npm - wotann - Versions diffs - 0.5.0 → 0.5.39 - Mend

wotann 0.5.0 → 0.5.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1045) hide show

package/dist/agents/background-agent.d.ts.map +1 -1
package/dist/agents/background-agent.js +2 -1
package/dist/agents/background-agent.js.map +1 -1
package/dist/agents/file-scope-policy.d.ts +116 -0
package/dist/agents/file-scope-policy.d.ts.map +1 -0
package/dist/agents/file-scope-policy.js +190 -0
package/dist/agents/file-scope-policy.js.map +1 -0
package/dist/agents/yaml-manifest.d.ts +125 -0
package/dist/agents/yaml-manifest.d.ts.map +1 -0
package/dist/agents/yaml-manifest.js +901 -0
package/dist/agents/yaml-manifest.js.map +1 -0
package/dist/auth/login.d.ts +3 -3
package/dist/auth/login.d.ts.map +1 -1
package/dist/auth/login.js +80 -23
package/dist/auth/login.js.map +1 -1
package/dist/autopilot/completion-oracle.d.ts.map +1 -1
package/dist/autopilot/completion-oracle.js +3 -1
package/dist/autopilot/completion-oracle.js.map +1 -1
package/dist/autopilot/run-manifest.d.ts +90 -0
package/dist/autopilot/run-manifest.d.ts.map +1 -0
package/dist/autopilot/run-manifest.js +261 -0
package/dist/autopilot/run-manifest.js.map +1 -0
package/dist/browser/adaptive-selectors.d.ts +170 -0
package/dist/browser/adaptive-selectors.d.ts.map +1 -0
package/dist/browser/adaptive-selectors.js +317 -0
package/dist/browser/adaptive-selectors.js.map +1 -0
package/dist/browser/humanize-input.d.ts +76 -0
package/dist/browser/humanize-input.d.ts.map +1 -0
package/dist/browser/humanize-input.js +386 -0
package/dist/browser/humanize-input.js.map +1 -0
package/dist/channels/teams.d.ts +41 -19
package/dist/channels/teams.d.ts.map +1 -1
package/dist/channels/teams.js +121 -24
package/dist/channels/teams.js.map +1 -1
package/dist/channels/terminal-mention.d.ts.map +1 -1
package/dist/channels/terminal-mention.js +4 -1
package/dist/channels/terminal-mention.js.map +1 -1
package/dist/cli/commands/blast-radius.d.ts +47 -0
package/dist/cli/commands/blast-radius.d.ts.map +1 -0
package/dist/cli/commands/blast-radius.js +123 -0
package/dist/cli/commands/blast-radius.js.map +1 -0
package/dist/cli/commands/evolve.d.ts +92 -0
package/dist/cli/commands/evolve.d.ts.map +1 -0
package/dist/cli/commands/evolve.js +336 -0
package/dist/cli/commands/evolve.js.map +1 -0
package/dist/cli/commands/learning.d.ts +54 -0
package/dist/cli/commands/learning.d.ts.map +1 -0
package/dist/cli/commands/learning.js +380 -0
package/dist/cli/commands/learning.js.map +1 -0
package/dist/cli/commands/persona.d.ts +42 -0
package/dist/cli/commands/persona.d.ts.map +1 -0
package/dist/cli/commands/persona.js +198 -0
package/dist/cli/commands/persona.js.map +1 -0
package/dist/cli/commands/stuck.d.ts.map +1 -1
package/dist/cli/commands/stuck.js +5 -2
package/dist/cli/commands/stuck.js.map +1 -1
package/dist/cli/commands.d.ts.map +1 -1
package/dist/cli/commands.js +5 -2
package/dist/cli/commands.js.map +1 -1
package/dist/cli/orphan-wires/agent-manifest-cmd.d.ts +17 -0
package/dist/cli/orphan-wires/agent-manifest-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/agent-manifest-cmd.js +99 -0
package/dist/cli/orphan-wires/agent-manifest-cmd.js.map +1 -0
package/dist/cli/orphan-wires/arena-cmd.d.ts +26 -0
package/dist/cli/orphan-wires/arena-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/arena-cmd.js +167 -0
package/dist/cli/orphan-wires/arena-cmd.js.map +1 -0
package/dist/cli/orphan-wires/artifact-cmd.d.ts +17 -0
package/dist/cli/orphan-wires/artifact-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/artifact-cmd.js +175 -0
package/dist/cli/orphan-wires/artifact-cmd.js.map +1 -0
package/dist/cli/orphan-wires/demo-cmd.d.ts +25 -0
package/dist/cli/orphan-wires/demo-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/demo-cmd.js +164 -0
package/dist/cli/orphan-wires/demo-cmd.js.map +1 -0
package/dist/cli/orphan-wires/extras-cmd.d.ts +20 -0
package/dist/cli/orphan-wires/extras-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/extras-cmd.js +289 -0
package/dist/cli/orphan-wires/extras-cmd.js.map +1 -0
package/dist/cli/orphan-wires/harness-introspect-cmd.d.ts +15 -0
package/dist/cli/orphan-wires/harness-introspect-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/harness-introspect-cmd.js +36 -0
package/dist/cli/orphan-wires/harness-introspect-cmd.js.map +1 -0
package/dist/cli/orphan-wires/index.d.ts.map +1 -1
package/dist/cli/orphan-wires/index.js +30 -0
package/dist/cli/orphan-wires/index.js.map +1 -1
package/dist/cli/orphan-wires/integrations-cmd.d.ts +38 -0
package/dist/cli/orphan-wires/integrations-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/integrations-cmd.js +345 -0
package/dist/cli/orphan-wires/integrations-cmd.js.map +1 -0
package/dist/cli/orphan-wires/mcp-scaffold-cmd.d.ts +18 -0
package/dist/cli/orphan-wires/mcp-scaffold-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/mcp-scaffold-cmd.js +127 -0
package/dist/cli/orphan-wires/mcp-scaffold-cmd.js.map +1 -0
package/dist/cli/orphan-wires/memory-consolidate-cmd.d.ts +21 -0
package/dist/cli/orphan-wires/memory-consolidate-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/memory-consolidate-cmd.js +86 -0
package/dist/cli/orphan-wires/memory-consolidate-cmd.js.map +1 -0
package/dist/cli/orphan-wires/patch-cmd.d.ts +29 -0
package/dist/cli/orphan-wires/patch-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/patch-cmd.js +150 -0
package/dist/cli/orphan-wires/patch-cmd.js.map +1 -0
package/dist/cli/orphan-wires/redteam-scan-cmd.d.ts +28 -0
package/dist/cli/orphan-wires/redteam-scan-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/redteam-scan-cmd.js +169 -0
package/dist/cli/orphan-wires/redteam-scan-cmd.js.map +1 -0
package/dist/cli/orphan-wires/scrape-adapt-cmd.d.ts +21 -0
package/dist/cli/orphan-wires/scrape-adapt-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/scrape-adapt-cmd.js +70 -0
package/dist/cli/orphan-wires/scrape-adapt-cmd.js.map +1 -0
package/dist/cli/orphan-wires/shell-tier-cmd.d.ts +20 -0
package/dist/cli/orphan-wires/shell-tier-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/shell-tier-cmd.js +74 -0
package/dist/cli/orphan-wires/shell-tier-cmd.js.map +1 -0
package/dist/cli/orphan-wires/sub-recipes-cmd.d.ts +18 -0
package/dist/cli/orphan-wires/sub-recipes-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/sub-recipes-cmd.js +87 -0
package/dist/cli/orphan-wires/sub-recipes-cmd.js.map +1 -0
package/dist/cli/orphan-wires/webapp-test-cmd.d.ts +20 -0
package/dist/cli/orphan-wires/webapp-test-cmd.d.ts.map +1 -0
package/dist/cli/orphan-wires/webapp-test-cmd.js +115 -0
package/dist/cli/orphan-wires/webapp-test-cmd.js.map +1 -0
package/dist/cli/thin-client.d.ts +17 -10
package/dist/cli/thin-client.d.ts.map +1 -1
package/dist/cli/thin-client.js +108 -26
package/dist/cli/thin-client.js.map +1 -1
package/dist/computer-use/action-history-compactor.d.ts +92 -0
package/dist/computer-use/action-history-compactor.d.ts.map +1 -0
package/dist/computer-use/action-history-compactor.js +204 -0
package/dist/computer-use/action-history-compactor.js.map +1 -0
package/dist/computer-use/action-repertoire.d.ts +8 -0
package/dist/computer-use/action-repertoire.d.ts.map +1 -1
package/dist/computer-use/action-repertoire.js +19 -0
package/dist/computer-use/action-repertoire.js.map +1 -1
package/dist/computer-use/computer-agent.d.ts +232 -2
package/dist/computer-use/computer-agent.d.ts.map +1 -1
package/dist/computer-use/computer-agent.js +558 -19
package/dist/computer-use/computer-agent.js.map +1 -1
package/dist/computer-use/coordinate-scaling.d.ts +104 -0
package/dist/computer-use/coordinate-scaling.d.ts.map +1 -0
package/dist/computer-use/coordinate-scaling.js +175 -0
package/dist/computer-use/coordinate-scaling.js.map +1 -0
package/dist/computer-use/driver-contract.d.ts +158 -0
package/dist/computer-use/driver-contract.d.ts.map +1 -0
package/dist/computer-use/driver-contract.js +471 -0
package/dist/computer-use/driver-contract.js.map +1 -0
package/dist/computer-use/perception-engine.d.ts +39 -0
package/dist/computer-use/perception-engine.d.ts.map +1 -1
package/dist/computer-use/perception-engine.js +27 -27
package/dist/computer-use/perception-engine.js.map +1 -1
package/dist/computer-use/platform-bindings.d.ts.map +1 -1
package/dist/computer-use/platform-bindings.js +216 -2
package/dist/computer-use/platform-bindings.js.map +1 -1
package/dist/computer-use/safe-execute.d.ts +86 -0
package/dist/computer-use/safe-execute.d.ts.map +1 -0
package/dist/computer-use/safe-execute.js +152 -0
package/dist/computer-use/safe-execute.js.map +1 -0
package/dist/context/branch-summarization.d.ts +97 -0
package/dist/context/branch-summarization.d.ts.map +1 -0
package/dist/context/branch-summarization.js +170 -0
package/dist/context/branch-summarization.js.map +1 -0
package/dist/context/compaction.d.ts +16 -1
package/dist/context/compaction.d.ts.map +1 -1
package/dist/context/compaction.js +50 -2
package/dist/context/compaction.js.map +1 -1
package/dist/context/inspector.d.ts +2 -2
package/dist/context/inspector.d.ts.map +1 -1
package/dist/context/inspector.js +4 -3
package/dist/context/inspector.js.map +1 -1
package/dist/core/agent-bridge.d.ts.map +1 -1
package/dist/core/agent-bridge.js +200 -69
package/dist/core/agent-bridge.js.map +1 -1
package/dist/core/config.d.ts.map +1 -1
package/dist/core/config.js +7 -0
package/dist/core/config.js.map +1 -1
package/dist/core/mode-model-preference.d.ts +95 -0
package/dist/core/mode-model-preference.d.ts.map +1 -0
package/dist/core/mode-model-preference.js +170 -0
package/dist/core/mode-model-preference.js.map +1 -0
package/dist/core/prompt-override.d.ts.map +1 -1
package/dist/core/prompt-override.js +1 -0
package/dist/core/prompt-override.js.map +1 -1
package/dist/core/runtime-intelligence.d.ts +11 -0
package/dist/core/runtime-intelligence.d.ts.map +1 -1
package/dist/core/runtime-intelligence.js +18 -3
package/dist/core/runtime-intelligence.js.map +1 -1
package/dist/core/runtime-tool-dispatch.js +1 -1
package/dist/core/runtime-tool-dispatch.js.map +1 -1
package/dist/core/runtime.d.ts +186 -13
package/dist/core/runtime.d.ts.map +1 -1
package/dist/core/runtime.js +717 -228
package/dist/core/runtime.js.map +1 -1
package/dist/core/session-rewind.d.ts +67 -0
package/dist/core/session-rewind.d.ts.map +1 -0
package/dist/core/session-rewind.js +120 -0
package/dist/core/session-rewind.js.map +1 -0
package/dist/core/types.d.ts +19 -0
package/dist/core/types.d.ts.map +1 -1
package/dist/daemon/file-watcher.d.ts +84 -0
package/dist/daemon/file-watcher.d.ts.map +1 -0
package/dist/daemon/file-watcher.js +193 -0
package/dist/daemon/file-watcher.js.map +1 -0
package/dist/daemon/jsonl-mode.d.ts +11 -0
package/dist/daemon/jsonl-mode.d.ts.map +1 -0
package/dist/daemon/jsonl-mode.js +77 -0
package/dist/daemon/jsonl-mode.js.map +1 -0
package/dist/daemon/kairos-ipc.d.ts +4 -1
package/dist/daemon/kairos-ipc.d.ts.map +1 -1
package/dist/daemon/kairos-ipc.js +38 -22
package/dist/daemon/kairos-ipc.js.map +1 -1
package/dist/daemon/kairos-rpc.d.ts +5 -1
package/dist/daemon/kairos-rpc.d.ts.map +1 -1
package/dist/daemon/kairos-rpc.js +1262 -114
package/dist/daemon/kairos-rpc.js.map +1 -1
package/dist/daemon/kairos.d.ts +35 -4
package/dist/daemon/kairos.d.ts.map +1 -1
package/dist/daemon/kairos.js +204 -24
package/dist/daemon/kairos.js.map +1 -1
package/dist/daemon/rpc-handlers/intelligence-rpc.d.ts.map +1 -1
package/dist/daemon/rpc-handlers/intelligence-rpc.js +15 -3
package/dist/daemon/rpc-handlers/intelligence-rpc.js.map +1 -1
package/dist/daemon/transport/jsonl.d.ts +7 -0
package/dist/daemon/transport/jsonl.d.ts.map +1 -0
package/dist/daemon/transport/jsonl.js +38 -0
package/dist/daemon/transport/jsonl.js.map +1 -0
package/dist/daemon/transport/socket-path.d.ts +28 -0
package/dist/daemon/transport/socket-path.d.ts.map +1 -0
package/dist/daemon/transport/socket-path.js +36 -0
package/dist/daemon/transport/socket-path.js.map +1 -0
package/dist/design/theme-presets.d.ts +77 -0
package/dist/design/theme-presets.d.ts.map +1 -0
package/dist/design/theme-presets.js +274 -0
package/dist/design/theme-presets.js.map +1 -0
package/dist/desktop/companion-server.d.ts +67 -4
package/dist/desktop/companion-server.d.ts.map +1 -1
package/dist/desktop/companion-server.js +617 -70
package/dist/desktop/companion-server.js.map +1 -1
package/dist/desktop/web-artifacts-builder.d.ts +108 -0
package/dist/desktop/web-artifacts-builder.d.ts.map +1 -0
package/dist/desktop/web-artifacts-builder.js +184 -0
package/dist/desktop/web-artifacts-builder.js.map +1 -0
package/dist/hooks/built-in.d.ts.map +1 -1
package/dist/hooks/built-in.js +15 -10
package/dist/hooks/built-in.js.map +1 -1
package/dist/index.js +1301 -167
package/dist/index.js.map +1 -1
package/dist/integrations/integration-manifest.d.ts +140 -0
package/dist/integrations/integration-manifest.d.ts.map +1 -0
package/dist/integrations/integration-manifest.js +268 -0
package/dist/integrations/integration-manifest.js.map +1 -0
package/dist/intelligence/apply-patch-dsl.d.ts +112 -0
package/dist/intelligence/apply-patch-dsl.d.ts.map +1 -0
package/dist/intelligence/apply-patch-dsl.js +264 -0
package/dist/intelligence/apply-patch-dsl.js.map +1 -0
package/dist/intelligence/apply-patch-executor.d.ts +147 -0
package/dist/intelligence/apply-patch-executor.d.ts.map +1 -0
package/dist/intelligence/apply-patch-executor.js +418 -0
package/dist/intelligence/apply-patch-executor.js.map +1 -0
package/dist/intelligence/blast-radius.d.ts +67 -0
package/dist/intelligence/blast-radius.d.ts.map +1 -0
package/dist/intelligence/blast-radius.js +536 -0
package/dist/intelligence/blast-radius.js.map +1 -0
package/dist/intelligence/code-graph.d.ts +58 -7
package/dist/intelligence/code-graph.d.ts.map +1 -1
package/dist/intelligence/code-graph.js +347 -16
package/dist/intelligence/code-graph.js.map +1 -1
package/dist/intelligence/codebase-health.d.ts.map +1 -1
package/dist/intelligence/codebase-health.js +4 -3
package/dist/intelligence/codebase-health.js.map +1 -1
package/dist/intelligence/codemaps.d.ts +30 -1
package/dist/intelligence/codemaps.d.ts.map +1 -1
package/dist/intelligence/codemaps.js +99 -16
package/dist/intelligence/codemaps.js.map +1 -1
package/dist/intelligence/consecutive-error-counter.d.ts +89 -0
package/dist/intelligence/consecutive-error-counter.d.ts.map +1 -0
package/dist/intelligence/consecutive-error-counter.js +151 -0
package/dist/intelligence/consecutive-error-counter.js.map +1 -0
package/dist/intelligence/eval-frameworks/redteam-plugin-catalog.d.ts +87 -0
package/dist/intelligence/eval-frameworks/redteam-plugin-catalog.d.ts.map +1 -0
package/dist/intelligence/eval-frameworks/redteam-plugin-catalog.js +882 -0
package/dist/intelligence/eval-frameworks/redteam-plugin-catalog.js.map +1 -0
package/dist/intelligence/extractors/mineru.d.ts +108 -0
package/dist/intelligence/extractors/mineru.d.ts.map +1 -0
package/dist/intelligence/extractors/mineru.js +352 -0
package/dist/intelligence/extractors/mineru.js.map +1 -0
package/dist/intelligence/harness-introspect.d.ts +124 -0
package/dist/intelligence/harness-introspect.d.ts.map +1 -0
package/dist/intelligence/harness-introspect.js +349 -0
package/dist/intelligence/harness-introspect.js.map +1 -0
package/dist/intelligence/multi-patch-voter.d.ts +59 -1
package/dist/intelligence/multi-patch-voter.d.ts.map +1 -1
package/dist/intelligence/multi-patch-voter.js +191 -27
package/dist/intelligence/multi-patch-voter.js.map +1 -1
package/dist/intelligence/multimodal-extract.d.ts +44 -0
package/dist/intelligence/multimodal-extract.d.ts.map +1 -1
package/dist/intelligence/multimodal-extract.js +40 -1
package/dist/intelligence/multimodal-extract.js.map +1 -1
package/dist/intelligence/research-loops/budgeted-research.d.ts +7 -0
package/dist/intelligence/research-loops/budgeted-research.d.ts.map +1 -1
package/dist/intelligence/research-loops/budgeted-research.js +18 -0
package/dist/intelligence/research-loops/budgeted-research.js.map +1 -1
package/dist/intelligence/research-loops/constraint-guided-explorer.d.ts +124 -0
package/dist/intelligence/research-loops/constraint-guided-explorer.d.ts.map +1 -0
package/dist/intelligence/research-loops/constraint-guided-explorer.js +177 -0
package/dist/intelligence/research-loops/constraint-guided-explorer.js.map +1 -0
package/dist/intelligence/research-loops/results-collector.d.ts +62 -0
package/dist/intelligence/research-loops/results-collector.d.ts.map +1 -0
package/dist/intelligence/research-loops/results-collector.js +128 -0
package/dist/intelligence/research-loops/results-collector.js.map +1 -0
package/dist/intelligence/research-loops/results-log.d.ts +94 -0
package/dist/intelligence/research-loops/results-log.d.ts.map +1 -0
package/dist/intelligence/research-loops/results-log.js +178 -0
package/dist/intelligence/research-loops/results-log.js.map +1 -0
package/dist/intelligence/research-loops/strategies/base-strategy.d.ts +111 -0
package/dist/intelligence/research-loops/strategies/base-strategy.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategies/base-strategy.js +72 -0
package/dist/intelligence/research-loops/strategies/base-strategy.js.map +1 -0
package/dist/intelligence/research-loops/strategies/dual-confidence.d.ts +57 -0
package/dist/intelligence/research-loops/strategies/dual-confidence.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategies/dual-confidence.js +172 -0
package/dist/intelligence/research-loops/strategies/dual-confidence.js.map +1 -0
package/dist/intelligence/research-loops/strategies/langgraph-agent.d.ts +68 -0
package/dist/intelligence/research-loops/strategies/langgraph-agent.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategies/langgraph-agent.js +221 -0
package/dist/intelligence/research-loops/strategies/langgraph-agent.js.map +1 -0
package/dist/intelligence/research-loops/strategies/parallel-constrained.d.ts +42 -0
package/dist/intelligence/research-loops/strategies/parallel-constrained.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategies/parallel-constrained.js +132 -0
package/dist/intelligence/research-loops/strategies/parallel-constrained.js.map +1 -0
package/dist/intelligence/research-loops/strategies/recursive-decomposition.d.ts +55 -0
package/dist/intelligence/research-loops/strategies/recursive-decomposition.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategies/recursive-decomposition.js +187 -0
package/dist/intelligence/research-loops/strategies/recursive-decomposition.js.map +1 -0
package/dist/intelligence/research-loops/strategy-registry.d.ts +43 -0
package/dist/intelligence/research-loops/strategy-registry.d.ts.map +1 -0
package/dist/intelligence/research-loops/strategy-registry.js +62 -0
package/dist/intelligence/research-loops/strategy-registry.js.map +1 -0
package/dist/intelligence/research-strategies.d.ts +133 -0
package/dist/intelligence/research-strategies.d.ts.map +1 -0
package/dist/intelligence/research-strategies.js +204 -0
package/dist/intelligence/research-strategies.js.map +1 -0
package/dist/lib.d.ts +49 -0
package/dist/lib.d.ts.map +1 -1
package/dist/lib.js +133 -0
package/dist/lib.js.map +1 -1
package/dist/loop/tool-description-reset.d.ts +113 -0
package/dist/loop/tool-description-reset.d.ts.map +1 -0
package/dist/loop/tool-description-reset.js +136 -0
package/dist/loop/tool-description-reset.js.map +1 -0
package/dist/lsp/server-registry.d.ts.map +1 -1
package/dist/lsp/server-registry.js +2 -1
package/dist/lsp/server-registry.js.map +1 -1
package/dist/lsp/symbol-operations.d.ts.map +1 -1
package/dist/lsp/symbol-operations.js +2 -1
package/dist/lsp/symbol-operations.js.map +1 -1
package/dist/marketplace/acp-agent-registry.d.ts.map +1 -1
package/dist/marketplace/acp-agent-registry.js +2 -1
package/dist/marketplace/acp-agent-registry.js.map +1 -1
package/dist/marketplace/marketplace-source-git.d.ts +135 -0
package/dist/marketplace/marketplace-source-git.d.ts.map +1 -0
package/dist/marketplace/marketplace-source-git.js +211 -0
package/dist/marketplace/marketplace-source-git.js.map +1 -0
package/dist/marketplace/registry.d.ts +87 -0
package/dist/marketplace/registry.d.ts.map +1 -1
package/dist/marketplace/registry.js +113 -2
package/dist/marketplace/registry.js.map +1 -1
package/dist/mcp/chrome-devtools.d.ts +62 -2
package/dist/mcp/chrome-devtools.d.ts.map +1 -1
package/dist/mcp/chrome-devtools.js +183 -1
package/dist/mcp/chrome-devtools.js.map +1 -1
package/dist/mcp/health-probe.d.ts +1 -0
package/dist/mcp/health-probe.d.ts.map +1 -1
package/dist/mcp/health-probe.js +32 -1
package/dist/mcp/health-probe.js.map +1 -1
package/dist/mcp/mcp-scaffolder.d.ts +166 -0
package/dist/mcp/mcp-scaffolder.d.ts.map +1 -0
package/dist/mcp/mcp-scaffolder.js +526 -0
package/dist/mcp/mcp-scaffolder.js.map +1 -0
package/dist/mcp/mcp-server.d.ts.map +1 -1
package/dist/mcp/mcp-server.js +55 -0
package/dist/mcp/mcp-server.js.map +1 -1
package/dist/mcp/memory-mcp.d.ts +163 -0
package/dist/mcp/memory-mcp.d.ts.map +1 -0
package/dist/mcp/memory-mcp.js +368 -0
package/dist/mcp/memory-mcp.js.map +1 -0
package/dist/mcp/tool-loader.d.ts.map +1 -1
package/dist/mcp/tool-loader.js +13 -0
package/dist/mcp/tool-loader.js.map +1 -1
package/dist/meet/meeting-runtime.d.ts.map +1 -1
package/dist/meet/meeting-runtime.js +3 -1
package/dist/meet/meeting-runtime.js.map +1 -1
package/dist/memory/incremental-indexer.d.ts.map +1 -1
package/dist/memory/incremental-indexer.js +5 -1
package/dist/memory/incremental-indexer.js.map +1 -1
package/dist/memory/qmd-integration.d.ts.map +1 -1
package/dist/memory/qmd-integration.js +47 -15
package/dist/memory/qmd-integration.js.map +1 -1
package/dist/memory/two-phase-consolidator.d.ts +118 -0
package/dist/memory/two-phase-consolidator.d.ts.map +1 -0
package/dist/memory/two-phase-consolidator.js +265 -0
package/dist/memory/two-phase-consolidator.js.map +1 -0
package/dist/middleware/doom-loop.d.ts +21 -0
package/dist/middleware/doom-loop.d.ts.map +1 -1
package/dist/middleware/doom-loop.js +49 -6
package/dist/middleware/doom-loop.js.map +1 -1
package/dist/middleware/loop-detection.d.ts +176 -6
package/dist/middleware/loop-detection.d.ts.map +1 -1
package/dist/middleware/loop-detection.js +341 -6
package/dist/middleware/loop-detection.js.map +1 -1
package/dist/middleware/pipeline.d.ts +9 -1
package/dist/middleware/pipeline.d.ts.map +1 -1
package/dist/middleware/pipeline.js +116 -1
package/dist/middleware/pipeline.js.map +1 -1
package/dist/middleware/tool-flow-gate.d.ts +20 -0
package/dist/middleware/tool-flow-gate.d.ts.map +1 -1
package/dist/middleware/tool-flow-gate.js +93 -0
package/dist/middleware/tool-flow-gate.js.map +1 -1
package/dist/mobile/ios-app.d.ts +18 -1
package/dist/mobile/ios-app.d.ts.map +1 -1
package/dist/mobile/ios-app.js +108 -8
package/dist/mobile/ios-app.js.map +1 -1
package/dist/orchestration/adversarial-cut.d.ts +85 -0
package/dist/orchestration/adversarial-cut.d.ts.map +1 -0
package/dist/orchestration/adversarial-cut.js +222 -0
package/dist/orchestration/adversarial-cut.js.map +1 -0
package/dist/orchestration/agent-kanban.d.ts +147 -0
package/dist/orchestration/agent-kanban.d.ts.map +1 -0
package/dist/orchestration/agent-kanban.js +414 -0
package/dist/orchestration/agent-kanban.js.map +1 -0
package/dist/orchestration/autonomous.d.ts +111 -0
package/dist/orchestration/autonomous.d.ts.map +1 -1
package/dist/orchestration/autonomous.js +183 -6
package/dist/orchestration/autonomous.js.map +1 -1
package/dist/orchestration/elo-tournament.d.ts +90 -0
package/dist/orchestration/elo-tournament.d.ts.map +1 -0
package/dist/orchestration/elo-tournament.js +203 -0
package/dist/orchestration/elo-tournament.js.map +1 -0
package/dist/orchestration/multi-model-arena.d.ts +138 -0
package/dist/orchestration/multi-model-arena.d.ts.map +1 -0
package/dist/orchestration/multi-model-arena.js +298 -0
package/dist/orchestration/multi-model-arena.js.map +1 -0
package/dist/orchestration/review-pipeline.d.ts +78 -0
package/dist/orchestration/review-pipeline.d.ts.map +1 -0
package/dist/orchestration/review-pipeline.js +202 -0
package/dist/orchestration/review-pipeline.js.map +1 -0
package/dist/orchestration/unified-state-thread.d.ts +186 -0
package/dist/orchestration/unified-state-thread.d.ts.map +1 -0
package/dist/orchestration/unified-state-thread.js +327 -0
package/dist/orchestration/unified-state-thread.js.map +1 -0
package/dist/plugins/manager.d.ts.map +1 -1
package/dist/plugins/manager.js +2 -1
package/dist/plugins/manager.js.map +1 -1
package/dist/prompt/engine.d.ts +7 -0
package/dist/prompt/engine.d.ts.map +1 -1
package/dist/prompt/engine.js.map +1 -1
package/dist/prompt/modules/caveman.d.ts +51 -0
package/dist/prompt/modules/caveman.d.ts.map +1 -0
package/dist/prompt/modules/caveman.js +97 -0
package/dist/prompt/modules/caveman.js.map +1 -0
package/dist/prompt/modules/index.d.ts +1 -0
package/dist/prompt/modules/index.d.ts.map +1 -1
package/dist/prompt/modules/index.js +3 -0
package/dist/prompt/modules/index.js.map +1 -1
package/dist/providers/account-pool.d.ts.map +1 -1
package/dist/providers/account-pool.js +1 -0
package/dist/providers/account-pool.js.map +1 -1
package/dist/providers/anthropic-adapter.d.ts.map +1 -1
package/dist/providers/anthropic-adapter.js +33 -0
package/dist/providers/anthropic-adapter.js.map +1 -1
package/dist/providers/cloud-offload/config-loader.d.ts +20 -0
package/dist/providers/cloud-offload/config-loader.d.ts.map +1 -0
package/dist/providers/cloud-offload/config-loader.js +148 -0
package/dist/providers/cloud-offload/config-loader.js.map +1 -0
package/dist/providers/codex-adapter.d.ts.map +1 -1
package/dist/providers/codex-adapter.js +136 -4
package/dist/providers/codex-adapter.js.map +1 -1
package/dist/providers/discovery.d.ts.map +1 -1
package/dist/providers/discovery.js +20 -0
package/dist/providers/discovery.js.map +1 -1
package/dist/providers/effort-cascade.d.ts +113 -0
package/dist/providers/effort-cascade.d.ts.map +1 -0
package/dist/providers/effort-cascade.js +215 -0
package/dist/providers/effort-cascade.js.map +1 -0
package/dist/providers/fallback-chain.d.ts.map +1 -1
package/dist/providers/fallback-chain.js +1 -0
package/dist/providers/fallback-chain.js.map +1 -1
package/dist/providers/health-check.d.ts.map +1 -1
package/dist/providers/health-check.js +8 -0
package/dist/providers/health-check.js.map +1 -1
package/dist/providers/model-defaults.d.ts +1 -1
package/dist/providers/model-defaults.d.ts.map +1 -1
package/dist/providers/model-defaults.js +13 -1
package/dist/providers/model-defaults.js.map +1 -1
package/dist/providers/model-discovery.d.ts.map +1 -1
package/dist/providers/model-discovery.js +1 -0
package/dist/providers/model-discovery.js.map +1 -1
package/dist/providers/ollama-adapter.d.ts.map +1 -1
package/dist/providers/ollama-adapter.js +21 -1
package/dist/providers/ollama-adapter.js.map +1 -1
package/dist/providers/openai-compat-adapter.d.ts.map +1 -1
package/dist/providers/openai-compat-adapter.js +25 -0
package/dist/providers/openai-compat-adapter.js.map +1 -1
package/dist/providers/preset-library.d.ts.map +1 -1
package/dist/providers/preset-library.js +9 -0
package/dist/providers/preset-library.js.map +1 -1
package/dist/providers/provider-service.d.ts.map +1 -1
package/dist/providers/provider-service.js +40 -1
package/dist/providers/provider-service.js.map +1 -1
package/dist/providers/registry.d.ts.map +1 -1
package/dist/providers/registry.js +7 -0
package/dist/providers/registry.js.map +1 -1
package/dist/providers/sticky-rotation.d.ts +100 -0
package/dist/providers/sticky-rotation.d.ts.map +1 -0
package/dist/providers/sticky-rotation.js +134 -0
package/dist/providers/sticky-rotation.js.map +1 -0
package/dist/providers/tool-parsers/parsers.d.ts.map +1 -1
package/dist/providers/tool-parsers/parsers.js +17 -4
package/dist/providers/tool-parsers/parsers.js.map +1 -1
package/dist/providers/types.d.ts +25 -0
package/dist/providers/types.d.ts.map +1 -1
package/dist/recipes/final-output.d.ts +74 -0
package/dist/recipes/final-output.d.ts.map +1 -0
package/dist/recipes/final-output.js +232 -0
package/dist/recipes/final-output.js.map +1 -0
package/dist/recipes/recipe-loader.d.ts.map +1 -1
package/dist/recipes/recipe-loader.js +29 -0
package/dist/recipes/recipe-loader.js.map +1 -1
package/dist/recipes/recipe-runtime.d.ts.map +1 -1
package/dist/recipes/recipe-runtime.js +31 -0
package/dist/recipes/recipe-runtime.js.map +1 -1
package/dist/recipes/recipe-types.d.ts +28 -0
package/dist/recipes/recipe-types.d.ts.map +1 -1
package/dist/recipes/sop-crystallizer.d.ts +90 -0
package/dist/recipes/sop-crystallizer.d.ts.map +1 -0
package/dist/recipes/sop-crystallizer.js +238 -0
package/dist/recipes/sop-crystallizer.js.map +1 -0
package/dist/recipes/sub-recipe-orchestrator.d.ts +126 -0
package/dist/recipes/sub-recipe-orchestrator.d.ts.map +1 -0
package/dist/recipes/sub-recipe-orchestrator.js +225 -0
package/dist/recipes/sub-recipe-orchestrator.js.map +1 -0
package/dist/sandbox/extended-backends.d.ts.map +1 -1
package/dist/sandbox/extended-backends.js +7 -2
package/dist/sandbox/extended-backends.js.map +1 -1
package/dist/sandbox/seatbelt-policy.d.ts +132 -0
package/dist/sandbox/seatbelt-policy.d.ts.map +1 -0
package/dist/sandbox/seatbelt-policy.js +562 -0
package/dist/sandbox/seatbelt-policy.js.map +1 -0
package/dist/sandbox/terminal-backends.d.ts.map +1 -1
package/dist/sandbox/terminal-backends.js +3 -1
package/dist/sandbox/terminal-backends.js.map +1 -1
package/dist/security/auto-mode-ruleset.d.ts +142 -0
package/dist/security/auto-mode-ruleset.d.ts.map +1 -0
package/dist/security/auto-mode-ruleset.js +264 -0
package/dist/security/auto-mode-ruleset.js.map +1 -0
package/dist/security/bash-arity-policy.d.ts +70 -0
package/dist/security/bash-arity-policy.d.ts.map +1 -0
package/dist/security/bash-arity-policy.js +189 -0
package/dist/security/bash-arity-policy.js.map +1 -0
package/dist/security/command-sanitizer.d.ts.map +1 -1
package/dist/security/command-sanitizer.js +24 -0
package/dist/security/command-sanitizer.js.map +1 -1
package/dist/security/credential-broker.d.ts +136 -0
package/dist/security/credential-broker.d.ts.map +1 -0
package/dist/security/credential-broker.js +284 -0
package/dist/security/credential-broker.js.map +1 -0
package/dist/security/invisible-text-sanitizer.d.ts +114 -0
package/dist/security/invisible-text-sanitizer.d.ts.map +1 -0
package/dist/security/invisible-text-sanitizer.js +221 -0
package/dist/security/invisible-text-sanitizer.js.map +1 -0
package/dist/security/osv-check.d.ts +174 -0
package/dist/security/osv-check.d.ts.map +1 -0
package/dist/security/osv-check.js +409 -0
package/dist/security/osv-check.js.map +1 -0
package/dist/security/process-hardening.d.ts +114 -0
package/dist/security/process-hardening.d.ts.map +1 -0
package/dist/security/process-hardening.js +132 -0
package/dist/security/process-hardening.js.map +1 -0
package/dist/security/shell-escalation-tiers.d.ts +73 -0
package/dist/security/shell-escalation-tiers.d.ts.map +1 -0
package/dist/security/shell-escalation-tiers.js +439 -0
package/dist/security/shell-escalation-tiers.js.map +1 -0
package/dist/session/fork.d.ts +100 -0
package/dist/session/fork.d.ts.map +1 -0
package/dist/session/fork.js +223 -0
package/dist/session/fork.js.map +1 -0
package/dist/skills/activation-telemetry.d.ts +154 -0
package/dist/skills/activation-telemetry.d.ts.map +1 -0
package/dist/skills/activation-telemetry.js +274 -0
package/dist/skills/activation-telemetry.js.map +1 -0
package/dist/skills/agentskills-registry.d.ts +12 -1
package/dist/skills/agentskills-registry.d.ts.map +1 -1
package/dist/skills/agentskills-registry.js +11 -0
package/dist/skills/agentskills-registry.js.map +1 -1
package/dist/skills/description-optimizer.d.ts +101 -0
package/dist/skills/description-optimizer.d.ts.map +1 -0
package/dist/skills/description-optimizer.js +304 -0
package/dist/skills/description-optimizer.js.map +1 -0
package/dist/skills/history-deduper.d.ts +109 -0
package/dist/skills/history-deduper.d.ts.map +1 -0
package/dist/skills/history-deduper.js +222 -0
package/dist/skills/history-deduper.js.map +1 -0
package/dist/skills/loader.d.ts.map +1 -1
package/dist/skills/loader.js +2 -1
package/dist/skills/loader.js.map +1 -1
package/dist/skills/skill-source-adapter.d.ts +16 -0
package/dist/skills/skill-source-adapter.d.ts.map +1 -1
package/dist/skills/skill-source-adapter.js +0 -0
package/dist/skills/skill-source-adapter.js.map +1 -1
package/dist/skills/skill-standard.d.ts +29 -4
package/dist/skills/skill-standard.d.ts.map +1 -1
package/dist/skills/skill-standard.js +139 -66
package/dist/skills/skill-standard.js.map +1 -1
package/dist/skills/sop-completion-gate.d.ts +137 -0
package/dist/skills/sop-completion-gate.d.ts.map +1 -0
package/dist/skills/sop-completion-gate.js +159 -0
package/dist/skills/sop-completion-gate.js.map +1 -0
package/dist/skills/sop-template.d.ts +85 -0
package/dist/skills/sop-template.d.ts.map +1 -0
package/dist/skills/sop-template.js +106 -0
package/dist/skills/sop-template.js.map +1 -0
package/dist/skills/wotann-skills-registry.d.ts +1 -1
package/dist/skills/wotann-skills-registry.d.ts.map +1 -1
package/dist/skills/wotann-skills-registry.js +503 -0
package/dist/skills/wotann-skills-registry.js.map +1 -1
package/dist/snippets/prompt-corpus.d.ts +10 -0
package/dist/snippets/prompt-corpus.d.ts.map +1 -0
package/dist/snippets/prompt-corpus.js +158 -0
package/dist/snippets/prompt-corpus.js.map +1 -0
package/dist/snippets/snippet-store.d.ts +27 -0
package/dist/snippets/snippet-store.d.ts.map +1 -1
package/dist/snippets/snippet-store.js +109 -6
package/dist/snippets/snippet-store.js.map +1 -1
package/dist/storage/sqlite-node-backend.d.ts +47 -36
package/dist/storage/sqlite-node-backend.d.ts.map +1 -1
package/dist/storage/sqlite-node-backend.js +250 -94
package/dist/storage/sqlite-node-backend.js.map +1 -1
package/dist/testing/webapp-server-lifecycle.d.ts +74 -0
package/dist/testing/webapp-server-lifecycle.d.ts.map +1 -0
package/dist/testing/webapp-server-lifecycle.js +272 -0
package/dist/testing/webapp-server-lifecycle.js.map +1 -0
package/dist/tools/markitdown-bridge.d.ts +19 -0
package/dist/tools/markitdown-bridge.d.ts.map +1 -1
package/dist/tools/markitdown-bridge.js +167 -2
package/dist/tools/markitdown-bridge.js.map +1 -1
package/dist/tools/pdf-processor.d.ts.map +1 -1
package/dist/tools/pdf-processor.js +7 -3
package/dist/tools/pdf-processor.js.map +1 -1
package/dist/tools/pptx-processor.d.ts +51 -0
package/dist/tools/pptx-processor.d.ts.map +1 -0
package/dist/tools/pptx-processor.js +334 -0
package/dist/tools/pptx-processor.js.map +1 -0
package/dist/ui/App.d.ts.map +1 -1
package/dist/ui/App.js +1661 -149
package/dist/ui/App.js.map +1 -1
package/dist/ui/agent-tools.d.ts +60 -0
package/dist/ui/agent-tools.d.ts.map +1 -0
package/dist/ui/agent-tools.js +468 -0
package/dist/ui/agent-tools.js.map +1 -0
package/dist/ui/alt-buffer-mode.d.ts +68 -0
package/dist/ui/alt-buffer-mode.d.ts.map +1 -0
package/dist/ui/alt-buffer-mode.js +114 -0
package/dist/ui/alt-buffer-mode.js.map +1 -0
package/dist/ui/alt-buffer.d.ts +57 -10
package/dist/ui/alt-buffer.d.ts.map +1 -1
package/dist/ui/alt-buffer.js +54 -12
package/dist/ui/alt-buffer.js.map +1 -1
package/dist/ui/components/AgentStatusPanel.d.ts.map +1 -1
package/dist/ui/components/AgentStatusPanel.js +14 -6
package/dist/ui/components/AgentStatusPanel.js.map +1 -1
package/dist/ui/components/AuditLogPanel.js +3 -3
package/dist/ui/components/AuditLogPanel.js.map +1 -1
package/dist/ui/components/AutomationsPanel.js +3 -3
package/dist/ui/components/AutomationsPanel.js.map +1 -1
package/dist/ui/components/ChatView.d.ts +9 -1
package/dist/ui/components/ChatView.d.ts.map +1 -1
package/dist/ui/components/ChatView.js +503 -14
package/dist/ui/components/ChatView.js.map +1 -1
package/dist/ui/components/CommandPaletteCommands.d.ts +2 -0
package/dist/ui/components/CommandPaletteCommands.d.ts.map +1 -1
package/dist/ui/components/CommandPaletteCommands.js +18 -2
package/dist/ui/components/CommandPaletteCommands.js.map +1 -1
package/dist/ui/components/ContextHUD.d.ts.map +1 -1
package/dist/ui/components/ContextHUD.js +3 -3
package/dist/ui/components/ContextHUD.js.map +1 -1
package/dist/ui/components/DispatchInbox.js +3 -3
package/dist/ui/components/DispatchInbox.js.map +1 -1
package/dist/ui/components/GdprPanel.d.ts.map +1 -1
package/dist/ui/components/GdprPanel.js +2 -3
package/dist/ui/components/GdprPanel.js.map +1 -1
package/dist/ui/components/HistoryPicker.js +3 -3
package/dist/ui/components/HistoryPicker.js.map +1 -1
package/dist/ui/components/ModelPicker.d.ts +9 -6
package/dist/ui/components/ModelPicker.d.ts.map +1 -1
package/dist/ui/components/ModelPicker.js +12 -9
package/dist/ui/components/ModelPicker.js.map +1 -1
package/dist/ui/components/OptionPicker.js +3 -3
package/dist/ui/components/OptionPicker.js.map +1 -1
package/dist/ui/components/PermissionPrompt.js +3 -3
package/dist/ui/components/PermissionPrompt.js.map +1 -1
package/dist/ui/components/PromptInput.d.ts.map +1 -1
package/dist/ui/components/PromptInput.js +65 -10
package/dist/ui/components/PromptInput.js.map +1 -1
package/dist/ui/components/ProviderSetupOverlay.d.ts +19 -0
package/dist/ui/components/ProviderSetupOverlay.d.ts.map +1 -0
package/dist/ui/components/ProviderSetupOverlay.js +124 -0
package/dist/ui/components/ProviderSetupOverlay.js.map +1 -0
package/dist/ui/components/StartupScreen.d.ts.map +1 -1
package/dist/ui/components/StartupScreen.js +10 -1
package/dist/ui/components/StartupScreen.js.map +1 -1
package/dist/ui/components/StatusBar.d.ts.map +1 -1
package/dist/ui/components/StatusBar.js +3 -3
package/dist/ui/components/StatusBar.js.map +1 -1
package/dist/ui/components/TrustPanel.js +3 -3
package/dist/ui/components/TrustPanel.js.map +1 -1
package/dist/ui/components/UnifiedStatusBar.d.ts.map +1 -1
package/dist/ui/components/UnifiedStatusBar.js +76 -5
package/dist/ui/components/UnifiedStatusBar.js.map +1 -1
package/dist/ui/computer-action-parser.d.ts +6 -0
package/dist/ui/computer-action-parser.d.ts.map +1 -0
package/dist/ui/computer-action-parser.js +119 -0
package/dist/ui/computer-action-parser.js.map +1 -0
package/dist/ui/helpers.d.ts +1 -1
package/dist/ui/helpers.d.ts.map +1 -1
package/dist/ui/helpers.js +1 -1
package/dist/ui/helpers.js.map +1 -1
package/dist/ui/keybindings.d.ts +12 -2
package/dist/ui/keybindings.d.ts.map +1 -1
package/dist/ui/keybindings.js +36 -4
package/dist/ui/keybindings.js.map +1 -1
package/dist/ui/markdown-stream.d.ts +99 -0
package/dist/ui/markdown-stream.d.ts.map +1 -0
package/dist/ui/markdown-stream.js +314 -0
package/dist/ui/markdown-stream.js.map +1 -0
package/dist/ui/terminal-keyboard-protocol.d.ts +23 -0
package/dist/ui/terminal-keyboard-protocol.d.ts.map +1 -0
package/dist/ui/terminal-keyboard-protocol.js +72 -0
package/dist/ui/terminal-keyboard-protocol.js.map +1 -0
package/dist/ui/theme/context.d.ts +39 -0
package/dist/ui/theme/context.d.ts.map +1 -0
package/dist/ui/theme/context.js +42 -0
package/dist/ui/theme/context.js.map +1 -0
package/dist/utils/platform.d.ts +115 -0
package/dist/utils/platform.d.ts.map +1 -0
package/dist/utils/platform.js +146 -0
package/dist/utils/platform.js.map +1 -0
package/dist/verification/auto-verify-policy.d.ts +107 -0
package/dist/verification/auto-verify-policy.d.ts.map +1 -0
package/dist/verification/auto-verify-policy.js +309 -0
package/dist/verification/auto-verify-policy.js.map +1 -0
package/package.json +4 -1
package/skills/anthropic-finance/audit-spreadsheet.md +165 -0
package/skills/anthropic-finance/clean-data-xls.md +59 -0
package/skills/anthropic-finance/competitive-analysis.md +288 -0
package/skills/anthropic-finance/compliance-rules-engine.md +56 -0
package/skills/anthropic-finance/dd-checklist.md +126 -0
package/skills/anthropic-finance/independent-recompute.md +47 -0
package/skills/anthropic-finance/reconcile-root-cause.md +48 -0
package/skills/anthropic-finance/roll-forward.md +42 -0
package/skills/anthropic-finance/untrusted-doc-parse.md +57 -0
package/skills/anthropic-finance/variance-commentary.md +43 -0
package/skills/doubt-driven-development.md +95 -0
package/skills/mattpocock/diagnose.md +126 -0
package/skills/mattpocock/grill-with-docs.md +97 -0
package/skills/mattpocock/improve-codebase-architecture.md +80 -0
package/skills/mattpocock/prototype.md +39 -0
package/skills/mattpocock/review.md +87 -0
package/skills/mattpocock/tdd.md +118 -0
package/skills/mattpocock/zoom-out.md +17 -0
package/skills/scientific/citation-management/SKILL.md +1113 -0
package/skills/scientific/citation-management/assets/bibtex_template.bib +264 -0
package/skills/scientific/citation-management/assets/citation_checklist.md +386 -0
package/skills/scientific/citation-management/references/bibtex_formatting.md +908 -0
package/skills/scientific/citation-management/references/citation_validation.md +794 -0
package/skills/scientific/citation-management/references/google_scholar_search.md +725 -0
package/skills/scientific/citation-management/references/metadata_extraction.md +870 -0
package/skills/scientific/citation-management/references/pubmed_search.md +839 -0
package/skills/scientific/citation-management/scripts/doi_to_bibtex.py +204 -0
package/skills/scientific/citation-management/scripts/extract_metadata.py +569 -0
package/skills/scientific/citation-management/scripts/format_bibtex.py +349 -0
package/skills/scientific/citation-management/scripts/generate_schematic.py +139 -0
package/skills/scientific/citation-management/scripts/generate_schematic_ai.py +817 -0
package/skills/scientific/citation-management/scripts/search_google_scholar.py +282 -0
package/skills/scientific/citation-management/scripts/search_pubmed.py +398 -0
package/skills/scientific/citation-management/scripts/validate_citations.py +497 -0
package/skills/scientific/database-lookup/SKILL.md +480 -0
package/skills/scientific/database-lookup/references/addgene.md +38 -0
package/skills/scientific/database-lookup/references/alphafold.md +40 -0
package/skills/scientific/database-lookup/references/alphavantage.md +261 -0
package/skills/scientific/database-lookup/references/bea.md +409 -0
package/skills/scientific/database-lookup/references/bindingdb.md +85 -0
package/skills/scientific/database-lookup/references/biogrid.md +110 -0
package/skills/scientific/database-lookup/references/bls.md +235 -0
package/skills/scientific/database-lookup/references/brenda.md +71 -0
package/skills/scientific/database-lookup/references/cbioportal.md +206 -0
package/skills/scientific/database-lookup/references/census.md +251 -0
package/skills/scientific/database-lookup/references/chebi.md +103 -0
package/skills/scientific/database-lookup/references/chembl.md +80 -0
package/skills/scientific/database-lookup/references/clinicaltrials.md +77 -0
package/skills/scientific/database-lookup/references/clinpgx.md +64 -0
package/skills/scientific/database-lookup/references/clinvar.md +91 -0
package/skills/scientific/database-lookup/references/cod.md +121 -0
package/skills/scientific/database-lookup/references/cosmic.md +59 -0
package/skills/scientific/database-lookup/references/dailymed.md +65 -0
package/skills/scientific/database-lookup/references/datacommons.md +237 -0
package/skills/scientific/database-lookup/references/dbsnp.md +143 -0
package/skills/scientific/database-lookup/references/disgenet.md +52 -0
package/skills/scientific/database-lookup/references/drugbank.md +54 -0
package/skills/scientific/database-lookup/references/ecb.md +191 -0
package/skills/scientific/database-lookup/references/emdb.md +37 -0
package/skills/scientific/database-lookup/references/ena.md +372 -0
package/skills/scientific/database-lookup/references/encode.md +47 -0
package/skills/scientific/database-lookup/references/ensembl.md +539 -0
package/skills/scientific/database-lookup/references/epa.md +232 -0
package/skills/scientific/database-lookup/references/eurostat.md +237 -0
package/skills/scientific/database-lookup/references/fda.md +64 -0
package/skills/scientific/database-lookup/references/federal-reserve.md +216 -0
package/skills/scientific/database-lookup/references/fred.md +297 -0
package/skills/scientific/database-lookup/references/gene-ontology.md +147 -0
package/skills/scientific/database-lookup/references/geo.md +130 -0
package/skills/scientific/database-lookup/references/gnomad.md +93 -0
package/skills/scientific/database-lookup/references/gtex.md +136 -0
package/skills/scientific/database-lookup/references/gwas-catalog.md +46 -0
package/skills/scientific/database-lookup/references/hca.md +35 -0
package/skills/scientific/database-lookup/references/hpo.md +48 -0
package/skills/scientific/database-lookup/references/human-protein-atlas.md +57 -0
package/skills/scientific/database-lookup/references/interpro.md +120 -0
package/skills/scientific/database-lookup/references/jaspar.md +50 -0
package/skills/scientific/database-lookup/references/kegg.md +78 -0
package/skills/scientific/database-lookup/references/lincs-l1000.md +68 -0
package/skills/scientific/database-lookup/references/materials-project.md +123 -0
package/skills/scientific/database-lookup/references/metabolomics-workbench.md +98 -0
package/skills/scientific/database-lookup/references/monarch.md +46 -0
package/skills/scientific/database-lookup/references/mousemine.md +40 -0
package/skills/scientific/database-lookup/references/nasa-exoplanet-archive.md +112 -0
package/skills/scientific/database-lookup/references/nasa.md +121 -0
package/skills/scientific/database-lookup/references/ncbi-gene.md +64 -0
package/skills/scientific/database-lookup/references/ncbi-protein.md +104 -0
package/skills/scientific/database-lookup/references/ncbi-taxonomy.md +121 -0
package/skills/scientific/database-lookup/references/nist.md +105 -0
package/skills/scientific/database-lookup/references/noaa.md +199 -0
package/skills/scientific/database-lookup/references/omim.md +114 -0
package/skills/scientific/database-lookup/references/opentargets.md +459 -0
package/skills/scientific/database-lookup/references/openweathermap.md +255 -0
package/skills/scientific/database-lookup/references/pdb.md +121 -0
package/skills/scientific/database-lookup/references/pride.md +74 -0
package/skills/scientific/database-lookup/references/pubchem.md +145 -0
package/skills/scientific/database-lookup/references/quickgo.md +45 -0
package/skills/scientific/database-lookup/references/reactome.md +140 -0
package/skills/scientific/database-lookup/references/rummageo.md +32 -0
package/skills/scientific/database-lookup/references/sdss.md +130 -0
package/skills/scientific/database-lookup/references/sec-edgar.md +315 -0
package/skills/scientific/database-lookup/references/simbad.md +131 -0
package/skills/scientific/database-lookup/references/sra.md +149 -0
package/skills/scientific/database-lookup/references/string.md +283 -0
package/skills/scientific/database-lookup/references/tcga-gdc.md +58 -0
package/skills/scientific/database-lookup/references/treasury.md +215 -0
package/skills/scientific/database-lookup/references/ucsc-genome.md +135 -0
package/skills/scientific/database-lookup/references/uniprot.md +283 -0
package/skills/scientific/database-lookup/references/usgs.md +260 -0
package/skills/scientific/database-lookup/references/uspto.md +130 -0
package/skills/scientific/database-lookup/references/who.md +283 -0
package/skills/scientific/database-lookup/references/worldbank.md +239 -0
package/skills/scientific/database-lookup/references/zinc.md +202 -0
package/skills/scientific/hypothesis-generation/SKILL.md +297 -0
package/skills/scientific/hypothesis-generation/assets/FORMATTING_GUIDE.md +672 -0
package/skills/scientific/hypothesis-generation/assets/hypothesis_generation.sty +307 -0
package/skills/scientific/hypothesis-generation/assets/hypothesis_report_template.tex +572 -0
package/skills/scientific/hypothesis-generation/references/experimental_design_patterns.md +329 -0
package/skills/scientific/hypothesis-generation/references/hypothesis_quality_criteria.md +198 -0
package/skills/scientific/hypothesis-generation/references/literature_search_strategies.md +622 -0
package/skills/scientific/hypothesis-generation/scripts/generate_schematic.py +139 -0
package/skills/scientific/hypothesis-generation/scripts/generate_schematic_ai.py +817 -0
package/skills/scientific/literature-review/SKILL.md +699 -0
package/skills/scientific/literature-review/assets/review_template.md +412 -0
package/skills/scientific/literature-review/references/citation_styles.md +166 -0
package/skills/scientific/literature-review/references/database_strategies.md +455 -0
package/skills/scientific/literature-review/scripts/generate_pdf.py +176 -0
package/skills/scientific/literature-review/scripts/generate_schematic.py +139 -0
package/skills/scientific/literature-review/scripts/generate_schematic_ai.py +817 -0
package/skills/scientific/literature-review/scripts/search_databases.py +303 -0
package/skills/scientific/literature-review/scripts/verify_citations.py +222 -0
package/skills/scientific/markdown-mermaid-writing/SKILL.md +327 -0
package/skills/scientific/markdown-mermaid-writing/assets/examples/example-research-report.md +221 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/architecture.md +108 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/block.md +177 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/c4.md +136 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/class.md +246 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/complex_examples.md +384 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/er.md +222 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/flowchart.md +177 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/gantt.md +138 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/git_graph.md +74 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/kanban.md +107 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/mindmap.md +74 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/packet.md +55 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/pie.md +52 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/quadrant.md +66 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/radar.md +59 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/requirement.md +88 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/sankey.md +71 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/sequence.md +174 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/state.md +150 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/timeline.md +96 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/treemap.md +66 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/user_journey.md +108 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/xy_chart.md +53 -0
package/skills/scientific/markdown-mermaid-writing/references/diagrams/zenuml.md +71 -0
package/skills/scientific/markdown-mermaid-writing/references/markdown_style_guide.md +733 -0
package/skills/scientific/markdown-mermaid-writing/references/mermaid_style_guide.md +458 -0
package/skills/scientific/markdown-mermaid-writing/templates/decision_record.md +211 -0
package/skills/scientific/markdown-mermaid-writing/templates/how_to_guide.md +275 -0
package/skills/scientific/markdown-mermaid-writing/templates/issue.md +303 -0
package/skills/scientific/markdown-mermaid-writing/templates/kanban.md +223 -0
package/skills/scientific/markdown-mermaid-writing/templates/presentation.md +312 -0
package/skills/scientific/markdown-mermaid-writing/templates/project_documentation.md +412 -0
package/skills/scientific/markdown-mermaid-writing/templates/pull_request.md +319 -0
package/skills/scientific/markdown-mermaid-writing/templates/research_paper.md +304 -0
package/skills/scientific/markdown-mermaid-writing/templates/status_report.md +185 -0
package/skills/scientific/paper-lookup/SKILL.md +193 -0
package/skills/scientific/paper-lookup/references/arxiv.md +161 -0
package/skills/scientific/paper-lookup/references/biorxiv.md +118 -0
package/skills/scientific/paper-lookup/references/core.md +150 -0
package/skills/scientific/paper-lookup/references/crossref.md +181 -0
package/skills/scientific/paper-lookup/references/medrxiv.md +104 -0
package/skills/scientific/paper-lookup/references/openalex.md +174 -0
package/skills/scientific/paper-lookup/references/pmc.md +152 -0
package/skills/scientific/paper-lookup/references/pubmed.md +124 -0
package/skills/scientific/paper-lookup/references/semantic-scholar.md +203 -0
package/skills/scientific/paper-lookup/references/unpaywall.md +127 -0
package/skills/scientific/peer-review/SKILL.md +569 -0
package/skills/scientific/peer-review/references/common_issues.md +552 -0
package/skills/scientific/peer-review/references/reporting_standards.md +290 -0
package/skills/scientific/peer-review/scripts/generate_schematic.py +139 -0
package/skills/scientific/peer-review/scripts/generate_schematic_ai.py +817 -0
package/skills/scientific/scholar-evaluation/SKILL.md +298 -0
package/skills/scientific/scholar-evaluation/references/evaluation_framework.md +663 -0
package/skills/scientific/scholar-evaluation/scripts/calculate_scores.py +378 -0
package/skills/scientific/scholar-evaluation/scripts/generate_schematic.py +139 -0
package/skills/scientific/scholar-evaluation/scripts/generate_schematic_ai.py +817 -0
package/skills/scientific/scientific-brainstorming/SKILL.md +189 -0
package/skills/scientific/scientific-brainstorming/references/brainstorming_methods.md +326 -0
package/skills/scientific/scientific-critical-thinking/SKILL.md +570 -0
package/skills/scientific/scientific-critical-thinking/references/common_biases.md +364 -0
package/skills/scientific/scientific-critical-thinking/references/evidence_hierarchy.md +484 -0
package/skills/scientific/scientific-critical-thinking/references/experimental_design.md +496 -0
package/skills/scientific/scientific-critical-thinking/references/logical_fallacies.md +478 -0
package/skills/scientific/scientific-critical-thinking/references/scientific_method.md +169 -0
package/skills/scientific/scientific-critical-thinking/references/statistical_pitfalls.md +506 -0
package/skills/scientific/scientific-critical-thinking/scripts/generate_schematic.py +139 -0
package/skills/scientific/scientific-critical-thinking/scripts/generate_schematic_ai.py +817 -0
package/skills/wotann-imports/incremental-implementation.md +241 -0
package/skills/wotann-imports/security-threat-model.md +81 -0
package/skills/wotann-imports/triage.md +103 -0
package/dist/build/deploy-targets/coolify.d.ts +0 -148
package/dist/build/deploy-targets/coolify.d.ts.map +0 -1
package/dist/build/deploy-targets/coolify.js +0 -339
package/dist/build/deploy-targets/coolify.js.map +0 -1
package/dist/build/deploy-targets/dokploy.d.ts +0 -139
package/dist/build/deploy-targets/dokploy.d.ts.map +0 -1
package/dist/build/deploy-targets/dokploy.js +0 -339
package/dist/build/deploy-targets/dokploy.js.map +0 -1
package/dist/claude/hardening/error-handler.d.ts +0 -52
package/dist/claude/hardening/error-handler.d.ts.map +0 -1
package/dist/claude/hardening/error-handler.js +0 -158
package/dist/claude/hardening/error-handler.js.map +0 -1
package/dist/cli/onboarding.d.ts +0 -34
package/dist/cli/onboarding.d.ts.map +0 -1
package/dist/cli/onboarding.js +0 -150
package/dist/cli/onboarding.js.map +0 -1
package/dist/core/agent-profiles.d.ts +0 -65
package/dist/core/agent-profiles.d.ts.map +0 -1
package/dist/core/agent-profiles.js +0 -137
package/dist/core/agent-profiles.js.map +0 -1
package/dist/desktop/supabase-relay.d.ts +0 -86
package/dist/desktop/supabase-relay.d.ts.map +0 -1
package/dist/desktop/supabase-relay.js +0 -335
package/dist/desktop/supabase-relay.js.map +0 -1
package/dist/intelligence/kg-builder.d.ts +0 -181
package/dist/intelligence/kg-builder.d.ts.map +0 -1
package/dist/intelligence/kg-builder.js +0 -807
package/dist/intelligence/kg-builder.js.map +0 -1
package/dist/orchestration/jean-orchestrator.d.ts +0 -79
package/dist/orchestration/jean-orchestrator.d.ts.map +0 -1
package/dist/orchestration/jean-orchestrator.js +0 -253
package/dist/orchestration/jean-orchestrator.js.map +0 -1
package/dist/orchestration/jean-registries/command-registry.d.ts +0 -85
package/dist/orchestration/jean-registries/command-registry.d.ts.map +0 -1
package/dist/orchestration/jean-registries/command-registry.js +0 -120
package/dist/orchestration/jean-registries/command-registry.js.map +0 -1
package/dist/orchestration/jean-registries/event-registry.d.ts +0 -80
package/dist/orchestration/jean-registries/event-registry.d.ts.map +0 -1
package/dist/orchestration/jean-registries/event-registry.js +0 -147
package/dist/orchestration/jean-registries/event-registry.js.map +0 -1
package/dist/orchestration/jean-registries/process-registry.d.ts +0 -71
package/dist/orchestration/jean-registries/process-registry.d.ts.map +0 -1
package/dist/orchestration/jean-registries/process-registry.js +0 -104
package/dist/orchestration/jean-registries/process-registry.js.map +0 -1
package/dist/orchestration/jean-registries/result-registry.d.ts +0 -71
package/dist/orchestration/jean-registries/result-registry.d.ts.map +0 -1
package/dist/orchestration/jean-registries/result-registry.js +0 -97
package/dist/orchestration/jean-registries/result-registry.js.map +0 -1
package/dist/providers/bedrock-signer.d.ts +0 -23
package/dist/providers/bedrock-signer.d.ts.map +0 -1
package/dist/providers/bedrock-signer.js +0 -439
package/dist/providers/bedrock-signer.js.map +0 -1
package/dist/providers/harness-profiles.d.ts +0 -70
package/dist/providers/harness-profiles.d.ts.map +0 -1
package/dist/providers/harness-profiles.js +0 -210
package/dist/providers/harness-profiles.js.map +0 -1
package/dist/providers/vertex-oauth.d.ts +0 -21
package/dist/providers/vertex-oauth.d.ts.map +0 -1
package/dist/providers/vertex-oauth.js +0 -393
package/dist/providers/vertex-oauth.js.map +0 -1
package/dist/sandbox/backends/cloud-auth.d.ts +0 -50
package/dist/sandbox/backends/cloud-auth.d.ts.map +0 -1
package/dist/sandbox/backends/cloud-auth.js +0 -93
package/dist/sandbox/backends/cloud-auth.js.map +0 -1
package/dist/security/anti-distillation.d.ts +0 -46
package/dist/security/anti-distillation.d.ts.map +0 -1
package/dist/security/anti-distillation.js +0 -358
package/dist/security/anti-distillation.js.map +0 -1
package/dist/security/multi-encoding-decoder.d.ts +0 -47
package/dist/security/multi-encoding-decoder.d.ts.map +0 -1
package/dist/security/multi-encoding-decoder.js +0 -336
package/dist/security/multi-encoding-decoder.js.map +0 -1
package/dist/ui/accessibility.d.ts +0 -157
package/dist/ui/accessibility.d.ts.map +0 -1
package/dist/ui/accessibility.js +0 -232
package/dist/ui/accessibility.js.map +0 -1
package/dist/ui/animations.d.ts +0 -102
package/dist/ui/animations.d.ts.map +0 -1
package/dist/ui/animations.js +0 -277
package/dist/ui/animations.js.map +0 -1
package/dist/ui/components/Sparkline.d.ts +0 -81
package/dist/ui/components/Sparkline.d.ts.map +0 -1
package/dist/ui/components/Sparkline.js +0 -102
package/dist/ui/components/Sparkline.js.map +0 -1
package/dist/ui/input/mouse.d.ts +0 -139
package/dist/ui/input/mouse.d.ts.map +0 -1
package/dist/ui/input/mouse.js +0 -239
package/dist/ui/input/mouse.js.map +0 -1
package/dist/ui/sound.d.ts +0 -85
package/dist/ui/sound.d.ts.map +0 -1
package/dist/ui/sound.js +0 -126
package/dist/ui/sound.js.map +0 -1

package/dist/security/osv-check.d.ts ADDED Viewed

@@ -0,0 +1,174 @@
+/**
+ * OSV malware check — supply-chain pre-flight for MCP server installs.
+ *
+ * Before persisting an MCP server config (`wotann mcp import`,
+ * `wotann mcp add`, `wotann mcp import-mcpb`) we ask OSV.dev whether the
+ * underlying package has any published malware (`MAL-…`) or critical CVE
+ * advisories. This catches the two common supply-chain attacks:
+ *
+ *   1. **Typosquats** — a tutorial that says `@modelcontextprotocol/...`
+ *      copied as `@modelcontextprotocl/...` (one missing `o`). OSV has
+ *      MAL-records for many published typosquats.
+ *   2. **Compromised packages** — legitimate package names whose latest
+ *      version was hijacked (e.g. `event-stream`, `ua-parser-js` 2021).
+ *
+ * Goose's `osv-scanner` integration was the prior art (aaif-goose/goose
+ * 2024-Q4). We hand-port the pattern here in TypeScript so it works on
+ * the daemon side without a Go dependency.
+ *
+ * QUALITY BARS
+ *   - QB#1 No vendor bias — npm + PyPI both supported, no special-casing
+ *   - QB#3 Honest stub — network failures return `{error}`, never silently pass
+ *   - QB#7 Per-call state — every check re-queries; no cache poisoning
+ *   - QB#11 Real I/O test path — `WOTANN_OSV_OFFLINE=1` gates network in tests
+ *
+ * USAGE
+ *
+ *   import { checkServers, formatBlockReport } from "./security/osv-check.js";
+ *
+ *   const results = await checkServers(servers, { timeoutMs: 5000 });
+ *   const blocked = Object.entries(results).filter(([, r]) => r.hasMalware);
+ *   if (blocked.length > 0) {
+ *     console.error(formatBlockReport(results));
+ *     process.exit(1); // abort install
+ *   }
+ *
+ * The OSV API is documented at https://google.github.io/osv.dev/api/.
+ */
+export interface OsvVulnerability {
+    readonly id: string;
+    readonly summary?: string;
+    readonly severity?: ReadonlyArray<{
+        readonly type: string;
+        readonly score: string;
+    }>;
+    readonly database_specific?: {
+        readonly severity?: string;
+    };
+    readonly aliases?: readonly string[];
+}
+export interface PackageRef {
+    readonly ecosystem: "npm" | "PyPI";
+    readonly name: string;
+}
+export type Severity = "none" | "low" | "medium" | "high" | "critical";
+export interface OsvCheckResult {
+    /** Package extracted from the server command (null if unsupported runner). */
+    readonly packageRef: PackageRef | null;
+    /** All advisories returned by OSV. Empty when there are none or when skipped/errored. */
+    readonly vulnerabilities: readonly OsvVulnerability[];
+    /** True when at least one MAL- record matches. */
+    readonly hasMalware: boolean;
+    /** Highest CVSS / db severity seen across all advisories. */
+    readonly highestSeverity: Severity;
+    /** Set when the check was skipped (e.g. unsupported runner, offline). */
+    readonly skipped: {
+        readonly reason: string;
+    } | null;
+    /** Set when the network query failed. */
+    readonly error: string | null;
+}
+export interface CheckOptions {
+    /** Per-package timeout. Default 5000 ms. */
+    readonly timeoutMs?: number;
+    /** Optional fetch override for tests. */
+    readonly fetchImpl?: typeof fetch;
+}
+interface MinimalServer {
+    readonly command: string;
+    readonly args: readonly string[];
+}
+/**
+ * Extract the package name + ecosystem from an MCP server's command/args.
+ * Returns null when the runner is unrecognized (e.g. a local script,
+ * `node ./server.js`, `bash -c …`, or a binary path).
+ */
+export declare function extractPackage(server: MinimalServer): PackageRef | null;
+/**
+ * Strip an optional version specifier from a package reference.
+ *
+ *   @scope/foo@1.2.3   → @scope/foo
+ *   foo@^1.0.0         → foo
+ *   foo==1.2.3         → foo
+ *   foo>=1.0           → foo
+ */
+export declare function stripVersionSpec(spec: string): string;
+/**
+ * Map an OSV vulnerability to a normalized severity bucket. CVSS v3 base
+ * score thresholds follow NVD's published bands (low <4, medium 4-6.9,
+ * high 7-8.9, critical >=9). Falls back to `database_specific.severity`
+ * when no CVSS vector is attached.
+ */
+export declare function classifySeverity(v: OsvVulnerability): Severity;
+/**
+ * Run the OSV pre-flight check against a single server.
+ * Always returns a result — never throws — so callers can decide
+ * which level of failure (block / warn / log) to apply.
+ */
+export declare function checkServer(server: MinimalServer, opts?: CheckOptions): Promise<OsvCheckResult>;
+/**
+ * Run the check against many servers. Each server is queried in
+ * parallel; the per-package timeout prevents one slow lookup from
+ * stalling the rest. Map keys are the server names supplied by caller.
+ */
+export declare function checkServers(servers: ReadonlyArray<MinimalServer & {
+    readonly name: string;
+}>, opts?: CheckOptions): Promise<Readonly<Record<string, OsvCheckResult>>>;
+/**
+ * Returns names of servers that should be blocked (malware records).
+ */
+export declare function blockedServers(results: Readonly<Record<string, OsvCheckResult>>): readonly string[];
+/**
+ * Returns names of servers that warrant a warning (high/critical CVE
+ * but not confirmed malware).
+ */
+export declare function warningServers(results: Readonly<Record<string, OsvCheckResult>>): readonly string[];
+/**
+ * Compose a human-readable report for blocked + warning servers.
+ * Returns empty string when neither category is populated.
+ */
+export declare function formatReport(results: Readonly<Record<string, OsvCheckResult>>): string;
+export interface PreflightOptions {
+    /** Bypass the entire check (e.g. user passed --skip-malware-check). */
+    readonly skip?: boolean;
+    /** Treat high/critical CVEs as blocking (in addition to MAL- records). */
+    readonly strict?: boolean;
+    /** Per-package timeout. */
+    readonly timeoutMs?: number;
+    /** Test seam — override fetch implementation. */
+    readonly fetchImpl?: typeof fetch;
+    /** Sink for status output. Defaults to console.log/error. */
+    readonly logger?: {
+        readonly info: (msg: string) => void;
+        readonly warn: (msg: string) => void;
+        readonly error: (msg: string) => void;
+    };
+}
+export interface PreflightVerdict {
+    /** True when the install should proceed (no blocking findings). */
+    readonly proceed: boolean;
+    /** Server names with confirmed-malware findings. */
+    readonly blocked: readonly string[];
+    /** Server names with high/critical CVEs (not malware). */
+    readonly warnings: readonly string[];
+    /** Raw per-server results — for callers that want to render their own UI. */
+    readonly results: Readonly<Record<string, OsvCheckResult>>;
+}
+/**
+ * One-call pre-flight wrapper. Designed for CLI use sites:
+ *
+ *   const verdict = await preflight(servers, { skip: opts.skipMalwareCheck });
+ *   if (!verdict.proceed) process.exit(1);
+ *
+ * Behaviour:
+ *   - `skip:true` → returns `proceed:true` immediately, no network.
+ *   - confirmed malware → blocks, logs "MALWARE" report, `proceed:false`.
+ *   - high/critical CVE in non-strict mode → warns + proceeds.
+ *   - high/critical CVE in strict mode → blocks like malware.
+ *   - network failure or unsupported runner → logged at info level, no block.
+ */
+export declare function preflight(servers: ReadonlyArray<MinimalServer & {
+    readonly name: string;
+}>, opts?: PreflightOptions): Promise<PreflightVerdict>;
+export {};
+//# sourceMappingURL=osv-check.d.ts.map

package/dist/security/osv-check.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"osv-check.d.ts","sourceRoot":"","sources":["../../src/security/osv-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAMH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC;QAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACrF,QAAQ,CAAC,iBAAiB,CAAC,EAAE;QAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAC5D,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CACtC;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,SAAS,EAAE,KAAK,GAAG,MAAM,CAAC;IACnC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAEvE,MAAM,WAAW,cAAc;IAC7B,8EAA8E;IAC9E,QAAQ,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAAC;IACvC,yFAAyF;IACzF,QAAQ,CAAC,eAAe,EAAE,SAAS,gBAAgB,EAAE,CAAC;IACtD,kDAAkD;IAClD,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;IAC7B,6DAA6D;IAC7D,QAAQ,CAAC,eAAe,EAAE,QAAQ,CAAC;IACnC,yEAAyE;IACzE,QAAQ,CAAC,OAAO,EAAE;QAAE,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IACrD,yCAAyC;IACzC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,YAAY;IAC3B,4CAA4C;IAC5C,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,yCAAyC;IACzC,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;CACnC;AAED,UAAU,aAAa;IACrB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;CAClC;AAQD;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,aAAa,GAAG,UAAU,GAAG,IAAI,CAkBvE;AAkCD;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CASrD;AAUD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,gBAAgB,GAAG,QAAQ,CAiB9D;AA0FD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE,aAAa,EACrB,IAAI,GAAE,YAAiB,GACtB,OAAO,CAAC,cAAc,CAAC,CAmDzB;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,aAAa,CAAC,aAAa,GAAG;IAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,EACjE,IAAI,GAAE,YAAiB,GACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC,CASnD;AAID;;GAEG;AACH,wBAAgB,cAAc,CAC5B,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,GAChD,SAAS,MAAM,EAAE,CAInB;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,GAChD,SAAS,MAAM,EAAE,CAOnB;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,GAAG,MAAM,CAsBtF;AAID,MAAM,WAAW,gBAAgB;IAC/B,uEAAuE;IACvE,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC;IACxB,0EAA0E;IAC1E,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;IAC1B,2BAA2B;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,iDAAiD;IACjD,QAAQ,CAAC,SAAS,CAAC,EAAE,OAAO,KAAK,CAAC;IAClC,6DAA6D;IAC7D,QAAQ,CAAC,MAAM,CAAC,EAAE;QAChB,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QACrC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;QACrC,QAAQ,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAC;KACvC,CAAC;CACH;AAED,MAAM,WAAW,gBAAgB;IAC/B,mEAAmE;IACnE,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,oDAAoD;IACpD,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC,0DAA0D;IAC1D,QAAQ,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAC;IACrC,6EAA6E;IAC7E,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;CAC5D;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,SAAS,CAC7B,OAAO,EAAE,aAAa,CAAC,aAAa,GAAG;IAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,EACjE,IAAI,GAAE,gBAAqB,GAC1B,OAAO,CAAC,gBAAgB,CAAC,CAsD3B"}

package/dist/security/osv-check.js ADDED Viewed

@@ -0,0 +1,409 @@
+/**
+ * OSV malware check — supply-chain pre-flight for MCP server installs.
+ *
+ * Before persisting an MCP server config (`wotann mcp import`,
+ * `wotann mcp add`, `wotann mcp import-mcpb`) we ask OSV.dev whether the
+ * underlying package has any published malware (`MAL-…`) or critical CVE
+ * advisories. This catches the two common supply-chain attacks:
+ *
+ *   1. **Typosquats** — a tutorial that says `@modelcontextprotocol/...`
+ *      copied as `@modelcontextprotocl/...` (one missing `o`). OSV has
+ *      MAL-records for many published typosquats.
+ *   2. **Compromised packages** — legitimate package names whose latest
+ *      version was hijacked (e.g. `event-stream`, `ua-parser-js` 2021).
+ *
+ * Goose's `osv-scanner` integration was the prior art (aaif-goose/goose
+ * 2024-Q4). We hand-port the pattern here in TypeScript so it works on
+ * the daemon side without a Go dependency.
+ *
+ * QUALITY BARS
+ *   - QB#1 No vendor bias — npm + PyPI both supported, no special-casing
+ *   - QB#3 Honest stub — network failures return `{error}`, never silently pass
+ *   - QB#7 Per-call state — every check re-queries; no cache poisoning
+ *   - QB#11 Real I/O test path — `WOTANN_OSV_OFFLINE=1` gates network in tests
+ *
+ * USAGE
+ *
+ *   import { checkServers, formatBlockReport } from "./security/osv-check.js";
+ *
+ *   const results = await checkServers(servers, { timeoutMs: 5000 });
+ *   const blocked = Object.entries(results).filter(([, r]) => r.hasMalware);
+ *   if (blocked.length > 0) {
+ *     console.error(formatBlockReport(results));
+ *     process.exit(1); // abort install
+ *   }
+ *
+ * The OSV API is documented at https://google.github.io/osv.dev/api/.
+ */
+const OSV_QUERY_URL = "https://api.osv.dev/v1/query";
+// ── Package extraction ─────────────────────────────────────────
+const NPM_RUNNERS = new Set(["npx", "bunx", "pnpx", "pnpm", "yarn"]);
+const PIP_RUNNERS = new Set(["uvx", "pipx"]);
+const PIP_INSTALL_RUNNER = "pip"; // followed by "install"
+/**
+ * Extract the package name + ecosystem from an MCP server's command/args.
+ * Returns null when the runner is unrecognized (e.g. a local script,
+ * `node ./server.js`, `bash -c …`, or a binary path).
+ */
+export function extractPackage(server) {
+    const cmd = (server.command ?? "").trim().toLowerCase();
+    const baseCmd = cmd.split("/").pop() ?? cmd; // /usr/local/bin/npx → npx
+    const args = server.args ?? [];
+    if (NPM_RUNNERS.has(baseCmd)) {
+        return extractNpmPackage(args);
+    }
+    if (PIP_RUNNERS.has(baseCmd)) {
+        return extractPipPackage(args, 0);
+    }
+    if (baseCmd === PIP_INSTALL_RUNNER) {
+        if (args[0] === "install") {
+            return extractPipPackage(args, 1);
+        }
+        return null;
+    }
+    return null;
+}
+function extractNpmPackage(args) {
+    // Handle: npx -y @scope/pkg   |   npx --package=foo bar   |   npx --package foo bar
+    for (let i = 0; i < args.length; i++) {
+        const a = args[i] ?? "";
+        if (a.startsWith("--package=")) {
+            const name = a.slice("--package=".length);
+            if (name)
+                return { ecosystem: "npm", name: stripVersionSpec(name) };
+        }
+        if (a === "--package" && i + 1 < args.length) {
+            const next = args[i + 1] ?? "";
+            if (next)
+                return { ecosystem: "npm", name: stripVersionSpec(next) };
+        }
+    }
+    // First non-flag, non-script argument that looks like a package
+    for (const a of args) {
+        if (a.startsWith("-"))
+            continue;
+        if (looksLikeLocalScript(a))
+            continue;
+        return { ecosystem: "npm", name: stripVersionSpec(a) };
+    }
+    return null;
+}
+function extractPipPackage(args, startAt) {
+    for (let i = startAt; i < args.length; i++) {
+        const a = args[i] ?? "";
+        if (a.startsWith("-"))
+            continue;
+        if (looksLikeLocalScript(a))
+            continue;
+        return { ecosystem: "PyPI", name: stripVersionSpec(a) };
+    }
+    return null;
+}
+/**
+ * Strip an optional version specifier from a package reference.
+ *
+ *   @scope/foo@1.2.3   → @scope/foo
+ *   foo@^1.0.0         → foo
+ *   foo==1.2.3         → foo
+ *   foo>=1.0           → foo
+ */
+export function stripVersionSpec(spec) {
+    // npm scoped: @scope/name@version → keep through second @
+    if (spec.startsWith("@")) {
+        const sep = spec.indexOf("@", 1);
+        return sep === -1 ? spec : spec.slice(0, sep);
+    }
+    // npm unscoped + python: stop at first version-spec character
+    const m = spec.match(/^([A-Za-z0-9._-]+)/);
+    return m && m[1] ? m[1] : spec;
+}
+function looksLikeLocalScript(arg) {
+    // ./foo.js   ../foo   /abs/path   foo.js   server.py   server.mjs
+    if (arg.startsWith("./") || arg.startsWith("../") || arg.startsWith("/"))
+        return true;
+    return /\.(?:js|cjs|mjs|ts|tsx|py|sh|rb|exe)$/i.test(arg);
+}
+// ── Severity classification ────────────────────────────────────
+/**
+ * Map an OSV vulnerability to a normalized severity bucket. CVSS v3 base
+ * score thresholds follow NVD's published bands (low <4, medium 4-6.9,
+ * high 7-8.9, critical >=9). Falls back to `database_specific.severity`
+ * when no CVSS vector is attached.
+ */
+export function classifySeverity(v) {
+    // MAL- records always rank as critical even when no CVSS attached.
+    if (v.id?.startsWith("MAL-"))
+        return "critical";
+    const dbSev = v.database_specific?.severity?.toUpperCase() ?? "";
+    if (dbSev.includes("MALICIOUS"))
+        return "critical";
+    const cvssEntry = (v.severity ?? []).find((s) => s.type === "CVSS_V3" || s.type === "CVSS_V4");
+    if (cvssEntry) {
+        const score = parseCvssScore(cvssEntry.score);
+        if (score === null)
+            return mapDbSev(dbSev);
+        if (score >= 9.0)
+            return "critical";
+        if (score >= 7.0)
+            return "high";
+        if (score >= 4.0)
+            return "medium";
+        if (score > 0)
+            return "low";
+    }
+    return mapDbSev(dbSev);
+}
+function mapDbSev(s) {
+    if (s === "CRITICAL")
+        return "critical";
+    if (s === "HIGH")
+        return "high";
+    if (s === "MODERATE" || s === "MEDIUM")
+        return "medium";
+    if (s === "LOW")
+        return "low";
+    return "none";
+}
+function parseCvssScore(scoreOrVector) {
+    // OSV may publish `7.5` or full vector `CVSS:3.1/AV:N/...`. Pull a
+    // base score if present; else null.
+    const numeric = Number.parseFloat(scoreOrVector);
+    if (Number.isFinite(numeric) && numeric >= 0 && numeric <= 10)
+        return numeric;
+    return null;
+}
+const SEV_RANK = {
+    none: 0,
+    low: 1,
+    medium: 2,
+    high: 3,
+    critical: 4,
+};
+function maxSeverity(a, b) {
+    return SEV_RANK[a] >= SEV_RANK[b] ? a : b;
+}
+// ── Network query ──────────────────────────────────────────────
+/**
+ * POST a single OSV query. The OSV.dev v1/query endpoint is anonymous
+ * and rate-limited generously enough for batch installs; we still cap
+ * each call with a per-package timeout.
+ */
+async function queryOsv(pkg, opts) {
+    const ctrl = new AbortController();
+    const t = setTimeout(() => ctrl.abort(), opts.timeoutMs);
+    try {
+        const res = await opts.fetchImpl(OSV_QUERY_URL, {
+            method: "POST",
+            headers: { "content-type": "application/json" },
+            body: JSON.stringify({
+                package: { name: pkg.name, ecosystem: pkg.ecosystem },
+            }),
+            signal: ctrl.signal,
+        });
+        if (!res.ok) {
+            return { error: `osv.dev HTTP ${res.status}` };
+        }
+        const body = (await res.json());
+        return { vulns: Array.isArray(body.vulns) ? body.vulns : [] };
+    }
+    catch (err) {
+        return {
+            error: err instanceof Error ? err.message : String(err),
+        };
+    }
+    finally {
+        clearTimeout(t);
+    }
+}
+// ── Public API ────────────────────────────────────────────────
+const OFFLINE_REASON = "WOTANN_OSV_OFFLINE=1 — skipping malware check (unset to enable)";
+const offlineSkip = (pkg) => ({
+    packageRef: pkg,
+    vulnerabilities: [],
+    hasMalware: false,
+    highestSeverity: "none",
+    skipped: { reason: OFFLINE_REASON },
+    error: null,
+});
+const unsupportedSkip = (server) => ({
+    packageRef: null,
+    vulnerabilities: [],
+    hasMalware: false,
+    highestSeverity: "none",
+    skipped: {
+        reason: `command "${server.command}" is not a known package runner — pre-flight cannot extract a package name`,
+    },
+    error: null,
+});
+/**
+ * Run the OSV pre-flight check against a single server.
+ * Always returns a result — never throws — so callers can decide
+ * which level of failure (block / warn / log) to apply.
+ */
+export async function checkServer(server, opts = {}) {
+    if (process.env["WOTANN_OSV_OFFLINE"] === "1") {
+        return offlineSkip(extractPackage(server));
+    }
+    const pkg = extractPackage(server);
+    if (!pkg)
+        return unsupportedSkip(server);
+    const fetchImpl = opts.fetchImpl ?? globalThis.fetch;
+    if (typeof fetchImpl !== "function") {
+        return {
+            packageRef: pkg,
+            vulnerabilities: [],
+            hasMalware: false,
+            highestSeverity: "none",
+            skipped: null,
+            error: "fetch is unavailable in this Node runtime — upgrade to Node >=18",
+        };
+    }
+    const timeoutMs = typeof opts.timeoutMs === "number" && opts.timeoutMs > 0 ? opts.timeoutMs : 5_000;
+    const reply = await queryOsv(pkg, { timeoutMs, fetchImpl });
+    if ("error" in reply) {
+        return {
+            packageRef: pkg,
+            vulnerabilities: [],
+            hasMalware: false,
+            highestSeverity: "none",
+            skipped: null,
+            error: reply.error,
+        };
+    }
+    const vulns = reply.vulns;
+    let highestSeverity = "none";
+    let hasMalware = false;
+    for (const v of vulns) {
+        if (v.id?.startsWith("MAL-"))
+            hasMalware = true;
+        if (v.database_specific?.severity?.toUpperCase().includes("MALICIOUS")) {
+            hasMalware = true;
+        }
+        highestSeverity = maxSeverity(highestSeverity, classifySeverity(v));
+    }
+    return {
+        packageRef: pkg,
+        vulnerabilities: vulns,
+        hasMalware,
+        highestSeverity,
+        skipped: null,
+        error: null,
+    };
+}
+/**
+ * Run the check against many servers. Each server is queried in
+ * parallel; the per-package timeout prevents one slow lookup from
+ * stalling the rest. Map keys are the server names supplied by caller.
+ */
+export async function checkServers(servers, opts = {}) {
+    const entries = await Promise.all(servers.map(async (s) => [s.name, await checkServer(s, opts)]));
+    const out = {};
+    for (const [name, result] of entries) {
+        out[name] = result;
+    }
+    return Object.freeze(out);
+}
+// ── Reporting helpers ──────────────────────────────────────────
+/**
+ * Returns names of servers that should be blocked (malware records).
+ */
+export function blockedServers(results) {
+    return Object.entries(results)
+        .filter(([, r]) => r.hasMalware)
+        .map(([name]) => name);
+}
+/**
+ * Returns names of servers that warrant a warning (high/critical CVE
+ * but not confirmed malware).
+ */
+export function warningServers(results) {
+    return Object.entries(results)
+        .filter(([, r]) => !r.hasMalware && (r.highestSeverity === "high" || r.highestSeverity === "critical"))
+        .map(([name]) => name);
+}
+/**
+ * Compose a human-readable report for blocked + warning servers.
+ * Returns empty string when neither category is populated.
+ */
+export function formatReport(results) {
+    const lines = [];
+    for (const [name, r] of Object.entries(results)) {
+        if (!r.hasMalware && r.highestSeverity !== "high" && r.highestSeverity !== "critical") {
+            continue;
+        }
+        const tag = r.hasMalware ? "MALWARE" : r.highestSeverity.toUpperCase();
+        const pkgLabel = r.packageRef
+            ? `${r.packageRef.ecosystem}:${r.packageRef.name}`
+            : "(unknown package)";
+        lines.push(`  [${tag}] ${name} → ${pkgLabel}`);
+        for (const v of r.vulnerabilities.slice(0, 3)) {
+            const aliasNote = v.aliases && v.aliases.length > 0 ? ` (${v.aliases.slice(0, 2).join(", ")})` : "";
+            const summary = v.summary ? ` — ${v.summary.slice(0, 120)}` : "";
+            lines.push(`      ${v.id}${aliasNote}${summary}`);
+        }
+        if (r.vulnerabilities.length > 3) {
+            lines.push(`      … and ${r.vulnerabilities.length - 3} more`);
+        }
+    }
+    return lines.join("\n");
+}
+/**
+ * One-call pre-flight wrapper. Designed for CLI use sites:
+ *
+ *   const verdict = await preflight(servers, { skip: opts.skipMalwareCheck });
+ *   if (!verdict.proceed) process.exit(1);
+ *
+ * Behaviour:
+ *   - `skip:true` → returns `proceed:true` immediately, no network.
+ *   - confirmed malware → blocks, logs "MALWARE" report, `proceed:false`.
+ *   - high/critical CVE in non-strict mode → warns + proceeds.
+ *   - high/critical CVE in strict mode → blocks like malware.
+ *   - network failure or unsupported runner → logged at info level, no block.
+ */
+export async function preflight(servers, opts = {}) {
+    const log = opts.logger ?? {
+        info: (m) => console.log(m),
+        warn: (m) => console.warn(m),
+        error: (m) => console.error(m),
+    };
+    const empty = Object.freeze({});
+    if (opts.skip) {
+        return { proceed: true, blocked: [], warnings: [], results: empty };
+    }
+    if (servers.length === 0) {
+        return { proceed: true, blocked: [], warnings: [], results: empty };
+    }
+    const results = await checkServers(servers, {
+        ...(typeof opts.timeoutMs === "number" ? { timeoutMs: opts.timeoutMs } : {}),
+        ...(opts.fetchImpl ? { fetchImpl: opts.fetchImpl } : {}),
+    });
+    const blocked = blockedServers(results);
+    const warnings = warningServers(results);
+    const report = formatReport(results);
+    // Surface skip/error notes (one line) so users know when a check was inconclusive.
+    for (const [name, r] of Object.entries(results)) {
+        if (r.skipped) {
+            log.info(`  [skipped] ${name}: ${r.skipped.reason}`);
+        }
+        else if (r.error) {
+            log.warn(`  [warn] OSV lookup failed for ${name}: ${r.error}`);
+        }
+    }
+    if (blocked.length > 0) {
+        log.error(`Aborting MCP install — ${blocked.length} server(s) match confirmed-malware records:`);
+        log.error(report);
+        log.error("Re-run with --skip-malware-check to override (not recommended).");
+        return { proceed: false, blocked, warnings, results };
+    }
+    if (warnings.length > 0) {
+        if (opts.strict) {
+            log.error(`Aborting MCP install (--strict) — ${warnings.length} server(s) have high/critical advisories:`);
+            log.error(report);
+            return { proceed: false, blocked: warnings, warnings: [], results };
+        }
+        log.warn(`Proceeding with warnings — ${warnings.length} server(s) have high/critical advisories:`);
+        log.warn(report);
+    }
+    return { proceed: true, blocked, warnings, results };
+}
+//# sourceMappingURL=osv-check.js.map

package/dist/security/osv-check.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"osv-check.js","sourceRoot":"","sources":["../../src/security/osv-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AAEH,MAAM,aAAa,GAAG,8BAA8B,CAAC;AA8CrD,kEAAkE;AAElE,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AACrE,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;AAC7C,MAAM,kBAAkB,GAAG,KAAK,CAAC,CAAC,wBAAwB;AAE1D;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACxD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,GAAG,CAAC,CAAC,2BAA2B;IACxE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;IAE/B,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IACD,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7B,OAAO,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,IAAI,OAAO,KAAK,kBAAkB,EAAE,CAAC;QACnC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE,CAAC;YAC1B,OAAO,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAuB;IAChD,oFAAoF;IACpF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,IAAI;gBAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;QACtE,CAAC;QACD,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;YAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/B,IAAI,IAAI;gBAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;QACtE,CAAC;IACH,CAAC;IACD,gEAAgE;IAChE,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAChC,IAAI,oBAAoB,CAAC,CAAC,CAAC;YAAE,SAAS;QACtC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAuB,EAAE,OAAe;IACjE,KAAK,IAAI,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAChC,IAAI,oBAAoB,CAAC,CAAC,CAAC;YAAE,SAAS;QACtC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,0DAA0D;IAC1D,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACjC,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;IACD,8DAA8D;IAC9D,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;IAC3C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAW;IACvC,kEAAkE;IAClE,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACtF,OAAO,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC5D,CAAC;AAED,kEAAkE;AAElE;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,CAAmB;IAClD,mEAAmE;IACnE,IAAI,CAAC,CAAC,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC;QAAE,OAAO,UAAU,CAAC;IAEhD,MAAM,KAAK,GAAG,CAAC,CAAC,iBAAiB,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;IACjE,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC;QAAE,OAAO,UAAU,CAAC;IAEnD,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;IAC/F,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,cAAc,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,KAAK,IAAI,GAAG;YAAE,OAAO,UAAU,CAAC;QACpC,IAAI,KAAK,IAAI,GAAG;YAAE,OAAO,MAAM,CAAC;QAChC,IAAI,KAAK,IAAI,GAAG;YAAE,OAAO,QAAQ,CAAC;QAClC,IAAI,KAAK,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;IAC9B,CAAC;IACD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzB,CAAC;AAED,SAAS,QAAQ,CAAC,CAAS;IACzB,IAAI,CAAC,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IACxC,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IAChC,IAAI,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IACxD,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,cAAc,CAAC,aAAqB;IAC3C,mEAAmE;IACnE,oCAAoC;IACpC,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;IACjD,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,IAAI,CAAC,IAAI,OAAO,IAAI,EAAE;QAAE,OAAO,OAAO,CAAC;IAC9E,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,QAAQ,GAA6B;IACzC,IAAI,EAAE,CAAC;IACP,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,SAAS,WAAW,CAAC,CAAW,EAAE,CAAW;IAC3C,OAAO,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5C,CAAC;AAED,kEAAkE;AAElE;;;;GAIG;AACH,KAAK,UAAU,QAAQ,CACrB,GAAe,EACf,IAAoD;IAEpD,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAC;IACnC,MAAM,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YAC9C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE;aACtD,CAAC;YACF,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC,CAAC;QACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,EAAE,KAAK,EAAE,gBAAgB,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC;QACjD,CAAC;QACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAmC,CAAC;QAClE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAChE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,iEAAiE;AAEjE,MAAM,cAAc,GAAG,iEAAiE,CAAC;AAEzF,MAAM,WAAW,GAAG,CAAC,GAAsB,EAAkB,EAAE,CAAC,CAAC;IAC/D,UAAU,EAAE,GAAG;IACf,eAAe,EAAE,EAAE;IACnB,UAAU,EAAE,KAAK;IACjB,eAAe,EAAE,MAAM;IACvB,OAAO,EAAE,EAAE,MAAM,EAAE,cAAc,EAAE;IACnC,KAAK,EAAE,IAAI;CACZ,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,MAAqB,EAAkB,EAAE,CAAC,CAAC;IAClE,UAAU,EAAE,IAAI;IAChB,eAAe,EAAE,EAAE;IACnB,UAAU,EAAE,KAAK;IACjB,eAAe,EAAE,MAAM;IACvB,OAAO,EAAE;QACP,MAAM,EAAE,YAAY,MAAM,CAAC,OAAO,4EAA4E;KAC/G;IACD,KAAK,EAAE,IAAI;CACZ,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAAqB,EACrB,OAAqB,EAAE;IAEvB,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,GAAG,EAAE,CAAC;QAC9C,OAAO,WAAW,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,MAAM,GAAG,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,GAAG;QAAE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC;IAEzC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,UAAU,CAAC,KAAK,CAAC;IACrD,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,OAAO;YACL,UAAU,EAAE,GAAG;YACf,eAAe,EAAE,EAAE;YACnB,UAAU,EAAE,KAAK;YACjB,eAAe,EAAE,MAAM;YACvB,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,kEAAkE;SAC1E,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GACb,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,IAAI,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC;IAEpF,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC;IAC5D,IAAI,OAAO,IAAI,KAAK,EAAE,CAAC;QACrB,OAAO;YACL,UAAU,EAAE,GAAG;YACf,eAAe,EAAE,EAAE;YACnB,UAAU,EAAE,KAAK;YACjB,eAAe,EAAE,MAAM;YACvB,OAAO,EAAE,IAAI;YACb,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAC;IACJ,CAAC;IACD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;IAC1B,IAAI,eAAe,GAAa,MAAM,CAAC;IACvC,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC,CAAC,EAAE,EAAE,UAAU,CAAC,MAAM,CAAC;YAAE,UAAU,GAAG,IAAI,CAAC;QAChD,IAAI,CAAC,CAAC,iBAAiB,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACvE,UAAU,GAAG,IAAI,CAAC;QACpB,CAAC;QACD,eAAe,GAAG,WAAW,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IACD,OAAO;QACL,UAAU,EAAE,GAAG;QACf,eAAe,EAAE,KAAK;QACtB,UAAU;QACV,eAAe;QACf,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,IAAI;KACZ,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAiE,EACjE,OAAqB,EAAE;IAEvB,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,MAAM,WAAW,CAAC,CAAC,EAAE,IAAI,CAAC,CAAU,CAAC,CACxE,CAAC;IACF,MAAM,GAAG,GAAmC,EAAE,CAAC;IAC/C,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACrC,GAAG,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC;IACrB,CAAC;IACD,OAAO,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED,kEAAkE;AAElE;;GAEG;AACH,MAAM,UAAU,cAAc,CAC5B,OAAiD;IAEjD,OAAO,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;SAC3B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC;SAC/B,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAC5B,OAAiD;IAEjD,OAAO,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;SAC3B,MAAM,CACL,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CACR,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,eAAe,KAAK,MAAM,IAAI,CAAC,CAAC,eAAe,KAAK,UAAU,CAAC,CACtF;SACA,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,OAAiD;IAC5E,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAChD,IAAI,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,eAAe,KAAK,MAAM,IAAI,CAAC,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;YACtF,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;QACvE,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU;YAC3B,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,SAAS,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE;YAClD,CAAC,CAAC,mBAAmB,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,KAAK,IAAI,MAAM,QAAQ,EAAE,CAAC,CAAC;QAC/C,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC9C,MAAM,SAAS,GACb,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACpF,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,SAAS,GAAG,OAAO,EAAE,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,CAAC,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAgCD;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,OAAiE,EACjE,OAAyB,EAAE;IAE3B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,IAAI;QACzB,IAAI,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;QACnC,IAAI,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACpC,KAAK,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;KACvC,CAAC;IACF,MAAM,KAAK,GAA6C,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC1E,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IACtE,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE;QAC1C,GAAG,CAAC,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACzD,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAErC,mFAAmF;IACnF,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAChD,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;YACd,GAAG,CAAC,IAAI,CAAC,eAAe,IAAI,KAAK,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;QACvD,CAAC;aAAM,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YACnB,GAAG,CAAC,IAAI,CAAC,kCAAkC,IAAI,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,GAAG,CAAC,KAAK,CACP,0BAA0B,OAAO,CAAC,MAAM,6CAA6C,CACtF,CAAC;QACF,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAClB,GAAG,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;QAC7E,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;IACxD,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,GAAG,CAAC,KAAK,CACP,qCAAqC,QAAQ,CAAC,MAAM,2CAA2C,CAChG,CAAC;YACF,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC;QACtE,CAAC;QACD,GAAG,CAAC,IAAI,CACN,8BAA8B,QAAQ,CAAC,MAAM,2CAA2C,CACzF,CAAC;QACF,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;AACvD,CAAC"}