npm - web-agent-bridge - Versions diffs - 3.0.0 → 3.2.0 - Mend

web-agent-bridge 3.0.0 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/LICENSE +51 -0
package/README.ar.md +79 -0
package/README.md +104 -4
package/package.json +2 -1
package/public/.well-known/ai-plugin.json +28 -0
package/public/agent-workspace.html +3 -1
package/public/ai.html +5 -3
package/public/api.html +412 -0
package/public/browser.html +4 -2
package/public/cookies.html +4 -2
package/public/dashboard.html +5 -3
package/public/demo.html +1770 -1
package/public/docs.html +6 -4
package/public/growth.html +463 -0
package/public/index.html +982 -738
package/public/llms-full.txt +52 -1
package/public/llms.txt +39 -0
package/public/login.html +6 -4
package/public/premium-dashboard.html +7 -5
package/public/premium.html +6 -4
package/public/privacy.html +4 -2
package/public/register.html +6 -4
package/public/score.html +263 -0
package/public/terms.html +4 -2
package/sdk/index.js +7 -1
package/sdk/package.json +12 -1
package/server/index.js +427 -375
package/server/middleware/rateLimits.js +3 -3
package/server/migrations/006_growth_suite.sql +138 -0
package/server/routes/agent-workspace.js +162 -0
package/server/routes/demo-showcase.js +332 -0
package/server/routes/discovery.js +18 -7
package/server/routes/gateway.js +157 -0
package/server/routes/growth.js +962 -0
package/server/routes/universal.js +9 -1
package/server/routes/wab-api.js +16 -6
package/server/services/api-key-engine.js +261 -0
package/server/services/lfd.js +22 -3
package/server/services/modules/affiliate-intelligence.js +93 -0
package/server/services/modules/agent-firewall.js +90 -0
package/server/services/modules/bounty.js +89 -0
package/server/services/modules/collective-bargaining.js +92 -0
package/server/services/modules/dark-pattern.js +66 -0
package/server/services/modules/gov-intelligence.js +45 -0
package/server/services/modules/neural.js +55 -0
package/server/services/modules/notary.js +49 -0
package/server/services/modules/price-time-machine.js +86 -0
package/server/services/modules/protocol.js +104 -0
package/server/services/premium.js +1 -1
package/server/services/price-intelligence.js +2 -1
package/server/services/vision.js +2 -2

package/server/middleware/rateLimits.js CHANGED Viewed

@@ -16,7 +16,7 @@ const authLimiter = rateLimit({
 const registerLimiter = rateLimit({
   windowMs: 60 * 60 * 1000,
-  max: 5,
+  max: 20,
   standardHeaders: true,
   legacyHeaders: false,
   message: { error: 'Too many registration attempts, please try again later' }
@@ -43,7 +43,7 @@ const wabAuthenticateLimiter = rateLimit({
 const wabActionLimiter = rateLimit({
   windowMs: 60 * 1000,
-  max: 60,
+  max: 300,
   standardHeaders: true,
   legacyHeaders: false,
   keyGenerator: (req) => `${req.ip}:${req.wabSession?.siteId || 'anon'}`,
@@ -54,7 +54,7 @@ const wabActionLimiter = rateLimit({
 const apiLimiter = rateLimit({
   windowMs: 60 * 1000,
-  max: 100,
+  max: 300,
   standardHeaders: true,
   legacyHeaders: false,
   message: { error: 'Too many requests, please try again later' }

package/server/migrations/006_growth_suite.sql ADDED Viewed

@@ -0,0 +1,138 @@
+-- Growth Suite v2.5 — Tables for Bounty, Score, Data Marketplace,
+-- Email Protection, Affiliate Intelligence, Trust Layer
+-- ═══ Bounty Network ═══
+CREATE TABLE IF NOT EXISTS bounty_reporters (
+  id TEXT PRIMARY KEY,
+  user_id TEXT,
+  token TEXT UNIQUE NOT NULL,
+  display_name TEXT NOT NULL DEFAULT 'Anonymous',
+  credits INTEGER DEFAULT 0,
+  total_reports INTEGER DEFAULT 0,
+  verified_reports INTEGER DEFAULT 0,
+  created_at TEXT DEFAULT (datetime('now')),
+  FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL
+);
+CREATE INDEX IF NOT EXISTS idx_bounty_reporters_token ON bounty_reporters(token);
+CREATE INDEX IF NOT EXISTS idx_bounty_reporters_user ON bounty_reporters(user_id);
+CREATE TABLE IF NOT EXISTS bounties (
+  id TEXT PRIMARY KEY,
+  reporter_id TEXT NOT NULL,
+  url TEXT NOT NULL,
+  fingerprint TEXT NOT NULL,
+  category TEXT DEFAULT 'phishing',
+  description TEXT,
+  evidence TEXT,
+  status TEXT DEFAULT 'PENDING' CHECK(status IN ('PENDING','VERIFIED','REJECTED','DUPLICATE')),
+  reward_tier TEXT,
+  credits_awarded INTEGER DEFAULT 0,
+  scan_result TEXT,
+  submitted_at TEXT DEFAULT (datetime('now')),
+  verified_at TEXT,
+  FOREIGN KEY (reporter_id) REFERENCES bounty_reporters(id) ON DELETE CASCADE
+);
+CREATE INDEX IF NOT EXISTS idx_bounties_fingerprint ON bounties(fingerprint);
+CREATE INDEX IF NOT EXISTS idx_bounties_reporter ON bounties(reporter_id);
+CREATE INDEX IF NOT EXISTS idx_bounties_status ON bounties(status);
+-- ═══ WAB Score Cache ═══
+CREATE TABLE IF NOT EXISTS wab_scores (
+  domain TEXT PRIMARY KEY,
+  overall_score INTEGER DEFAULT 0,
+  fairness_score INTEGER DEFAULT 0,
+  security_score INTEGER DEFAULT 0,
+  grade TEXT,
+  grade_label TEXT,
+  details TEXT DEFAULT '{}',
+  computed_at TEXT DEFAULT (datetime('now')),
+  expires_at TEXT
+);
+CREATE INDEX IF NOT EXISTS idx_wab_scores_grade ON wab_scores(grade);
+-- ═══ Trust Layer ═══
+CREATE TABLE IF NOT EXISTS trust_manifests (
+  domain TEXT PRIMARY KEY,
+  manifest TEXT NOT NULL,
+  verified INTEGER DEFAULT 0,
+  verification_result TEXT DEFAULT '{}',
+  last_verified_at TEXT,
+  registered_at TEXT DEFAULT (datetime('now'))
+);
+-- ═══ Data Marketplace ═══
+CREATE TABLE IF NOT EXISTS datasets (
+  id TEXT PRIMARY KEY,
+  category TEXT NOT NULL,
+  title TEXT NOT NULL,
+  description TEXT,
+  record_count INTEGER DEFAULT 0,
+  format TEXT DEFAULT 'json',
+  price_base REAL DEFAULT 0,
+  sample_data TEXT,
+  metadata TEXT DEFAULT '{}',
+  active INTEGER DEFAULT 1,
+  created_at TEXT DEFAULT (datetime('now')),
+  updated_at TEXT DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_datasets_category ON datasets(category);
+CREATE TABLE IF NOT EXISTS dataset_purchases (
+  id TEXT PRIMARY KEY,
+  user_id TEXT,
+  dataset_id TEXT NOT NULL,
+  license_type TEXT DEFAULT 'RESEARCH',
+  price_paid REAL DEFAULT 0,
+  status TEXT DEFAULT 'completed',
+  purchased_at TEXT DEFAULT (datetime('now')),
+  FOREIGN KEY (dataset_id) REFERENCES datasets(id) ON DELETE CASCADE
+);
+-- ═══ Email Scan Log ═══
+CREATE TABLE IF NOT EXISTS email_scans (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  sender_domain TEXT,
+  urls_found INTEGER DEFAULT 0,
+  critical_count INTEGER DEFAULT 0,
+  warning_count INTEGER DEFAULT 0,
+  overall_risk TEXT DEFAULT 'SAFE',
+  risk_score INTEGER DEFAULT 0,
+  scanned_at TEXT DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_email_scans_risk ON email_scans(overall_risk);
+-- ═══ Affiliate Intelligence ═══
+CREATE TABLE IF NOT EXISTS affiliate_reports (
+  id TEXT PRIMARY KEY,
+  network_id TEXT NOT NULL,
+  risk_level TEXT DEFAULT 'LOW',
+  fraud_types TEXT DEFAULT '[]',
+  trust_score INTEGER DEFAULT 100,
+  details TEXT DEFAULT '{}',
+  analyzed_at TEXT DEFAULT (datetime('now'))
+);
+CREATE INDEX IF NOT EXISTS idx_affiliate_reports_network ON affiliate_reports(network_id);
+-- ═══ Seed: Default Datasets ═══
+INSERT OR IGNORE INTO datasets (id, category, title, description, record_count, format, price_base, sample_data)
+VALUES
+  ('ds-threat-intel', 'THREAT_INTEL', 'Real-Time Threat Intelligence Feed',
+   'Live phishing, malware, and scam URL data aggregated from 47 threat databases. Updated continuously with sub-minute latency.',
+   2847000, 'jsonl', 49.99,
+   '[{"url":"http://paypa1-login.xyz","risk":98,"type":"phishing","detected":"2026-04-19"},{"url":"http://free-prize-claim.com","risk":87,"type":"scam","detected":"2026-04-19"}]'),
+  ('ds-platform-fair', 'PLATFORM_FAIR', 'Platform Fairness Scores',
+   'Quarterly transparency scores for 500+ e-commerce marketplaces covering hidden fees, return policies, dark patterns, and seller fairness.',
+   523, 'json', 29.99,
+   '[{"domain":"amazon.com","score":86,"grade":"A-","hidden_fees":false,"dark_patterns":2},{"domain":"aliexpress.com","score":68,"grade":"C+","hidden_fees":true,"dark_patterns":7}]'),
+  ('ds-affiliate-intel', 'AFFILIATE_INTEL', 'Affiliate Intelligence Report',
+   'Commission benchmarks, fraud pattern analysis, and network reliability scores across all major affiliate platforms.',
+   856, 'json', 39.99,
+   '[{"network":"amazon_associates","trust":82,"shaving_risk":"LOW","avg_payout_days":28},{"network":"clickbank","trust":61,"shaving_risk":"MEDIUM","avg_payout_days":45}]'),
+  ('ds-email-threats', 'EMAIL_THREATS', 'Email Phishing Signatures',
+   'Curated database of phishing email patterns, sender reputation data, and URL fingerprints for email security.',
+   1250000, 'jsonl', 59.99,
+   '[{"pattern":"account.*verif","risk":92,"type":"credential_phishing"},{"pattern":"prize.*claim.*now","risk":88,"type":"advance_fee_scam"}]'),
+  ('ds-price-history', 'PRICE_HISTORY', 'E-Commerce Price Trends',
+   'Historical price tracking data for Amazon, eBay, and Alibaba. Ideal for price comparison and deal-finding AI agents.',
+   5400000, 'csv', 79.99,
+   '[{"product":"Sony WH-1000XM5","amazon_price":298,"ebay_price":275,"trend":"dropping"},{"product":"iPad Air M2","amazon_price":599,"ebay_price":569,"trend":"stable"}]');

package/server/routes/agent-workspace.js CHANGED Viewed

@@ -67,11 +67,40 @@ db.exec(`
     created_at TEXT DEFAULT (datetime('now'))
   );
+  CREATE TABLE IF NOT EXISTS workspace_favorites (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    url TEXT NOT NULL,
+    title TEXT DEFAULT '',
+    description TEXT DEFAULT '',
+    favicon TEXT DEFAULT '',
+    folder TEXT DEFAULT 'default',
+    position INTEGER DEFAULT 0,
+    created_at TEXT DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+  );
+  CREATE TABLE IF NOT EXISTS workspace_history (
+    id TEXT PRIMARY KEY,
+    user_id TEXT NOT NULL,
+    url TEXT NOT NULL,
+    title TEXT DEFAULT '',
+    visit_count INTEGER DEFAULT 1,
+    last_visited TEXT DEFAULT (datetime('now')),
+    created_at TEXT DEFAULT (datetime('now')),
+    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+  );
   CREATE INDEX IF NOT EXISTS idx_ws_subs_user ON workspace_subscriptions(user_id);
   CREATE INDEX IF NOT EXISTS idx_ws_sessions_user ON workspace_sessions(user_id);
   CREATE INDEX IF NOT EXISTS idx_ws_deals_user ON workspace_deals(user_id);
   CREATE INDEX IF NOT EXISTS idx_ws_analytics_type ON workspace_analytics(event_type);
   CREATE INDEX IF NOT EXISTS idx_ws_analytics_date ON workspace_analytics(created_at);
+  CREATE INDEX IF NOT EXISTS idx_ws_favorites_user ON workspace_favorites(user_id);
+  CREATE UNIQUE INDEX IF NOT EXISTS idx_ws_favorites_user_url ON workspace_favorites(user_id, url);
+  CREATE INDEX IF NOT EXISTS idx_ws_history_user ON workspace_history(user_id);
+  CREATE INDEX IF NOT EXISTS idx_ws_history_visited ON workspace_history(last_visited);
+  CREATE UNIQUE INDEX IF NOT EXISTS idx_ws_history_user_url ON workspace_history(user_id, url);
 `);
 // ─── Plan Limits ─────────────────────────────────────────────────────
@@ -101,6 +130,26 @@ const stmts = {
   updateDealStatus: db.prepare('UPDATE workspace_deals SET status = ?, completed_at = datetime(\'now\') WHERE id = ?'),
   getUserDeals: db.prepare('SELECT * FROM workspace_deals WHERE user_id = ? ORDER BY created_at DESC LIMIT ?'),
+  // Favorites
+  insertFavorite: db.prepare('INSERT INTO workspace_favorites (id, user_id, url, title, description, favicon, folder, position) VALUES (?, ?, ?, ?, ?, ?, ?, ?)'),
+  getFavorites: db.prepare('SELECT * FROM workspace_favorites WHERE user_id = ? ORDER BY folder, position, created_at DESC'),
+  getFavoritesByFolder: db.prepare('SELECT * FROM workspace_favorites WHERE user_id = ? AND folder = ? ORDER BY position, created_at DESC'),
+  deleteFavorite: db.prepare('DELETE FROM workspace_favorites WHERE id = ? AND user_id = ?'),
+  deleteFavoriteByUrl: db.prepare('DELETE FROM workspace_favorites WHERE user_id = ? AND url = ?'),
+  updateFavorite: db.prepare('UPDATE workspace_favorites SET title = ?, folder = ?, position = ? WHERE id = ? AND user_id = ?'),
+  // History
+  upsertHistory: db.prepare(`INSERT INTO workspace_history (id, user_id, url, title, visit_count, last_visited)
+    VALUES (?, ?, ?, ?, 1, datetime('now'))
+    ON CONFLICT(user_id, url) DO UPDATE SET
+      title = excluded.title,
+      visit_count = visit_count + 1,
+      last_visited = datetime('now')`),
+  getHistory: db.prepare('SELECT * FROM workspace_history WHERE user_id = ? ORDER BY last_visited DESC LIMIT ? OFFSET ?'),
+  searchHistory: db.prepare("SELECT * FROM workspace_history WHERE user_id = ? AND (url LIKE ? OR title LIKE ?) ORDER BY last_visited DESC LIMIT ?"),
+  deleteHistoryItem: db.prepare('DELETE FROM workspace_history WHERE id = ? AND user_id = ?'),
+  clearHistory: db.prepare('DELETE FROM workspace_history WHERE user_id = ?'),
   logEvent: db.prepare('INSERT INTO workspace_analytics (id, user_id, event_type, event_data) VALUES (?, ?, ?, ?)'),
 };
@@ -234,6 +283,119 @@ router.post('/event', authenticateToken, (req, res) => {
   res.json({ ok: true });
 });
+// ─── Favorites API ───────────────────────────────────────────────────
+/**
+ * GET /api/workspace/favorites — Get user's bookmarks
+ */
+router.get('/favorites', authenticateToken, (req, res) => {
+  const folder = req.query.folder;
+  const favorites = folder
+    ? stmts.getFavoritesByFolder.all(req.user.id, folder)
+    : stmts.getFavorites.all(req.user.id);
+  res.json({ favorites });
+});
+/**
+ * POST /api/workspace/favorites — Add a bookmark
+ */
+router.post('/favorites', authenticateToken, (req, res) => {
+  const { url, title, description, favicon, folder } = req.body;
+  if (!url) return res.status(400).json({ error: 'URL is required' });
+  const id = crypto.randomUUID();
+  const maxPos = db.prepare('SELECT MAX(position) as m FROM workspace_favorites WHERE user_id = ? AND folder = ?')
+    .get(req.user.id, folder || 'default');
+  const position = (maxPos?.m || 0) + 1;
+  try {
+    stmts.insertFavorite.run(id, req.user.id, url, title || '', description || '', favicon || '', folder || 'default', position);
+  } catch (e) {
+    if (e.message?.includes('UNIQUE')) return res.status(409).json({ error: 'Already bookmarked' });
+    throw e;
+  }
+  logEvent(req.user.id, 'favorite_added', { url });
+  res.json({ id, url, title, folder: folder || 'default', position });
+});
+/**
+ * PUT /api/workspace/favorites/:id — Update a bookmark
+ */
+router.put('/favorites/:id', authenticateToken, (req, res) => {
+  const { title, folder, position } = req.body;
+  const changes = stmts.updateFavorite.run(title ?? '', folder ?? 'default', position ?? 0, req.params.id, req.user.id);
+  if (!changes.changes) return res.status(404).json({ error: 'Favorite not found' });
+  res.json({ success: true });
+});
+/**
+ * DELETE /api/workspace/favorites/:id — Remove a bookmark by ID
+ */
+router.delete('/favorites/:id', authenticateToken, (req, res) => {
+  const changes = stmts.deleteFavorite.run(req.params.id, req.user.id);
+  if (!changes.changes) return res.status(404).json({ error: 'Favorite not found' });
+  logEvent(req.user.id, 'favorite_removed', { id: req.params.id });
+  res.json({ success: true });
+});
+/**
+ * DELETE /api/workspace/favorites?url=... — Remove a bookmark by URL
+ */
+router.delete('/favorites', authenticateToken, (req, res) => {
+  const { url } = req.query;
+  if (!url) return res.status(400).json({ error: 'URL query parameter required' });
+  const changes = stmts.deleteFavoriteByUrl.run(req.user.id, url);
+  if (!changes.changes) return res.status(404).json({ error: 'Favorite not found' });
+  logEvent(req.user.id, 'favorite_removed', { url });
+  res.json({ success: true });
+});
+// ─── History API ─────────────────────────────────────────────────────
+/**
+ * GET /api/workspace/history — Get browsing history
+ */
+router.get('/history', authenticateToken, (req, res) => {
+  const limit = Math.min(parseInt(req.query.limit) || 50, 200);
+  const offset = parseInt(req.query.offset) || 0;
+  const q = req.query.q;
+  let items;
+  if (q) {
+    const pattern = `%${q}%`;
+    items = stmts.searchHistory.all(req.user.id, pattern, pattern, limit);
+  } else {
+    items = stmts.getHistory.all(req.user.id, limit, offset);
+  }
+  res.json({ history: items });
+});
+/**
+ * POST /api/workspace/history — Record a history entry
+ */
+router.post('/history', authenticateToken, (req, res) => {
+  const { url, title } = req.body;
+  if (!url) return res.status(400).json({ error: 'URL is required' });
+  const id = crypto.randomUUID();
+  stmts.upsertHistory.run(id, req.user.id, url, title || '');
+  res.json({ success: true });
+});
+/**
+ * DELETE /api/workspace/history/:id — Delete a single history entry
+ */
+router.delete('/history/:id', authenticateToken, (req, res) => {
+  const changes = stmts.deleteHistoryItem.run(req.params.id, req.user.id);
+  if (!changes.changes) return res.status(404).json({ error: 'History entry not found' });
+  res.json({ success: true });
+});
+/**
+ * DELETE /api/workspace/history — Clear all history
+ */
+router.delete('/history', authenticateToken, (req, res) => {
+  stmts.clearHistory.run(req.user.id);
+  logEvent(req.user.id, 'history_cleared', {});
+  res.json({ success: true });
+});
 // ─── Admin Routes ────────────────────────────────────────────────────
 /**