protoagent 0.1.13 → 0.1.15

package/dist/tools/search-files.js

@@ -5,7 +5,7 @@
  * Falls back to a pure JS recursive directory walk if rg is not found.
  */
 import fs from 'node:fs/promises';
-import { statSync } from 'node:fs';
+import { stat } from 'node:fs/promises';
 import path from 'node:path';
 import { execFileSync } from 'node:child_process';
 import { validatePath } from '../utils/path-validation.js';
@@ -40,21 +40,48 @@ catch {
     // ripgrep not available, will use JS fallback
 }
 const MAX_RESULTS = 100;
+const MAX_PATTERN_LENGTH = 1000;
+// Directories to skip during recursive search
+const SKIP_DIRS = new Set([
+    'node_modules',
+    '.git',
+    'dist',
+    'build',
+    'coverage',
+    '__pycache__',
+    '.venv',
+    'venv',
+    '.tox',
+    '.nox',
+    '.pytest_cache',
+    '.mypy_cache',
+    '.ruff_cache',
+    '.hypothesis',
+    '.next',
+    'out',
+    '.turbo',
+    '.cache',
+]);
 export async function searchFiles(searchTerm, directoryPath = '.', caseSensitive = true, fileExtensions) {
     const validated = await validatePath(directoryPath);
+    // Security: Validate pattern to prevent ReDoS (Catastrophic Backtracking)
+    // Attack: Pattern (a+)+$ with input 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!' causes exponential backtracking
+    // In JS fallback, this hangs the process for minutes/hours with 100% CPU
+    if (searchTerm.length > MAX_PATTERN_LENGTH) {
+        return `Error: Pattern too long (${searchTerm.length} chars, max ${MAX_PATTERN_LENGTH})`;
+    }
     if (hasRipgrep) {
         return searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive, fileExtensions);
     }
     return searchWithJs(searchTerm, validated, directoryPath, caseSensitive, fileExtensions);
 }
 // ─── Ripgrep implementation ───
-function searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive, fileExtensions) {
+async function searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive, fileExtensions) {
     const args = [
         '--line-number',
         '--with-filename',
         '--no-heading',
         '--color=never',
-        '--max-count=1',
         '--max-filesize=1M',
     ];
     if (!caseSensitive) {
@@ -79,10 +106,13 @@ function searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive,
             return `No matches found for "${searchTerm}" in ${directoryPath}`;
         }
         // Parse rg output and sort by mtime
-        const parsed = lines.slice(0, MAX_RESULTS).map(line => {
+        const parsed = [];
+        for (const line of lines.slice(0, MAX_RESULTS)) {
             // rg output: filepath:linenum:content
             const firstColon = line.indexOf(':');
             const secondColon = line.indexOf(':', firstColon + 1);
+            if (firstColon === -1 || secondColon === -1)
+                continue;
             const filePath = line.slice(0, firstColon);
             const lineNum = line.slice(firstColon + 1, secondColon);
             let content = line.slice(secondColon + 1).trim();
@@ -92,11 +122,12 @@ function searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive,
             const relativePath = path.relative(validated, filePath);
             let mtime = 0;
             try {
-                mtime = statSync(filePath).mtimeMs;
+                const stats = await stat(filePath);
+                mtime = stats.mtimeMs;
             }
-            catch { /* ignore */ }
-            return { display: `${relativePath}:${lineNum}: ${content}`, mtime };
-        });
+            catch { /* ignore stat errors */ }
+            parsed.push({ display: `${relativePath}:${lineNum}: ${content}`, mtime });
+        }
         // Sort by mtime descending (most recently modified first)
         parsed.sort((a, b) => b.mtime - a.mtime);
         const results = parsed.map(r => r.display);
@@ -114,7 +145,7 @@ function searchWithRipgrep(searchTerm, validated, directoryPath, caseSensitive,
             return `Error: ripgrep error: ${msg}`;
         }
         // Fall back to JS search on any other error
-        return `Error: ripgrep failed: ${err.message}`;
+        return searchWithJs(searchTerm, validated, directoryPath, caseSensitive, fileExtensions);
     }
 }
 // ─── JS fallback implementation ───
@@ -129,6 +160,7 @@ async function searchWithJs(searchTerm, validated, directoryPath, caseSensitive,
         return `Error: invalid regex pattern "${searchTerm}": ${message}`;
     }
     const results = [];
+    const visitedInodes = new Set();
     async function search(dir) {
         if (results.length >= MAX_RESULTS)
             return;
@@ -137,13 +169,32 @@ async function searchWithJs(searchTerm, validated, directoryPath, caseSensitive,
             if (results.length >= MAX_RESULTS)
                 break;
             const fullPath = path.join(dir, entry.name);
+            // Skip symlinks to prevent cycles
+            if (entry.isSymbolicLink()) {
+                continue;
+            }
             // Skip common non-useful directories
             if (entry.isDirectory()) {
-                if (['node_modules', '.git', 'dist', 'build', 'coverage', '__pycache__'].includes(entry.name))
+                if (SKIP_DIRS.has(entry.name))
                     continue;
+                // Track inode to detect hardlink cycles
+                try {
+                    const stats = await fs.stat(fullPath);
+                    const inodeKey = `${stats.dev}:${stats.ino}`;
+                    if (visitedInodes.has(inodeKey)) {
+                        continue; // Already visited this directory
+                    }
+                    visitedInodes.add(inodeKey);
+                }
+                catch {
+                    // If we can't stat, skip to be safe
+                    continue;
+                }
                 await search(fullPath);
                 continue;
             }
+            if (!entry.isFile())
+                continue;
             // Filter by extension
             if (fileExtensions && fileExtensions.length > 0) {
                 const ext = path.extname(entry.name);
@@ -152,6 +203,7 @@ async function searchWithJs(searchTerm, validated, directoryPath, caseSensitive,
             }
             try {
                 const content = await fs.readFile(fullPath, 'utf8');
+                const stats = await stat(fullPath);
                 const lines = content.split('\n');
                 for (let i = 0; i < lines.length && results.length < MAX_RESULTS; i++) {
                     if (regex.test(lines[i])) {
@@ -161,7 +213,10 @@ async function searchWithJs(searchTerm, validated, directoryPath, caseSensitive,
                         if (lineContent.length > 500) {
                             lineContent = lineContent.slice(0, 500) + '... (truncated)';
                         }
-                        results.push(`${relativePath}:${i + 1}: ${lineContent}`);
+                        results.push({
+                            display: `${relativePath}:${i + 1}: ${lineContent}`,
+                            mtime: stats.mtimeMs,
+                        });
                     }
                     regex.lastIndex = 0; // reset regex state
                 }
@@ -175,6 +230,9 @@ async function searchWithJs(searchTerm, validated, directoryPath, caseSensitive,
     if (results.length === 0) {
         return `No matches found for "${searchTerm}" in ${directoryPath}`;
     }
+    // Sort by mtime descending (most recently modified first)
+    results.sort((a, b) => b.mtime - a.mtime);
+    const displayResults = results.map(r => r.display);
     const suffix = results.length >= MAX_RESULTS ? `\n(results truncated at ${MAX_RESULTS})` : '';
-    return `Found ${results.length} match(es) for "${searchTerm}":\n${results.join('\n')}${suffix}`;
+    return `Found ${results.length} match(es) for "${searchTerm}":\n${displayResults.join('\n')}${suffix}`;
 }

package/dist/tools/webfetch.js

@@ -12,51 +12,59 @@
  * - Proper redirect limiting
  * - Charset-aware content decoding
  */
-import { convert } from 'html-to-text';
+import { convert } from "html-to-text";
 const MAX_RESPONSE_SIZE = 5 * 1024 * 1024; // 5MB
 const MAX_OUTPUT_SIZE = 2 * 1024 * 1024; // 2MB
 const MAX_REDIRECTS = 10;
 const MAX_URL_LENGTH = 4096;
 const FETCH_HEADERS = {
-    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
-    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
-    'Accept-Language': 'en-US,en;q=0.9',
-    'Accept-Encoding': 'gzip, deflate',
-    'DNT': '1',
-    'Connection': 'keep-alive',
-    'Upgrade-Insecure-Requests': '1',
+    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
+    Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
+    "Accept-Language": "en-US,en;q=0.9",
+    "Accept-Encoding": "gzip, deflate",
+    DNT: "1",
+    Connection: "keep-alive",
+    "Upgrade-Insecure-Requests": "1",
 };
 // Text-based MIME types that are safe to process
 const TEXT_MIME_TYPES = [
-    'text/',
-    'application/json',
-    'application/xml',
-    'application/x-www-form-urlencoded',
-    'application/atom+xml',
-    'application/rss+xml',
-    'application/javascript',
-    'application/typescript',
+    "text/",
+    "application/json",
+    "application/xml",
+    "application/x-www-form-urlencoded",
+    "application/atom+xml",
+    "application/rss+xml",
+    "application/javascript",
+    "application/typescript",
 ];
-// Lazy-loaded Turndown instance (CJS module — dynamic import avoids forcing esbuild CJS output)
+// Lazy-loaded Turndown instance — converts HTML to Markdown
+// We lazy-load because Turndown is a CommonJS module; dynamic import keeps our
+// ESM output clean without forcing esbuild to bundle everything as CJS.
+// Why Turndown? HTML → Markdown preserves document structure (headings, lists,
+// links) in a readable format that LLMs handle better than raw HTML markup.
 let _turndownService = null;
 async function getTurndownService() {
     if (!_turndownService) {
-        const { default: TurndownService } = await import('turndown');
+        const { default: TurndownService } = await import("turndown");
         _turndownService = new TurndownService({
-            headingStyle: 'atx',
-            codeBlockStyle: 'fenced',
-            bulletListMarker: '-',
-            emDelimiter: '*',
+            headingStyle: "atx", // # Heading, not underlined
+            codeBlockStyle: "fenced", // ```code```, not indented
+            bulletListMarker: "-",
+            emDelimiter: "*",
         });
-        _turndownService.remove(['script', 'style', 'meta', 'link']);
+        // Remove noise that doesn't help LLM understanding
+        _turndownService.remove(["script", "style", "meta", "link"]);
     }
     return _turndownService;
 }
-// Lazy-loaded he module (CJS module)
+// Lazy-loaded 'he' module — decodes HTML entities like < > &
+// We lazy-load for the same CJS/ESM reason as Turndown.
+// Why 'he'? Browsers and node don't have built-in HTML entity decoding that
+// handles the full set ( , ✓, named entities, etc.) correctly.
 let _he = null;
 async function getHe() {
     if (!_he) {
-        const { default: he } = await import('he');
+        const { default: he } = await import("he");
         _he = he;
     }
     return _he;
@@ -72,7 +80,7 @@ function isTextMimeType(mimeType) {
  */
 function detectHTML(content, contentType) {
     // Header says HTML
-    if (contentType.includes('text/html')) {
+    if (contentType.includes("text/html")) {
         return true;
     }
     // Sniff content for HTML signature
@@ -85,17 +93,17 @@ function detectHTML(content, contentType) {
 function parseCharset(contentType) {
     const match = contentType.match(/charset=([^\s;]+)/i);
     if (match) {
-        const charset = match[1].replace(/['"]/g, '');
+        const charset = match[1].replace(/['"]/g, "");
         // Validate charset is supported by TextDecoder
         try {
             new TextDecoder(charset);
             return charset;
         }
         catch {
-            return 'utf-8';
+            return "utf-8";
         }
     }
-    return 'utf-8';
+    return "utf-8";
 }
 /**
  * Truncate output if too large
@@ -109,28 +117,28 @@ function truncateOutput(output, maxSize) {
     return output;
 }
 export const webfetchTool = {
-    type: 'function',
+    type: "function",
     function: {
-        name: 'webfetch',
-        description: 'Fetch and process content from a web URL. Supports text (plain text extraction), markdown (HTML to markdown conversion), or html (raw HTML) output formats.',
+        name: "webfetch",
+        description: "Fetch and process content from a web URL. Supports text (plain text extraction), markdown (HTML to markdown conversion), or html (raw HTML) output formats.",
         parameters: {
-            type: 'object',
+            type: "object",
             properties: {
                 url: {
-                    type: 'string',
-                    description: 'HTTP(S) URL to fetch (must start with http:// or https://)',
+                    type: "string",
+                    description: "HTTP(S) URL to fetch (must start with http:// or https://)",
                 },
                 format: {
-                    type: 'string',
-                    enum: ['text', 'markdown', 'html'],
-                    description: 'Output format: text (plain text), markdown (HTML to markdown), or html (raw HTML)',
+                    type: "string",
+                    enum: ["text", "markdown", "html"],
+                    description: "Output format: text (plain text), markdown (HTML to markdown), or html (raw HTML)",
                 },
                 timeout: {
-                    type: 'number',
-                    description: 'Timeout in seconds (default 30, min 1, max 120)',
+                    type: "number",
+                    description: "Timeout in seconds (default 30, min 1, max 120)",
                 },
             },
-            required: ['url', 'format'],
+            required: ["url", "format"],
         },
     },
 };
@@ -142,21 +150,21 @@ function htmlToText(html) {
         return convert(html, {
             wordwrap: 120,
             selectors: [
-                { selector: 'img', options: { ignoreHref: true } },
-                { selector: 'a', options: { ignoreHref: true } },
+                { selector: "img", options: { ignoreHref: true } },
+                { selector: "a", options: { ignoreHref: true } },
             ],
         });
     }
     catch (error) {
         // Fallback: basic regex if library fails
         return html
-            .replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '')
-            .replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, '')
-            .replace(/<[^>]+>/g, ' ')
-            .split('\n')
+            .replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, "")
+            .replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, "")
+            .replace(/<[^>]+>/g, " ")
+            .split("\n")
             .map((line) => line.trim())
             .filter((line) => line.length > 0)
-            .join('\n');
+            .join("\n");
     }
 }
 /**
@@ -184,11 +192,11 @@ async function fetchWithRedirectLimit(url, signal) {
         const response = await originalFetch(currentUrl, {
             signal,
             headers: FETCH_HEADERS,
-            redirect: 'manual', // Handle redirects manually to count them
+            redirect: "manual", // Handle redirects manually to count them
         });
         // Check for redirect status
         if (response.status >= 300 && response.status < 400) {
-            const location = response.headers.get('location');
+            const location = response.headers.get("location");
             if (location) {
                 redirectCount++;
                 // Resolve relative URLs
@@ -211,20 +219,20 @@ async function fetchWithRedirectLimit(url, signal) {
  */
 export async function webfetch(url, format, timeout) {
     // Validate URL
-    if (!url.startsWith('http://') && !url.startsWith('https://')) {
-        throw new Error('Invalid URL format. Must start with http:// or https://');
+    if (!url.startsWith("http://") && !url.startsWith("https://")) {
+        throw new Error("Invalid URL format. Must start with http:// or https://");
     }
     if (url.length > MAX_URL_LENGTH) {
         throw new Error(`URL too long (${url.length} characters, max ${MAX_URL_LENGTH})`);
     }
     // Validate format
-    if (!['text', 'markdown', 'html'].includes(format)) {
+    if (!["text", "markdown", "html"].includes(format)) {
         throw new Error("Invalid format. Must be 'text', 'markdown', or 'html'");
     }
     // Validate timeout
     const timeoutSeconds = Math.min(timeout ?? 30, 120);
     if (timeoutSeconds < 1) {
-        throw new Error('Timeout must be between 1 and 120 seconds');
+        throw new Error("Timeout must be between 1 and 120 seconds");
     }
     // Setup timeout for entire operation
     const controller = new AbortController();
@@ -238,17 +246,22 @@ export async function webfetch(url, format, timeout) {
             throw new Error(`HTTP ${response.status} error: ${response.statusText}`);
         }
         // Validate response size by header
-        const contentLength = response.headers.get('content-length');
+        const contentLength = response.headers.get("content-length");
         if (contentLength && parseInt(contentLength) > MAX_RESPONSE_SIZE) {
             throw new Error(`Response too large (exceeds 5MB limit). Content-Length: ${contentLength}`);
         }
         // Get content type
-        const contentType = response.headers.get('content-type') ?? 'text/plain';
+        const contentType = response.headers.get("content-type") ?? "text/plain";
         // Check if content type is text-based
         if (!isTextMimeType(contentType)) {
             throw new Error(`Content type '${contentType}' is not supported. Only text-based formats are allowed.`);
         }
-        // Get response as ArrayBuffer
+        // Get response as ArrayBuffer (not .text() or .blob()) because:
+        // 1. response.text() always decodes as UTF-8 — would corrupt non-UTF-8 pages
+        //    (e.g., Shift_JIS, GB2312, windows-1251 sites)
+        // 2. ArrayBuffer preserves raw bytes so we can use TextDecoder with the
+        //    CORRECT charset from the Content-Type header
+        // 3. We can check byteLength BEFORE decoding for security (5MB limit)
         const arrayBuffer = await response.arrayBuffer();
         // Check actual response size
         if (arrayBuffer.byteLength > MAX_RESPONSE_SIZE) {
@@ -262,18 +275,20 @@ export async function webfetch(url, format, timeout) {
         const isHTML = detectHTML(content, contentType);
         // Format content based on requested format
         let output;
-        if (format === 'text') {
+        if (format === "text") {
             output = isHTML ? htmlToText(content) : content;
         }
-        else if (format === 'markdown') {
-            output = isHTML ? await htmlToMarkdown(content) : `\`\`\`\n${content}\n\`\`\``;
+        else if (format === "markdown") {
+            output = isHTML
+                ? await htmlToMarkdown(content)
+                : `\`\`\`\n${content}\n\`\`\``;
         }
         else {
             // format === 'html'
             output = content;
         }
         // Decode HTML entities ONLY for text/markdown formats (not for raw HTML)
-        if (format !== 'html') {
+        if (format !== "html") {
             const he = await getHe();
             output = he.decode(output);
         }
@@ -294,7 +309,7 @@ export async function webfetch(url, format, timeout) {
     }
     catch (error) {
         // Handle AbortError (timeout or cancellation)
-        if (error instanceof Error && error.name === 'AbortError') {
+        if (error instanceof Error && error.name === "AbortError") {
             throw new Error(`Fetch timeout after ${timeoutSeconds} seconds`);
         }
         // Re-throw our errors as-is

package/dist/tools/write-file.js

@@ -4,6 +4,7 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { validatePath } from '../utils/path-validation.js';
+import { findSimilarPaths } from '../utils/path-suggestions.js';
 import { requestApproval } from '../utils/approval.js';
 import { recordRead } from '../utils/file-time.js';
 export const writeFileTool = {
@@ -22,7 +23,22 @@ export const writeFileTool = {
     },
 };
 export async function writeFile(filePath, content, sessionId) {
-    const validated = await validatePath(filePath);
+    let validated;
+    try {
+        validated = await validatePath(filePath);
+    }
+    catch (err) {
+        // If file not found, try to suggest similar paths
+        if (err.message?.includes('does not exist') || err.code === 'ENOENT') {
+            const suggestions = await findSimilarPaths(filePath);
+            let msg = `File not found: '${filePath}'`;
+            if (suggestions.length > 0) {
+                msg += '\nDid you mean one of these?\n' + suggestions.map(s => `  ${s}`).join('\n');
+            }
+            return msg;
+        }
+        throw err;
+    }
     // Request approval
     const preview = content.length > 500
         ? `${content.slice(0, 250)}\n... (${content.length} chars total) ...\n${content.slice(-250)}`
@@ -40,12 +56,32 @@ export async function writeFile(filePath, content, sessionId) {
     }
     // Ensure parent directory exists
     await fs.mkdir(path.dirname(validated), { recursive: true });
-    // Atomic write: write to temp file then rename
+    // Security: Atomic write with symlink protection
+    // Uses O_CREAT|O_EXCL ('wx' flag) to prevent symlink attacks
     const tmpPath = path.join(path.dirname(validated), `.protoagent-write-${process.pid}-${Date.now()}-${path.basename(validated)}`);
+    let fd;
     try {
-        await fs.writeFile(tmpPath, content, 'utf8');
+        // Open with O_CREAT|O_EXCL - atomically creates or fails if exists
+        fd = await fs.open(tmpPath, 'wx', 0o600);
+        await fd.writeFile(content, 'utf8');
+        await fd.sync();
+        await fd.close();
+        fd = undefined;
         await fs.rename(tmpPath, validated);
     }
+    catch (err) {
+        if (fd !== undefined) {
+            try {
+                await fd.close();
+            }
+            catch { /* ignore */ }
+        }
+        try {
+            await fs.unlink(tmpPath);
+        }
+        catch { /* ignore */ }
+        throw err;
+    }
     finally {
         await fs.rm(tmpPath, { force: true }).catch(() => undefined);
     }

package/dist/utils/approval.js

@@ -65,5 +65,7 @@ export async function requestApproval(req) {
             return true;
         case 'reject':
             return false;
+        default:
+            return false;
     }
 }

package/dist/utils/compactor.js

@@ -30,7 +30,8 @@ Be thorough but concise. Do not lose any information that would be needed to con
  * Compact a conversation if it exceeds the context window threshold.
  * Returns the original messages if compaction isn't needed or fails.
  */
-export async function compactIfNeeded(client, model, messages, contextWindow, currentTokens, requestDefaults = {}, sessionId) {
+export async function compactIfNeeded(client, model, messages, contextWindow, requestDefaults = {}, sessionId) {
+    const currentTokens = estimateConversationTokens(messages);
     const utilisation = (currentTokens / contextWindow) * 100;
     if (utilisation < 90)
         return messages;

package/dist/utils/cost-tracker.js

@@ -14,9 +14,12 @@ export function estimateMessageTokens(msg) {
     if ('content' in msg && typeof msg.content === 'string') {
         tokens += estimateTokens(msg.content);
     }
-    if ('tool_calls' in msg && Array.isArray(msg.tool_calls)) {
+    if ('tool_calls' in msg && msg.role === 'assistant' && Array.isArray(msg.tool_calls)) {
         for (const tc of msg.tool_calls) {
-            tokens += estimateTokens(tc.function?.name || '') + estimateTokens(tc.function?.arguments || '') + 10;
+            // Type guard for function tool calls
+            if (tc.type === 'function' && 'function' in tc) {
+                tokens += estimateTokens(tc.function.name || '') + estimateTokens(tc.function.arguments || '') + 10;
+            }
         }
     }
     return tokens;

package/dist/utils/format-message.js

@@ -1,5 +1,18 @@
 import { jsx as _jsx } from "react/jsx-runtime";
 import { Text } from 'ink';
+/**
+ * Normalize text for transcript display.
+ * - Collapses multiple consecutive newlines into a single newline
+ * - Trims leading/trailing whitespace
+ * - Returns empty string if text is empty/whitespace only
+ */
+export function normalizeTranscriptText(text) {
+    if (!text || !text.trim()) {
+        return '';
+    }
+    // Collapse multiple newlines to single, trim ends
+    return text.replace(/\n{2,}/g, '\n').trim();
+}
 function parseSegments(text) {
     const segments = [];
     // Strip markdown headers

package/dist/utils/logger.js

@@ -10,6 +10,7 @@
 import { appendFileSync, mkdirSync, existsSync } from 'node:fs';
 import { join } from 'node:path';
 import { homedir } from 'node:os';
+import stripAnsi from 'strip-ansi';
 export var LogLevel;
 (function (LogLevel) {
     LogLevel[LogLevel["ERROR"] = 0] = "ERROR";
@@ -59,7 +60,8 @@ function writeToFile(message) {
         appendFileSync(logFilePath, message);
     }
     catch (err) {
-        // Silently fail if we can't write to log file
+        // Emit to stderr since we can't write to log file
+        process.stderr.write(`Failed to write to log file: ${err}\n`);
     }
 }
 function timestamp() {
@@ -70,6 +72,14 @@ function timestamp() {
     const ms = String(d.getMilliseconds()).padStart(3, '0');
     return `${hh}:${mm}:${ss}.${ms}`;
 }
+function safeStringify(obj) {
+    try {
+        return JSON.stringify(obj);
+    }
+    catch {
+        return '[Object with circular references]';
+    }
+}
 function log(level, label, message, context) {
     if (level > currentLevel)
         return;
@@ -89,8 +99,11 @@ function log(level, label, message, context) {
     // Notify listeners
     logListeners.forEach(listener => listener(entry));
     // Write to file
-    const ctx = context ? ` ${JSON.stringify(context)}` : '';
-    writeToFile(`[${ts}] ${label.padEnd(5)} ${message}${ctx}\n`);
+    const ctx = context ? ` ${safeStringify(context)}` : '';
+    // Security: Strip ANSI escape codes to prevent terminal injection attacks
+    const sanitizedMessage = stripAnsi(message);
+    const sanitizedCtx = stripAnsi(ctx);
+    writeToFile(`[${ts}] ${label.padEnd(5)} ${sanitizedMessage}${sanitizedCtx}\n`);
 }
 export const logger = {
     error: (msg, ctx) => log(LogLevel.ERROR, 'ERROR', msg, ctx),