pwnkit-cli 0.1.6 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +44 -13
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -10429,21 +10429,47 @@ var init_process = __esm({
|
|
|
10429
10429
|
return new Promise((resolve3) => {
|
|
10430
10430
|
let stdout = "";
|
|
10431
10431
|
let stderr = "";
|
|
10432
|
+
let resultText = "";
|
|
10432
10433
|
let timedOut = false;
|
|
10434
|
+
const isStreamJson = args.includes("stream-json");
|
|
10433
10435
|
const proc = spawn(this.command, args, {
|
|
10434
10436
|
cwd: this.config.cwd ?? process.cwd(),
|
|
10435
10437
|
env: { ...process.env, ...env2 },
|
|
10436
10438
|
stdio: ["pipe", "pipe", "pipe"]
|
|
10437
10439
|
});
|
|
10438
10440
|
proc.stdout.on("data", (chunk) => {
|
|
10439
|
-
|
|
10441
|
+
const text2 = chunk.toString();
|
|
10442
|
+
stdout += text2;
|
|
10443
|
+
if (isStreamJson) {
|
|
10444
|
+
for (const line of text2.split("\n")) {
|
|
10445
|
+
if (!line.trim())
|
|
10446
|
+
continue;
|
|
10447
|
+
try {
|
|
10448
|
+
const event = JSON.parse(line);
|
|
10449
|
+
if (event.type === "assistant" && event.message?.content) {
|
|
10450
|
+
for (const block of event.message.content) {
|
|
10451
|
+
if (block.type === "text") {
|
|
10452
|
+
resultText += block.text;
|
|
10453
|
+
} else if (block.type === "tool_use") {
|
|
10454
|
+
if (process.stderr.isTTY) {
|
|
10455
|
+
const name = block.name || "tool";
|
|
10456
|
+
const input = typeof block.input === "object" ? JSON.stringify(block.input).slice(0, 80) : "";
|
|
10457
|
+
process.stderr.write(dim(` \u2192 ${name} ${input}
|
|
10458
|
+
`));
|
|
10459
|
+
}
|
|
10460
|
+
}
|
|
10461
|
+
}
|
|
10462
|
+
} else if (event.type === "result") {
|
|
10463
|
+
resultText = event.result || resultText;
|
|
10464
|
+
}
|
|
10465
|
+
} catch {
|
|
10466
|
+
}
|
|
10467
|
+
}
|
|
10468
|
+
}
|
|
10440
10469
|
});
|
|
10441
10470
|
proc.stderr.on("data", (chunk) => {
|
|
10442
10471
|
const text2 = chunk.toString();
|
|
10443
10472
|
stderr += text2;
|
|
10444
|
-
if (process.stderr.isTTY) {
|
|
10445
|
-
process.stderr.write(dim(text2));
|
|
10446
|
-
}
|
|
10447
10473
|
});
|
|
10448
10474
|
const timer = setTimeout(() => {
|
|
10449
10475
|
timedOut = true;
|
|
@@ -10452,8 +10478,9 @@ var init_process = __esm({
|
|
|
10452
10478
|
}, this.config.timeout);
|
|
10453
10479
|
proc.on("close", (code) => {
|
|
10454
10480
|
clearTimeout(timer);
|
|
10481
|
+
const output = isStreamJson ? (resultText || stdout).trim() : stdout.trim();
|
|
10455
10482
|
resolve3({
|
|
10456
|
-
output
|
|
10483
|
+
output,
|
|
10457
10484
|
exitCode: code,
|
|
10458
10485
|
timedOut,
|
|
10459
10486
|
durationMs: Date.now() - start,
|
|
@@ -10488,7 +10515,7 @@ var init_process = __esm({
|
|
|
10488
10515
|
buildArgs(prompt, context) {
|
|
10489
10516
|
switch (this.type) {
|
|
10490
10517
|
case "claude": {
|
|
10491
|
-
const args = ["-p", prompt, "--output-format", "
|
|
10518
|
+
const args = ["-p", prompt, "--verbose", "--output-format", "stream-json"];
|
|
10492
10519
|
if (context?.systemPrompt) {
|
|
10493
10520
|
args.push("--system-prompt", context.systemPrompt);
|
|
10494
10521
|
}
|
|
@@ -14046,7 +14073,7 @@ var chalkStderr = createChalk({ level: stderrColor ? stderrColor.level : 0 });
|
|
|
14046
14073
|
var source_default = chalk;
|
|
14047
14074
|
|
|
14048
14075
|
// packages/shared/dist/constants.js
|
|
14049
|
-
var VERSION = "0.1.
|
|
14076
|
+
var VERSION = "0.1.8";
|
|
14050
14077
|
var DEPTH_CONFIG = {
|
|
14051
14078
|
quick: { maxTemplates: 5, maxPayloadsPerTemplate: 1, multiTurn: false },
|
|
14052
14079
|
default: { maxTemplates: 20, maxPayloadsPerTemplate: 3, multiTurn: false },
|
|
@@ -18452,11 +18479,11 @@ program2.command("review").description("Deep source code security review of a re
|
|
|
18452
18479
|
switch (event.type) {
|
|
18453
18480
|
case "stage:start": {
|
|
18454
18481
|
const msg = event.message;
|
|
18455
|
-
if (
|
|
18482
|
+
if (msg.startsWith("Reading ")) {
|
|
18456
18483
|
spinner?.stop();
|
|
18457
18484
|
console.log(` ${source_default.cyan("\u2192")} ${source_default.cyan("read")} ${source_default.gray(msg.replace("Reading ", ""))}`);
|
|
18458
18485
|
spinner?.start();
|
|
18459
|
-
} else if (
|
|
18486
|
+
} else if (msg.startsWith("Running: ")) {
|
|
18460
18487
|
spinner?.stop();
|
|
18461
18488
|
console.log(` ${source_default.magenta("\u2192")} ${source_default.magenta("exec")} ${source_default.gray(msg.replace("Running: ", ""))}`);
|
|
18462
18489
|
spinner?.start();
|
|
@@ -18470,10 +18497,12 @@ program2.command("review").description("Deep source code security review of a re
|
|
|
18470
18497
|
spinner?.succeed(event.message);
|
|
18471
18498
|
break;
|
|
18472
18499
|
case "finding":
|
|
18473
|
-
|
|
18500
|
+
{
|
|
18501
|
+
spinner?.stop();
|
|
18474
18502
|
console.log(
|
|
18475
18503
|
` ${source_default.yellow("\u26A1")} ${source_default.yellow(event.message)}`
|
|
18476
18504
|
);
|
|
18505
|
+
spinner?.start();
|
|
18477
18506
|
}
|
|
18478
18507
|
break;
|
|
18479
18508
|
case "error":
|
|
@@ -18568,11 +18597,11 @@ program2.command("audit").description("Audit an npm package for security vulnera
|
|
|
18568
18597
|
switch (event.type) {
|
|
18569
18598
|
case "stage:start": {
|
|
18570
18599
|
const msg = event.message;
|
|
18571
|
-
if (
|
|
18600
|
+
if (msg.startsWith("Reading ")) {
|
|
18572
18601
|
spinner?.stop();
|
|
18573
18602
|
console.log(` ${source_default.cyan("\u2192")} ${source_default.cyan("read")} ${source_default.gray(msg.replace("Reading ", ""))}`);
|
|
18574
18603
|
spinner?.start();
|
|
18575
|
-
} else if (
|
|
18604
|
+
} else if (msg.startsWith("Running: ")) {
|
|
18576
18605
|
spinner?.stop();
|
|
18577
18606
|
console.log(` ${source_default.magenta("\u2192")} ${source_default.magenta("exec")} ${source_default.gray(msg.replace("Running: ", ""))}`);
|
|
18578
18607
|
spinner?.start();
|
|
@@ -18586,10 +18615,12 @@ program2.command("audit").description("Audit an npm package for security vulnera
|
|
|
18586
18615
|
spinner?.succeed(event.message);
|
|
18587
18616
|
break;
|
|
18588
18617
|
case "finding":
|
|
18589
|
-
|
|
18618
|
+
{
|
|
18619
|
+
spinner?.stop();
|
|
18590
18620
|
console.log(
|
|
18591
18621
|
` ${source_default.yellow("\u26A1")} ${source_default.yellow(event.message)}`
|
|
18592
18622
|
);
|
|
18623
|
+
spinner?.start();
|
|
18593
18624
|
}
|
|
18594
18625
|
break;
|
|
18595
18626
|
case "error":
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pwnkit-cli",
|
|
3
3
|
"type": "module",
|
|
4
|
-
"version": "0.1.
|
|
4
|
+
"version": "0.1.8",
|
|
5
5
|
"description": "AI-powered agentic security scanner. Scan endpoints, audit packages, review source code. Autonomous agents discover, attack, verify, and report.",
|
|
6
6
|
"bin": {
|
|
7
7
|
"pwnkit": "dist/index.js"
|