site-agent-pro 1.0.0

package/dist/cli/run.js

@@ -0,0 +1,309 @@
+import path from "node:path";
+import { Command } from "commander";
+import { authSettings, resolveAuthSessionStatePath, updateAuthSettings } from "../auth/profile.js";
+import { runAuthFlow } from "../auth/runner.js";
+import { config, updateConfig, resolveLlmRuntime } from "../config.js";
+import { getWalletConfig, getWalletBalance } from "../wallet/wallet.js";
+import { getAgentAccount } from "../paystack/index.js";
+import { buildCustomTaskSuite } from "../core/customTaskSuite.js";
+import { runAuditJob } from "../core/runAuditJob.js";
+import { normalizeCustomTasks, SUBMISSION_TASKS_REQUIRED_MESSAGE } from "../submissions/customTasks.js";
+import { buildDefaultTradeRunOptions } from "../trade/policy.js";
+import { TradeStrategySchema } from "../trade/types.js";
+import { exec } from "node:child_process";
+import { resolveRunDir } from "../utils/files.js";
+import { info, warn } from "../utils/log.js";
+import { startDashboard } from "../dashboard/server.js";
+import { updateWalletSettings } from "../wallet/wallet.js";
+const program = new Command();
+function summarizeCliPath(filePath) {
+    const relativePath = path.relative(process.cwd(), filePath);
+    return relativePath && relativePath !== "" && !relativePath.startsWith("..") ? relativePath : filePath;
+}
+function resolveMaybeUrl(baseUrl, value) {
+    const trimmed = value?.trim();
+    if (!trimmed) {
+        return undefined;
+    }
+    return new URL(trimmed, baseUrl).toString();
+}
+function collectRepeatedOption(value, previous) {
+    return [...previous, value];
+}
+function parseLlmProvider(value) {
+    const normalized = value.trim().toLowerCase();
+    if (normalized === "openai" || normalized === "ollama") {
+        return normalized;
+    }
+    throw new Error(`Unsupported LLM provider '${value}'. Use 'openai' or 'ollama'.`);
+}
+function parseTradeStrategy(value) {
+    const parsed = TradeStrategySchema.safeParse(value.trim());
+    if (!parsed.success) {
+        throw new Error(`Unsupported trade strategy '${value}'. Use 'auto', 'dapp_only', or 'deposit_only'.`);
+    }
+    return parsed.data;
+}
+function parseOptionalConfirmationCount(value) {
+    const parsed = Number(value);
+    if (!Number.isInteger(parsed) || parsed < 0 || parsed > 12) {
+        throw new Error("Trade confirmations must be an integer between 0 and 12.");
+    }
+    return parsed;
+}
+function openUrl(url) {
+    const command = process.platform === "win32" ? "start" : process.platform === "darwin" ? "open" : "xdg-open";
+    exec(`${command} ${url}`, (error) => {
+        if (error) {
+            warn(`Could not automatically open browser: ${error.message}`);
+            info(`Please open manually at: ${url}`);
+        }
+    });
+}
+program
+    .name("site-agent-pro")
+    .description("AI-powered browser agent for website auditing and side-by-side development");
+program
+    .command("run", { isDefault: true })
+    .description("Run an audit against a target URL")
+    .option("--url <url>", "Website URL to test")
+    .option("--headed", "Run browser in headed mode")
+    .option("--mobile", "Run using a mobile device profile")
+    .option("--ignore-https-errors", "Allow invalid or self-signed HTTPS certificates")
+    .option("--storage-state <path>", "Load Playwright storage state JSON before the run")
+    .option("--save-storage-state <path>", "Save Playwright storage state JSON after the run")
+    .option("--task <task>", "Accepted task for the agent to perform. Repeat for multiple tasks.", collectRepeatedOption, [])
+    .option("--llm-provider <provider>", "LLM provider to use: openai or ollama")
+    .option("--model <model>", "Override the model name for the selected LLM provider")
+    .option("--ollama-base-url <url>", "Override the Ollama base URL")
+    .option("--auth-flow", "Create or verify a test account, log in, save session state, then continue the accepted tasks behind auth")
+    .option("--auth-only", "Run only the signup/verification/login bootstrap and save session state")
+    .option("--signup-url <url>", "Absolute or relative signup URL to use during auth bootstrap")
+    .option("--login-url <url>", "Absolute or relative login URL to use during auth bootstrap")
+    .option("--access-url <url>", "Absolute or relative protected URL to verify after login")
+    .option("--trade-enabled", "Allow deterministic onchain trade execution for this run")
+    .option("--trade-dry-run", "Validate the extracted trade without broadcasting it")
+    .option("--trade-strategy <strategy>", "Trade strategy: auto, dapp_only, or deposit_only")
+    .option("--trade-confirmations <count>", "Confirmations to wait for before marking a trade confirmed", parseOptionalConfirmationCount)
+    .option("--openai-api-key <key>", "Override OpenAI/LLM API key")
+    .option("--imap-password <password>", "Override IMAP password for OTP retrieval")
+    .option("--auth-password <password>", "Override AUTH_TEST_PASSWORD for signup/login")
+    .option("--private-key <key>", "Override Web3 wallet private key")
+    .action(async (options) => {
+    if (!options.url) {
+        program.help();
+        return;
+    }
+    // Apply security overrides before doing anything else
+    if (options.openaiApiKey)
+        updateConfig({ openaiApiKey: options.openaiApiKey });
+    if (options.imapPassword)
+        updateAuthSettings({ AUTH_IMAP_PASSWORD: options.imapPassword });
+    if (options.authPassword)
+        updateAuthSettings({ AUTH_TEST_PASSWORD: options.authPassword });
+    if (options.privateKey)
+        updateWalletSettings({ WALLET_PRIVATE_KEY: options.privateKey });
+    try {
+        const baseUrl = options.url;
+        const storageStatePath = options.storageState?.trim() ? path.resolve(options.storageState) : undefined;
+        const saveStorageStatePath = options.saveStorageState?.trim() ? path.resolve(options.saveStorageState) : undefined;
+        const configuredStorageStatePath = config.playwrightStorageStatePath
+            ? path.resolve(config.playwrightStorageStatePath)
+            : undefined;
+        const effectiveStorageStatePath = storageStatePath ?? configuredStorageStatePath;
+        const authRequested = Boolean(options.authFlow) || Boolean(options.authOnly);
+        const authOnly = Boolean(options.authOnly);
+        const acceptedTasks = normalizeCustomTasks(options.task ?? []);
+        const suiteOverride = !authOnly
+            ? (() => {
+                if (acceptedTasks.length === 0) {
+                    throw new Error(`${SUBMISSION_TASKS_REQUIRED_MESSAGE} Use --task \"...\" one or more times for CLI runs.`);
+                }
+                return buildCustomTaskSuite(acceptedTasks);
+            })()
+            : undefined;
+        const signupUrl = resolveMaybeUrl(baseUrl, options.signupUrl ?? authSettings.signupUrl);
+        const loginUrl = resolveMaybeUrl(baseUrl, options.loginUrl ?? authSettings.loginUrl);
+        const accessUrl = resolveMaybeUrl(baseUrl, options.accessUrl ?? authSettings.accessUrl);
+        const llmRuntime = resolveLlmRuntime({
+            ...(options.llmProvider ? { provider: parseLlmProvider(options.llmProvider) } : {}),
+            ...(options.model?.trim() ? { model: options.model.trim() } : {}),
+            ...(options.ollamaBaseUrl?.trim() ? { ollamaBaseUrl: options.ollamaBaseUrl.trim() } : {})
+        });
+        const defaultTradeOptions = buildDefaultTradeRunOptions();
+        const tradeOptions = {
+            enabled: Boolean(options.tradeEnabled) || Boolean(options.tradeDryRun) || defaultTradeOptions.enabled,
+            dryRun: Boolean(options.tradeDryRun),
+            strategy: options.tradeStrategy ? parseTradeStrategy(options.tradeStrategy) : defaultTradeOptions.strategy,
+            confirmations: options.tradeConfirmations !== undefined ? options.tradeConfirmations : defaultTradeOptions.confirmations
+        };
+        const walletConfig = await getWalletConfig();
+        const walletBalance = await getWalletBalance().catch(() => "0");
+        let paystackAccount = null;
+        let paystackError = null;
+        try {
+            paystackAccount = await getAgentAccount();
+        }
+        catch (err) {
+            paystackError = err.message;
+        }
+        console.log("");
+        console.log("💳  Financial Identity");
+        console.log("────────────────────────────────────────────────────────");
+        if (walletConfig) {
+            console.log(`  Wallet:   ${walletConfig.address}`);
+            console.log(`  Balance:  ${walletBalance} ETH`);
+            console.log(`  Chain ID: ${walletConfig.chainId}`);
+        }
+        else {
+            console.log("  Wallet:   Not configured ⚪");
+        }
+        if (paystackAccount) {
+            console.log(`  Paystack: ${paystackAccount.account_number} (${paystackAccount.bank.name})`);
+            console.log(`  Customer: ${paystackAccount.customer.email}`);
+        }
+        else if (paystackError) {
+            console.log(`  Paystack: ⚠️ Error - ${paystackError}`);
+        }
+        else {
+            console.log("  Paystack: Not configured ⚪");
+        }
+        console.log("────────────────────────────────────────────────────────");
+        console.log("");
+        info(`Running site agent against ${baseUrl}`);
+        info(`Total run budget is capped at ${Math.round(config.maxSessionDurationMs / 1000)} seconds`);
+        info(llmRuntime.provider === "ollama"
+            ? `Using Ollama model ${llmRuntime.model} via ${llmRuntime.ollamaBaseUrl}`
+            : `Using OpenAI model ${llmRuntime.model}`);
+        if (!authOnly) {
+            info(`Using ${acceptedTasks.length} accepted task${acceptedTasks.length === 1 ? "" : "s"} from explicit input`);
+        }
+        if (options.ignoreHttpsErrors) {
+            info("Ignoring HTTPS certificate errors for this run");
+        }
+        if (tradeOptions.enabled) {
+            info(`Trade execution is enabled${tradeOptions.dryRun ? " in dry-run mode" : ""} using strategy '${tradeOptions.strategy}' with ${tradeOptions.confirmations} confirmation${tradeOptions.confirmations === 1 ? "" : "s"}`);
+        }
+        if (effectiveStorageStatePath) {
+            info(`Loading Playwright storage state from ${summarizeCliPath(effectiveStorageStatePath)}`);
+        }
+        if (saveStorageStatePath) {
+            info(`Will save Playwright storage state to ${summarizeCliPath(saveStorageStatePath)}`);
+        }
+        if (authRequested) {
+            const runDir = resolveRunDir(baseUrl);
+            const authSessionStatePath = saveStorageStatePath ?? configuredStorageStatePath ?? resolveAuthSessionStatePath();
+            info(`Auth bootstrap is enabled${authOnly ? " in auth-only mode" : ""}`);
+            info(`Authenticated storage state will be saved to ${summarizeCliPath(authSessionStatePath)}`);
+            if (signupUrl) {
+                info(`Using signup URL ${signupUrl}`);
+            }
+            if (loginUrl) {
+                info(`Using login URL ${loginUrl}`);
+            }
+            if (accessUrl) {
+                info(`Using protected access URL ${accessUrl}`);
+            }
+            const authResult = await runAuthFlow({
+                baseUrl,
+                runDir,
+                signupUrl,
+                loginUrl,
+                accessUrl,
+                headed: Boolean(options.headed),
+                mobile: Boolean(options.mobile),
+                ignoreHttpsErrors: Boolean(options.ignoreHttpsErrors),
+                saveStorageStatePath: authSessionStatePath
+            });
+            info(`Auth bootstrap finished with status: ${authResult.status}`);
+            info(`Auth artifacts were written to ${path.join(runDir, "auth-flow.json")}`);
+            if (authOnly) {
+                info(`Authenticated session is ready at ${summarizeCliPath(authSessionStatePath)}`);
+                return;
+            }
+            if (authResult.status === "failed") {
+                throw new Error("Auth bootstrap failed before the audit could start.");
+            }
+            const result = await runAuditJob({
+                baseUrl,
+                runDir,
+                suiteOverride: suiteOverride,
+                headed: Boolean(options.headed),
+                mobile: Boolean(options.mobile),
+                ignoreHttpsErrors: Boolean(options.ignoreHttpsErrors),
+                storageStatePath: authSessionStatePath,
+                saveStorageStatePath: authSessionStatePath,
+                tradeOptions,
+                extraInputs: {
+                    customTasks: acceptedTasks,
+                    instructionText: acceptedTasks.join("\n"),
+                    instructionFileName: null,
+                    tradeOptions,
+                    authBootstrapEnabled: true,
+                    authAccessConfirmed: authResult.accessConfirmed,
+                    authVerificationMethod: authResult.verificationMethod,
+                    ...(signupUrl ? { authSignupUrl: signupUrl } : {}),
+                    ...(loginUrl ? { authLoginUrl: loginUrl } : {}),
+                    ...(accessUrl ? { authAccessUrl: accessUrl } : {})
+                },
+                llmProvider: llmRuntime.provider,
+                model: llmRuntime.model,
+                ollamaBaseUrl: llmRuntime.ollamaBaseUrl
+            });
+            info(`Artifacts will be written to ${result.runDir}`);
+            info(`Completed. Overall score: ${result.report.overall_score}/10`);
+            info(`Task summary: ${result.report.summary}`);
+            return;
+        }
+        const result = await runAuditJob({
+            baseUrl,
+            suiteOverride: suiteOverride,
+            headed: Boolean(options.headed),
+            mobile: Boolean(options.mobile),
+            ignoreHttpsErrors: Boolean(options.ignoreHttpsErrors),
+            storageStatePath,
+            saveStorageStatePath,
+            tradeOptions,
+            extraInputs: {
+                customTasks: acceptedTasks,
+                instructionText: acceptedTasks.join("\n"),
+                instructionFileName: null,
+                tradeOptions
+            },
+            llmProvider: llmRuntime.provider,
+            model: llmRuntime.model,
+            ollamaBaseUrl: llmRuntime.ollamaBaseUrl
+        });
+        info(`Artifacts will be written to ${result.runDir}`);
+    }
+    catch (error) {
+        process.stderr.write(`\n[ERROR] ${error instanceof Error ? error.message : String(error)}\n`);
+        process.exit(1);
+    }
+});
+program
+    .command("ui")
+    .alias("start")
+    .description("Launch the web dashboard and open it in the browser")
+    .option("--port <port>", "Port to run the dashboard on")
+    .option("--host <host>", "Host to run the dashboard on")
+    .action(async (options) => {
+    try {
+        const port = options.port ? parseInt(options.port, 10) : undefined;
+        const { url } = await startDashboard({
+            ...(port !== undefined ? { port } : {}),
+            ...(options.host !== undefined ? { host: options.host } : {})
+        });
+        info("Opening dashboard in browser...");
+        openUrl(url);
+    }
+    catch (error) {
+        process.stderr.write(`\n[ERROR] ${error instanceof Error ? error.message : String(error)}\n`);
+        process.exit(1);
+    }
+});
+program.parseAsync(process.argv).catch((error) => {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    process.stderr.write(`[ERROR] ${message}\n`);
+    process.exit(1);
+});

package/dist/cli/trade.js

@@ -0,0 +1,69 @@
+import fs from "node:fs";
+import path from "node:path";
+import { Command } from "commander";
+import { buildDefaultTradeRunOptions, getTradePolicy } from "../trade/policy.js";
+import { executeTradeInstruction } from "../trade/engine.js";
+import { SellInstructionSchema, TradeStrategySchema } from "../trade/types.js";
+import { ensureDir, resolveRunDir, writeJson } from "../utils/files.js";
+import { info } from "../utils/log.js";
+const program = new Command();
+function parseTradeStrategy(value) {
+    const parsed = TradeStrategySchema.safeParse(value.trim());
+    if (!parsed.success) {
+        throw new Error(`Unsupported trade strategy '${value}'. Use 'auto', 'dapp_only', or 'deposit_only'.`);
+    }
+    return parsed.data;
+}
+function parseConfirmationCount(value) {
+    const parsed = Number(value);
+    if (!Number.isInteger(parsed) || parsed < 0 || parsed > 12) {
+        throw new Error("Confirmations must be an integer between 0 and 12.");
+    }
+    return parsed;
+}
+program
+    .name("site-agent-trade")
+    .description("Execute a deterministic trade instruction from the CLI")
+    .requiredOption("--instruction <file>", "Path to a JSON file containing a SellInstruction payload")
+    .option("--broadcast", "Broadcast the transaction instead of running in dry-run mode")
+    .option("--strategy <strategy>", "Trade strategy: auto, dapp_only, or deposit_only", parseTradeStrategy)
+    .option("--confirmations <count>", "Confirmations to wait for before marking confirmed", parseConfirmationCount)
+    .option("--run-dir <path>", "Directory to store trade execution artifacts")
+    .action(async (options) => {
+    const instructionPath = path.resolve(options.instruction);
+    const runDir = options.runDir?.trim()
+        ? path.resolve(options.runDir)
+        : resolveRunDir("https://trade-cli.local");
+    const defaultTradeOptions = buildDefaultTradeRunOptions();
+    const instructionPayload = JSON.parse(fs.readFileSync(instructionPath, "utf8"));
+    const instruction = SellInstructionSchema.parse(instructionPayload);
+    const tradeOptions = {
+        enabled: true,
+        dryRun: !options.broadcast,
+        strategy: options.strategy ?? defaultTradeOptions.strategy,
+        confirmations: options.confirmations ?? defaultTradeOptions.confirmations
+    };
+    ensureDir(runDir);
+    writeJson(path.join(runDir, "trade-instruction.json"), instruction);
+    const record = await executeTradeInstruction({
+        runDir,
+        instruction,
+        runOptions: tradeOptions,
+        policy: getTradePolicy(),
+        source: "cli"
+    });
+    info(`Trade artifact directory: ${runDir}`);
+    info(`Trade status: ${record.status}`);
+    info(record.note);
+    if (record.txHash) {
+        info(`Transaction hash: ${record.txHash}`);
+    }
+    if (record.status === "blocked" || record.status === "failed") {
+        process.exitCode = 1;
+    }
+});
+program.parseAsync(process.argv).catch((error) => {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    process.stderr.write(`[ERROR] ${message}\n`);
+    process.exit(1);
+});

package/dist/config.js

@@ -0,0 +1,199 @@
+import dotenv from "dotenv";
+import { z } from "zod";
+import { TradePolicySchema } from "./trade/types.js";
+dotenv.config();
+export const MAX_TOTAL_RUN_DURATION_SECONDS = 600;
+export const MAX_TOTAL_RUN_DURATION_MS = MAX_TOTAL_RUN_DURATION_SECONDS * 1000;
+export const DEFAULT_TOTAL_RUN_DURATION_MS = MAX_TOTAL_RUN_DURATION_MS;
+export const MIN_TOTAL_RUN_DURATION_MS = 60000;
+export const MIN_BROWSER_EXECUTION_BUDGET_MS = 45000;
+export const MIN_REPORTING_RESERVE_MS = 15000;
+export const MAX_REPORTING_RESERVE_MS = 45000;
+export const POST_RUN_AUDIT_RESERVE_MS = 45000;
+export const DETECTED_DEVICE_TIMEZONE = Intl.DateTimeFormat().resolvedOptions().timeZone || "UTC";
+export const LlmProviderSchema = z.enum(["openai", "ollama"]);
+export function clampRunDurationMs(value) {
+    return Math.min(MAX_TOTAL_RUN_DURATION_MS, Math.max(MIN_TOTAL_RUN_DURATION_MS, Math.round(value)));
+}
+export function deriveReportingReserveMs(totalRunDurationMs) {
+    const clampedTotalRunDurationMs = clampRunDurationMs(totalRunDurationMs);
+    const desiredReserveMs = Math.round(clampedTotalRunDurationMs * 0.15);
+    const maxAllowedReserveMs = Math.max(MIN_REPORTING_RESERVE_MS, clampedTotalRunDurationMs - MIN_BROWSER_EXECUTION_BUDGET_MS);
+    return Math.min(MAX_REPORTING_RESERVE_MS, Math.max(MIN_REPORTING_RESERVE_MS, Math.min(desiredReserveMs, maxAllowedReserveMs)));
+}
+export function deriveBrowserExecutionBudgetMs(totalRunDurationMs) {
+    const clampedTotalRunDurationMs = clampRunDurationMs(totalRunDurationMs);
+    return clampedTotalRunDurationMs - deriveReportingReserveMs(clampedTotalRunDurationMs);
+}
+function normalizeOptionalString(value) {
+    const trimmed = value?.trim();
+    return trimmed ? trimmed : undefined;
+}
+function blankEnvToUndefined(value) {
+    if (typeof value !== "string") {
+        return value;
+    }
+    return normalizeOptionalString(value);
+}
+function parseBooleanFlag(value, fallback) {
+    const normalized = normalizeOptionalString(value)?.toLowerCase();
+    if (!normalized) {
+        return fallback;
+    }
+    if (["true", "1", "yes", "on"].includes(normalized)) {
+        return true;
+    }
+    if (["false", "0", "no", "off"].includes(normalized)) {
+        return false;
+    }
+    return fallback;
+}
+function parseChainIdList(value) {
+    const normalized = normalizeOptionalString(value);
+    if (!normalized) {
+        return [];
+    }
+    return normalized
+        .split(",")
+        .map((item) => Number(item.trim()))
+        .filter((item) => Number.isFinite(item) && item > 0)
+        .map((item) => Math.round(item));
+}
+function parseTokenRegistry(value) {
+    const normalized = normalizeOptionalString(value);
+    if (!normalized) {
+        return [];
+    }
+    try {
+        const parsedValue = JSON.parse(normalized);
+        const result = z.array(z.object({
+            chainId: z.number(),
+            symbol: z.string(),
+            assetKind: z.enum(["native", "erc20"]),
+            contract: z.string().optional(),
+            decimals: z.number()
+        })).parse(parsedValue);
+        return result.map((entry) => ({
+            chainId: Math.round(entry.chainId),
+            symbol: entry.symbol.trim().toUpperCase(),
+            assetKind: entry.assetKind,
+            contract: entry.contract?.trim() ? entry.contract.trim() : undefined,
+            decimals: Math.round(entry.decimals)
+        }));
+    }
+    catch (error) {
+        throw new Error(`TRADE_TOKEN_REGISTRY must be valid JSON (array of { chainId, symbol, assetKind, contract?, decimals }): ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+const EnvSchema = z.object({
+    LLM_PROVIDER: LlmProviderSchema.default("openai"),
+    OPENAI_API_KEY: z
+        .string()
+        .optional()
+        .transform((value) => normalizeOptionalString(value)),
+    OPENAI_BASE_URL: z.preprocess(blankEnvToUndefined, z.string().url().optional()),
+    OPENAI_MODEL: z.string().default("gpt-5"),
+    OPENAI_TEMPERATURE: z.preprocess(blankEnvToUndefined, z.coerce.number().min(0).max(2).optional()),
+    OPENAI_MAX_TOKENS: z.preprocess(blankEnvToUndefined, z.coerce.number().int().positive().optional()),
+    OLLAMA_BASE_URL: z.string().url().default("http://127.0.0.1:11434"),
+    OLLAMA_MODEL: z.string().default("llama3.1:8b"),
+    APP_BASE_URL: z.string().optional(),
+    HEADLESS: z
+        .string()
+        .optional()
+        .transform((value) => value !== "false"),
+    MAX_SESSION_DURATION_MS: z.coerce.number().int().positive().default(DEFAULT_TOTAL_RUN_DURATION_MS),
+    MAX_STEPS_PER_TASK: z.coerce.number().int().positive().default(32),
+    ACTION_DELAY_MS: z.coerce.number().int().nonnegative().default(600),
+    NAVIGATION_TIMEOUT_MS: z.coerce.number().int().positive().default(25000),
+    REPORT_TTL_DAYS: z.coerce.number().int().positive().default(30),
+    PLAYWRIGHT_STORAGE_STATE_PATH: z
+        .string()
+        .optional()
+        .transform((value) => normalizeOptionalString(value)),
+    RECORD_VIDEO: z
+        .string()
+        .optional()
+        .transform((value) => value === "true"),
+    TRADE_ENABLED: z
+        .string()
+        .optional()
+        .transform((value) => parseBooleanFlag(value, false)),
+    TRADE_ALLOWLISTED_CHAIN_IDS: z
+        .string()
+        .optional()
+        .transform((value) => parseChainIdList(value)),
+    TRADE_TOKEN_REGISTRY: z
+        .string()
+        .optional()
+        .transform((value) => parseTokenRegistry(value)),
+    TRADE_MAX_TOKEN_AMOUNT: z
+        .string()
+        .optional()
+        .transform((value) => normalizeOptionalString(value)),
+    TRADE_REQUIRE_EXACT_TOKEN_CONTRACT: z
+        .string()
+        .optional()
+        .transform((value) => parseBooleanFlag(value, true)),
+    TRADE_CONFIRMATIONS_REQUIRED: z.coerce.number().int().min(0).max(12).default(1),
+    TRADE_RECEIPT_TIMEOUT_MS: z.coerce.number().int().positive().default(120000)
+});
+const parsed = EnvSchema.parse(process.env);
+const requestedMaxSessionDurationMs = parsed.MAX_SESSION_DURATION_MS;
+const maxSessionDurationMs = clampRunDurationMs(requestedMaxSessionDurationMs);
+const resolvedAppBaseUrl = normalizeOptionalString(parsed.APP_BASE_URL) ?? normalizeOptionalString(process.env.RENDER_EXTERNAL_URL);
+const tradePolicy = TradePolicySchema.parse({
+    enabledByDefault: parsed.TRADE_ENABLED,
+    allowlistedChainIds: parsed.TRADE_ALLOWLISTED_CHAIN_IDS,
+    tokenRegistry: parsed.TRADE_TOKEN_REGISTRY,
+    maxTokenAmount: parsed.TRADE_MAX_TOKEN_AMOUNT,
+    requireExactTokenContract: parsed.TRADE_REQUIRE_EXACT_TOKEN_CONTRACT,
+    receiptTimeoutMs: parsed.TRADE_RECEIPT_TIMEOUT_MS,
+    confirmationsRequired: parsed.TRADE_CONFIRMATIONS_REQUIRED
+});
+function resolveDefaultModel(provider) {
+    return provider === "ollama" ? parsed.OLLAMA_MODEL : parsed.OPENAI_MODEL;
+}
+const overrides = {};
+export const config = {
+    get llmProvider() { return overrides.llmProvider ?? parsed.LLM_PROVIDER; },
+    get openaiApiKey() { return overrides.openaiApiKey ?? parsed.OPENAI_API_KEY; },
+    get openaiBaseUrl() { return overrides.openaiBaseUrl ?? parsed.OPENAI_BASE_URL; },
+    get openaiModel() { return overrides.openaiModel ?? parsed.OPENAI_MODEL; },
+    get openaiTemperature() { return overrides.openaiTemperature ?? parsed.OPENAI_TEMPERATURE; },
+    get openaiMaxTokens() { return overrides.openaiMaxTokens ?? parsed.OPENAI_MAX_TOKENS; },
+    get ollamaBaseUrl() { return overrides.ollamaBaseUrl ?? parsed.OLLAMA_BASE_URL; },
+    get ollamaModel() { return overrides.ollamaModel ?? parsed.OLLAMA_MODEL; },
+    get model() { return resolveDefaultModel(this.llmProvider); },
+    get appBaseUrl() { return overrides.appBaseUrl ?? resolvedAppBaseUrl; },
+    get headless() { return overrides.headless ?? parsed.HEADLESS; },
+    deviceTimezone: DETECTED_DEVICE_TIMEZONE,
+    get requestedMaxSessionDurationMs() { return overrides.requestedMaxSessionDurationMs ?? requestedMaxSessionDurationMs; },
+    get maxSessionDurationMs() { return clampRunDurationMs(this.requestedMaxSessionDurationMs); },
+    get browserExecutionBudgetMs() { return deriveBrowserExecutionBudgetMs(this.maxSessionDurationMs); },
+    get reportingReserveMs() { return deriveReportingReserveMs(this.maxSessionDurationMs); },
+    postRunAuditReserveMs: POST_RUN_AUDIT_RESERVE_MS,
+    get maxStepsPerTask() { return overrides.maxStepsPerTask ?? parsed.MAX_STEPS_PER_TASK; },
+    get actionDelayMs() { return overrides.actionDelayMs ?? parsed.ACTION_DELAY_MS; },
+    get navigationTimeoutMs() { return overrides.navigationTimeoutMs ?? parsed.NAVIGATION_TIMEOUT_MS; },
+    get reportTtlDays() { return overrides.reportTtlDays ?? parsed.REPORT_TTL_DAYS; },
+    get playwrightStorageStatePath() { return overrides.playwrightStorageStatePath ?? parsed.PLAYWRIGHT_STORAGE_STATE_PATH; },
+    get recordVideo() { return overrides.recordVideo ?? parsed.RECORD_VIDEO; },
+    get tradePolicy() { return tradePolicy; },
+    desktopViewport: { width: 1440, height: 900 },
+    mobileViewport: { width: 390, height: 844 }
+};
+export function updateConfig(updates) {
+    Object.assign(overrides, updates);
+}
+export function resolveLlmRuntime(options) {
+    const provider = options?.provider ?? config.llmProvider;
+    const model = normalizeOptionalString(options?.model) ??
+        (provider === "ollama" ? config.ollamaModel : config.openaiModel);
+    const ollamaBaseUrl = normalizeOptionalString(options?.ollamaBaseUrl) ?? config.ollamaBaseUrl;
+    return {
+        provider,
+        model,
+        ollamaBaseUrl
+    };
+}

package/dist/core/agentProfiles.js

@@ -0,0 +1,55 @@
+function formatAgentOrdinal(index) {
+    return String(index).padStart(2, "0");
+}
+function formatAgentLabel(index) {
+    return `Agent-${formatAgentOrdinal(index)}`;
+}
+function cloneTaskSuite(baseSuite) {
+    return {
+        tasks: baseSuite.tasks.map((task) => ({
+            ...task,
+            failure_signals: [...task.failure_signals],
+            ...(task.gameplay ? { gameplay: { ...task.gameplay } } : {})
+        })),
+        persona: {
+            name: baseSuite.persona.name,
+            intent: baseSuite.persona.intent,
+            constraints: [...baseSuite.persona.constraints]
+        }
+    };
+}
+export function buildAgentVariants(agentCount, baseSuiteOverride) {
+    const baseSuite = baseSuiteOverride;
+    const cappedAgentCount = Math.min(5, Math.max(1, Math.round(agentCount)));
+    return Array.from({ length: cappedAgentCount }, (_, index) => {
+        const agentIndex = index + 1;
+        const agentLabel = formatAgentLabel(agentIndex);
+        return {
+            id: `agent-${formatAgentOrdinal(agentIndex)}`,
+            index: agentIndex,
+            label: agentLabel,
+            profileLabel: agentLabel,
+            personaVariantKey: agentLabel.toLowerCase(),
+            personaName: agentLabel,
+            taskSuite: cloneTaskSuite(baseSuite)
+        };
+    });
+}
+export function buildInitialAgentRuns(agentCount, baseSuiteOverride) {
+    return buildAgentVariants(agentCount, baseSuiteOverride).map((variant) => ({
+        id: variant.id,
+        index: variant.index,
+        label: variant.label,
+        profileLabel: variant.profileLabel,
+        personaName: variant.personaName,
+        personaVariantKey: variant.personaVariantKey,
+        status: "queued",
+        startedAt: null,
+        completedAt: null,
+        runId: null,
+        runDir: null,
+        error: null,
+        reportSummary: null,
+        overallScore: null
+    }));
+}