skimpyclaw 0.3.14 → 0.4.0

package/dist/env-sanitizer.js

@@ -0,0 +1,61 @@
+/** Env var name patterns that should never be exposed to model-executed commands. */
+const SENSITIVE_ENV_PATTERNS = [
+    /api.?key/i, /token/i, /secret/i, /password/i, /credential/i,
+    /^ANTHROPIC_/i, /^OPENAI_/i, /^CLAUDE/i, /^CODEX_/i, /^MINIMAX_/i,
+    /^KIMI_/i, /^TOGETHER_/i, /^GROQ_/i, /^OPENROUTER_/i,
+];
+/** Env vars that match SENSITIVE_ENV_PATTERNS but should be kept (e.g. tool auth). */
+const SENSITIVE_ENV_ALLOWLIST = new Set(['GH_TOKEN']);
+/** Common tool paths that may be missing when launched as a service/daemon. */
+const EXTRA_PATH_DIRS = ['/opt/homebrew/bin', '/opt/homebrew/sbin', '/usr/local/bin'];
+const CRON_ENV_ALLOWLIST = new Set([
+    'HOME',
+    'USER',
+    'LOGNAME',
+    'SHELL',
+    'PATH',
+    'TMPDIR',
+    'LANG',
+    'LC_ALL',
+    'LC_CTYPE',
+    'TZ',
+    'TERM',
+    'PWD',
+    'SHLVL',
+    'GH_TOKEN',
+]);
+export function sanitizeExecEnv() {
+    const env = { ...process.env };
+    for (const key of Object.keys(env)) {
+        if (!SENSITIVE_ENV_ALLOWLIST.has(key) && SENSITIVE_ENV_PATTERNS.some(p => p.test(key))) {
+            delete env[key];
+        }
+    }
+    const currentPath = env.PATH || '';
+    const missing = EXTRA_PATH_DIRS.filter(d => !currentPath.includes(d));
+    if (missing.length > 0) {
+        env.PATH = currentPath ? `${currentPath}:${missing.join(':')}` : missing.join(':');
+    }
+    return env;
+}
+export function sanitizeCronEnv() {
+    const env = {};
+    for (const [key, value] of Object.entries(process.env)) {
+        if (value === undefined)
+            continue;
+        if (CRON_ENV_ALLOWLIST.has(key) || key.startsWith('SKIMPYCLAW_')) {
+            env[key] = value;
+        }
+    }
+    for (const key of Object.keys(env)) {
+        if (!SENSITIVE_ENV_ALLOWLIST.has(key) && SENSITIVE_ENV_PATTERNS.some(p => p.test(key))) {
+            delete env[key];
+        }
+    }
+    const currentPath = env.PATH || '';
+    const missing = EXTRA_PATH_DIRS.filter(d => !currentPath.includes(d));
+    if (missing.length > 0) {
+        env.PATH = currentPath ? `${currentPath}:${missing.join(':')}` : missing.join(':');
+    }
+    return env;
+}

package/dist/exec-approval.d.ts

@@ -17,7 +17,14 @@ export interface ExecApprovalConfig {
     ttlMs?: number;
     requireForTiers?: number[];
 }
-export type ApprovalStatus = 'pending' | 'approved' | 'denied' | 'expired';
+export type ApprovalStatus = 'pending' | 'approved' | 'denied' | 'expired' | 'consumed';
+/** A single status transition record (append-only). */
+export interface ApprovalHistoryEntry {
+    from: ApprovalStatus;
+    to: ApprovalStatus;
+    at: Date;
+    by?: string;
+}
 export interface PendingApproval {
     id: string;
     command: string;
@@ -32,6 +39,8 @@ export interface PendingApproval {
     resolvedAt?: Date;
     /** Channel context metadata — where the request originated */
     channelMeta?: ApprovalChannelMeta;
+    /** Append-only history of status transitions */
+    history: ApprovalHistoryEntry[];
 }
 /** Metadata about the channel/chat where an approval request originated */
 export interface ApprovalChannelMeta {
@@ -83,6 +92,7 @@ export declare function denyRequest(id: string, deniedBy?: string): boolean;
 export declare function findApprovedRequest(command: string, cwd?: string): PendingApproval | undefined;
 /**
  * Mark an approved request as consumed (after successful execution).
+ * Preserves the approval in the registry with status 'consumed' for history.
  */
 export declare function consumeApproval(id: string): void;
 /**

package/dist/exec-approval.js

@@ -274,6 +274,7 @@ export function createApprovalRequest(command, cwd, classification, config, chan
         expiresAt: new Date(now.getTime() + ttlMs),
         status: 'pending',
         channelMeta,
+        history: [],
     };
     approvals.set(approval.id, approval);
     emitEvent('created', approval);
@@ -314,9 +315,11 @@ export function approveRequest(id, approvedBy) {
     const approval = approvals.get(id);
     if (!approval || approval.status !== 'pending')
         return false;
+    const now = new Date();
+    approval.history.push({ from: approval.status, to: 'approved', at: now, by: approvedBy });
     approval.status = 'approved';
     approval.approvedBy = approvedBy;
-    approval.resolvedAt = new Date();
+    approval.resolvedAt = now;
     emitEvent('approved', approval);
     return true;
 }
@@ -328,9 +331,11 @@ export function denyRequest(id, deniedBy) {
     const approval = approvals.get(id);
     if (!approval || approval.status !== 'pending')
         return false;
+    const now = new Date();
+    approval.history.push({ from: approval.status, to: 'denied', at: now, by: deniedBy });
     approval.status = 'denied';
     approval.deniedBy = deniedBy;
-    approval.resolvedAt = new Date();
+    approval.resolvedAt = now;
     emitEvent('denied', approval);
     return true;
 }
@@ -351,9 +356,14 @@ export function findApprovedRequest(command, cwd) {
 }
 /**
  * Mark an approved request as consumed (after successful execution).
+ * Preserves the approval in the registry with status 'consumed' for history.
  */
 export function consumeApproval(id) {
-    approvals.delete(id);
+    const approval = approvals.get(id);
+    if (!approval)
+        return;
+    approval.history.push({ from: approval.status, to: 'consumed', at: new Date() });
+    approval.status = 'consumed';
 }
 /**
  * Expire pending approvals past their TTL.
@@ -362,8 +372,10 @@ export function cleanupExpired() {
     const now = Date.now();
     for (const [id, approval] of approvals) {
         if (approval.status === 'pending' && approval.expiresAt.getTime() <= now) {
+            const resolvedAt = new Date(now);
+            approval.history.push({ from: 'pending', to: 'expired', at: resolvedAt });
             approval.status = 'expired';
-            approval.resolvedAt = new Date(now);
+            approval.resolvedAt = resolvedAt;
             emitEvent('expired', approval);
         }
     }
@@ -413,6 +425,7 @@ export function waitForApproval(id, timeoutMs) {
                     createdAt: new Date(),
                     expiresAt: new Date(),
                     status: 'expired',
+                    history: [],
                 });
             }
         }, timeoutMs);

package/dist/gateway.d.ts

@@ -1,8 +1,10 @@
 import { FastifyInstance } from 'fastify';
-import type { Config } from './types.js';
+import type { Config, ThinkingLevel } from './types.js';
 export declare function setGatewayConfig(cfg: Config): void;
 export declare function createGateway(cfg: Config): Promise<FastifyInstance>;
 export declare function getCurrentModel(): string;
 export declare function setCurrentModel(model: string): void;
+export declare function getCurrentThinking(): ThinkingLevel | undefined;
+export declare function setCurrentThinking(thinking: ThinkingLevel | undefined): void;
 export declare function getLastMessage(): Date | undefined;
 export declare function setLastMessage(date: Date): void;

package/dist/gateway.js

@@ -21,13 +21,16 @@ let config;
 let startTime;
 let lastMessage;
 let currentModel;
+let currentThinking;
 export function setGatewayConfig(cfg) {
     config = cfg;
 }
 export async function createGateway(cfg) {
     config = cfg;
     startTime = new Date();
-    currentModel = cfg.agents.list[cfg.agents.default]?.model || 'claude-sonnet-4-5';
+    const defaultAgent = cfg.agents.list[cfg.agents.default];
+    currentModel = defaultAgent?.model || 'claude-sonnet-4-5';
+    currentThinking = defaultAgent?.thinking;
     const fastify = Fastify({
         logger: {
             level: 'info',
@@ -54,6 +57,7 @@ export async function createGateway(cfg) {
             uptime: Date.now() - startTime.getTime(),
             agent: config.agents.default,
             model: currentModel,
+            thinking: currentThinking,
             lastMessage,
             cronJobs: jobs.map(j => ({
                 id: j.id,
@@ -71,7 +75,7 @@ export async function createGateway(cfg) {
         try {
             const response = await runAgentTurn(config.agents.default, message, config, model || currentModel, undefined, undefined, {
                 channel: 'gateway',
-                metadata: { ip: request.ip },
+                metadata: { ip: request.ip, thinkingOverride: currentThinking },
             });
             lastMessage = new Date();
             return { response };
@@ -109,15 +113,15 @@ export async function createGateway(cfg) {
     // Ensure dashboard token exists
     const dashboardToken = ensureDashboardToken(config);
     console.log(`[dashboard] URL: http://localhost:${config.gateway.port}/dashboard`);
-    // Auth guard for gateway write endpoints (same token as dashboard)
+    // Auth guard for sensitive gateway endpoints (same token as dashboard).
     const PROTECTED_ROUTES = new Set(['/message', '/model', '/reload']);
     fastify.addHook('onRequest', async (request, reply) => {
         const url = request.url;
-        // Protect write endpoints + cron trigger
-        if (!PROTECTED_ROUTES.has(url) && !url.startsWith('/cron/'))
+        const isProtected = PROTECTED_ROUTES.has(url) ||
+            url.startsWith('/cron/') ||
+            url === '/status';
+        if (!isProtected)
             return;
-        if (request.method === 'GET')
-            return; // GET /health, GET /status are fine
         if (!dashboardToken)
             return; // No token configured, allow access
         if (!validateBearerToken(dashboardToken, request.headers.authorization)) {
@@ -140,6 +144,12 @@ export function getCurrentModel() {
 export function setCurrentModel(model) {
     currentModel = model;
 }
+export function getCurrentThinking() {
+    return currentThinking;
+}
+export function setCurrentThinking(thinking) {
+    currentThinking = thinking;
+}
 export function getLastMessage() {
     return lastMessage;
 }

package/dist/heartbeat.js

@@ -7,7 +7,6 @@ import { join } from 'path';
 import { homedir } from 'os';
 import { runAgentTurn } from './agent.js';
 import { resolveAllowedPaths } from './config.js';
-import { pruneIdle, SANDBOX_DEFAULTS } from './sandbox/index.js';
 import { getActiveChannelId, isActiveChannelSilenced, sendActiveChannelProactiveMessage, } from './channels.js';
 let heartbeatTimer = null;
 let running = false;
@@ -15,9 +14,7 @@ function getHeartbeatTools(config) {
     if (config.heartbeat.tools) {
         return {
             ...config.heartbeat.tools,
-            allowedPaths: config.heartbeat.tools.allowedPaths?.length
-                ? config.heartbeat.tools.allowedPaths
-                : resolveAllowedPaths(config),
+            allowedPaths: resolveAllowedPaths(config, config.heartbeat.tools.allowedPaths),
         };
     }
     return {
@@ -75,8 +72,6 @@ export function stopHeartbeat() {
     }
 }
 export async function runHeartbeatCheck(config) {
-    // Prune idle sandbox containers
-    pruneIdle(config.sandbox?.idleTimeoutMs ?? SANDBOX_DEFAULTS.idleTimeoutMs ?? 3_600_000).catch(() => { });
     if (running) {
         console.log('[heartbeat] Skipping — previous check still running');
         return 'Skipped — previous check still running';

package/dist/langfuse.js

@@ -13,28 +13,14 @@ export const MODEL_PRICING = {
     'claude-haiku-4-5': { inputPerMTok: 0.25, outputPerMTok: 1.25 },
     'claude-haiku-4': { inputPerMTok: 1.0, outputPerMTok: 5.0 },
     'claude-opus-4': { inputPerMTok: 15.0, outputPerMTok: 75.0 },
-    // OpenAI models (https://developers.openai.com/api/docs/pricing)
-    'gpt-4o': { inputPerMTok: 2.5, outputPerMTok: 10.0 },
-    'gpt-4o-mini': { inputPerMTok: 0.15, outputPerMTok: 0.6 },
-    'gpt-4.1': { inputPerMTok: 2.0, outputPerMTok: 8.0 },
-    'gpt-4.1-mini': { inputPerMTok: 0.4, outputPerMTok: 1.6 },
-    'gpt-4.1-nano': { inputPerMTok: 0.1, outputPerMTok: 0.4 },
-    'gpt-4-turbo': { inputPerMTok: 10.0, outputPerMTok: 30.0 },
-    'gpt-3.5-turbo': { inputPerMTok: 0.5, outputPerMTok: 1.5 },
     // Codex pricing
     'gpt-5.1-codex': { inputPerMTok: 1.25, outputPerMTok: 10.0 },
     'gpt-5.2-codex': { inputPerMTok: 1.75, outputPerMTok: 14.0 },
     'gpt-5.3-codex': { inputPerMTok: 1.75, outputPerMTok: 14.0 },
+    'gpt-5.5': { inputPerMTok: 5.0, outputPerMTok: 30.0 },
     'codex-5.1': { inputPerMTok: 1.25, outputPerMTok: 10.0 },
     'codex-5.2': { inputPerMTok: 1.75, outputPerMTok: 14.0 },
     'codex-5.3': { inputPerMTok: 1.75, outputPerMTok: 14.0 },
-    // MiniMax models (https://platform.minimax.io/docs/pricing/pay-as-you-go)
-    'minimax-m2.1': { inputPerMTok: 0.3, outputPerMTok: 1.2 },
-    'minimax-m2.5': { inputPerMTok: 0.3, outputPerMTok: 1.2 },
-    // Kimi/Moonshot models (https://platform.moonshot.ai/docs/pricing/chat.en-US)
-    // kimi-k2.5 series - using cache miss pricing for input (non-cached)
-    'kimi-k2.5': { inputPerMTok: 0.6, outputPerMTok: 3.0 },
-    'kimi-for-coding': { inputPerMTok: 0.6, outputPerMTok: 3.0 }
 };
 /** Map of common aliases/shorthand to canonical model IDs in MODEL_PRICING */
 const MODEL_ALIAS_MAP = {
@@ -47,24 +33,12 @@ const MODEL_ALIAS_MAP = {
     'claude-opus': 'claude-opus-4',
     'claude-3.5-sonnet': 'claude-3-5-sonnet',
     'claude-3-opus': 'claude-3-opus',
-    // OpenAI aliases
-    gpt4o: 'gpt-4o',
-    'gpt4o-mini': 'gpt-4o-mini',
-    'gpt4.1': 'gpt-4.1',
-    'gpt4.1-mini': 'gpt-4.1-mini',
-    'gpt4.1-nano': 'gpt-4.1-nano',
-    'gpt4-turbo': 'gpt-4-turbo',
-    'gpt35-turbo': 'gpt-3.5-turbo',
-    'gpt-3.5': 'gpt-3.5-turbo',
     'gpt-codex': 'gpt-5.3-codex',
     'codex5.1': 'gpt-5.1-codex',
     'codex5.2': 'gpt-5.2-codex',
     'codex5.3': 'gpt-5.3-codex',
-    codex: 'gpt-5.3-codex',
-    // MiniMax aliases
-    minimax: 'minimax-m2.5',
-    // Kimi/Moonshot aliases
-    kimi: 'kimi-k2.5'
+    'codex5.5': 'gpt-5.5',
+    codex: 'gpt-5.5',
 };
 /**
  * Calculate the USD cost of a model invocation based on token usage.

package/dist/model-selection.js

@@ -34,7 +34,9 @@ export function resolveModelSelection(input, config) {
     if (FULL_MODEL_SPEC_RE.test(value)) {
         return { ok: true, resolved: resolveModel(value, config) };
     }
-    if (BARE_MODEL_ID_RE.test(value) && /[-.]/.test(value)) {
+    // Accept bare model IDs only if they contain a version-like pattern (digits after a hyphen/dot)
+    // e.g. "claude-sonnet-4-5", "gpt-5.3-codex" — but NOT "claude-opuis"
+    if (BARE_MODEL_ID_RE.test(value) && /[-.]/.test(value) && /\d/.test(value)) {
         return { ok: true, resolved: resolveModel(value, config) };
     }
     if (!SAFE_MODEL_INPUT_RE.test(value) || value.includes('/')) {

package/dist/providers/adapter.d.ts

@@ -0,0 +1,118 @@
+/**
+ * Provider adapter interface for the unified tool loop.
+ * Each provider implements this to handle API-specific concerns
+ * while sharing the same agentic loop orchestration logic.
+ */
+import type { ChatMessage, ChatOptions, Config } from '../types.js';
+import type { ContextManagementConfig } from './context-manager.js';
+import type { ExecuteToolContext } from '../tools.js';
+/** Normalized representation of a model response within the tool loop. */
+export interface NormalizedResponse {
+    /** Whether the model wants to call tools (vs. returning a final answer) */
+    hasToolCalls: boolean;
+    /** Tool calls extracted from the response */
+    toolCalls: NormalizedToolCall[];
+    /** Text content from the response (final answer when hasToolCalls=false) */
+    textContent: string;
+    /** Raw usage data from the provider */
+    usage?: {
+        inputTokens: number;
+        outputTokens: number;
+        cacheReadTokens?: number;
+        cacheCreationTokens?: number;
+    };
+    /** Cost details for this response */
+    cost?: {
+        input: number;
+        output: number;
+        total: number;
+    };
+    /** Raw response object (provider-specific, for appending to message history) */
+    rawResponse: unknown;
+}
+export interface NormalizedToolCall {
+    /** Unique ID for this tool call (tool_use_id, call_id, toolCall.id) */
+    id: string;
+    /** Tool name */
+    name: string;
+    /** Parsed arguments */
+    args: Record<string, any>;
+    /** Raw arguments string (for logging) */
+    rawArgs: string;
+}
+export interface CompactionResult<T> {
+    /** Updated messages array */
+    messages: T[];
+    /** Whether compaction actually occurred */
+    compacted: boolean;
+    /** Compaction method used (if any) */
+    method?: 'llm' | 'truncation';
+}
+/**
+ * Provider-specific message container.
+ * Each adapter defines its own internal message format.
+ */
+export interface ProviderMessages {
+    /** The mutable message array (format depends on provider) */
+    messages: any[];
+    /** System prompt / instructions (extracted once, reused per call) */
+    systemParam?: any;
+}
+/**
+ * Message format helper for generic compaction.
+ * Each provider implements this to teach the compaction engine
+ * how to inspect/truncate/serialize its message format.
+ */
+export interface MessageFormatHelper<T> {
+    /** Check if an item is a tool result (to be truncated during fallback compaction). */
+    isToolResult(item: T): boolean;
+    /** Truncate a tool result item's content to maxChars. Returns a new item (no mutation). */
+    truncateToolResult(item: T, maxChars: number): T;
+    /** Serialize a list of items into a human-readable transcript for LLM summarization. */
+    serialize(items: T[]): string;
+    /** Build a summary message that replaces compacted head messages. */
+    buildSummaryMessage(summary: string): T;
+}
+/**
+ * Adapter interface that each provider implements.
+ * Separates provider-specific API details from shared tool loop logic.
+ */
+export interface ProviderAdapter {
+    readonly name: string;
+    /** Check whether this provider is initialized and ready to handle requests. */
+    isAvailable(): boolean;
+    /** Simple chat (no tool loop). Returns the model's text response. */
+    chat(messages: ChatMessage[], options: ChatOptions, config: Config): Promise<string>;
+    /** Provider-specific tool discovery options (e.g. disable MCP for non-Anthropic providers). */
+    getToolDefinitionOptions?(toolContext?: ExecuteToolContext, config?: Config): {
+        includeMcp?: boolean;
+    };
+    /** Build the initial API messages from ChatMessage[] (strip system, format content) */
+    buildMessages(messages: ChatMessage[], options: ChatOptions, config: Config): ProviderMessages;
+    /** Build tool definitions in provider-native format */
+    buildToolDefs(toolDefs: any[], config: Config): any[];
+    /** Make one API call with tools. Returns normalized response. */
+    call(messages: ProviderMessages, toolDefs: any[], options: ChatOptions, config: Config): Promise<NormalizedResponse>;
+    /** Append the assistant's raw response to the message history */
+    appendAssistantResponse(messages: ProviderMessages, rawResponse: unknown): void;
+    /** Append a single tool result to the message history.
+     *  For providers that batch tool results (e.g. Anthropic), use appendToolResults instead. */
+    appendToolResult(messages: ProviderMessages, toolCallId: string, result: string, isError?: boolean): void;
+    /** Append multiple tool results as a single message (for providers that batch).
+     *  Default implementation calls appendToolResult for each. */
+    appendToolResults?(messages: ProviderMessages, results: {
+        toolCallId: string;
+        result: string;
+        isError?: boolean;
+    }[]): void;
+    /**
+     * Optional hook called when the model's final response has no text but tool calls were made.
+     * Allows providers (e.g. Codex) to make an additional API call to elicit a text summary.
+     * Returns the finalized text, or undefined to use the default fallback.
+     */
+    onEmptyFinalResponse?(providerMessages: ProviderMessages, toolDefs: any[], options: ChatOptions, config: Config): Promise<string | undefined>;
+    /** Compact messages when context grows too large */
+    compactMessages(messages: ProviderMessages, config: ContextManagementConfig | undefined, iteration: number, fullConfig?: Config): Promise<CompactionResult<any>>;
+    /** Record usage/cost to the usage tracking system */
+    recordUsage(model: string, usage: unknown, trigger?: string, agentId?: string): void;
+}

package/dist/providers/adapter.js

@@ -0,0 +1,6 @@
+/**
+ * Provider adapter interface for the unified tool loop.
+ * Each provider implements this to handle API-specific concerns
+ * while sharing the same agentic loop orchestration logic.
+ */
+export {};

package/dist/providers/adapters/anthropic-adapter.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Anthropic provider adapter for the unified tool loop.
+ */
+import type { ChatMessage, ChatOptions, Config } from '../../types.js';
+import type { ProviderAdapter, ProviderMessages, NormalizedResponse, CompactionResult } from '../adapter.js';
+export declare class AnthropicAdapter implements ProviderAdapter {
+    readonly name = "anthropic";
+    isAvailable(): boolean;
+    chat(messages: ChatMessage[], options: ChatOptions, config: Config): Promise<string>;
+    buildMessages(messages: ChatMessage[], options: ChatOptions, config: Config): ProviderMessages;
+    buildToolDefs(toolDefs: any[], config: Config): any[];
+    call(providerMessages: ProviderMessages, toolDefs: any[], options: ChatOptions, config: Config): Promise<NormalizedResponse>;
+    appendAssistantResponse(providerMessages: ProviderMessages, rawResponse: unknown): void;
+    appendToolResult(providerMessages: ProviderMessages, toolCallId: string, result: string, isError?: boolean): void;
+    appendToolResults(providerMessages: ProviderMessages, results: {
+        toolCallId: string;
+        result: string;
+        isError?: boolean;
+    }[]): void;
+    compactMessages(providerMessages: ProviderMessages, config: any, iteration: number, fullConfig?: Config): Promise<CompactionResult<any>>;
+    recordUsage(model: string, usage: unknown, trigger?: string, agentId?: string): void;
+}