skimpyclaw 0.3.14 → 0.4.0

package/dist/__tests__/discord-thread-agents.test.js

@@ -0,0 +1,115 @@
+import { afterEach, beforeEach, describe, expect, it } from 'vitest';
+import { mkdtempSync, readFileSync, rmSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { tmpdir } from 'os';
+import { _setThreadAgentStorePathForTesting, bindThreadAgent, getAgentProfileByAlias, getThreadAgentByThreadId, listAgentProfiles, listThreadAgentBindings, parseDiscordAgentMention, removeAgentProfile, setAgentProfileModel, setAgentProfilePrompt, setAgentProfileThinking, upsertAgentProfile, } from '../channels/discord/thread-agents.js';
+let tempDir;
+let storePath;
+describe('Discord thread agents registry', () => {
+    beforeEach(() => {
+        tempDir = mkdtempSync(join(tmpdir(), 'skimpyclaw-thread-agents-'));
+        storePath = join(tempDir, 'thread-agents.json');
+        _setThreadAgentStorePathForTesting(storePath);
+    });
+    afterEach(() => {
+        _setThreadAgentStorePathForTesting(null);
+        rmSync(tempDir, { recursive: true, force: true });
+    });
+    it('stores reusable profiles and binds them to threads', () => {
+        const profile = upsertAgentProfile({
+            alias: 'Reviewer',
+            agentId: 'main',
+            createdBy: 'user-1',
+        });
+        const binding = bindThreadAgent({
+            threadId: 'thread-1',
+            alias: 'reviewer',
+            createdBy: 'user-1',
+            guildId: 'guild-1',
+            channelId: 'channel-1',
+        });
+        expect(profile.alias).toBe('reviewer');
+        expect(binding.alias).toBe('reviewer');
+        expect(getThreadAgentByThreadId('thread-1')?.agentId).toBe('main');
+        expect(listAgentProfiles()).toHaveLength(1);
+        expect(listThreadAgentBindings()).toHaveLength(1);
+    });
+    it('allows one profile to be reused across multiple threads', () => {
+        upsertAgentProfile({
+            alias: 'claude-coder',
+            agentId: 'main',
+            createdBy: 'user-1',
+        });
+        bindThreadAgent({ threadId: 'thread-1', alias: 'claude-coder', createdBy: 'user-1' });
+        bindThreadAgent({ threadId: 'thread-2', alias: 'claude-coder', createdBy: 'user-1' });
+        expect(listAgentProfiles()).toHaveLength(1);
+        expect(listThreadAgentBindings().map(record => record.threadId)).toEqual(['thread-1', 'thread-2']);
+    });
+    it('updates profile prompts, models, and thinking for all bound threads', () => {
+        upsertAgentProfile({
+            alias: 'claude-coder',
+            agentId: 'main',
+            createdBy: 'user-1',
+        });
+        bindThreadAgent({ threadId: 'thread-1', alias: 'claude-coder', createdBy: 'user-1' });
+        bindThreadAgent({ threadId: 'thread-2', alias: 'claude-coder', createdBy: 'user-1' });
+        expect(setAgentProfilePrompt('claude-coder', 'Review code like a senior engineer.')?.promptOverlay)
+            .toBe('Review code like a senior engineer.');
+        expect(setAgentProfileModel('claude-coder', 'anthropic/claude-sonnet-4-5')?.model)
+            .toBe('anthropic/claude-sonnet-4-5');
+        expect(setAgentProfileThinking('claude-coder', 'xhigh')?.thinking).toBe('xhigh');
+        expect(getThreadAgentByThreadId('thread-2')?.model).toBe('anthropic/claude-sonnet-4-5');
+        expect(getThreadAgentByThreadId('thread-2')?.thinking).toBe('xhigh');
+    });
+    it('deletes profiles with their bindings', () => {
+        upsertAgentProfile({
+            alias: 'reviewer',
+            agentId: 'main',
+            createdBy: 'user-1',
+        });
+        bindThreadAgent({ threadId: 'thread-1', alias: 'reviewer', createdBy: 'user-1' });
+        expect(removeAgentProfile('reviewer')).toBe(true);
+        expect(getAgentProfileByAlias('reviewer')).toBeNull();
+        expect(getThreadAgentByThreadId('thread-1')).toBeNull();
+    });
+    it('migrates legacy thread-agent array stores', () => {
+        _setThreadAgentStorePathForTesting(null);
+        writeFileSync(storePath, JSON.stringify([
+            {
+                threadId: 'thread-1',
+                alias: 'Reviewer',
+                agentId: 'main',
+                model: 'anthropic/claude-sonnet-4-5',
+                thinking: 'high',
+                promptOverlay: 'Review carefully.',
+                createdBy: 'user-1',
+                createdAt: '2026-04-27T00:00:00.000Z',
+                updatedAt: '2026-04-27T00:00:00.000Z',
+                guildId: 'guild-1',
+                channelId: 'channel-1',
+            },
+        ]), 'utf-8');
+        _setThreadAgentStorePathForTesting(storePath);
+        const migrated = getThreadAgentByThreadId('thread-1');
+        expect(migrated?.alias).toBe('reviewer');
+        expect(migrated?.model).toBe('anthropic/claude-sonnet-4-5');
+        expect(migrated?.thinking).toBe('high');
+        setAgentProfileModel('reviewer', 'anthropic/claude-opus-4-6');
+        const persisted = JSON.parse(readFileSync(storePath, 'utf-8'));
+        expect(persisted.version).toBe(2);
+        expect(persisted.profiles[0].alias).toBe('reviewer');
+        expect(persisted.bindings[0].profileAlias).toBe('reviewer');
+    });
+    it('parses leading agent mentions', () => {
+        expect(parseDiscordAgentMention('@Claude-Coder review this PR')).toEqual({
+            alias: 'claude-coder',
+            prompt: 'review this PR',
+        });
+        expect(parseDiscordAgentMention('@codex-reviewer')).toEqual({
+            alias: 'codex-reviewer',
+            prompt: '',
+        });
+        expect(parseDiscordAgentMention('please ask @codex-reviewer')).toBeNull();
+        expect(parseDiscordAgentMention('<@1234567890> review this')).toBeNull();
+    });
+});

package/dist/__tests__/discord-thread-context.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/discord-thread-context.test.js

@@ -0,0 +1,42 @@
+import { describe, expect, it } from 'vitest';
+import { buildCodeAgentThreadContext } from '../channels/discord/utils.js';
+function makeMessage(channel) {
+    return { channel };
+}
+function makeTask(overrides = {}) {
+    return {
+        id: 'ca-12',
+        agent: 'codex',
+        task: 'Fix the Discord thread context bug',
+        status: 'completed',
+        discordThreadId: 'thread-1',
+        startedAt: '2026-04-27T14:00:00.000Z',
+        endedAt: '2026-04-27T14:05:00.000Z',
+        workdir: '/Users/katre/Sites/skimpyclaw',
+        outputPreview: 'Implemented a context bridge.',
+        validationPassed: true,
+        ...overrides,
+    };
+}
+describe('Discord coding-agent thread context', () => {
+    it('injects task metadata for messages inside a coding-agent thread', () => {
+        const message = makeMessage({
+            id: 'thread-1',
+            isDMBased: () => false,
+            isThread: () => true,
+        });
+        const context = buildCodeAgentThreadContext(message, [makeTask()]);
+        expect(context).toContain('Task ID: ca-12');
+        expect(context).toContain('Task status: completed');
+        expect(context).toContain('Fix the Discord thread context bug');
+        expect(context).toContain('check_code_agent with id "ca-12"');
+    });
+    it('returns null outside task threads', () => {
+        const message = makeMessage({
+            id: 'channel-1',
+            isDMBased: () => false,
+            isThread: () => false,
+        });
+        expect(buildCodeAgentThreadContext(message, [makeTask()])).toBeNull();
+    });
+});

package/dist/__tests__/doctor.formatters.test.js

@@ -21,11 +21,11 @@ describe('doctor formatters', () => {
                 remedy: 'Fix ~/.skimpyclaw/config.json to valid JSON and rerun doctor.',
             },
             {
-                name: 'provider_openai_auth',
+                name: 'provider_anthropic_auth',
                 category: 'provider_auth',
                 ok: false,
                 detail: '401 Unauthorized',
-                remedy: 'Check OPENAI_API_KEY and provider base URL.',
+                remedy: 'Check ANTHROPIC_API_KEY and provider base URL.',
             },
         ],
     };
@@ -36,11 +36,11 @@ describe('doctor formatters', () => {
         expect(output).toContain('provider_auth');
         expect(output).toContain('✓ node_version');
         expect(output).toContain('✗ config_json_valid');
-        expect(output).toContain('✗ provider_openai_auth');
+        expect(output).toContain('✗ provider_anthropic_auth');
         expect(output).toContain('Unexpected token } in JSON at position 10');
         expect(output).toContain('401 Unauthorized');
         expect(output).toContain('Fix ~/.skimpyclaw/config.json to valid JSON and rerun doctor.');
-        expect(output).toContain('Check OPENAI_API_KEY and provider base URL.');
+        expect(output).toContain('Check ANTHROPIC_API_KEY and provider base URL.');
     });
     it('does not print undefined when a failed check has no remedy', () => {
         const output = formatDoctorHuman({

package/dist/__tests__/doctor.index.test.js

@@ -20,7 +20,7 @@ describe('doctor index integration', () => {
         finishedAt: '2026-02-12T10:00:02.000Z',
         checks: [
             { name: 'node_version', category: 'environment', ok: true, detail: 'v20.11.0' },
-            { name: 'provider_openai_auth', category: 'provider_auth', ok: false, detail: '401 Unauthorized' },
+            { name: 'provider_anthropic_auth', category: 'provider_auth', ok: false, detail: '401 Unauthorized' },
         ],
     };
     beforeEach(() => {

package/dist/__tests__/doctor.runner.test.js

@@ -1,5 +1,5 @@
 import { beforeEach, describe, expect, it, vi } from 'vitest';
-const { mockLoadConfig, mockCheckNodeVersion, mockCheckPackageManagerAvailable, mockCheckTypeScriptCompile, mockCheckConfigExistsAndValidJson, mockCheckRequiredEnvVars, mockCheckEnvVarPatterns, mockCheckAllowedPathsWritable, mockCheckProviderAuth, mockCheckTelegramToken, mockCheckDiscordToken, mockCheckBrowserBinaryIfEnabled, mockCheckPlaywrightIfBrowserEnabled, mockCheckVoiceDependencies, mockCheckMcpConfig, mockCheckGatewayHostBindable, mockCheckSkimpyclawDirWritable, mockCheckPortAvailability, mockCheckSandboxAvailable, } = vi.hoisted(() => ({
+const { mockLoadConfig, mockCheckNodeVersion, mockCheckPackageManagerAvailable, mockCheckTypeScriptCompile, mockCheckConfigExistsAndValidJson, mockCheckRequiredEnvVars, mockCheckEnvVarPatterns, mockCheckAllowedPathsWritable, mockCheckProviderAuth, mockCheckTelegramToken, mockCheckDiscordToken, mockCheckVoiceDependencies, mockCheckMcpConfig, mockCheckGatewayHostBindable, mockCheckSkimpyclawDirWritable, mockCheckPortAvailability, } = vi.hoisted(() => ({
     mockLoadConfig: vi.fn(),
     mockCheckNodeVersion: vi.fn(),
     mockCheckPackageManagerAvailable: vi.fn(),
@@ -11,14 +11,11 @@ const { mockLoadConfig, mockCheckNodeVersion, mockCheckPackageManagerAvailable,
     mockCheckProviderAuth: vi.fn(),
     mockCheckTelegramToken: vi.fn(),
     mockCheckDiscordToken: vi.fn(),
-    mockCheckBrowserBinaryIfEnabled: vi.fn(),
-    mockCheckPlaywrightIfBrowserEnabled: vi.fn(),
     mockCheckVoiceDependencies: vi.fn(),
     mockCheckMcpConfig: vi.fn(),
     mockCheckGatewayHostBindable: vi.fn(),
     mockCheckSkimpyclawDirWritable: vi.fn(),
     mockCheckPortAvailability: vi.fn(),
-    mockCheckSandboxAvailable: vi.fn(),
 }));
 vi.mock('../config.js', () => ({
     loadConfig: mockLoadConfig,
@@ -34,14 +31,11 @@ vi.mock('../doctor/checks.js', () => ({
     checkProviderAuth: mockCheckProviderAuth,
     checkTelegramToken: mockCheckTelegramToken,
     checkDiscordToken: mockCheckDiscordToken,
-    checkBrowserBinaryIfEnabled: mockCheckBrowserBinaryIfEnabled,
-    checkPlaywrightIfBrowserEnabled: mockCheckPlaywrightIfBrowserEnabled,
     checkVoiceDependencies: mockCheckVoiceDependencies,
     checkMcpConfig: mockCheckMcpConfig,
     checkGatewayHostBindable: mockCheckGatewayHostBindable,
     checkSkimpyclawDirWritable: mockCheckSkimpyclawDirWritable,
     checkPortAvailability: mockCheckPortAvailability,
-    checkSandboxAvailable: mockCheckSandboxAvailable,
 }));
 import { computeExitCode, runDoctor } from '../doctor/runner.js';
 function okCheck(name, category, detail = 'ok') {
@@ -53,7 +47,7 @@ describe('doctor runner', () => {
             gateway: { port: 18790 },
             models: {
                 providers: {
-                    openai: { apiKey: '${OPENAI_API_KEY}' },
+                    anthropic: { apiKey: '${ANTHROPIC_API_KEY}' },
                 },
             },
             channels: {
@@ -76,14 +70,11 @@ describe('doctor runner', () => {
         mockCheckProviderAuth.mockReset();
         mockCheckTelegramToken.mockReset();
         mockCheckDiscordToken.mockReset();
-        mockCheckBrowserBinaryIfEnabled.mockReset();
-        mockCheckPlaywrightIfBrowserEnabled.mockReset();
         mockCheckVoiceDependencies.mockReset();
         mockCheckMcpConfig.mockReset();
         mockCheckGatewayHostBindable.mockReset();
         mockCheckSkimpyclawDirWritable.mockReset();
         mockCheckPortAvailability.mockReset();
-        mockCheckSandboxAvailable.mockReset();
         mockCheckNodeVersion.mockResolvedValue(okCheck('node_version', 'environment', 'v20.11.0'));
         mockCheckPackageManagerAvailable.mockResolvedValue(okCheck('package_manager_available', 'environment', 'pnpm'));
         mockCheckTypeScriptCompile.mockResolvedValue(okCheck('typescript_compile', 'environment'));
@@ -91,17 +82,14 @@ describe('doctor runner', () => {
         mockCheckRequiredEnvVars.mockResolvedValue(okCheck('required_env_vars', 'configuration'));
         mockCheckEnvVarPatterns.mockResolvedValue(okCheck('env_var_patterns', 'configuration'));
         mockCheckAllowedPathsWritable.mockResolvedValue(okCheck('allowed_paths_writable', 'configuration'));
-        mockCheckProviderAuth.mockResolvedValue(okCheck('provider_openai_auth', 'provider_auth'));
+        mockCheckProviderAuth.mockResolvedValue(okCheck('provider_anthropic_auth', 'provider_auth'));
         mockCheckTelegramToken.mockResolvedValue(okCheck('telegram_token_valid', 'channels'));
         mockCheckDiscordToken.mockResolvedValue(okCheck('discord_token_valid', 'channels'));
-        mockCheckBrowserBinaryIfEnabled.mockResolvedValue(okCheck('browser_binary_available', 'runtime'));
-        mockCheckPlaywrightIfBrowserEnabled.mockResolvedValue(okCheck('playwright_installed', 'runtime', 'Browser tools disabled'));
         mockCheckVoiceDependencies.mockResolvedValue(okCheck('voice_dependencies', 'runtime', 'Voice disabled'));
         mockCheckMcpConfig.mockResolvedValue(okCheck('mcp_config', 'runtime', 'MCP tools not configured'));
         mockCheckGatewayHostBindable.mockResolvedValue(okCheck('gateway_host_bindable', 'runtime', '127.0.0.1 (always available)'));
         mockCheckSkimpyclawDirWritable.mockResolvedValue(okCheck('skimpyclaw_dirs_writable', 'runtime'));
         mockCheckPortAvailability.mockResolvedValue(okCheck('gateway_port_available', 'runtime'));
-        mockCheckSandboxAvailable.mockResolvedValue(okCheck('sandbox_available', 'runtime', 'Sandbox disabled'));
     });
     it('computes exit code 0 when all checks pass', () => {
         const code = computeExitCode({ checks: [okCheck('node_version', 'environment')] });

package/dist/__tests__/env-sanitizer.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/env-sanitizer.test.js

@@ -0,0 +1,45 @@
+import { describe, it, expect } from 'vitest';
+import { sanitizeExecEnv, sanitizeCronEnv } from '../env-sanitizer.js';
+describe('sanitizeExecEnv', () => {
+    it('strips sensitive env vars while preserving allowlisted values', () => {
+        process.env.OPENAI_API_KEY = 'secret-openai';
+        process.env.CLAUDE_CODE_OAUTH_TOKEN = 'secret-claude';
+        process.env.GH_TOKEN = 'allowed-gh';
+        process.env.NORMAL_VAR = 'ok';
+        const env = sanitizeExecEnv();
+        expect(env.OPENAI_API_KEY).toBeUndefined();
+        expect(env.CLAUDE_CODE_OAUTH_TOKEN).toBeUndefined();
+        expect(env.GH_TOKEN).toBe('allowed-gh');
+        expect(env.NORMAL_VAR).toBe('ok');
+        delete process.env.OPENAI_API_KEY;
+        delete process.env.CLAUDE_CODE_OAUTH_TOKEN;
+        delete process.env.GH_TOKEN;
+        delete process.env.NORMAL_VAR;
+    });
+    it('ensures common tool paths are present in PATH', () => {
+        process.env.PATH = '/usr/bin:/bin';
+        const env = sanitizeExecEnv();
+        expect(env.PATH).toContain('/opt/homebrew/bin');
+        expect(env.PATH).toContain('/usr/local/bin');
+    });
+    it('applies strict allowlist for cron environments', () => {
+        process.env.OPENAI_API_KEY = 'secret';
+        process.env.GH_TOKEN = 'allowed-gh';
+        process.env.SKIMPYCLAW_MODE = 'prod';
+        process.env.CUSTOM_RANDOM_VAR = 'do-not-include';
+        process.env.PATH = '/usr/bin:/bin';
+        process.env.HOME = '/tmp/home';
+        const env = sanitizeCronEnv();
+        expect(env.OPENAI_API_KEY).toBeUndefined();
+        expect(env.CUSTOM_RANDOM_VAR).toBeUndefined();
+        expect(env.GH_TOKEN).toBe('allowed-gh');
+        expect(env.SKIMPYCLAW_MODE).toBe('prod');
+        expect(env.HOME).toBe('/tmp/home');
+        expect(env.PATH).toContain('/opt/homebrew/bin');
+        delete process.env.OPENAI_API_KEY;
+        delete process.env.GH_TOKEN;
+        delete process.env.SKIMPYCLAW_MODE;
+        delete process.env.CUSTOM_RANDOM_VAR;
+        delete process.env.HOME;
+    });
+});

package/dist/__tests__/exec-approval.test.js

@@ -205,6 +205,14 @@ describe('approval registry', () => {
         const found = findApprovedRequest('sudo apt update');
         expect(found).toBeUndefined();
     });
+    it('consumed approval is still retrievable by ID', () => {
+        const approval = createApprovalRequest('sudo apt update', undefined, { tier: 2, reason: 'test' });
+        approveRequest(approval.id);
+        consumeApproval(approval.id);
+        const fetched = getApproval(approval.id);
+        expect(fetched).toBeDefined();
+        expect(fetched?.status).toBe('consumed');
+    });
     it('expires pending approvals past TTL', () => {
         const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' }, { ttlMs: 1 });
         // Wait briefly for TTL to expire
@@ -321,3 +329,56 @@ describe('approval events', () => {
         expect(events).toHaveLength(1); // No new event
     });
 });
+describe('approval history', () => {
+    it('new approval starts with empty history', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' });
+        expect(approval.history).toEqual([]);
+    });
+    it('records a single transition on approve', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' });
+        approveRequest(approval.id, 'admin');
+        const fetched = getApproval(approval.id);
+        expect(fetched.history).toHaveLength(1);
+        expect(fetched.history[0].from).toBe('pending');
+        expect(fetched.history[0].to).toBe('approved');
+        expect(fetched.history[0].by).toBe('admin');
+        expect(fetched.history[0].at).toBeInstanceOf(Date);
+    });
+    it('records a single transition on deny', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' });
+        denyRequest(approval.id, 'security');
+        const fetched = getApproval(approval.id);
+        expect(fetched.history).toHaveLength(1);
+        expect(fetched.history[0].from).toBe('pending');
+        expect(fetched.history[0].to).toBe('denied');
+        expect(fetched.history[0].by).toBe('security');
+    });
+    it('records multiple transitions through full lifecycle', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' });
+        approveRequest(approval.id, 'admin');
+        consumeApproval(approval.id);
+        const fetched = getApproval(approval.id);
+        expect(fetched.history).toHaveLength(2);
+        expect(fetched.history[0]).toMatchObject({ from: 'pending', to: 'approved', by: 'admin' });
+        expect(fetched.history[1]).toMatchObject({ from: 'approved', to: 'consumed' });
+        expect(fetched.status).toBe('consumed');
+    });
+    it('no-op status update does not add history entries', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' });
+        approveRequest(approval.id, 'admin');
+        // Try to approve again — should fail, no history added
+        const result = approveRequest(approval.id, 'other');
+        expect(result).toBe(false);
+        const fetched = getApproval(approval.id);
+        expect(fetched.history).toHaveLength(1); // Only the first approve
+    });
+    it('records expiration transition in history', () => {
+        const approval = createApprovalRequest('sudo cmd', undefined, { tier: 2, reason: 'test' }, { ttlMs: 1 });
+        const start = Date.now();
+        while (Date.now() - start < 5) { /* spin for TTL */ }
+        cleanupExpired();
+        const fetched = getApproval(approval.id);
+        expect(fetched.history).toHaveLength(1);
+        expect(fetched.history[0]).toMatchObject({ from: 'pending', to: 'expired' });
+    });
+});

package/dist/__tests__/fetch-tool.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/fetch-tool.test.js

@@ -0,0 +1,85 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+const mockLookup = vi.hoisted(() => vi.fn());
+vi.mock('dns/promises', () => ({
+    lookup: (...args) => mockLookup(...args),
+}));
+const mockFetch = vi.fn();
+global.fetch = mockFetch;
+const { executeFetch } = await import('../tools/fetch-tool.js');
+describe('fetch-tool SSRF protections', () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    it('blocks localhost targets', async () => {
+        const out = await executeFetch({ url: 'http://localhost:8080/secret' }, {});
+        expect(out).toContain('Error:');
+        expect(out).toContain('Blocked host');
+        expect(mockFetch).not.toHaveBeenCalled();
+    });
+    it('blocks non-http protocols', async () => {
+        const out = await executeFetch({ url: 'file:///etc/passwd' }, {});
+        expect(out).toContain('Error:');
+        expect(out).toContain('Unsupported protocol');
+        expect(mockFetch).not.toHaveBeenCalled();
+    });
+    it('blocks hostnames resolving to private IPs', async () => {
+        mockLookup.mockResolvedValueOnce([{ address: '10.0.0.5', family: 4 }]);
+        const out = await executeFetch({ url: 'https://example.test/data' }, {});
+        expect(out).toContain('Error:');
+        expect(out).toContain('Blocked resolved IP');
+        expect(mockFetch).not.toHaveBeenCalled();
+    });
+    it('blocks redirects to internal targets', async () => {
+        mockLookup.mockResolvedValueOnce([{ address: '93.184.216.34', family: 4 }]);
+        mockFetch.mockResolvedValueOnce({
+            status: 302,
+            statusText: 'Found',
+            headers: new Headers({ location: 'http://127.0.0.1/internal' }),
+            text: async () => '',
+        });
+        const out = await executeFetch({ url: 'https://public.example/path' }, {});
+        expect(out).toContain('Error:');
+        expect(out).toContain('Blocked target IP');
+        expect(mockFetch).toHaveBeenCalledTimes(1);
+    });
+    it('re-validates DNS on each redirect hop', async () => {
+        mockLookup
+            .mockResolvedValueOnce([{ address: '93.184.216.34', family: 4 }])
+            .mockResolvedValueOnce([{ address: '93.184.216.34', family: 4 }]);
+        mockFetch
+            .mockResolvedValueOnce({
+            status: 302,
+            statusText: 'Found',
+            headers: new Headers({ location: 'https://example.com/next' }),
+            text: async () => '',
+        })
+            .mockResolvedValueOnce({
+            status: 200,
+            statusText: 'OK',
+            headers: new Headers({ 'content-type': 'text/plain' }),
+            text: async () => 'ok',
+        });
+        const out = await executeFetch({ url: 'https://example.com/start' }, {});
+        expect(out).toContain('HTTP 200 OK');
+        expect(mockLookup).toHaveBeenCalledTimes(2);
+    });
+    it('returns response body for valid public targets', async () => {
+        mockLookup.mockResolvedValueOnce([{ address: '93.184.216.34', family: 4 }]);
+        mockFetch.mockResolvedValueOnce({
+            status: 200,
+            statusText: 'OK',
+            headers: new Headers({ 'content-type': 'text/plain' }),
+            text: async () => 'ok',
+        });
+        const out = await executeFetch({ url: 'https://example.com' }, {});
+        expect(out).toContain('HTTP 200 OK');
+        expect(out).toContain('ok');
+        expect(mockFetch).toHaveBeenCalledWith(expect.any(URL), expect.objectContaining({ redirect: 'manual' }));
+    });
+    it('blocks internal-style host suffixes', async () => {
+        const out = await executeFetch({ url: 'https://service.internal/api' }, {});
+        expect(out).toContain('Error:');
+        expect(out).toContain('Blocked internal host');
+        expect(mockFetch).not.toHaveBeenCalled();
+    });
+});

package/dist/__tests__/gateway-status-auth.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/gateway-status-auth.test.js

@@ -0,0 +1,72 @@
+import { afterEach, describe, expect, it, vi } from 'vitest';
+vi.mock('../api.js', () => ({
+    registerDashboardAPI: vi.fn(),
+}));
+vi.mock('../dashboard-frontend.js', () => ({
+    registerDashboard: vi.fn(),
+}));
+vi.mock('../cron.js', () => ({
+    getCronJobs: () => [{ id: 'job-1', name: 'Job 1', nextRun: undefined }],
+    runCronJob: vi.fn(),
+}));
+vi.mock('../agent.js', () => ({
+    runAgentTurn: vi.fn().mockResolvedValue('ok'),
+}));
+vi.mock('../config.js', () => ({
+    ensureDashboardToken: () => 'test-token',
+    getLogsDir: () => '/tmp/test-skimpyclaw/logs',
+}));
+const { createGateway } = await import('../gateway.js');
+const cfg = {
+    gateway: { port: 18790 },
+    agents: {
+        default: 'main',
+        list: {
+            main: {
+                model: 'anthropic/claude-haiku-4-5',
+                identity: { name: 'Bot', emoji: 'x' },
+            },
+        },
+    },
+    cron: { jobs: [] },
+};
+describe('gateway /status auth', () => {
+    afterEach(async () => {
+        vi.clearAllMocks();
+    });
+    it('keeps /health unauthenticated', async () => {
+        const app = await createGateway(cfg);
+        try {
+            const res = await app.inject({ method: 'GET', url: '/health' });
+            expect(res.statusCode).toBe(200);
+        }
+        finally {
+            await app.close();
+        }
+    });
+    it('requires auth for /status', async () => {
+        const app = await createGateway(cfg);
+        try {
+            const res = await app.inject({ method: 'GET', url: '/status' });
+            expect(res.statusCode).toBe(401);
+        }
+        finally {
+            await app.close();
+        }
+    });
+    it('allows /status with valid bearer token', async () => {
+        const app = await createGateway(cfg);
+        try {
+            const res = await app.inject({
+                method: 'GET',
+                url: '/status',
+                headers: { authorization: 'Bearer test-token' },
+            });
+            expect(res.statusCode).toBe(200);
+            expect(res.json().status).toBe('ok');
+        }
+        finally {
+            await app.close();
+        }
+    });
+});

package/dist/__tests__/heartbeat.test.js

@@ -22,7 +22,7 @@ describe('heartbeat prompt path normalization', () => {
             heartbeat: {
                 intervalMs: 60000,
                 prompt: 'Read /Users/example/HEARTBEAT.md only. Reply HEARTBEAT_OK.',
-                model: 'claude-fast',
+                model: 'anthropic/claude-haiku-4-5',
                 tools: {
                     enabled: true,
                     allowedPaths: ['/Users/example/.skimpyclaw'],
@@ -39,7 +39,7 @@ describe('heartbeat prompt path normalization', () => {
         };
         await runHeartbeatCheck(config);
         expect(mockRunAgentTurn).toHaveBeenCalledTimes(1);
-        expect(mockRunAgentTurn).toHaveBeenCalledWith('main', expect.stringContaining('/.skimpyclaw/agents/main/HEARTBEAT.md'), config, 'claude-fast', expect.any(Object), undefined, expect.any(Object));
+        expect(mockRunAgentTurn).toHaveBeenCalledWith('main', expect.stringContaining('/.skimpyclaw/agents/main/HEARTBEAT.md'), config, 'anthropic/claude-haiku-4-5', expect.any(Object), undefined, expect.any(Object));
     });
     it('normalizes /workspace heartbeat path to agents/main/HEARTBEAT.md', async () => {
         const config = {
@@ -47,7 +47,7 @@ describe('heartbeat prompt path normalization', () => {
             heartbeat: {
                 intervalMs: 60000,
                 prompt: 'Read /workspace/HEARTBEAT.md only. Reply HEARTBEAT_OK.',
-                model: 'claude-fast',
+                model: 'anthropic/claude-haiku-4-5',
                 tools: {
                     enabled: true,
                     allowedPaths: ['/Users/example/.skimpyclaw'],

package/dist/__tests__/interactive-sessions.test.d.ts

@@ -0,0 +1 @@
+export {};