You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary: Two chat/AI-runtime defects (Keychain secret in argv; Droid/Cursor pool ref-count race) plus the large chat/AI/ade-action maintainability + type-safety surface centered on a 25k-line god-file and an untyped action registry.
Runtime defects:
macOS Keychain API keys written via argv, exposing provider secrets in the process table (low).writeMacosKeychainSecret() calls runSecurity(['add-generic-password',…,'-w',value]) via spawnSync — the raw key is world-readable via ps for the spawn lifetime (the read path uses stdin). apiKeyStore.ts:195,:202. Fix: feed the secret via stdin / prefer safeStorage-encrypted credentialStore.
Concurrent acquire of Droid/Cursor SDK pool can hand a connection to a non-owner without incrementing its ref (leak or premature dispose) (low). Non-owner bumps ref only if (live?.pooled===pooled) but always returns pooled; release later decrements a stale generation. droidSdkPool.ts:90,:95; cursorSdkPool.ts:227,:234. Fix: make the ref handoff atomic with entry lifetime.
Provider routing is a duplicatedif (provider===…)ladder repeated ~280 times (a missed arm falls to default). :3287,:4060,:4116,:4178,:2548 — one ProviderAdapter record with compiler exhaustiveness.
Everyrun_ade_actioneagerly rebuilds the entire ~46-service domain map to return one service (ADE-61 only partially fixed).registry.ts:2795,:837; automationService.ts:1643; adeRpcServer.ts:3596; main.ts:4016 — make the map lazy; memoize buildAdeActionRuntimeForAutomations().
ctoOperatorTools.createCtoOperatorToolsis one ~2,500-line factory registering ~103 tools inline.ctoOperatorTools.ts:528 — group tools by concern.
registry.tsmixes allowlist + 19 domain-service builders + arg-normalization in one 2,864-line module.:1369,:2471,:2795 — move builders into domains/<name>DomainService.ts.
Verification confidence: High for the Keychain leak and all line/grep counts; medium for the pool race (narrow window). ADE-61's apns-only fix confirmed as the partial fix.
Summary: Two chat/AI-runtime defects (Keychain secret in argv; Droid/Cursor pool ref-count race) plus the large chat/AI/ade-action maintainability + type-safety surface centered on a 25k-line god-file and an untyped action registry.
Runtime defects:
writeMacosKeychainSecret()callsrunSecurity(['add-generic-password',…,'-w',value])viaspawnSync— the raw key is world-readable viapsfor the spawn lifetime (the read path uses stdin).apiKeyStore.ts:195,:202. Fix: feed the secret via stdin / prefersafeStorage-encrypted credentialStore.if (live?.pooled===pooled)but always returnspooled; release later decrements a stale generation.droidSdkPool.ts:90,:95;cursorSdkPool.ts:227,:234. Fix: make the ref handoff atomic with entry lifetime.Decompose chat/AI/ade-actions structure & typing (related ADE-61):
agentChatService.tsis a 25,342-line god-file (~20,400-line factory).:4957,:14438,:13924,:15134,:5506— extract per-provider runtime handlers.if (provider===…)ladder repeated ~280 times (a missed arm falls to default).:3287,:4060,:4116,:4178,:2548— oneProviderAdapterrecord with compiler exhaustiveness.Record<string,unknown>(OpaqueService), erasing the contract (~77 casts; dispatchservice[action]).registry.ts:822,:824,:1370;automationService.ts:1647;adeRpcServer.ts:3601— real interfaces + typed registry map.run_ade_actioneagerly rebuilds the entire ~46-service domain map to return one service (ADE-61 only partially fixed).registry.ts:2795,:837;automationService.ts:1643;adeRpcServer.ts:3596;main.ts:4016— make the map lazy; memoizebuildAdeActionRuntimeForAutomations().ctoOperatorTools.createCtoOperatorToolsis one ~2,500-line factory registering ~103 tools inline.ctoOperatorTools.ts:528— group tools by concern.registry.tsmixes allowlist + 19 domain-service builders + arg-normalization in one 2,864-line module.:1369,:2471,:2795— move builders intodomains/<name>DomainService.ts.Verification confidence: High for the Keychain leak and all line/grep counts; medium for the pool race (narrow window). ADE-61's apns-only fix confirmed as the partial fix.