tracelattice 1.3.3 → 1.3.4

package/dist/sanitize.d.ts

@@ -60,4 +60,74 @@ export declare function stripControlChars(input: string): string;
  * ```
  */
 export declare function sanitizeString(input: string): string;
+export interface EnforceJsonShapeOptions {
+    maxDepth?: number;
+    maxBytes?: number;
+}
+export declare class JsonShapeError extends Error {
+    readonly reason: string;
+    constructor(reason: string);
+}
+/**
+ * Enforce safety constraints on a JSON-shaped value.
+ *
+ * Rejects:
+ * - Prototype-pollution keys (`__proto__`, `constructor`, `prototype`) at any depth
+ * - Nesting deeper than `maxDepth` (default 8)
+ * - Serialized JSON byte length exceeding `maxBytes` (default 16384)
+ * - Functions, symbols, and other non-JSON-safe values
+ *
+ * Used as a defense-in-depth gate for untrusted structured input such as
+ * `tool_arguments` from an LLM.
+ *
+ * @param value - The value to validate
+ * @param opts - Optional limits
+ * @throws {JsonShapeError} when any constraint is violated
+ *
+ * @example
+ * ```ts
+ * enforceJsonShape({ q: 'hello' }); // ok
+ * enforceJsonShape({ __proto__: { polluted: true } }); // throws
+ * enforceJsonShape({ a: { b: { c: { d: { e: { f: { g: { h: { i: 1 } } } } } } } } }); // throws (depth)
+ * ```
+ */
+export declare function enforceJsonShape(value: unknown, opts?: EnforceJsonShapeOptions): void;
+/**
+ * Sanitize a rationale string by stripping urgency phrases, capping length,
+ * and applying standard string sanitization.
+ *
+ * Applied to `recommended_tools[].rationale` and `recommended_skills[].rationale`
+ * to prevent prompt-injection via urgency language.
+ *
+ * @param input - The rationale string to sanitize
+ * @param truncated - Optional object to receive truncation signal (sets `.value = true` if truncated)
+ * @returns The sanitized rationale
+ *
+ * @example
+ * ```ts
+ * sanitizeRationale('URGENT: run this now'); // '[redacted-urgency] run this now'
+ * sanitizeRationale('Best for web search'); // 'Best for web search' (unchanged)
+ * ```
+ */
+export declare function sanitizeRationale(input: string, truncated?: {
+    value: boolean;
+}): string;
+/**
+ * Sanitize suggested_inputs: cap string value lengths, strip control chars and dangerous tags.
+ *
+ * Only processes flat primitive values (string | number | boolean | null).
+ * Non-primitive values (nested objects, arrays) are silently skipped — schema validation
+ * is expected to reject them upstream.
+ *
+ * @param inputs - The suggested_inputs record to sanitize
+ * @returns The sanitized record with cleaned string values
+ * @throws {Error} if string value exceeds max length, or if more than 32 keys are present
+ *
+ * @example
+ * ```ts
+ * sanitizeSuggestedInputs({ url: 'x', limit: 5 }); // { url: 'x', limit: 5 }
+ * sanitizeSuggestedInputs({ url: '<script>alert(1)</script>' }); // { url: 'alert(1)' }
+ * ```
+ */
+export declare function sanitizeSuggestedInputs(inputs: Record<string, unknown>): Record<string, string | number | boolean | null>;
 //# sourceMappingURL=sanitize.d.ts.map

package/dist/sanitize.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../src/sanitize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAiBH;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAExD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEvD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpD"}
+{"version":3,"file":"sanitize.d.ts","sourceRoot":"","sources":["../src/sanitize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAiBH;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAExD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEvD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpD;AAgBD,MAAM,WAAW,uBAAuB;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,cAAe,SAAQ,KAAK;IACxC,SAAgB,MAAM,EAAE,MAAM,CAAC;gBACnB,MAAM,EAAE,MAAM;CAK1B;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,GAAE,uBAA4B,GAAG,IAAI,CAoDzF;AAcD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE;IAAE,KAAK,EAAE,OAAO,CAAA;CAAE,GAAG,MAAM,CAQvF;AAYD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,uBAAuB,CACtC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC7B,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,CAuBlD"}

package/dist/sanitize.js

@@ -9,6 +9,82 @@ function stripControlChars(input) {
 function sanitizeString(input) {
     return stripDangerousTags(stripControlChars(input));
 }
-export { sanitizeString, stripControlChars, stripDangerousTags };
+const FORBIDDEN_KEYS = new Set([
+    '__proto__',
+    'constructor',
+    'prototype'
+]);
+const DEFAULT_MAX_DEPTH = 8;
+const DEFAULT_MAX_BYTES = 16384;
+class JsonShapeError extends Error {
+    reason;
+    constructor(reason){
+        super(reason);
+        this.name = 'JsonShapeError';
+        this.reason = reason;
+    }
+}
+function enforceJsonShape(value, opts = {}) {
+    const maxDepth = opts.maxDepth ?? DEFAULT_MAX_DEPTH;
+    const maxBytes = opts.maxBytes ?? DEFAULT_MAX_BYTES;
+    const seen = new WeakSet();
+    const walk = (node, depth)=>{
+        if (depth > maxDepth) throw new JsonShapeError(`exceeds max depth of ${maxDepth}`);
+        if (null === node) return;
+        const type = typeof node;
+        if ('string' === type || 'number' === type || 'boolean' === type) return;
+        if ('undefined' === type) return;
+        if ('function' === type || 'symbol' === type || 'bigint' === type) throw new JsonShapeError(`unsupported value type '${type}'`);
+        if ('object' !== type) throw new JsonShapeError(`unsupported value type '${type}'`);
+        const obj = node;
+        if (seen.has(obj)) throw new JsonShapeError('circular reference detected');
+        seen.add(obj);
+        if (Array.isArray(node)) {
+            for (const item of node)walk(item, depth + 1);
+            return;
+        }
+        for (const key of Object.keys(obj)){
+            if (FORBIDDEN_KEYS.has(key)) throw new JsonShapeError(`forbidden key '${key}'`);
+            walk(obj[key], depth + 1);
+        }
+    };
+    walk(value, 0);
+    let serialized;
+    try {
+        serialized = JSON.stringify(value);
+    } catch  {
+        throw new JsonShapeError('value is not JSON-serializable');
+    }
+    if (void 0 === serialized) return;
+    const bytes = Buffer.byteLength(serialized, 'utf8');
+    if (bytes > maxBytes) throw new JsonShapeError(`exceeds max serialized size of ${maxBytes} bytes (got ${bytes})`);
+}
+const URGENCY_PHRASES = /\b(URGENT(?:LY)?|IMMEDIATELY|MUST\s+RUN|CRITICAL:|ACTION\s+REQUIRED|DO\s+NOT\s+IGNORE|EXECUTE\s+NOW|RUN\s+THIS\s+NOW)/gi;
+const MAX_RATIONALE_LENGTH = 2000;
+function sanitizeRationale(input, truncated) {
+    let result = sanitizeString(input);
+    result = result.replace(URGENCY_PHRASES, '[redacted-urgency]');
+    if (result.length > MAX_RATIONALE_LENGTH) {
+        result = result.slice(0, MAX_RATIONALE_LENGTH);
+        if (truncated) truncated.value = true;
+    }
+    return result;
+}
+const MAX_SUGGESTED_INPUTS_KEYS = 32;
+const MAX_SUGGESTED_INPUT_VALUE_LENGTH = 512;
+function sanitizeSuggestedInputs(inputs) {
+    const keys = Object.keys(inputs);
+    if (keys.length > MAX_SUGGESTED_INPUTS_KEYS) throw new Error(`suggested_inputs exceeds max keys of ${MAX_SUGGESTED_INPUTS_KEYS} (got ${keys.length})`);
+    const result = {};
+    for (const key of keys){
+        const value = inputs[key];
+        if ('string' == typeof value) {
+            if (value.length > MAX_SUGGESTED_INPUT_VALUE_LENGTH) throw new Error(`suggested_inputs value for key '${key}' exceeds max length of ${MAX_SUGGESTED_INPUT_VALUE_LENGTH}`);
+            result[key] = sanitizeString(value);
+        } else if ('number' == typeof value || 'boolean' == typeof value || null === value) result[key] = value;
+    }
+    return result;
+}
+export { JsonShapeError, enforceJsonShape, sanitizeRationale, sanitizeString, sanitizeSuggestedInputs, stripControlChars, stripDangerousTags };
 
 //# sourceMappingURL=sanitize.js.map

package/dist/sanitize.js.map

@@ -1 +1 @@
-{"version":3,"file":"sanitize.js","sources":["../src/sanitize.ts"],"sourcesContent":["/**\n * Input sanitization for the sequential thinking MCP tool.\n *\n * Provides pure functions for stripping dangerous content from free-text fields.\n * Uses a targeted blocklist approach: only removes HTML tags that can execute code,\n * while preserving generic angle-bracket content like TypeScript generics (`Array<string>`),\n * mathematical comparisons (`x < 5`), and markdown formatting.\n *\n * @module sanitize\n */\n\n/**\n * Regex matching dangerous HTML tags that can execute JavaScript or load external resources.\n * Targets: script, iframe, img, style, svg, embed, object, link, meta, base, form.\n * Preserves: `Array<string>`, `x < 5 && y > 3`, `<details>`, `<code>`, `<pre>`, etc.\n */\nconst DANGEROUS_TAG_REGEX =\n\t/<\\/?(script|iframe|img|style|svg|embed|object|link|meta|base|form)(\\s[^>]*)?\\s*\\/?>/gi;\n\n/**\n * Null bytes and C0 control characters (except tab \\t, newline \\n, carriage return \\r).\n * These can cause truncation in C bindings, file I/O, and some databases.\n */\n// eslint-disable-next-line no-control-regex -- intentional: matches C0 control chars to strip them\nconst CONTROL_CHAR_REGEX = /[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F]/g;\n\n/**\n * Strip dangerous HTML tags that can execute JavaScript or load external resources.\n *\n * Uses a targeted blocklist to remove only tags known to be dangerous (script, iframe,\n * img, style, svg, embed, object, link, meta, base, form) while preserving safe\n * angle-bracket content like TypeScript generics and mathematical comparisons.\n *\n * @param input - The string to sanitize\n * @returns The input with dangerous HTML tags removed\n *\n * @example\n * ```ts\n * stripDangerousTags('<script>alert(1)</script>hello'); // 'hello'\n * stripDangerousTags('Array<string>'); // 'Array<string>' (preserved)\n * stripDangerousTags('x < 5 && y > 3'); // 'x < 5 && y > 3' (preserved)\n * ```\n */\nexport function stripDangerousTags(input: string): string {\n\treturn input.replace(DANGEROUS_TAG_REGEX, '');\n}\n\n/**\n * Strip null bytes and C0 control characters from a string.\n *\n * Removes characters in the range U+0000–U+0008, U+000B, U+000C, U+000E–U+001F.\n * Preserves tab (`\\t`, U+0009), newline (`\\n`, U+000A), and carriage return (`\\r`, U+000D)\n * as these are commonly used in thought content.\n *\n * @param input - The string to sanitize\n * @returns The input with control characters removed\n *\n * @example\n * ```ts\n * stripControlChars('a\\x00b'); // 'ab'\n * stripControlChars('a\\tb\\nc'); // 'a\\tb\\nc' (tab and newline preserved)\n * ```\n */\nexport function stripControlChars(input: string): string {\n\treturn input.replace(CONTROL_CHAR_REGEX, '');\n}\n\n/**\n * Sanitize a string by stripping both control characters and dangerous HTML tags.\n *\n * Composes {@link stripControlChars} and {@link stripDangerousTags} in sequence.\n * Does not trim whitespace — thought content may depend on leading/trailing spaces.\n * Always returns a string, even if the input is empty.\n *\n * @param input - The string to sanitize\n * @returns The fully sanitized string\n *\n * @example\n * ```ts\n * sanitizeString('<script>alert(1)</script>hello\\x00world'); // 'helloworld'\n * sanitizeString('Array<string>\\x00'); // 'Array<string>'\n * ```\n */\nexport function sanitizeString(input: string): string {\n\treturn stripDangerousTags(stripControlChars(input));\n}\n"],"names":["DANGEROUS_TAG_REGEX","CONTROL_CHAR_REGEX","stripDangerousTags","input","stripControlChars","sanitizeString"],"mappings":"AAgBA,MAAMA,sBACL;AAOD,MAAMC,qBAAqB;AAmBpB,SAASC,mBAAmBC,KAAa;IAC/C,OAAOA,MAAM,OAAO,CAACH,qBAAqB;AAC3C;AAkBO,SAASI,kBAAkBD,KAAa;IAC9C,OAAOA,MAAM,OAAO,CAACF,oBAAoB;AAC1C;AAkBO,SAASI,eAAeF,KAAa;IAC3C,OAAOD,mBAAmBE,kBAAkBD;AAC7C"}
+{"version":3,"file":"sanitize.js","sources":["../src/sanitize.ts"],"sourcesContent":["/**\n * Input sanitization for the sequential thinking MCP tool.\n *\n * Provides pure functions for stripping dangerous content from free-text fields.\n * Uses a targeted blocklist approach: only removes HTML tags that can execute code,\n * while preserving generic angle-bracket content like TypeScript generics (`Array<string>`),\n * mathematical comparisons (`x < 5`), and markdown formatting.\n *\n * @module sanitize\n */\n\n/**\n * Regex matching dangerous HTML tags that can execute JavaScript or load external resources.\n * Targets: script, iframe, img, style, svg, embed, object, link, meta, base, form.\n * Preserves: `Array<string>`, `x < 5 && y > 3`, `<details>`, `<code>`, `<pre>`, etc.\n */\nconst DANGEROUS_TAG_REGEX =\n\t/<\\/?(script|iframe|img|style|svg|embed|object|link|meta|base|form)(\\s[^>]*)?\\s*\\/?>/gi;\n\n/**\n * Null bytes and C0 control characters (except tab \\t, newline \\n, carriage return \\r).\n * These can cause truncation in C bindings, file I/O, and some databases.\n */\n// eslint-disable-next-line no-control-regex -- intentional: matches C0 control chars to strip them\nconst CONTROL_CHAR_REGEX = /[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F]/g;\n\n/**\n * Strip dangerous HTML tags that can execute JavaScript or load external resources.\n *\n * Uses a targeted blocklist to remove only tags known to be dangerous (script, iframe,\n * img, style, svg, embed, object, link, meta, base, form) while preserving safe\n * angle-bracket content like TypeScript generics and mathematical comparisons.\n *\n * @param input - The string to sanitize\n * @returns The input with dangerous HTML tags removed\n *\n * @example\n * ```ts\n * stripDangerousTags('<script>alert(1)</script>hello'); // 'hello'\n * stripDangerousTags('Array<string>'); // 'Array<string>' (preserved)\n * stripDangerousTags('x < 5 && y > 3'); // 'x < 5 && y > 3' (preserved)\n * ```\n */\nexport function stripDangerousTags(input: string): string {\n\treturn input.replace(DANGEROUS_TAG_REGEX, '');\n}\n\n/**\n * Strip null bytes and C0 control characters from a string.\n *\n * Removes characters in the range U+0000–U+0008, U+000B, U+000C, U+000E–U+001F.\n * Preserves tab (`\\t`, U+0009), newline (`\\n`, U+000A), and carriage return (`\\r`, U+000D)\n * as these are commonly used in thought content.\n *\n * @param input - The string to sanitize\n * @returns The input with control characters removed\n *\n * @example\n * ```ts\n * stripControlChars('a\\x00b'); // 'ab'\n * stripControlChars('a\\tb\\nc'); // 'a\\tb\\nc' (tab and newline preserved)\n * ```\n */\nexport function stripControlChars(input: string): string {\n\treturn input.replace(CONTROL_CHAR_REGEX, '');\n}\n\n/**\n * Sanitize a string by stripping both control characters and dangerous HTML tags.\n *\n * Composes {@link stripControlChars} and {@link stripDangerousTags} in sequence.\n * Does not trim whitespace — thought content may depend on leading/trailing spaces.\n * Always returns a string, even if the input is empty.\n *\n * @param input - The string to sanitize\n * @returns The fully sanitized string\n *\n * @example\n * ```ts\n * sanitizeString('<script>alert(1)</script>hello\\x00world'); // 'helloworld'\n * sanitizeString('Array<string>\\x00'); // 'Array<string>'\n * ```\n */\nexport function sanitizeString(input: string): string {\n\treturn stripDangerousTags(stripControlChars(input));\n}\n\n\n/**\n * Forbidden object keys that enable prototype pollution.\n * These keys allow attackers to inject properties onto Object.prototype,\n * affecting all subsequent objects in the runtime.\n */\nconst FORBIDDEN_KEYS = new Set(['__proto__', 'constructor', 'prototype']);\n\n/**\n * Default options for {@link enforceJsonShape}.\n */\nconst DEFAULT_MAX_DEPTH = 8;\nconst DEFAULT_MAX_BYTES = 16384;\n\nexport interface EnforceJsonShapeOptions {\n\tmaxDepth?: number;\n\tmaxBytes?: number;\n}\n\nexport class JsonShapeError extends Error {\n\tpublic readonly reason: string;\n\tconstructor(reason: string) {\n\t\tsuper(reason);\n\t\tthis.name = 'JsonShapeError';\n\t\tthis.reason = reason;\n\t}\n}\n\n/**\n * Enforce safety constraints on a JSON-shaped value.\n *\n * Rejects:\n * - Prototype-pollution keys (`__proto__`, `constructor`, `prototype`) at any depth\n * - Nesting deeper than `maxDepth` (default 8)\n * - Serialized JSON byte length exceeding `maxBytes` (default 16384)\n * - Functions, symbols, and other non-JSON-safe values\n *\n * Used as a defense-in-depth gate for untrusted structured input such as\n * `tool_arguments` from an LLM.\n *\n * @param value - The value to validate\n * @param opts - Optional limits\n * @throws {JsonShapeError} when any constraint is violated\n *\n * @example\n * ```ts\n * enforceJsonShape({ q: 'hello' }); // ok\n * enforceJsonShape({ __proto__: { polluted: true } }); // throws\n * enforceJsonShape({ a: { b: { c: { d: { e: { f: { g: { h: { i: 1 } } } } } } } } }); // throws (depth)\n * ```\n */\nexport function enforceJsonShape(value: unknown, opts: EnforceJsonShapeOptions = {}): void {\n\tconst maxDepth = opts.maxDepth ?? DEFAULT_MAX_DEPTH;\n\tconst maxBytes = opts.maxBytes ?? DEFAULT_MAX_BYTES;\n\n\tconst seen = new WeakSet<object>();\n\n\tconst walk = (node: unknown, depth: number): void => {\n\t\tif (depth > maxDepth) {\n\t\t\tthrow new JsonShapeError(`exceeds max depth of ${maxDepth}`);\n\t\t}\n\t\tif (node === null) return;\n\t\tconst type = typeof node;\n\t\tif (type === 'string' || type === 'number' || type === 'boolean') return;\n\t\tif (type === 'undefined') return;\n\t\tif (type === 'function' || type === 'symbol' || type === 'bigint') {\n\t\t\tthrow new JsonShapeError(`unsupported value type '${type}'`);\n\t\t}\n\t\tif (type !== 'object') {\n\t\t\tthrow new JsonShapeError(`unsupported value type '${type}'`);\n\t\t}\n\t\tconst obj = node as object;\n\t\tif (seen.has(obj)) {\n\t\t\tthrow new JsonShapeError('circular reference detected');\n\t\t}\n\t\tseen.add(obj);\n\n\t\tif (Array.isArray(node)) {\n\t\t\tfor (const item of node) walk(item, depth + 1);\n\t\t\treturn;\n\t\t}\n\n\t\tfor (const key of Object.keys(obj)) {\n\t\t\tif (FORBIDDEN_KEYS.has(key)) {\n\t\t\t\tthrow new JsonShapeError(`forbidden key '${key}'`);\n\t\t\t}\n\t\t\twalk((obj as Record<string, unknown>)[key], depth + 1);\n\t\t}\n\t};\n\n\twalk(value, 0);\n\n\tlet serialized: string;\n\ttry {\n\t\tserialized = JSON.stringify(value);\n\t} catch {\n\t\tthrow new JsonShapeError('value is not JSON-serializable');\n\t}\n\tif (serialized === undefined) return;\n\tconst bytes = Buffer.byteLength(serialized, 'utf8');\n\tif (bytes > maxBytes) {\n\t\tthrow new JsonShapeError(`exceeds max serialized size of ${maxBytes} bytes (got ${bytes})`);\n\t}\n}\n\n/**\n * Urgency/imperative phrases that could be used for prompt injection.\n * Matched case-insensitively and replaced with [redacted-urgency].\n */\nconst URGENCY_PHRASES =\n\t/\\b(URGENT(?:LY)?|IMMEDIATELY|MUST\\s+RUN|CRITICAL:|ACTION\\s+REQUIRED|DO\\s+NOT\\s+IGNORE|EXECUTE\\s+NOW|RUN\\s+THIS\\s+NOW)/gi;\n\n/**\n * Maximum allowed length for rationale strings.\n */\nconst MAX_RATIONALE_LENGTH = 2000;\n\n/**\n * Sanitize a rationale string by stripping urgency phrases, capping length,\n * and applying standard string sanitization.\n *\n * Applied to `recommended_tools[].rationale` and `recommended_skills[].rationale`\n * to prevent prompt-injection via urgency language.\n *\n * @param input - The rationale string to sanitize\n * @param truncated - Optional object to receive truncation signal (sets `.value = true` if truncated)\n * @returns The sanitized rationale\n *\n * @example\n * ```ts\n * sanitizeRationale('URGENT: run this now'); // '[redacted-urgency] run this now'\n * sanitizeRationale('Best for web search'); // 'Best for web search' (unchanged)\n * ```\n */\nexport function sanitizeRationale(input: string, truncated?: { value: boolean }): string {\n\tlet result = sanitizeString(input);\n\tresult = result.replace(URGENCY_PHRASES, '[redacted-urgency]');\n\tif (result.length > MAX_RATIONALE_LENGTH) {\n\t\tresult = result.slice(0, MAX_RATIONALE_LENGTH);\n\t\tif (truncated) truncated.value = true;\n\t}\n\treturn result;\n}\n\n/**\n * Maximum number of keys allowed in suggested_inputs.\n */\nconst MAX_SUGGESTED_INPUTS_KEYS = 32;\n\n/**\n * Maximum string value length in suggested_inputs.\n */\nconst MAX_SUGGESTED_INPUT_VALUE_LENGTH = 512;\n\n/**\n * Sanitize suggested_inputs: cap string value lengths, strip control chars and dangerous tags.\n *\n * Only processes flat primitive values (string | number | boolean | null).\n * Non-primitive values (nested objects, arrays) are silently skipped — schema validation\n * is expected to reject them upstream.\n *\n * @param inputs - The suggested_inputs record to sanitize\n * @returns The sanitized record with cleaned string values\n * @throws {Error} if string value exceeds max length, or if more than 32 keys are present\n *\n * @example\n * ```ts\n * sanitizeSuggestedInputs({ url: 'x', limit: 5 }); // { url: 'x', limit: 5 }\n * sanitizeSuggestedInputs({ url: '<script>alert(1)</script>' }); // { url: 'alert(1)' }\n * ```\n */\nexport function sanitizeSuggestedInputs(\n\tinputs: Record<string, unknown>,\n): Record<string, string | number | boolean | null> {\n\tconst keys = Object.keys(inputs);\n\tif (keys.length > MAX_SUGGESTED_INPUTS_KEYS) {\n\t\tthrow new Error(\n\t\t\t`suggested_inputs exceeds max keys of ${MAX_SUGGESTED_INPUTS_KEYS} (got ${keys.length})`,\n\t\t);\n\t}\n\tconst result: Record<string, string | number | boolean | null> = {};\n\tfor (const key of keys) {\n\t\tconst value = inputs[key];\n\t\tif (typeof value === 'string') {\n\t\t\tif (value.length > MAX_SUGGESTED_INPUT_VALUE_LENGTH) {\n\t\t\t\tthrow new Error(\n\t\t\t\t\t`suggested_inputs value for key '${key}' exceeds max length of ${MAX_SUGGESTED_INPUT_VALUE_LENGTH}`,\n\t\t\t\t);\n\t\t\t}\n\t\t\tresult[key] = sanitizeString(value);\n\t\t} else if (typeof value === 'number' || typeof value === 'boolean' || value === null) {\n\t\t\tresult[key] = value;\n\t\t}\n\t\t// Skip other types (shouldn't reach here if schema validates first)\n\t}\n\treturn result;\n}"],"names":["DANGEROUS_TAG_REGEX","CONTROL_CHAR_REGEX","stripDangerousTags","input","stripControlChars","sanitizeString","FORBIDDEN_KEYS","Set","DEFAULT_MAX_DEPTH","DEFAULT_MAX_BYTES","JsonShapeError","Error","reason","enforceJsonShape","value","opts","maxDepth","maxBytes","seen","WeakSet","walk","node","depth","type","obj","Array","item","key","Object","serialized","JSON","undefined","bytes","Buffer","URGENCY_PHRASES","MAX_RATIONALE_LENGTH","sanitizeRationale","truncated","result","MAX_SUGGESTED_INPUTS_KEYS","MAX_SUGGESTED_INPUT_VALUE_LENGTH","sanitizeSuggestedInputs","inputs","keys"],"mappings":"AAgBA,MAAMA,sBACL;AAOD,MAAMC,qBAAqB;AAmBpB,SAASC,mBAAmBC,KAAa;IAC/C,OAAOA,MAAM,OAAO,CAACH,qBAAqB;AAC3C;AAkBO,SAASI,kBAAkBD,KAAa;IAC9C,OAAOA,MAAM,OAAO,CAACF,oBAAoB;AAC1C;AAkBO,SAASI,eAAeF,KAAa;IAC3C,OAAOD,mBAAmBE,kBAAkBD;AAC7C;AAQA,MAAMG,iBAAiB,IAAIC,IAAI;IAAC;IAAa;IAAe;CAAY;AAKxE,MAAMC,oBAAoB;AAC1B,MAAMC,oBAAoB;AAOnB,MAAMC,uBAAuBC;IACnB,OAAe;IAC/B,YAAYC,MAAc,CAAE;QAC3B,KAAK,CAACA;QACN,IAAI,CAAC,IAAI,GAAG;QACZ,IAAI,CAAC,MAAM,GAAGA;IACf;AACD;AAyBO,SAASC,iBAAiBC,KAAc,EAAEC,OAAgC,CAAC,CAAC;IAClF,MAAMC,WAAWD,KAAK,QAAQ,IAAIP;IAClC,MAAMS,WAAWF,KAAK,QAAQ,IAAIN;IAElC,MAAMS,OAAO,IAAIC;IAEjB,MAAMC,OAAO,CAACC,MAAeC;QAC5B,IAAIA,QAAQN,UACX,MAAM,IAAIN,eAAe,CAAC,qBAAqB,EAAEM,UAAU;QAE5D,IAAIK,AAAS,SAATA,MAAe;QACnB,MAAME,OAAO,OAAOF;QACpB,IAAIE,AAAS,aAATA,QAAqBA,AAAS,aAATA,QAAqBA,AAAS,cAATA,MAAoB;QAClE,IAAIA,AAAS,gBAATA,MAAsB;QAC1B,IAAIA,AAAS,eAATA,QAAuBA,AAAS,aAATA,QAAqBA,AAAS,aAATA,MAC/C,MAAM,IAAIb,eAAe,CAAC,wBAAwB,EAAEa,KAAK,CAAC,CAAC;QAE5D,IAAIA,AAAS,aAATA,MACH,MAAM,IAAIb,eAAe,CAAC,wBAAwB,EAAEa,KAAK,CAAC,CAAC;QAE5D,MAAMC,MAAMH;QACZ,IAAIH,KAAK,GAAG,CAACM,MACZ,MAAM,IAAId,eAAe;QAE1BQ,KAAK,GAAG,CAACM;QAET,IAAIC,MAAM,OAAO,CAACJ,OAAO;YACxB,KAAK,MAAMK,QAAQL,KAAMD,KAAKM,MAAMJ,QAAQ;YAC5C;QACD;QAEA,KAAK,MAAMK,OAAOC,OAAO,IAAI,CAACJ,KAAM;YACnC,IAAIlB,eAAe,GAAG,CAACqB,MACtB,MAAM,IAAIjB,eAAe,CAAC,eAAe,EAAEiB,IAAI,CAAC,CAAC;YAElDP,KAAMI,GAA+B,CAACG,IAAI,EAAEL,QAAQ;QACrD;IACD;IAEAF,KAAKN,OAAO;IAEZ,IAAIe;IACJ,IAAI;QACHA,aAAaC,KAAK,SAAS,CAAChB;IAC7B,EAAE,OAAM;QACP,MAAM,IAAIJ,eAAe;IAC1B;IACA,IAAImB,AAAeE,WAAfF,YAA0B;IAC9B,MAAMG,QAAQC,OAAO,UAAU,CAACJ,YAAY;IAC5C,IAAIG,QAAQf,UACX,MAAM,IAAIP,eAAe,CAAC,+BAA+B,EAAEO,SAAS,YAAY,EAAEe,MAAM,CAAC,CAAC;AAE5F;AAMA,MAAME,kBACL;AAKD,MAAMC,uBAAuB;AAmBtB,SAASC,kBAAkBjC,KAAa,EAAEkC,SAA8B;IAC9E,IAAIC,SAASjC,eAAeF;IAC5BmC,SAASA,OAAO,OAAO,CAACJ,iBAAiB;IACzC,IAAII,OAAO,MAAM,GAAGH,sBAAsB;QACzCG,SAASA,OAAO,KAAK,CAAC,GAAGH;QACzB,IAAIE,WAAWA,UAAU,KAAK,GAAG;IAClC;IACA,OAAOC;AACR;AAKA,MAAMC,4BAA4B;AAKlC,MAAMC,mCAAmC;AAmBlC,SAASC,wBACfC,MAA+B;IAE/B,MAAMC,OAAOf,OAAO,IAAI,CAACc;IACzB,IAAIC,KAAK,MAAM,GAAGJ,2BACjB,MAAM,IAAI5B,MACT,CAAC,qCAAqC,EAAE4B,0BAA0B,MAAM,EAAEI,KAAK,MAAM,CAAC,CAAC,CAAC;IAG1F,MAAML,SAA2D,CAAC;IAClE,KAAK,MAAMX,OAAOgB,KAAM;QACvB,MAAM7B,QAAQ4B,MAAM,CAACf,IAAI;QACzB,IAAI,AAAiB,YAAjB,OAAOb,OAAoB;YAC9B,IAAIA,MAAM,MAAM,GAAG0B,kCAClB,MAAM,IAAI7B,MACT,CAAC,gCAAgC,EAAEgB,IAAI,wBAAwB,EAAEa,kCAAkC;YAGrGF,MAAM,CAACX,IAAI,GAAGtB,eAAeS;QAC9B,OAAO,IAAI,AAAiB,YAAjB,OAAOA,SAAsB,AAAiB,aAAjB,OAAOA,SAAuBA,AAAU,SAAVA,OACrEwB,MAAM,CAACX,IAAI,GAAGb;IAGhB;IACA,OAAOwB;AACR"}

package/dist/schema.d.ts

@@ -58,11 +58,11 @@ import type { Tool } from './types/tool.js';
 export declare const ToolRecommendationSchema: v.ObjectSchema<{
     readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
     readonly confidence: v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation">]>;
-    readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
+    readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
     readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-    readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-        [x: string]: unknown;
-    }, "Optional suggested parameters">]>, undefined>;
+    readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+        [x: string]: string | number | boolean | null;
+    }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
     readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
 }, undefined>;
 /**
@@ -94,7 +94,7 @@ export declare const ToolRecommendationSchema: v.ObjectSchema<{
 export declare const SkillRecommendationSchema: v.ObjectSchema<{
     readonly skill_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the skill being recommended">]>;
     readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
-    readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
+    readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
     readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
     readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative skills that could be used">]>, undefined>;
     readonly allowed_tools: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Tools this skill is allowed to use (from skill frontmatter)">]>, undefined>;
@@ -127,11 +127,11 @@ export declare const StepRecommendationSchema: v.ObjectSchema<{
     readonly recommended_tools: v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
         readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
         readonly confidence: v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation">]>;
-        readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
+        readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
         readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-        readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-            [x: string]: unknown;
-        }, "Optional suggested parameters">]>, undefined>;
+        readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+            [x: string]: string | number | boolean | null;
+        }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
         readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
     }, undefined>, undefined>, v.DescriptionAction<{
         tool_name: string;
@@ -139,14 +139,14 @@ export declare const StepRecommendationSchema: v.ObjectSchema<{
         rationale: string;
         priority?: number | undefined;
         suggested_inputs?: {
-            [x: string]: unknown;
+            [x: string]: string | number | boolean | null;
         } | undefined;
         alternatives?: string[] | undefined;
     }[], "Tools recommended for this step">]>;
     readonly recommended_skills: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
         readonly skill_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the skill being recommended">]>;
         readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
-        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
+        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
         readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
         readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative skills that could be used">]>, undefined>;
         readonly allowed_tools: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Tools this skill is allowed to use (from skill frontmatter)">]>, undefined>;
@@ -199,12 +199,12 @@ export declare const StepRecommendationSchema: v.ObjectSchema<{
  */
 export declare const PartialToolRecommendationSchema: v.ObjectSchema<{
     readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
-    readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
+    readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
     readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
     readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-    readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-        [x: string]: unknown;
-    }, "Optional suggested parameters">]>, undefined>;
+    readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+        [x: string]: string | number | boolean | null;
+    }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
     readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
 }, undefined>;
 /**
@@ -248,12 +248,12 @@ export declare const PartialStepRecommendationSchema: v.ObjectSchema<{
     readonly step_description: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "What needs to be done">]>;
     readonly recommended_tools: v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
         readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
-        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
+        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
         readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
         readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-        readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-            [x: string]: unknown;
-        }, "Optional suggested parameters">]>, undefined>;
+        readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+            [x: string]: string | number | boolean | null;
+        }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
         readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
     }, undefined>, undefined>, v.DescriptionAction<{
         tool_name: string;
@@ -261,14 +261,14 @@ export declare const PartialStepRecommendationSchema: v.ObjectSchema<{
         confidence?: number | undefined;
         priority?: number | undefined;
         suggested_inputs?: {
-            [x: string]: unknown;
+            [x: string]: string | number | boolean | null;
         } | undefined;
         alternatives?: string[] | undefined;
     }[], "Tools recommended for this step">]>;
     readonly recommended_skills: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
         readonly skill_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the skill being recommended">]>;
         readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
-        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
+        readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
         readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
         readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative skills that could be used">]>, undefined>;
         readonly allowed_tools: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Tools this skill is allowed to use (from skill frontmatter)">]>, undefined>;
@@ -344,11 +344,11 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
         readonly recommended_tools: v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
             readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
             readonly confidence: v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation">]>;
-            readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
+            readonly rationale: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended">]>;
             readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-            readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-                [x: string]: unknown;
-            }, "Optional suggested parameters">]>, undefined>;
+            readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+                [x: string]: string | number | boolean | null;
+            }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
             readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
         }, undefined>, undefined>, v.DescriptionAction<{
             tool_name: string;
@@ -356,14 +356,14 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
             rationale: string;
             priority?: number | undefined;
             suggested_inputs?: {
-                [x: string]: unknown;
+                [x: string]: string | number | boolean | null;
             } | undefined;
             alternatives?: string[] | undefined;
         }[], "Tools recommended for this step">]>;
         readonly recommended_skills: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
             readonly skill_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the skill being recommended">]>;
             readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
-            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
+            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
             readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
             readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative skills that could be used">]>, undefined>;
             readonly allowed_tools: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Tools this skill is allowed to use (from skill frontmatter)">]>, undefined>;
@@ -387,7 +387,7 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
             rationale: string;
             priority?: number | undefined;
             suggested_inputs?: {
-                [x: string]: unknown;
+                [x: string]: string | number | boolean | null;
             } | undefined;
             alternatives?: string[] | undefined;
         }[];
@@ -407,12 +407,12 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
         readonly step_description: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "What needs to be done">]>;
         readonly recommended_tools: v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
             readonly tool_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the tool being recommended">]>;
-            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
+            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this tool is recommended (default: empty string)">]>, undefined>;
             readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
             readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
-            readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnknownSchema, undefined>, v.DescriptionAction<{
-                [x: string]: unknown;
-            }, "Optional suggested parameters">]>, undefined>;
+            readonly suggested_inputs: v.OptionalSchema<v.SchemaWithPipe<readonly [v.RecordSchema<v.StringSchema<undefined>, v.UnionSchema<[v.StringSchema<undefined>, v.NumberSchema<undefined>, v.BooleanSchema<undefined>, v.NullSchema<undefined>], undefined>, undefined>, v.DescriptionAction<{
+                [x: string]: string | number | boolean | null;
+            }, "Optional suggested parameters (flat key-value pairs only)">]>, undefined>;
             readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative tools that could be used">]>, undefined>;
         }, undefined>, undefined>, v.DescriptionAction<{
             tool_name: string;
@@ -420,14 +420,14 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
             confidence?: number | undefined;
             priority?: number | undefined;
             suggested_inputs?: {
-                [x: string]: unknown;
+                [x: string]: string | number | boolean | null;
             } | undefined;
             alternatives?: string[] | undefined;
         }[], "Tools recommended for this step">]>;
         readonly recommended_skills: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.ObjectSchema<{
             readonly skill_name: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Name of the skill being recommended">]>;
             readonly confidence: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.MinValueAction<number, 0, undefined>, v.MaxValueAction<number, 1, undefined>, v.DescriptionAction<number, "0-1 indicating confidence in recommendation (default: 0.5)">]>, undefined>;
-            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
+            readonly rationale: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MaxLengthAction<string, 2000, undefined>, v.DescriptionAction<string, "Why this skill is recommended (default: empty string)">]>, undefined>;
             readonly priority: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.DescriptionAction<number, "Order in the recommendation sequence (default: 999)">]>, undefined>;
             readonly alternatives: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Alternative skills that could be used">]>, undefined>;
             readonly allowed_tools: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.DescriptionAction<string[], "Tools this skill is allowed to use (from skill frontmatter)">]>, undefined>;
@@ -451,7 +451,7 @@ export declare const SequentialThinkingSchema: v.ObjectSchema<{
             confidence?: number | undefined;
             priority?: number | undefined;
             suggested_inputs?: {
-                [x: string]: unknown;
+                [x: string]: string | number | boolean | null;
             } | undefined;
             alternatives?: string[] | undefined;
         }[];

package/dist/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAC7B,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAiH5C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;aAkBnC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;aA4BpC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAanC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,eAAO,MAAM,+BAA+B;;;;;;;;;aAsB1C,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAe1C,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aA0LnC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,wBAAwB,EAAE,IAItC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;aAmB/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,kWASW,CAAC;AAEvC;;GAEG;AACH,eAAO,MAAM,UAAU;;;;;;;;aAQmH,CAAC"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../src/schema.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAC7B,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAiH5C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;aAqBnC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;aA4BpC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAanC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AACH,eAAO,MAAM,+BAA+B;;;;;;;;;aAyB1C,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,eAAO,MAAM,+BAA+B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aAe1C,CAAC;AAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aA0LnC,CAAC;AAEH;;;;;;;;;;;;;;;;;;;GAmBG;AACH,eAAO,MAAM,wBAAwB,EAAE,IAItC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;aAmB/B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,cAAc,kWASW,CAAC;AAEvC;;GAEG;AACH,eAAO,MAAM,UAAU;;;;;;;;aAQmH,CAAC"}

package/dist/schema.js

@@ -106,15 +106,20 @@ You should:
 const ToolRecommendationSchema = __rspack_external_valibot.object({
     tool_name: __rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Name of the tool being recommended')),
     confidence: __rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.minValue(0), __rspack_external_valibot.maxValue(1), __rspack_external_valibot.description('0-1 indicating confidence in recommendation')),
-    rationale: __rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Why this tool is recommended')),
+    rationale: __rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.maxLength(2000), __rspack_external_valibot.description('Why this tool is recommended')),
     priority: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.description('Order in the recommendation sequence (default: 999)'))),
-    suggested_inputs: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.record(__rspack_external_valibot.string(), __rspack_external_valibot.unknown()), __rspack_external_valibot.description('Optional suggested parameters'))),
+    suggested_inputs: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.record(__rspack_external_valibot.string(), __rspack_external_valibot.union([
+        __rspack_external_valibot.string(),
+        __rspack_external_valibot.number(),
+        __rspack_external_valibot.boolean(),
+        __rspack_external_valibot["null"]()
+    ])), __rspack_external_valibot.description('Optional suggested parameters (flat key-value pairs only)'))),
     alternatives: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.array(__rspack_external_valibot.string()), __rspack_external_valibot.description('Alternative tools that could be used')))
 });
 const SkillRecommendationSchema = __rspack_external_valibot.object({
     skill_name: __rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Name of the skill being recommended')),
     confidence: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.minValue(0), __rspack_external_valibot.maxValue(1), __rspack_external_valibot.description('0-1 indicating confidence in recommendation (default: 0.5)'))),
-    rationale: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Why this skill is recommended (default: empty string)'))),
+    rationale: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.maxLength(2000), __rspack_external_valibot.description('Why this skill is recommended (default: empty string)'))),
     priority: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.description('Order in the recommendation sequence (default: 999)'))),
     alternatives: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.array(__rspack_external_valibot.string()), __rspack_external_valibot.description('Alternative skills that could be used'))),
     allowed_tools: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.array(__rspack_external_valibot.string()), __rspack_external_valibot.description('Tools this skill is allowed to use (from skill frontmatter)'))),
@@ -129,10 +134,15 @@ const StepRecommendationSchema = __rspack_external_valibot.object({
 });
 const PartialToolRecommendationSchema = __rspack_external_valibot.object({
     tool_name: __rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Name of the tool being recommended')),
-    rationale: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.description('Why this tool is recommended (default: empty string)'))),
+    rationale: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.string(), __rspack_external_valibot.maxLength(2000), __rspack_external_valibot.description('Why this tool is recommended (default: empty string)'))),
     confidence: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.minValue(0), __rspack_external_valibot.maxValue(1), __rspack_external_valibot.description('0-1 indicating confidence in recommendation (default: 0.5)'))),
     priority: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.number(), __rspack_external_valibot.description('Order in the recommendation sequence (default: 999)'))),
-    suggested_inputs: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.record(__rspack_external_valibot.string(), __rspack_external_valibot.unknown()), __rspack_external_valibot.description('Optional suggested parameters'))),
+    suggested_inputs: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.record(__rspack_external_valibot.string(), __rspack_external_valibot.union([
+        __rspack_external_valibot.string(),
+        __rspack_external_valibot.number(),
+        __rspack_external_valibot.boolean(),
+        __rspack_external_valibot["null"]()
+    ])), __rspack_external_valibot.description('Optional suggested parameters (flat key-value pairs only)'))),
     alternatives: __rspack_external_valibot.optional(__rspack_external_valibot.pipe(__rspack_external_valibot.array(__rspack_external_valibot.string()), __rspack_external_valibot.description('Alternative tools that could be used')))
 });
 const PartialStepRecommendationSchema = __rspack_external_valibot.object({