npm - sentinelayer-cli - Versions diffs - 0.4.5 → 0.8.0 - Mend

sentinelayer-cli 0.4.5 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/README.md +16 -18
package/package.json +7 -6
package/src/agents/jules/config/definition.js +13 -62
package/src/agents/jules/config/system-prompt.js +8 -1
package/src/agents/jules/fix-cycle.js +12 -372
package/src/agents/jules/loop.js +116 -26
package/src/agents/jules/pulse.js +10 -327
package/src/agents/jules/stream.js +13 -12
package/src/agents/jules/swarm/orchestrator.js +3 -3
package/src/agents/jules/swarm/sub-agent.js +6 -3
package/src/agents/jules/tools/aidenid-email.js +189 -0
package/src/agents/jules/tools/auth-audit.js +1187 -45
package/src/agents/jules/tools/dispatch.js +25 -12
package/src/agents/jules/tools/file-edit.js +2 -180
package/src/agents/jules/tools/file-read.js +2 -100
package/src/agents/jules/tools/glob.js +2 -168
package/src/agents/jules/tools/grep.js +2 -228
package/src/agents/jules/tools/path-guards.js +2 -161
package/src/agents/jules/tools/runtime-audit.js +6 -2
package/src/agents/jules/tools/shell.js +2 -383
package/src/agents/persona-visuals.js +64 -0
package/src/agents/shared-tools/dispatch-core.js +320 -0
package/src/agents/shared-tools/file-edit.js +180 -0
package/src/agents/shared-tools/file-read.js +100 -0
package/src/agents/shared-tools/glob.js +168 -0
package/src/agents/shared-tools/grep.js +228 -0
package/src/agents/shared-tools/index.js +46 -0
package/src/agents/shared-tools/path-guards.js +161 -0
package/src/agents/shared-tools/shell.js +383 -0
package/src/ai/aidenid.js +56 -7
package/src/ai/client.js +45 -0
package/src/ai/proxy.js +137 -0
package/src/auth/gate.js +290 -16
package/src/auth/http.js +450 -39
package/src/auth/service.js +262 -47
package/src/auth/session-store.js +475 -21
package/src/cli.js +5 -0
package/src/commands/audit.js +13 -8
package/src/commands/auth.js +53 -9
package/src/commands/omargate.js +10 -2
package/src/commands/scan.js +10 -4
package/src/commands/session.js +590 -0
package/src/commands/spec.js +62 -0
package/src/commands/watch.js +3 -2
package/src/daemon/assignment-ledger.js +196 -0
package/src/daemon/error-worker.js +599 -16
package/src/daemon/fix-cycle.js +384 -0
package/src/daemon/ingest-refresh.js +10 -9
package/src/daemon/jira-lifecycle.js +135 -0
package/src/daemon/pulse.js +327 -0
package/src/daemon/scope-engine.js +1068 -0
package/src/events/schema.js +190 -0
package/src/interactive/index.js +18 -16
package/src/legacy-cli.js +606 -37
package/src/prompt/generator.js +19 -1
package/src/review/ai-review.js +11 -1
package/src/review/local-review.js +75 -19
package/src/review/omargate-interactive.js +68 -0
package/src/review/omargate-orchestrator.js +404 -0
package/src/review/persona-prompts.js +296 -0
package/src/review/scan-modes.js +48 -0
package/src/scan/generator.js +1 -1
package/src/session/agent-registry.js +352 -0
package/src/session/daemon.js +801 -0
package/src/session/paths.js +33 -0
package/src/session/runtime-bridge.js +739 -0
package/src/session/store.js +388 -0
package/src/session/stream.js +325 -0
package/src/spec/generator.js +100 -0
package/src/telemetry/session-tracker.js +148 -32
package/src/telemetry/sync.js +6 -2
package/src/ui/command-hints.js +13 -0

package/src/agents/jules/tools/shell.js CHANGED Viewed

@@ -1,383 +1,2 @@
-import { execSync } from "node:child_process";
-import path from "node:path";
-const DEFAULT_TIMEOUT_MS = 120_000;
-const MAX_OUTPUT_CHARS = 30_000;
-const DEFAULT_ALLOWED_FETCH_HOSTS = [
-  "github.com",
-  "api.github.com",
-  "raw.githubusercontent.com",
-  "*.githubusercontent.com",
-  "registry.npmjs.org",
-  "registry.yarnpkg.com",
-  "pypi.org",
-  "files.pythonhosted.org",
-  "rubygems.org",
-  "crates.io",
-  "static.crates.io",
-];
-/**
- * Patterns that are BLOCKED unconditionally.
- * Sourced from review/local-review.js security rules + src bash security patterns.
- */
-const BLOCKED_PATTERNS = [
-  { pattern: /rm\s+(-[rR]f?|--recursive)\s+\/($|\s)/, desc: "rm -rf /" },
-  { pattern: /:\(\)\s*\{[^}]*\}\s*;?\s*:/, desc: "fork bomb" },
-  { pattern: /\beval\s*\(/, desc: "eval injection" },
-  { pattern: /curl[^|]*\|\s*(ba)?sh/, desc: "pipe to shell" },
-  { pattern: /wget[^|]*\|\s*(ba)?sh/, desc: "wget pipe to shell" },
-  { pattern: />\s*\/dev\/sd[a-z]/, desc: "write to raw device" },
-  { pattern: /mkfs\./, desc: "filesystem format" },
-  { pattern: /dd\s+.*of=\/dev\//, desc: "dd to device" },
-  { pattern: /chmod\s+777\s+\//, desc: "chmod 777 root" },
-  { pattern: />\s*\/etc\//, desc: "write to /etc" },
-  { pattern: /rm\s+-rf?\s+~/, desc: "rm home directory" },
-  { pattern: /git\s+push\s+.*--force\s+.*main/, desc: "force push to main" },
-  { pattern: /git\s+reset\s+--hard/, desc: "git reset hard" },
-  { pattern: /DROP\s+TABLE|DROP\s+DATABASE/i, desc: "SQL drop" },
-  { pattern: /TRUNCATE\s+TABLE/i, desc: "SQL truncate" },
-];
-/**
- * Patterns that trigger a WARNING but are allowed.
- */
-const WARN_PATTERNS = [
-  { pattern: /npm\s+install|yarn\s+add|pnpm\s+add/, desc: "package install" },
-  { pattern: /git\s+push/, desc: "git push" },
-  { pattern: /curl\s|wget\s|fetch\(/, desc: "network request" },
-  { pattern: /rm\s+-/, desc: "file deletion" },
-  { pattern: /sudo\s/, desc: "elevated privileges" },
-];
-/**
- * Environment variables to strip from child process env.
- * Prevents credential leakage to spawned commands.
- */
-const EXACT_ENV_KEYS_TO_STRIP = new Set([
-  "ANTHROPIC_API_KEY",
-  "OPENAI_API_KEY",
-  "GOOGLE_API_KEY",
-  "GEMINI_API_KEY",
-  "SENTINELAYER_TOKEN",
-  "AIDENID_API_KEY",
-  "AIDENID_TOKEN",
-  "AWS_ACCESS_KEY_ID",
-  "AWS_SECRET_ACCESS_KEY",
-  "AWS_SESSION_TOKEN",
-  "AWS_WEB_IDENTITY_TOKEN_FILE",
-  "AZURE_CLIENT_SECRET",
-  "GOOGLE_APPLICATION_CREDENTIALS",
-  "GITHUB_TOKEN",
-  "GH_TOKEN",
-  "GITLAB_TOKEN",
-  "BITBUCKET_TOKEN",
-  "NPM_TOKEN",
-  "NODE_AUTH_TOKEN",
-  "PYPI_API_TOKEN",
-  "RUBYGEMS_API_KEY",
-  "CARGO_REGISTRY_TOKEN",
-  "ACTIONS_ID_TOKEN_REQUEST_TOKEN",
-  "ACTIONS_RUNTIME_TOKEN",
-  "CI_JOB_TOKEN",
-  "CI_JOB_JWT",
-  "STRIPE_SECRET_KEY",
-  "SLACK_BOT_TOKEN",
-  "TELEGRAM_BOT_TOKEN",
-  "DISCORD_BOT_TOKEN",
-  "TWILIO_AUTH_TOKEN",
-  "SENDGRID_API_KEY",
-  "RESEND_API_KEY",
-  "DATABASE_URL",
-  "REDIS_URL",
-  "MONGODB_URI",
-  "SSH_SIGNING_KEY",
-  "SSH_PRIVATE_KEY",
-  "KUBECONFIG",
-  "KUBE_CONFIG_DATA",
-]);
-const ENV_KEY_PREFIX_PATTERNS = [
-  /^AIDENID_/i,
-  /^SENTINELAYER_/i,
-  /^OPENAI_/i,
-  /^ANTHROPIC_/i,
-  /^GOOGLE_/i,
-  /^GITHUB_/i,
-  /^GH_/i,
-  /^AWS_/i,
-  /^AZURE_/i,
-  /^SLACK_/i,
-  /^STRIPE_/i,
-  /^TELEGRAM_/i,
-  /^DISCORD_/i,
-  /^TWILIO_/i,
-  /^SENDGRID_/i,
-  /^RESEND_/i,
-];
-const ENV_KEY_SUFFIX_PATTERNS = [
-  /_TOKEN$/i,
-  /_API_KEY$/i,
-  /_SECRET$/i,
-  /_SECRET_KEY$/i,
-  /_PASSWORD$/i,
-  /_PRIVATE_KEY$/i,
-  /_ACCESS_KEY$/i,
-  /_AUTH_TOKEN$/i,
-  /_SESSION_TOKEN$/i,
-];
-/**
- * Execute a shell command with security analysis, timeout, and env scrubbing.
- *
- * @param {object} input
- * @param {string} input.command - The shell command to execute.
- * @param {string} [input.cwd] - Working directory (default: process.cwd()).
- * @param {number} [input.timeout] - Timeout in ms (default: 120000).
- * @returns {{ stdout, stderr, exitCode, durationMs, command, security }}
- */
-export function shell(input) {
-  if (!input.command || typeof input.command !== "string") {
-    throw new ShellError("command is required and must be a non-empty string.");
-  }
-  const command = input.command.trim();
-  const cwd = input.cwd ? path.resolve(input.cwd) : process.cwd();
-  const timeout = input.timeout ?? DEFAULT_TIMEOUT_MS;
-  // Security analysis
-  const security = analyzeCommand(command);
-  if (security.risk === "blocked") {
-    throw new ShellBlockedError(
-      `Command blocked: ${security.patterns[0].desc}`,
-      security,
-    );
-  }
-  // Build scrubbed environment
-  const env = buildScrubbedEnv();
-  const startMs = Date.now();
-  let stdout = "";
-  let stderr = "";
-  let exitCode = 0;
-  try {
-    stdout = execSync(command, {
-      cwd,
-      encoding: "utf-8",
-      timeout,
-      env,
-      maxBuffer: 10 * 1024 * 1024,
-      stdio: ["pipe", "pipe", "pipe"],
-    });
-  } catch (err) {
-    exitCode = err.status ?? 1;
-    stdout = err.stdout ?? "";
-    stderr = err.stderr ?? "";
-    if (err.killed) {
-      stderr += `\n[Process killed: timeout after ${timeout}ms]`;
-    }
-  }
-  const durationMs = Date.now() - startMs;
-  // Truncate large outputs
-  if (stdout.length > MAX_OUTPUT_CHARS) {
-    stdout = stdout.slice(0, MAX_OUTPUT_CHARS) + "\n[... truncated]";
-  }
-  if (stderr.length > MAX_OUTPUT_CHARS) {
-    stderr = stderr.slice(0, MAX_OUTPUT_CHARS) + "\n[... truncated]";
-  }
-  return { stdout, stderr, exitCode, durationMs, command, security };
-}
-/**
- * Analyze a command for security risks.
- * @param {object} [options]
- * @param {Record<string, string|undefined>} [options.env]
- * @returns {{ risk: "safe"|"warn"|"blocked", patterns: Array<{desc}>, networkPolicy?: object }}
- */
-export function analyzeCommand(command, options = {}) {
-  const networkPolicy = evaluateNetworkPolicy(command, options.env);
-  if (networkPolicy.blocking) {
-    return {
-      risk: "blocked",
-      patterns: [{ desc: networkPolicy.reason }],
-      networkPolicy,
-    };
-  }
-  for (const rule of BLOCKED_PATTERNS) {
-    if (rule.pattern.test(command)) {
-      return { risk: "blocked", patterns: [rule], networkPolicy };
-    }
-  }
-  const warnings = [];
-  for (const rule of WARN_PATTERNS) {
-    if (rule.pattern.test(command)) {
-      warnings.push(rule);
-    }
-  }
-  if (warnings.length > 0) {
-    return { risk: "warn", patterns: warnings, networkPolicy };
-  }
-  return { risk: "safe", patterns: [], networkPolicy };
-}
-export function buildScrubbedEnv(sourceEnv = process.env) {
-  const env = { ...sourceEnv };
-  for (const key of Object.keys(env)) {
-    if (shouldStripEnvKey(key)) {
-      delete env[key];
-    }
-  }
-  return env;
-}
-function shouldStripEnvKey(key) {
-  if (!key) {
-    return false;
-  }
-  const upperKey = String(key).toUpperCase();
-  if (EXACT_ENV_KEYS_TO_STRIP.has(upperKey)) {
-    return true;
-  }
-  if (upperKey.startsWith("INPUT_")) {
-    const baseKey = upperKey.slice("INPUT_".length);
-    if (EXACT_ENV_KEYS_TO_STRIP.has(baseKey)) {
-      return true;
-    }
-    if (ENV_KEY_PREFIX_PATTERNS.some((pattern) => pattern.test(baseKey))) {
-      return true;
-    }
-    if (ENV_KEY_SUFFIX_PATTERNS.some((pattern) => pattern.test(baseKey))) {
-      return true;
-    }
-  }
-  if (ENV_KEY_PREFIX_PATTERNS.some((pattern) => pattern.test(upperKey))) {
-    return true;
-  }
-  return ENV_KEY_SUFFIX_PATTERNS.some((pattern) => pattern.test(upperKey));
-}
-function evaluateNetworkPolicy(command, sourceEnv = process.env) {
-  if (!/\b(curl|wget)\b/i.test(command)) {
-    return {
-      blocking: false,
-      hosts: [],
-      deniedHosts: [],
-    };
-  }
-  const hosts = extractNetworkHosts(command);
-  if (hosts.length === 0) {
-    return {
-      blocking: true,
-      hosts: [],
-      deniedHosts: [],
-      reason: "network command requires explicit URL host",
-    };
-  }
-  const allowlist = resolveAllowedFetchHosts(sourceEnv);
-  const deniedHosts = hosts.filter((host) => !isAllowedHost(host, allowlist));
-  if (deniedHosts.length > 0) {
-    return {
-      blocking: true,
-      hosts,
-      deniedHosts,
-      reason: `network host not allowlisted: ${deniedHosts.join(", ")}`,
-    };
-  }
-  return {
-    blocking: false,
-    hosts,
-    deniedHosts: [],
-  };
-}
-function resolveAllowedFetchHosts(sourceEnv = process.env) {
-  const configured = String(sourceEnv.SENTINELAYER_ALLOWED_FETCH_HOSTS || "")
-    .split(",")
-    .map((item) => normalizeHostPattern(item))
-    .filter(Boolean);
-  const allPatterns = [...DEFAULT_ALLOWED_FETCH_HOSTS, ...configured]
-    .map((item) => normalizeHostPattern(item))
-    .filter(Boolean);
-  return Array.from(new Set(allPatterns));
-}
-function extractNetworkHosts(command) {
-  const matches = command.matchAll(/\bhttps?:\/\/([^\s"'`]+)/gi);
-  const hosts = new Set();
-  for (const match of matches) {
-    const candidate = match?.[0];
-    if (!candidate) {
-      continue;
-    }
-    try {
-      const parsed = new URL(candidate);
-      const host = normalizeHostPattern(parsed.hostname);
-      if (host) {
-        hosts.add(host);
-      }
-    } catch {
-      // Skip malformed URL segments.
-    }
-  }
-  return Array.from(hosts);
-}
-function isAllowedHost(host, allowlist) {
-  const normalizedHost = normalizeHostPattern(host);
-  if (!normalizedHost) {
-    return false;
-  }
-  return allowlist.some((pattern) => {
-    if (!pattern) {
-      return false;
-    }
-    if (pattern.startsWith("*.")) {
-      const suffix = pattern.slice(2);
-      return normalizedHost === suffix || normalizedHost.endsWith(`.${suffix}`);
-    }
-    return normalizedHost === pattern;
-  });
-}
-function normalizeHostPattern(value) {
-  return String(value || "")
-    .trim()
-    .toLowerCase()
-    .replace(/\.$/, "");
-}
-export class ShellError extends Error {
-  constructor(message) {
-    super(message);
-    this.name = "ShellError";
-  }
-}
-export class ShellBlockedError extends ShellError {
-  constructor(message, security) {
-    super(message);
-    this.name = "ShellBlockedError";
-    this.security = security;
-  }
-}
+// Re-export from shared tools. Shell is not Jules-specific.
+export { shell, analyzeCommand, buildScrubbedEnv, ShellError, ShellBlockedError } from "../../shared-tools/shell.js";

package/src/agents/persona-visuals.js ADDED Viewed

@@ -0,0 +1,64 @@
+/**
+ * SentinelLayer Persona Visual Identity Registry
+ *
+ * All 13 personas — visual identity, domain specialty, and bias.
+ * Shared across all persona packages, daemon services, and orchestrators.
+ * NOT Jules-specific — this is platform infrastructure.
+ */
+export const PERSONA_VISUALS = Object.freeze({
+  frontend:        { color: "cyan",    avatar: "\u{1F3AF}", shortName: "Jules",  fullName: "Jules Tanaka",     domain: "frontend_runtime",      specialty: "React/Next.js/Vue production specialist — hydration safety, render cost, accessibility, bundle weight, mobile responsiveness", bias: "user-perceived performance over vanity optimization" },
+  security:        { color: "red",     avatar: "\u{1F6E1}\uFE0F", shortName: "Nina",   fullName: "Nina Patel",       domain: "security_overlay",      specialty: "AuthZ breaks, secret exposure, injection paths, policy bypass, externally reachable abuse conditions", bias: "assume hostile inputs until proven safe" },
+  backend:         { color: "blue",    avatar: "\u2699\uFE0F",    shortName: "Maya",   fullName: "Maya Volkov",      domain: "backend_runtime",       specialty: "Unsafe request handling, runtime crashes, unbounded work, validation gaps, server-side trust boundary failures", bias: "every request is potentially adversarial" },
+  architecture:    { color: "blue",    avatar: "\u{1F3DB}\uFE0F", shortName: "Maya",   fullName: "Maya Volkov",      domain: "backend_architecture",  specialty: "Module boundaries, coupling, state sprawl, god components, circular dependencies, dead code", bias: "boundaries and contracts before cleverness" },
+  performance:     { color: "yellow",  avatar: "\u26A1",          shortName: "Arjun",  fullName: "Arjun Mehta",      domain: "performance_efficiency", specialty: "N+1 queries, blocking I/O, unbounded fetches, memory leaks, bundle bloat, missing caches", bias: "measure before optimizing, then measure again" },
+  compliance:      { color: "magenta", avatar: "\u{1F4CB}",       shortName: "Leila",  fullName: "Leila Farouk",     domain: "compliance_controls",   specialty: "PII handling, audit logging, GDPR/SOC2/HIPAA gaps, consent tracking, data classification", bias: "evidence, not assertions, per regulatory requirement" },
+  testing:         { color: "green",   avatar: "\u{1F9EA}",       shortName: "Priya",  fullName: "Priya Raman",      domain: "testing_correctness",   specialty: "Missing regression coverage, false confidence from shallow tests, broken invariants with no executable proof", bias: "tests that pass but miss real bugs are worse than no tests" },
+  release:         { color: "yellow",  avatar: "\u{1F680}",       shortName: "Omar",   fullName: "Omar Singh",       domain: "release_engineering",   specialty: "CI/CD integrity, workflow trust, artifact provenance, bypassable gates, unsafe deployment automation", bias: "every deployment is a security boundary" },
+  "code-quality":  { color: "purple",  avatar: "\u{1F48E}",       shortName: "Ethan",  fullName: "Ethan Park",       domain: "code_quality",          specialty: "Complexity hotspots, unsafe shortcuts, brittle structure, maintenance risks that hide future defects", bias: "simplicity is a security feature" },
+  infrastructure:  { color: "orange",  avatar: "\u{1F3D7}\uFE0F", shortName: "Kat",    fullName: "Kat Hughes",       domain: "infrastructure",        specialty: "IAM blast radius, public exposure, network posture, secrets placement, infrastructure policy drift", bias: "least privilege by default, explicit escalation required" },
+  data:            { color: "pink",    avatar: "\u{1F5C4}\uFE0F", shortName: "Linh",   fullName: "Linh Tran",        domain: "data_layer",            specialty: "Query safety, migration drift, integrity failures, tenancy leaks, schema/application mismatches", bias: "data integrity is non-negotiable" },
+  observability:   { color: "magenta", avatar: "\u{1F4CA}",       shortName: "Sofia",  fullName: "Sofia Alvarez",    domain: "observability",         specialty: "Missing telemetry, broken alerting, weak auditability, blind spots that hide failures or attacks", bias: "if you can't observe it, you can't secure it" },
+  reliability:     { color: "white",   avatar: "\u{1F504}",       shortName: "Noah",   fullName: "Noah Ben-David",   domain: "reliability_sre",       specialty: "Timeout safety, retry storms, backlog growth, partial failure handling, operational blast radius", bias: "graceful degradation over silent failure" },
+  documentation:   { color: "gray",    avatar: "\u{1F4DD}",       shortName: "Samir",  fullName: "Samir Okafor",     domain: "docs_knowledge",        specialty: "Operational drift between docs and code, missing runbook steps, misleading instructions that break operators", bias: "documentation is a contract, not decoration" },
+  "supply-chain":  { color: "brown",   avatar: "\u{1F4E6}",       shortName: "Nora",   fullName: "Nora Kline",       domain: "supply_chain",          specialty: "Dependency risk, provenance gaps, pinning drift, artifact trust, compromised build inputs", bias: "every dependency is a trust decision" },
+  "ai-governance": { color: "violet",  avatar: "\u{1F916}",       shortName: "Amina",  fullName: "Amina Chen",       domain: "ai_pipeline",           specialty: "Prompt injection, tool abuse, eval regressions, unsafe model routing, guardrail bypass, policy drift in agentic flows", bias: "AI autonomy requires proportional governance" },
+});
+/**
+ * Resolve persona visual identity by agent ID or persona name.
+ */
+export function resolvePersonaVisual(idOrName) {
+  if (!idOrName) return null;
+  const lower = String(idOrName).toLowerCase();
+  // Direct ID match
+  if (PERSONA_VISUALS[lower]) return { id: lower, ...PERSONA_VISUALS[lower] };
+  // Name match (first name or full name)
+  for (const [id, visual] of Object.entries(PERSONA_VISUALS)) {
+    if (visual.shortName.toLowerCase() === lower || visual.fullName.toLowerCase() === lower) {
+      return { id, ...visual };
+    }
+  }
+  return null;
+}
+/**
+ * List all persona IDs for autocomplete.
+ */
+export function listPersonaIds() {
+  return Object.keys(PERSONA_VISUALS);
+}
+/**
+ * List all persona names (short + full) for autocomplete.
+ */
+export function listPersonaNames() {
+  const names = [];
+  for (const [id, visual] of Object.entries(PERSONA_VISUALS)) {
+    names.push(id, visual.shortName.toLowerCase(), visual.fullName.toLowerCase());
+  }
+  return names;
+}