wispy-cli 2.7.8 → 2.7.10

package/core/engine.mjs

@@ -27,6 +27,9 @@ import { Harness } from "./harness.mjs";
 import { SyncManager, getSyncManager } from "./sync.mjs";
 import { SkillManager } from "./skills.mjs";
 import { UserModel } from "./user-model.mjs";
+import { routeTask, classifyTask, filterAvailableModels } from "./task-router.mjs";
+import { decomposeTask, executeDecomposedPlan } from "./task-decomposer.mjs";
+import { BrowserBridge } from "./browser.mjs";
 
 const MAX_TOOL_ROUNDS = 10;
 const MAX_CONTEXT_CHARS = 40_000;
@@ -46,6 +49,7 @@ export class WispyEngine {
     this.sync = null; // SyncManager, initialized lazily
     this.skills = new SkillManager(WISPY_DIR, this);
     this.userModel = new UserModel(WISPY_DIR, this);
+    this.browser = new BrowserBridge({ engine: this });
     this._initialized = false;
     this._workMdContent = null;
     this._workMdLoaded = false;
@@ -87,9 +91,15 @@ export class WispyEngine {
     // Register skill tools
     this._registerSkillTools();
 
+    // Register routing + decomposition tools (v2.8)
+    this._registerRoutingTools();
+
     // Re-wire harness after tools are registered
     this.harness = new Harness(this.tools, this.permissions, this.audit, this.config);
 
+    // Start browser bridge (non-blocking, don't fail if unavailable)
+    this.browser.ensureRunning().catch(() => {});
+
     // Initialize MCP
     if (!opts.skipMcp) {
       await ensureDefaultMcpConfig(this.mcpManager.configPath);
@@ -347,6 +357,11 @@ export class WispyEngine {
       "node_list", "node_status", "node_execute",
       "update_work_context",
       "run_skill", "list_skills", "delete_skill",
+      "smart_route", "decompose_and_execute",
+      // Browser tools (v2.9)
+      "browser_status", "browser_tabs", "browser_navigate",
+      "browser_screenshot", "browser_front_tab", "browser_activate",
+      "browser_attach",
     ]);
 
     const harnessResult = await this.harness.execute(name, args, {
@@ -422,6 +437,26 @@ export class WispyEngine {
         return this._toolListSkills(args);
       case "delete_skill":
         return this._toolDeleteSkill(args);
+      // Smart routing + decomposition (v2.8)
+      case "smart_route":
+        return this._toolSmartRoute(args);
+      case "decompose_and_execute":
+        return this._toolDecomposeAndExecute(args, opts);
+      // Browser tools (v2.9)
+      case "browser_status":
+        return this._toolBrowserStatus();
+      case "browser_tabs":
+        return this._toolBrowserTabs(args);
+      case "browser_navigate":
+        return this._toolBrowserNavigate(args);
+      case "browser_screenshot":
+        return this._toolBrowserScreenshot(args);
+      case "browser_front_tab":
+        return this._toolBrowserFrontTab(args);
+      case "browser_activate":
+        return this._toolBrowserActivate(args);
+      case "browser_attach":
+        return this._toolBrowserAttach(args);
       default:
         return this.tools.execute(name, args);
     }
@@ -1191,6 +1226,210 @@ export class WispyEngine {
     return this.skills.delete(args.name);
   }
 
+  // ── Smart routing + decomposition tools (v2.8) ───────────────────────────────
+
+  _registerRoutingTools() {
+    const routingTools = [
+      {
+        name: "smart_route",
+        description: "Analyze a task and recommend the best model to handle it based on task type, complexity, and available providers.",
+        parameters: {
+          type: "object",
+          properties: {
+            task: { type: "string", description: "The task to analyze and route" },
+            cost_preference: {
+              type: "string",
+              enum: ["minimize", "balanced", "maximize-quality"],
+              description: "Tradeoff preference (default: balanced)",
+            },
+          },
+          required: ["task"],
+        },
+      },
+      {
+        name: "decompose_and_execute",
+        description: "Split a complex task into subtasks, route each to the best model, execute in parallel, and synthesize results into a coherent response.",
+        parameters: {
+          type: "object",
+          properties: {
+            task: { type: "string", description: "The complex task to decompose and execute" },
+            max_subtasks: { type: "number", description: "Maximum number of subtasks (default: 5)" },
+            cost_preference: {
+              type: "string",
+              enum: ["minimize", "balanced", "maximize-quality"],
+              description: "Cost/quality tradeoff preference (default: balanced)",
+            },
+          },
+          required: ["task"],
+        },
+      },
+    ];
+
+    for (const tool of routingTools) {
+      this.tools._definitions.set(tool.name, tool);
+    }
+  }
+
+  async _toolSmartRoute(args) {
+    try {
+      const classification = classifyTask(args.task ?? "");
+      const routing = routeTask(args.task ?? "", null, {
+        costPreference: args.cost_preference ?? "balanced",
+        defaultModel: this.model,
+      });
+
+      return {
+        success: true,
+        recommendation: routing,
+        classification,
+        availableModels: filterAvailableModels(
+          ["gpt-5.4", "gpt-4o", "gpt-4o-mini", "claude-opus-4-20250514", "claude-sonnet-4-20250514",
+           "claude-3-5-haiku-20241022", "gemini-2.5-pro", "gemini-2.5-flash",
+           "llama-3.3-70b-versatile", "deepseek-chat", "deepseek-reasoner"]
+        ),
+      };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolDecomposeAndExecute(args, parentOpts = {}) {
+    try {
+      const task = args.task ?? "";
+      const maxSubtasks = args.max_subtasks ?? 5;
+      const costPreference = args.cost_preference ?? "balanced";
+
+      // Step 1: Decompose
+      const plan = await decomposeTask(task, {
+        maxSubtasks,
+        costPreference,
+        engine: this,
+      });
+
+      if (plan.subtasks.length === 0) {
+        return { success: false, error: "Failed to decompose task into subtasks" };
+      }
+
+      // Step 2: Execute
+      const executionResult = await executeDecomposedPlan(plan, this, {
+        costPreference,
+        onSubtaskStart: (st) => {
+          if (process.env.WISPY_DEBUG) {
+            console.error(`[decompose] Starting subtask ${st.id}: ${st.task.slice(0, 60)}`);
+          }
+        },
+        onSubtaskComplete: (st, result) => {
+          if (process.env.WISPY_DEBUG) {
+            console.error(`[decompose] Completed subtask ${st.id}`);
+          }
+        },
+      });
+
+      return {
+        success: true,
+        plan: {
+          subtaskCount: plan.subtasks.length,
+          parallelGroups: plan.parallelGroups.length,
+          estimatedCost: plan.estimatedCost,
+          estimatedTime: plan.estimatedTime,
+        },
+        subtasks: executionResult.results.map(r => ({
+          id: r.id,
+          type: r.type,
+          task: r.task.slice(0, 100),
+          resultPreview: r.result?.slice(0, 200) ?? null,
+        })),
+        errors: executionResult.errors,
+        synthesized: executionResult.synthesized,
+      };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  // ── Browser tools (v2.9) ─────────────────────────────────────────────────────
+
+  async _toolBrowserStatus() {
+    try {
+      const health = await this.browser.health();
+      const status = this.browser.status();
+      return {
+        success: true,
+        health: health?.ok ?? false,
+        bridgeUrl: this.browser.baseUrl,
+        session: status.session,
+        hint: health?.error ? `Start bridge: npx local-browser-bridge serve` : undefined,
+      };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserTabs(args) {
+    try {
+      const result = await this.browser.listTabs(args?.browser);
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, tabs: result?.tabs ?? result };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserNavigate(args) {
+    try {
+      const result = await this.browser.navigate(args.url);
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, url: args.url, result };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserScreenshot(args) {
+    try {
+      const result = await this.browser.screenshot(args?.sessionId);
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, screenshot: result?.screenshot ?? result?.data, format: "base64" };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserFrontTab(args) {
+    try {
+      const result = await this.browser.frontTab(args?.browser);
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, tab: result };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserActivate(args) {
+    try {
+      const result = await this.browser.activate(args?.sessionId);
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, result };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
+  async _toolBrowserAttach(args) {
+    try {
+      let result;
+      if (!args?.browser) {
+        result = await this.browser.autoAttach();
+      } else {
+        result = await this.browser.attach(args.browser, { mode: args.mode });
+      }
+      if (result?.error) return { success: false, error: result.error };
+      return { success: true, session: result };
+    } catch (err) {
+      return { success: false, error: err.message };
+    }
+  }
+
   // ── Cleanup ──────────────────────────────────────────────────────────────────
 
   destroy() {

package/core/memory.mjs

@@ -6,6 +6,12 @@
  * - daily/YYYY-MM-DD.md — daily logs
  * - projects/<name>.md — project-specific memory
  * - user.md — user preferences/info
+ *
+ * v2.8+ enhancements:
+ * - getRelevantMemories() — keyword + recency scoring for context injection
+ * - autoExtractFacts() — auto-flush important facts from conversation
+ * - Fuzzy search with recency + frequency weighting
+ * - Access frequency tracking
  */
 
 import path from "node:path";
@@ -13,10 +19,14 @@ import { readFile, writeFile, appendFile, mkdir, readdir, unlink, stat } from "n
 
 const MAX_SEARCH_RESULTS = 20;
 const MAX_SNIPPET_CHARS = 200;
+// How many messages must accumulate before autoExtractFacts triggers
+const AUTO_EXTRACT_INTERVAL = 10;
 
 export class MemoryManager {
   constructor(wispyDir) {
     this.memoryDir = path.join(wispyDir, "memory");
+    // Frequency tracking: key → access count (in-memory only, resets per session)
+    this._accessFrequency = new Map();
   }
 
   /**
@@ -88,6 +98,8 @@ export class MemoryManager {
     const filePath = this._keyToPath(key);
     try {
       const content = await readFile(filePath, "utf8");
+      // Track access frequency
+      this._accessFrequency.set(key, (this._accessFrequency.get(key) ?? 0) + 1);
       return { key, content, path: filePath };
     } catch {
       return null;

package/core/secrets.mjs

@@ -0,0 +1,251 @@
+/**
+ * core/secrets.mjs — Secrets Manager for Wispy
+ *
+ * Resolution chain: env var → macOS Keychain → encrypted secrets.json → null
+ * Encryption: AES-256-GCM with machine-derived key (hostname + username)
+ * Scrubbing: never logs actual secret values
+ */
+
+import os from "node:os";
+import path from "node:path";
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { existsSync } from "node:fs";
+import { createHash, createCipheriv, createDecipheriv, randomBytes } from "node:crypto";
+
+const ALGORITHM = "aes-256-gcm";
+const KEY_LENGTH = 32;
+const IV_LENGTH = 12;
+const TAG_LENGTH = 16;
+
+/**
+ * Derive a deterministic encryption key from machine identity.
+ * Uses hostname + username hash — not cryptographically perfect but
+ * provides at-rest protection from casual disk reads.
+ */
+function deriveMachineKey() {
+  const machineId = `${os.hostname()}::${os.userInfo().username}`;
+  return createHash("sha256").update(machineId).digest(); // 32 bytes
+}
+
+export class SecretsManager {
+  constructor(options = {}) {
+    this.wispyDir = options.wispyDir ?? path.join(os.homedir(), ".wispy");
+    this.secretsFile = path.join(this.wispyDir, "secrets.json");
+    this._cache = new Map();
+    this._machineKey = deriveMachineKey();
+  }
+
+  /**
+   * Resolution chain: env var → macOS Keychain → encrypted secrets.json → null
+   *
+   * @param {string} key - e.g. "OPENAI_API_KEY"
+   * @returns {Promise<string|null>}
+   */
+  async resolve(key) {
+    if (!key) return null;
+
+    // 1. In-memory cache
+    if (this._cache.has(key)) return this._cache.get(key);
+
+    // 2. Environment variable
+    if (process.env[key]) {
+      this._cache.set(key, process.env[key]);
+      return process.env[key];
+    }
+
+    // 3. macOS Keychain — try common service name patterns
+    const keychainValue = await this._fromKeychain(key, null);
+    if (keychainValue) {
+      this._cache.set(key, keychainValue);
+      return keychainValue;
+    }
+
+    // 4. Encrypted secrets.json
+    const stored = await this._fromSecretsFile(key);
+    if (stored) {
+      this._cache.set(key, stored);
+      return stored;
+    }
+
+    return null;
+  }
+
+  /**
+   * Store a secret (encrypts before writing to secrets.json)
+   */
+  async set(key, value) {
+    if (!key || value === undefined || value === null) {
+      throw new Error("key and value are required");
+    }
+
+    // Update cache
+    this._cache.set(key, value);
+
+    // Load existing secrets
+    const secrets = await this._loadSecretsFile();
+
+    // Encrypt and store
+    secrets[key] = this._encrypt(value);
+
+    await this._saveSecretsFile(secrets);
+    return { key, stored: true };
+  }
+
+  /**
+   * Delete a secret from cache + secrets.json
+   */
+  async delete(key) {
+    this._cache.delete(key);
+
+    const secrets = await this._loadSecretsFile();
+    if (!(key in secrets)) {
+      return { success: false, key, error: "Key not found" };
+    }
+
+    delete secrets[key];
+    await this._saveSecretsFile(secrets);
+    return { success: true, key };
+  }
+
+  /**
+   * List stored secret keys (not values)
+   */
+  async list() {
+    const secrets = await this._loadSecretsFile();
+    return Object.keys(secrets);
+  }
+
+  /**
+   * macOS Keychain integration
+   * Tries common wispy service names, then the key itself as service name
+   */
+  async _fromKeychain(service, account) {
+    if (process.platform !== "darwin") return null;
+
+    try {
+      const { execFile } = await import("node:child_process");
+      const { promisify } = await import("node:util");
+      const exec = promisify(execFile);
+
+      // Map common env var names to keychain service names
+      const serviceMap = {
+        OPENAI_API_KEY: "openai-api-key",
+        ANTHROPIC_API_KEY: "anthropic-api-key",
+        GOOGLE_AI_KEY: "google-ai-key",
+        GOOGLE_GENERATIVE_AI_KEY: "google-ai-key",
+        GEMINI_API_KEY: "google-ai-key",
+        GROQ_API_KEY: "groq-api-key",
+        DEEPSEEK_API_KEY: "deepseek-api-key",
+      };
+
+      const keychainService = serviceMap[service] ?? service.toLowerCase().replace(/_/g, "-");
+      const accounts = account ? [account] : ["wispy", "poropo"];
+
+      for (const acc of accounts) {
+        try {
+          const { stdout } = await exec(
+            "security",
+            ["find-generic-password", "-s", keychainService, "-a", acc, "-w"],
+            { timeout: 2000 }
+          );
+          const val = stdout.trim();
+          if (val) return val;
+        } catch { /* try next */ }
+      }
+
+      // Fallback: no account filter
+      try {
+        const { stdout } = await exec(
+          "security",
+          ["find-generic-password", "-s", keychainService, "-w"],
+          { timeout: 2000 }
+        );
+        const val = stdout.trim();
+        if (val) return val;
+      } catch { /* not found */ }
+    } catch { /* keychain unavailable */ }
+
+    return null;
+  }
+
+  // ── Encryption helpers ───────────────────────────────────────────────────────
+
+  /**
+   * Encrypt plaintext → base64 string (iv:tag:ciphertext)
+   */
+  _encrypt(plaintext) {
+    const iv = randomBytes(IV_LENGTH);
+    const cipher = createCipheriv(ALGORITHM, this._machineKey, iv);
+    const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+    const tag = cipher.getAuthTag();
+    // Encode as hex parts joined by ":"
+    return `${iv.toString("hex")}:${tag.toString("hex")}:${encrypted.toString("hex")}`;
+  }
+
+  /**
+   * Decrypt iv:tag:ciphertext → plaintext string
+   */
+  _decrypt(ciphertext) {
+    const [ivHex, tagHex, encHex] = ciphertext.split(":");
+    if (!ivHex || !tagHex || !encHex) throw new Error("Invalid ciphertext format");
+
+    const iv = Buffer.from(ivHex, "hex");
+    const tag = Buffer.from(tagHex, "hex");
+    const enc = Buffer.from(encHex, "hex");
+
+    const decipher = createDecipheriv(ALGORITHM, this._machineKey, iv);
+    decipher.setAuthTag(tag);
+    return decipher.update(enc) + decipher.final("utf8");
+  }
+
+  // ── File helpers ─────────────────────────────────────────────────────────────
+
+  async _loadSecretsFile() {
+    try {
+      const raw = await readFile(this.secretsFile, "utf8");
+      return JSON.parse(raw);
+    } catch {
+      return {};
+    }
+  }
+
+  async _saveSecretsFile(secrets) {
+    await mkdir(this.wispyDir, { recursive: true });
+    await writeFile(this.secretsFile, JSON.stringify(secrets, null, 2) + "\n", "utf8");
+  }
+
+  async _fromSecretsFile(key) {
+    const secrets = await this._loadSecretsFile();
+    if (!(key in secrets)) return null;
+    try {
+      return this._decrypt(secrets[key]);
+    } catch {
+      return null; // Corrupted entry — skip
+    }
+  }
+
+  /**
+   * Scrub secret values from an object (for logging/audit)
+   * Replaces any value that looks like a key we know about with "***"
+   */
+  scrub(obj) {
+    if (typeof obj !== "object" || obj === null) return obj;
+    const knownKeys = new Set([...this._cache.keys()]);
+    const result = {};
+    for (const [k, v] of Object.entries(obj)) {
+      if (knownKeys.has(k) || /key|token|secret|password|credential/i.test(k)) {
+        result[k] = "***";
+      } else {
+        result[k] = v;
+      }
+    }
+    return result;
+  }
+}
+
+/** Singleton factory — reuse across modules */
+let _instance = null;
+export function getSecretsManager(options = {}) {
+  if (!_instance) _instance = new SecretsManager(options);
+  return _instance;
+}

package/core/subagents.mjs

@@ -34,6 +34,7 @@ import os from "node:os";
 import path from "node:path";
 import { readFile, writeFile, readdir, mkdir } from "node:fs/promises";
 import { WISPY_DIR } from "./config.mjs";
+import { routeTask, filterAvailableModels, MODEL_CAPABILITIES, getAvailableProviders } from "./task-router.mjs";
 
 const SUBAGENTS_DIR = path.join(WISPY_DIR, "subagents");
 
@@ -150,11 +151,33 @@ export class SubAgentManager extends EventEmitter {
    * @returns {Promise<SubAgent>}
    */
   async spawn(opts) {
+    // ── routingPreference: resolve model before spawning ──────────────────────
+    let resolvedModel = opts.model ?? null;
+    const routingPref = opts.routingPreference ?? "inherit";
+
+    if (routingPref === "auto") {
+      try {
+        const routing = routeTask(opts.task ?? "", null, { costPreference: "balanced" });
+        resolvedModel = routing.model;
+      } catch { /* ignore routing errors, use null */ }
+    } else if (routingPref === "fast") {
+      try {
+        const routing = routeTask(opts.task ?? "", null, { costPreference: "minimize" });
+        resolvedModel = routing.model;
+      } catch {}
+    } else if (routingPref === "quality") {
+      try {
+        const routing = routeTask(opts.task ?? "", null, { costPreference: "maximize-quality" });
+        resolvedModel = routing.model;
+      } catch {}
+    }
+    // "inherit" → use opts.model as-is (or null = parent's model)
+
     const agent = new SubAgent({
       id: makeId(),
       task: opts.task,
       label: opts.label,
-      model: opts.model,
+      model: resolvedModel,
       timeout: opts.timeout ? opts.timeout * 1000 : 300_000,
       workstream: opts.workstream ?? this._engine._activeWorkstream,
     });