solidity-argus 0.3.6 → 0.5.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (107) hide show
  1. package/AGENTS.md +13 -6
  2. package/README.md +24 -12
  3. package/package.json +7 -3
  4. package/skills/checklists/cyfrin-best-practices-runtime/SKILL.md +1 -0
  5. package/skills/checklists/cyfrin-best-practices-upgrades/SKILL.md +1 -0
  6. package/skills/checklists/cyfrin-defi-core/SKILL.md +1 -0
  7. package/skills/checklists/cyfrin-defi-integrations/SKILL.md +1 -0
  8. package/skills/checklists/cyfrin-gas/SKILL.md +1 -0
  9. package/skills/checklists/general-audit/SKILL.md +1 -0
  10. package/skills/methodology/audit-workflow/SKILL.md +1 -0
  11. package/skills/methodology/report-template/SKILL.md +1 -0
  12. package/skills/methodology/severity-classification/SKILL.md +1 -0
  13. package/skills/protocol-patterns/amm-dex/SKILL.md +1 -0
  14. package/skills/protocol-patterns/bridges-cross-chain/SKILL.md +1 -0
  15. package/skills/protocol-patterns/dao-governance/SKILL.md +1 -0
  16. package/skills/protocol-patterns/lending-borrowing/SKILL.md +1 -0
  17. package/skills/protocol-patterns/staking-vesting/SKILL.md +1 -0
  18. package/skills/vulnerability-patterns/flash-loan-attacks/SKILL.md +0 -50
  19. package/skills/vulnerability-patterns/oracle-manipulation/SKILL.md +0 -63
  20. package/src/agents/argus-prompt.ts +98 -33
  21. package/src/agents/pythia-prompt.ts +18 -1
  22. package/src/agents/scribe-prompt.ts +32 -10
  23. package/src/agents/sentinel-prompt.ts +19 -0
  24. package/src/agents/themis-prompt.ts +110 -0
  25. package/src/cli/commands/doctor.ts +29 -17
  26. package/src/config/loader.ts +29 -5
  27. package/src/config/schema.ts +45 -45
  28. package/src/constants/defaults.ts +1 -0
  29. package/src/create-hooks.ts +851 -142
  30. package/src/create-managers.ts +4 -2
  31. package/src/create-tools.ts +5 -1
  32. package/src/features/audit-enforcer/audit-enforcer.ts +1 -11
  33. package/src/features/background-agent/background-manager.ts +32 -5
  34. package/src/features/error-recovery/tool-error-recovery.ts +1 -0
  35. package/src/features/persistent-state/audit-state-manager.ts +272 -29
  36. package/src/features/persistent-state/event-sink.ts +96 -25
  37. package/src/features/persistent-state/findings-materializer.ts +57 -3
  38. package/src/features/persistent-state/global-run-index.ts +86 -8
  39. package/src/features/persistent-state/index.ts +7 -1
  40. package/src/features/persistent-state/run-finalizer.ts +116 -7
  41. package/src/features/persistent-state/run-pruner.ts +93 -0
  42. package/src/hooks/agent-tracker.ts +14 -2
  43. package/src/hooks/compaction-hook.ts +7 -16
  44. package/src/hooks/config-handler.ts +83 -29
  45. package/src/hooks/context-budget.ts +4 -5
  46. package/src/hooks/event-hook.ts +213 -57
  47. package/src/hooks/knowledge-sync-hook.ts +2 -3
  48. package/src/hooks/safe-create-hook.ts +13 -1
  49. package/src/hooks/system-prompt-hook.ts +20 -39
  50. package/src/hooks/tool-tracking-hook.ts +606 -326
  51. package/src/index.ts +15 -1
  52. package/src/knowledge/scvd-client.ts +2 -4
  53. package/src/knowledge/scvd-errors.ts +25 -2
  54. package/src/knowledge/scvd-index.ts +7 -5
  55. package/src/knowledge/scvd-sync.ts +6 -6
  56. package/src/managers/types.ts +20 -2
  57. package/src/shared/agent-names.ts +23 -0
  58. package/src/shared/audit-artifact-resolver.ts +8 -3
  59. package/src/shared/audit-phases.ts +12 -0
  60. package/src/shared/cache-paths.ts +41 -0
  61. package/src/shared/drop-diagnostics.ts +2 -2
  62. package/src/shared/forge-errors.ts +31 -0
  63. package/src/shared/forge-runner.ts +30 -0
  64. package/src/shared/format-error.ts +3 -0
  65. package/src/shared/index.ts +9 -0
  66. package/src/shared/key-tools.ts +39 -0
  67. package/src/shared/logger.ts +7 -7
  68. package/src/shared/path-containment.ts +25 -0
  69. package/src/shared/path-utils.ts +11 -0
  70. package/src/shared/report-path-resolver.ts +4 -2
  71. package/src/shared/safe-emit.ts +24 -0
  72. package/src/shared/token-utils.ts +5 -0
  73. package/src/shared/type-guards.ts +8 -0
  74. package/src/shared/validation-constants.ts +52 -0
  75. package/src/skills/analysis/cluster.ts +1 -114
  76. package/src/skills/analysis/normalize.ts +2 -114
  77. package/src/skills/analysis/stopwords.ts +109 -0
  78. package/src/skills/argus-skill-resolver.ts +6 -3
  79. package/src/solodit-lifecycle.ts +153 -37
  80. package/src/state/adapters.ts +60 -66
  81. package/src/state/finding-aggregation.ts +6 -8
  82. package/src/state/finding-fingerprint.ts +1 -1
  83. package/src/state/finding-store.ts +31 -9
  84. package/src/state/index.ts +1 -1
  85. package/src/state/projectors.ts +27 -19
  86. package/src/state/schemas.ts +8 -32
  87. package/src/state/types.ts +3 -0
  88. package/src/tools/contract-analyzer-tool.ts +4 -6
  89. package/src/tools/forge-coverage-tool.ts +10 -35
  90. package/src/tools/forge-fuzz-tool.ts +21 -51
  91. package/src/tools/forge-test-tool.ts +25 -47
  92. package/src/tools/gas-analysis-tool.ts +12 -41
  93. package/src/tools/pattern-checker-tool.ts +37 -15
  94. package/src/tools/pattern-loader.ts +18 -4
  95. package/src/tools/persist-deduped-tool.ts +94 -0
  96. package/src/tools/proxy-detection-tool.ts +35 -34
  97. package/src/tools/read-findings-tool.ts +390 -0
  98. package/src/tools/record-finding-tool.ts +120 -25
  99. package/src/tools/report-generator-tool.ts +396 -328
  100. package/src/tools/report-preflight.ts +5 -1
  101. package/src/tools/slither-tool.ts +55 -16
  102. package/src/tools/solodit-search-tool.ts +260 -112
  103. package/src/tools/sync-knowledge-tool.ts +2 -3
  104. package/src/utils/solidity-parser.ts +39 -24
  105. package/src/features/migration/index.ts +0 -14
  106. package/src/features/migration/migration-adapter.ts +0 -151
  107. package/src/features/migration/parity-telemetry.ts +0 -133
package/src/config/schema.ts CHANGED
@@ -3,8 +3,9 @@ import { z } from "zod"
3
3
  const AgentConfigSchema = z.object({
4
4
  model: z.string().optional(),
5
5
  steps: z.number().positive().optional(),
6
- permission: z.record(z.string(), z.any()).optional(),
6
+ permission: z.record(z.string(), z.unknown()).optional(),
7
7
  tools: z.record(z.string(), z.boolean()).optional(),
8
+ temperature: z.number().min(0).max(2).optional(),
8
9
  })
9
10
 
10
11
  const ToolsConfigSchema = z.object({
@@ -36,55 +37,54 @@ const ReportingConfigSchema = z.object({
36
37
 
37
38
  const SoloditConfigSchema = z.object({
38
39
  enabled: z.boolean().default(true),
39
- port: z.number().default(3000),
40
+ port: z.number().default(54173),
40
41
  })
41
42
 
42
43
  const BackgroundConfigSchema = z.object({
43
44
  max_concurrent: z.number().positive().default(3),
44
45
  })
45
46
 
46
- const MigrationConfigSchema = z.object({
47
- mode: z.enum(["legacy", "dual", "strict"]).default("legacy"),
48
- })
49
-
50
- export const ArgusConfigSchema = z.object({
51
- agents: z
52
- .object({
53
- argus: AgentConfigSchema.default({}),
54
- sentinel: AgentConfigSchema.default({}),
55
- pythia: AgentConfigSchema.default({}),
56
- scribe: AgentConfigSchema.default({}),
57
- })
58
- .default({
59
- argus: {},
60
- sentinel: {},
61
- pythia: {},
62
- scribe: {},
47
+ export const ArgusConfigSchema = z
48
+ .object({
49
+ agents: z
50
+ .object({
51
+ argus: AgentConfigSchema.default({}),
52
+ sentinel: AgentConfigSchema.default({}),
53
+ pythia: AgentConfigSchema.default({}),
54
+ scribe: AgentConfigSchema.default({}),
55
+ themis: AgentConfigSchema.optional().default({}),
56
+ })
57
+ .default({
58
+ argus: {},
59
+ sentinel: {},
60
+ pythia: {},
61
+ scribe: {},
62
+ themis: {},
63
+ }),
64
+ tools: ToolsConfigSchema.default({}),
65
+ knowledge: KnowledgeConfigSchema.default({
66
+ scvd: {
67
+ enabled: true,
68
+ apiUrl: "https://api.scvd.dev",
69
+ },
70
+ autoSync: true,
71
+ skillPrecedence: "bundled-first",
72
+ }),
73
+ reporting: ReportingConfigSchema.default({
74
+ format: "markdown",
75
+ severityThreshold: "low",
76
+ gasAnalysis: false,
77
+ output_dir: ".argus/reports/",
63
78
  }),
64
- tools: ToolsConfigSchema.default({}),
65
- knowledge: KnowledgeConfigSchema.default({
66
- scvd: {
79
+ solodit: SoloditConfigSchema.default({
67
80
  enabled: true,
68
- apiUrl: "https://api.scvd.dev",
69
- },
70
- autoSync: true,
71
- skillPrecedence: "bundled-first",
72
- }),
73
- reporting: ReportingConfigSchema.default({
74
- format: "markdown",
75
- severityThreshold: "low",
76
- gasAnalysis: false,
77
- output_dir: ".argus/reports/",
78
- }),
79
- solodit: SoloditConfigSchema.default({
80
- enabled: true,
81
- port: 3000,
82
- }),
83
- disabled_hooks: z.array(z.string()).default([]),
84
- hooks: z.record(z.string(), z.any()).default({}),
85
- cli: z.record(z.string(), z.any()).default({}),
86
- background: BackgroundConfigSchema.default({
87
- max_concurrent: 3,
88
- }),
89
- migration: MigrationConfigSchema.optional(),
90
- })
81
+ port: 54173,
82
+ }),
83
+ disabled_hooks: z.array(z.string()).default([]),
84
+ hooks: z.record(z.string(), z.unknown()).default({}),
85
+ cli: z.record(z.string(), z.unknown()).default({}),
86
+ background: BackgroundConfigSchema.default({
87
+ max_concurrent: 3,
88
+ }),
89
+ })
90
+ .strict()
package/src/constants/defaults.ts CHANGED
@@ -3,6 +3,7 @@ export const DEFAULT_MODELS = {
3
3
  sentinel: "anthropic/claude-sonnet-4-6",
4
4
  pythia: "anthropic/claude-sonnet-4-6",
5
5
  scribe: "anthropic/claude-sonnet-4-6",
6
+ themis: "openai/gpt-5.4",
6
7
  } as const
7
8
 
8
9
  export const DEFAULT_STEPS = 50 as const