERABILITY) {
+      const target = this.parseBranchTarget(this.readString(node.data.target) || "");
+      if (!target) {
+        return;
+      }
+      const branch = this.touchBranch({
+        host: target.host,
+        service: target.service ?? this.lookupService(target.host, target.port),
+        port: target.port,
+        vectorType: "vuln",
+        vectorId: node.label
+      }, "graph", DEFAULT_BRANCH_CONFIDENCE, node.discoveredAt);
+      this.pushUnique(branch.findings, node.label);
+      return;
+    }
+    if (node.type === NODE_TYPE.ACCESS) {
+      const host = this.readString(node.data.host);
+      const level = this.readString(node.data.level) || node.label;
+      if (!host) {
+        return;
+      }
+      const branch = this.touchBranch({
+        host,
+        vectorType: "shell",
+        vectorId: level
+      }, "graph", ACCESS_CONFIDENCE, node.resolvedAt ?? node.discoveredAt);
+      this.pushUnique(branch.accessState, node.label);
+      return;
+    }
+  }
+  addCredentialSprayEdge(edge, nodesById) {
+    if (edge.relation !== "can_try_on") {
+      return;
+    }
+    const credentialNode = nodesById.get(edge.from);
+    const serviceNode = nodesById.get(edge.to);
+    if (!credentialNode || !serviceNode || serviceNode.type !== NODE_TYPE.SERVICE) {
+      return;
+    }
+    const host = this.readString(serviceNode.data.host);
+    if (!host) {
+      return;
+    }
+    const branch = this.touchBranch({
+      host,
+      service: this.readString(serviceNode.data.service),
+      port: this.readNumber(serviceNode.data.port)
+    }, "graph", DEFAULT_BRANCH_CONFIDENCE, serviceNode.discoveredAt);
+    this.pushUnique(branch.credentials, credentialNode.label);
+  }
+  addAttackGraphRecommendations() {
+    const chains = this.state.attackGraph.recommendChains();
+    for (const chain of chains.slice(0, 3)) {
+      const branchKey = this.getBranchKeyFromChain(chain);
+      if (!branchKey) {
+        continue;
+      }
+      const branch = this.touchBranch(
+        branchKey,
+        "graph",
+        Math.round(chain.probability * GRAPH_RECOMMENDATION_CONFIDENCE_MULTIPLIER)
+      );
+      this.pushUnique(branch.nextCandidates, `Recommended path: ${chain.description}`);
+    }
+  }
+  getBranchKeyFromChain(chain) {
+    for (const node of chain.steps) {
+      if (node.type !== NODE_TYPE.SERVICE) {
+        continue;
+      }
+      const host = this.readString(node.data.host);
+      if (!host) {
+        continue;
+      }
+      return {
+        host,
+        service: this.readString(node.data.service),
+        port: this.readNumber(node.data.port)
+      };
+    }
+    return null;
+  }
+  touchBranch(key, source, confidence, touchedAt = Date.now()) {
+    const branchKey = this.serializeBranchKey(key);
+    const existing = this.branches.get(branchKey);
+    if (existing) {
+      existing.confidence = Math.max(existing.confidence, confidence);
+      existing.touchedAt = Math.max(existing.touchedAt, touchedAt);
+      this.pushUniqueSource(existing.sources, source);
+      return existing;
+    }
+    const created = {
+      key,
+      status: "new",
+      findings: [],
+      credentials: [],
+      recentAttempts: [],
+      recentFailures: [],
+      successfulActions: [],
+      blockers: [],
+      accessState: [],
+      nextCandidates: [],
+      confidence,
+      touchedAt,
+      sources: [source]
+    };
+    this.branches.set(branchKey, created);
+    return created;
+  }
+  finalizeBranch(branch) {
+    return {
+      ...branch,
+      status: this.resolveStatus(branch),
+      findings: [...branch.findings],
+      credentials: [...branch.credentials],
+      recentAttempts: [...branch.recentAttempts],
+      recentFailures: [...branch.recentFailures],
+      successfulActions: [...branch.successfulActions],
+      blockers: [...branch.blockers],
+      accessState: [...branch.accessState],
+      nextCandidates: [...branch.nextCandidates],
+      sources: [...branch.sources]
+    };
+  }
+  resolveStatus(branch) {
+    if (branch.accessState.length > 0) {
+      return "succeeded";
+    }
+    if (branch.blockers.length > 0 && branch.nextCandidates.length === 0) {
+      return "blocked";
+    }
+    if (branch.findings.length > 0 || branch.nextCandidates.length > 0 || branch.credentials.length > 0) {
+      return "promising";
+    }
+    if (branch.recentAttempts.length > 0 || branch.recentFailures.length > 0) {
+      return "enumerating";
+    }
+    return "new";
+  }
+  lookupService(host, port) {
+    if (!port) {
+      return void 0;
+    }
+    return this.serviceLookup.get(this.serviceLookupKey(host, port));
+  }
+  lookupPort(host, service) {
+    if (!service) {
+      return void 0;
+    }
+    const target = this.state.getTarget(host);
+    const match = target?.ports.find((port) => port.service === service);
+    return match?.port;
+  }
+  parseBranchTarget(raw) {
+    if (!raw) {
+      return null;
+    }
+    const fromUrl = this.parseUrlTarget(raw);
+    if (fromUrl) {
+      return fromUrl;
+    }
+    const match = raw.match(IPV4_HOST_PATTERN);
+    if (!match) {
+      return null;
+    }
+    return {
+      host: match[1],
+      port: match[2] ? Number(match[2]) : void 0
+    };
+  }
+  parseUrlTarget(raw) {
+    if (!raw.includes("://")) {
+      return null;
+    }
+    try {
+      const match = raw.match(/\b[a-z][a-z0-9+.-]*:\/\/\S+/i);
+      if (!match) {
+        return null;
+      }
+      const parsed = new URL(match[0]);
+      return {
+        host: parsed.hostname,
+        port: parsed.port ? Number(parsed.port) : void 0,
+        service: parsed.protocol.replace(":", "")
+      };
+    } catch {
+      return null;
+    }
+  }
+  readNumber(value) {
+    return typeof value === "number" ? value : void 0;
+  }
+  readString(value) {
+    return typeof value === "string" && value.trim() ? value : void 0;
+  }
+  serializeBranchKey(key) {
+    return [
+      key.host,
+      key.service ?? "",
+      key.port ?? "",
+      key.vectorType ?? "",
+      key.vectorId ?? ""
+    ].join("|");
+  }
+  serviceLookupKey(host, port) {
+    return `${host}:${port}`;
+  }
+  pushUnique(target, value) {
+    if (!value || target.includes(value)) {
+      return;
+    }
+    target.push(value);
+  }
+  pushUniqueSource(target, value) {
+    if (!value || target.includes(value)) {
+      return;
+    }
+    target.push(value);
+  }
+};
+// src/shared/utils/agent-memory/branch-summary.ts
+var DEFAULT_RANKED_BRANCH_LIMIT = 5;
+var DEFAULT_BLOCKED_BRANCH_LIMIT = 3;
+var DEFAULT_RESUME_HINT_LIMIT = 3;
+var MAX_BRANCH_DETAILS = 2;
+function rankMemoryBranches(index, limit = DEFAULT_RANKED_BRANCH_LIMIT) {
+  return [...index.branches].sort(compareMemoryBranch).slice(0, Math.max(0, Math.floor(limit)));
+}
+function buildCampaignMemorySummary(index, rankedLimit = DEFAULT_RANKED_BRANCH_LIMIT, blockedLimit = DEFAULT_BLOCKED_BRANCH_LIMIT) {
+  if (index.branches.length === 0) {
+    return "";
+  }
+  const ranked = rankMemoryBranches(index, rankedLimit);
+  const blocked = index.branches.filter((branch) => branch.status === "blocked").sort(compareMemoryBranch).slice(0, Math.max(0, Math.floor(blockedLimit)));
+  const sections = [
+    "<campaign-memory>",
+    "<ranked-branches>",
+    ...ranked.map((branch, indexValue) => formatRankedBranch(indexValue + 1, branch)),
+    "</ranked-branches>"
+  ];
+  if (blocked.length > 0) {
+    sections.push("<blocked-branches>");
+    sections.push(...blocked.map((branch) => formatBlockedBranch(branch)));
+    sections.push("</blocked-branches>");
+  }
+  sections.push("</campaign-memory>");
+  return sections.join("\n");
+}
+function buildMicroBranchSummary(branch, activationReason, signals = []) {
+  const lines = [
+    "<delegated-branch-memory>",
+    `target: ${formatBranchTarget(branch)}`,
+    `status: ${branch.status}`,
+    `confidence: ${branch.confidence}`,
+    `activation_reason: ${activationReason}`,
+    signals.length > 0 ? `signals: ${signals.join(", ")}` : "",
+    formatList("findings", branch.findings),
+    formatList("blockers", branch.blockers),
+    formatList("next", branch.nextCandidates),
+    formatList("access", branch.accessState),
+    formatList("recent_failures", branch.recentFailures),
+    "</delegated-branch-memory>"
+  ].filter(Boolean);
+  return lines.join("\n");
+}
+function buildSnapshotResumeHints(index, limit = DEFAULT_RESUME_HINT_LIMIT) {
+  return rankMemoryBranches(index, limit).map(buildResumeHintLine).filter(Boolean);
+}
+function formatRankedBranch(rank, branch) {
+  const details = [
+    `#${rank} ${formatBranchTarget(branch)} | status=${branch.status} | confidence=${branch.confidence}`,
+    formatList("findings", branch.findings),
+    formatList("next", branch.nextCandidates),
+    formatList("credentials", branch.credentials),
+    formatList("access", branch.accessState),
+    formatList("recent_failures", branch.recentFailures)
+  ].filter(Boolean);
+  return details.join("\n");
+}
+function formatBlockedBranch(branch) {
+  const blockers = formatList("blockers", branch.blockers);
+  const next = formatList("next", branch.nextCandidates);
+  const failures = formatList("recent_failures", branch.recentFailures);
+  return [
+    `${formatBranchTarget(branch)} | confidence=${branch.confidence}`,
+    blockers,
+    next,
+    failures
+  ].filter(Boolean).join("\n");
+}
+function formatBranchTarget(branch) {
+  const host = branch.key.host;
+  const port = branch.key.port ? `:${branch.key.port}` : "";
+  const service = branch.key.service ? ` (${branch.key.service})` : "";
+  const vector = branch.key.vectorId ? ` [${branch.key.vectorId}]` : "";
+  return `${host}${port}${service}${vector}`;
+}
+function formatList(label, values) {
+  if (values.length === 0) {
+    return "";
+  }
+  const visible = values.slice(0, MAX_BRANCH_DETAILS).join(" | ");
+  const more = values.length > MAX_BRANCH_DETAILS ? ` (+${values.length - MAX_BRANCH_DETAILS} more)` : "";
+  return `${label}: ${visible}${more}`;
+}
+function buildResumeHintLine(branch) {
+  const target = formatBranchTarget(branch);
+  const next = branch.nextCandidates[0];
+  const blocker = branch.blockers[0];
+  const finding = branch.findings[0];
+  const hints = [
+    finding ? `finding=${finding}` : "",
+    next ? `next=${next}` : "",
+    blocker ? `blocker=${blocker}` : "",
+    branch.accessState[0] ? `access=${branch.accessState[0]}` : ""
+  ].filter(Boolean);
+  if (hints.length === 0) {
+    return `${target} | status=${branch.status} | confidence=${branch.confidence}`;
+  }
+  return `${target} | ${hints.join(" | ")}`;
+}
+function compareMemoryBranch(left, right) {
+  const statusDelta = getStatusRank(right.status) - getStatusRank(left.status);
+  if (statusDelta !== 0) {
+    return statusDelta;
+  }
+  if (right.confidence !== left.confidence) {
+    return right.confidence - left.confidence;
+  }
+  return right.touchedAt - left.touchedAt;
+}
+function getStatusRank(status) {
+  switch (status) {
+    case "succeeded":
+      return 5;
+    case "promising":
+      return 4;
+    case "enumerating":
+      return 3;
+    case "new":
+      return 2;
+    case "blocked":
+      return 1;
+    case "abandoned":
+      return 0;
+  }
+}
 // src/shared/utils/agent-memory/dynamic/extraction.ts
 var KNOWN_TECHS = [
   "apache",
@@ -4186,13 +5700,23 @@ export {
   EVENT_TYPES,
   COMMAND_EVENT_TYPES,
   UI_COMMANDS,
+  NODE_TYPE,
+  NODE_STATUS,
+  EDGE_STATUS,
+  extractSuccessfulChain,
+  AttackGraph,
   generateId,
   generatePrefixedId,
   WorkingMemory,
   EpisodicMemory,
+  isBranchMemoryEnabled,
   saveSessionSnapshot,
   snapshotToPrompt,
   PersistentMemory,
+  buildMemoryBranchIndex,
+  buildCampaignMemorySummary,
+  buildMicroBranchSummary,
+  buildSnapshotResumeHints,
   DynamicTechniqueLibrary,
   createSessionRuntime,
   setActiveSessionRuntime,