fix: PR-review findings cleanup (security, cost, UX guards)

.github/workflows/ci.yml

@@ -35,6 +35,13 @@ jobs:
       - name: Run dashboard tests
         run: cd dashboard && bunx vitest run
 
+      - name: Install agent-browser
+        run: npm install -g agent-browser && agent-browser install
+
+      - name: Run browser E2E lane
+        run: bun run test:e2e:browser
+        timeout-minutes: 5
+
       - name: Build dashboard
         run: cd dashboard && bun run build
 

CHANGELOG.md

@@ -7,6 +7,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/).
 
 ## [Unreleased]
 
+### Security
+
+- Deep Audit POST route (`/api/reports/[id]/deep-audit`) now enforces the same loopback + CSRF guard as other mutation routes. Previously a caller that could reach the dev server could trigger a paid Gemini Deep Research job without localhost + CSRF checks.
+
+### Fixed
+
+- Cost estimator no longer over-reports premium fact-check tier: `factCheckTier: "premium"` runtime routes to basic sync + async Deep Audit, but the estimator was adding $1.50/check as if Deep Audit ran synchronously. Preflight totals are now accurate.
+- Gemini `maxOutputTokens` now honors the caller's token budget, capped at 8192. Previously any caller asking for less than 8192 silently got 8192, up to 16× response-side cost.
+- `formatShortDate` / `formatDateTime` return an empty string instead of throwing a `RangeError` when given non-ISO input (e.g. Exa's occasional `publishedDate: "unknown"`); `ClaimDrillDown` also omits the badge entirely when the fallback kicks in.
+- Gemini API key and interaction id are now URL-encoded in all Gemini interaction calls (`interactions-api.ts`, `factcheck-grounded.ts`, `llm.ts`), preventing broken requests when a key or id contains `+` or `/`.
+
+### Changed
+
+- Provider registry `costPerCheckUsd` for `gemini-grounded` and `gemini-deep-research` now express per-claim pricing ($0.04 / $0.375) so the per-article 4-claim total matches the tier estimator and user-facing cost labels ($0.16 / $1.50).
+- CI now runs the browser E2E lane (`bun run test:e2e:browser`) so new UI regressions are caught before merge.
+
+### Docs
+
+- README skills table: AI Detection cost corrected to ~$0.03 (shipped cost constant). Grammar / Academic / Self-Plagiarism now accurately marked as disabled by default, matching `DEFAULT_SKILLS`. Mirrored in `docs/features.md`.
+
+<!-- Version: bump to 1.3.1 or roll into next minor — decide with user at merge time -->
+
 ### Changed
 
 - **Dependency majors**

README.md

@@ -41,11 +41,11 @@ See [docs/security.md](docs/security.md) for the BYOK-alpha threat model.
 | Skill | Engine | Cost/check | Enabled by default |
 |-------|--------|-----------|-------------------|
 | **Plagiarism** | Copyscape | ~$0.09 | ✅ |
-| **AI Detection** | Copyscape | ~$0.09 | ✅ |
+| **AI Detection** | Copyscape | ~$0.03 | ✅ |
 | **SEO** | Offline (no API) | free | ✅ |
-| **Grammar & Style** | LanguageTool + LLM fallback | free tier / ~$0.002 | ✅ (free tier) |
-| **Academic Citations** | Semantic Scholar | free | ✅ |
-| **Self-Plagiarism** | Cloudflare Vectorize + OpenRouter embeddings | ~$0.0001 | ❌ requires index (`checkapp index <dir>`) |
+| **Grammar & Style** | LanguageTool + LLM fallback | free tier / ~$0.002 | ❌ disabled by default (enable in Settings; LanguageTool free tier works without any API key) |
+| **Academic Citations** | Semantic Scholar | free | ❌ disabled by default (augments fact-check findings when enabled; Semantic Scholar is free) |
+| **Self-Plagiarism** | Cloudflare Vectorize + OpenRouter embeddings | ~$0.0001 | ❌ disabled by default — requires index (`checkapp index <dir>`), `OPENROUTER_API_KEY`, and Cloudflare Vectorize provider config |
 | **Fact Check** | Tiered: Basic = Exa + LLM; Standard = Gemini + Google Search; Deep Audit = Gemini Deep Research | varies | Basic is available by default; Standard is opt-in; Deep Audit is async |
 | **Tone of Voice** | Claude/MiniMax | ~$0.002 | ❌ requires LLM key + tone guide file |
 | **Legal Risk** | Claude/MiniMax | ~$0.002 | ❌ requires LLM key |

dashboard/src/__tests__/api/deep-audit-guard.test.ts

@@ -0,0 +1,36 @@
+import { describe, test, expect, vi } from "vitest";
+import { NextRequest } from "next/server";
+
+vi.mock("@/lib/csrf", () => ({
+  getCsrfToken: vi.fn(() => "test-csrf-token"),
+}));
+
+import { POST } from "@/app/api/reports/[id]/deep-audit/route";
+
+describe("POST /api/reports/[id]/deep-audit — loopback + CSRF guard", () => {
+  test("rejects POST from spoofed Host header (uses nextUrl.hostname instead)", async () => {
+    const req = new NextRequest(new URL("http://203.0.113.5:3000/api/reports/1/deep-audit"), {
+      method: "POST",
+      headers: { host: "localhost", "x-checkapp-csrf": "test-csrf-token" },
+    });
+    const res = await POST(req, { params: Promise.resolve({ id: "1" }) });
+    expect(res.status).toBe(403);
+  });
+
+  test("rejects POST without CSRF token", async () => {
+    const req = new NextRequest(new URL("http://localhost:3000/api/reports/1/deep-audit"), {
+      method: "POST",
+    });
+    const res = await POST(req, { params: Promise.resolve({ id: "1" }) });
+    expect(res.status).toBe(403);
+  });
+
+  test("rejects POST with wrong CSRF token", async () => {
+    const req = new NextRequest(new URL("http://localhost:3000/api/reports/1/deep-audit"), {
+      method: "POST",
+      headers: { "x-checkapp-csrf": "wrong" },
+    });
+    const res = await POST(req, { params: Promise.resolve({ id: "1" }) });
+    expect(res.status).toBe(403);
+  });
+});

dashboard/src/__tests__/format.test.ts

@@ -22,4 +22,11 @@ describe("format helpers", () => {
   it("formats numbers with a fixed grouping style", () => {
     expect(formatNumber(1234567)).toBe("1,234,567");
   });
+
+  it("returns a fallback for invalid date input instead of throwing or garbage", () => {
+    expect(() => formatShortDate("unknown")).not.toThrow();
+    expect(formatShortDate("unknown")).toBe("");
+    expect(() => formatDateTime("not-a-date")).not.toThrow();
+    expect(formatDateTime("not-a-date")).toBe("");
+  });
 });

dashboard/src/app/api/reports/[id]/deep-audit/route.ts

@@ -2,6 +2,7 @@ import { sql } from "drizzle-orm";
 import type { NextRequest } from "next/server";
 import { jsonWithCors } from "@/lib/cors";
 import { getDb } from "@/lib/db";
+import { guardLocalMutation } from "@/lib/guard-local";
 import { readConfig } from "../../../../../../../src/config";
 import {
   emitAuditCompletedEvent,
@@ -149,9 +150,12 @@ export async function GET(
 }
 
 export async function POST(
-  _request: NextRequest,
+  request: NextRequest,
   { params }: { params: Promise<{ id: string }> },
 ) {
+  const blocked = guardLocalMutation(request);
+  if (blocked) return blocked;
+
   try {
     ensureDeepAuditSchema();
     await initializeDeepAuditRuntime();

dashboard/src/components/ClaimDrillDown.tsx

@@ -38,7 +38,7 @@ export function ClaimDrillDown({ finding }: Props) {
               >
                 {sanitizeText(s.title) || safeHref(s.url)}
               </a>
-              {s.publishedDate && (
+              {s.publishedDate && formatShortDate(s.publishedDate) && (
                 <Badge variant="secondary" className="ml-2">
                   {formatShortDate(s.publishedDate)}
                 </Badge>

dashboard/src/lib/estimator.ts

@@ -58,13 +58,14 @@ export function estimateRunCost(cfg: AppConfigForEstimate, wordCount: number): E
   const s = cfg.skills ?? {};
 
   if (s.factCheck) {
-    const effectiveTier = cfg.factCheckTierFlag === true ? (cfg.factCheckTier ?? "basic") : null;
-    perSkill["fact-check"] = effectiveTier
-      ? effectiveTier === "standard"
+    const configuredTier = cfg.factCheckTierFlag === true ? (cfg.factCheckTier ?? "basic") : null;
+    // Runtime routes "premium" to basic sync + async Deep Audit; don't charge
+    // $1.50 synchronously here (mirrors ~/checkapp/src/cost/estimator.ts).
+    const syncTier = configuredTier === "premium" ? "basic" : configuredTier;
+    perSkill["fact-check"] = syncTier
+      ? syncTier === "standard"
         ? 0.16
-        : effectiveTier === "premium"
-          ? 1.5
-          : 0.04
+        : 0.04
       : providerBase(cfg, "fact-check") * FACT_CHECK_MAX_CLAIMS;
   }
   if ((s as any).aiDetection) {

dashboard/src/lib/format.ts

@@ -25,10 +25,14 @@ export function formatDate(
   value: DateInput,
   options: Intl.DateTimeFormatOptions = {}
 ): string {
+  const date = normalizeDateInput(value);
+  if (Number.isNaN(date.getTime())) {
+    return "";
+  }
   return new Intl.DateTimeFormat(DEFAULT_LOCALE, {
     ...options,
     timeZone: DEFAULT_TIME_ZONE,
-  }).format(normalizeDateInput(value));
+  }).format(date);
 }
 
 export function formatDateTime(value: DateInput): string {

dashboard/src/lib/providers.ts

@@ -37,8 +37,8 @@ export const PROVIDER_REGISTRY: Partial<Record<SkillId, ProviderMetadata[]>> = {
   "fact-check": [
     { id: "exa-search", label: "Exa Search", speed: "fast", costPerCheckUsd: 0.008, costLabel: "$0.008/check", depth: "standard", freeTier: false, requiresKey: true },
     { id: "exa-deep-reasoning", label: "Exa Deep Reasoning", speed: "slow", costPerCheckUsd: 0.025, costLabel: "$0.025/check", depth: "deep", freeTier: false, requiresKey: true },
-    { id: "gemini-grounded", label: "Gemini 3.1 Pro + Google Search", speed: "medium", costPerCheckUsd: 0.01, costLabel: "$0.01/check", depth: "standard", freeTier: false, requiresKey: true },
-    { id: "gemini-deep-research", label: "Gemini Deep Research (Premium Audit)", speed: "slow", costPerCheckUsd: 0.05, costLabel: "$0.05/check", depth: "deep", freeTier: false, requiresKey: true },
+    { id: "gemini-grounded", label: "Gemini 3.1 Pro + Google Search", speed: "medium", costPerCheckUsd: 0.04, costLabel: "$0.04/claim", depth: "standard", freeTier: false, requiresKey: true },
+    { id: "gemini-deep-research", label: "Gemini Deep Research (Premium Audit)", speed: "slow", costPerCheckUsd: 0.375, costLabel: "$0.375/claim", depth: "deep", freeTier: false, requiresKey: true },
     { id: "parallel-task", label: "Parallel Task", speed: "slow", costPerCheckUsd: 0.03, costLabel: "$0.03/check", depth: "deep", freeTier: true, requiresKey: true },
   ],
   grammar: [

docs/features.md

@@ -5,17 +5,17 @@
 | Skill | Engine | Cost/check | Default |
 |-------|--------|-----------|---------|
 | Plagiarism Check | Copyscape | ~$0.09 | Enabled |
-| AI Detection | Copyscape | ~$0.09 | Enabled |
+| AI Detection | Copyscape | ~$0.03 | Enabled |
 | SEO Analysis | Offline | Free | Enabled |
 | Fact Check | Tiered: Basic = Exa + LLM; Standard = Gemini + Google Search; Deep Audit = Gemini Deep Research | varies | Basic is default; Standard is opt-in; Deep Audit is async |
 | Tone of Voice | MiniMax/Claude | ~$0.002 | Requires API keys + tone guide |
 | Legal Risk | MiniMax/Claude | ~$0.002 | Requires API keys |
 | Content Summary | MiniMax/Claude | ~$0.002 | Requires API keys |
 | Brief Matching | MiniMax/Claude | ~$0.002 | Requires API keys + brief context |
 | Content Purpose | MiniMax/Claude | ~$0.002 | Requires API keys |
-| Grammar & Style | LanguageTool (default) / Sapling / LLM-fallback | Free / $0.0008/100w / LLM | Optional — LT free, no key required |
-| Academic Citations | Semantic Scholar | Free (100 req/5min) | Optional — no key required |
-| Self-Plagiarism | Cloudflare Vectorize / Pinecone / Upstash | ~$0.0002/article | Optional — requires one-time `checkapp index <dir>` |
+| Grammar & Style | LanguageTool (default) / Sapling / LLM-fallback | Free / $0.0008/100w / LLM | Disabled by default — enable in Settings; LT free tier works without any API key |
+| Academic Citations | Semantic Scholar | Free (100 req/5min) | Disabled by default — augments fact-check findings when enabled; no key required |
+| Self-Plagiarism | Cloudflare Vectorize / Pinecone / Upstash | ~$0.0002/article | Disabled by default — requires one-time `checkapp index <dir>`, `OPENROUTER_API_KEY`, and provider config |
 
 All enabled skills run in parallel. Skills with missing API keys skip gracefully.
 

src/cost/estimator.test.ts

@@ -127,4 +127,22 @@ describe("estimateRunCost", () => {
     }, 800);
     expect(r.perSkill.aiDetection).toBeCloseTo(0.03);
   });
+
+  test("premium tier estimate is basic sync cost, not Deep Audit cost", () => {
+    // Runtime routes premium → basic sync + async Deep Audit. The sync-run
+    // estimate must NOT add $1.50 as if Deep Audit ran synchronously.
+    const cfg: Config = {
+      ...base({ factCheck: true }),
+      factCheckTierFlag: true,
+      factCheckTier: "premium",
+      providers: { "fact-check": { provider: "exa-search", apiKey: "k" } },
+    };
+    const r = estimateRunCost(cfg, 500);
+    expect(r.perSkill["fact-check"]).toBe(0.04); // basic, NOT 1.5
+  });
+
+  test("estimateFactCheckCost('premium') still returns 1.5 as a pure helper", () => {
+    // Kept for separate Deep Audit pricing display (e.g. --estimate-cost).
+    expect(estimateFactCheckCost("premium")).toBe(1.5);
+  });
 });

src/cost/estimator.ts

@@ -63,11 +63,15 @@ export function estimateRunCost(config: Config, wordCount: number): EstimateResu
   };
 
   if (config.skills.factCheck) {
-    const effectiveTier = config.factCheckTierFlag === true
+    const configuredTier = config.factCheckTierFlag === true
       ? (config.factCheckTier ?? "basic")
       : null;
-    perSkill["fact-check"] = effectiveTier
-      ? estimateFactCheckCost(effectiveTier)
+    // Runtime routes "premium" to basic sync + async Deep Audit. Don't charge
+    // $1.50 here. estimateFactCheckCost("premium") stays as a pure helper for
+    // displaying Deep Audit pricing separately (see --estimate-cost output).
+    const syncTierForEstimate = configuredTier === "premium" ? "basic" : configuredTier;
+    perSkill["fact-check"] = syncTierForEstimate
+      ? estimateFactCheckCost(syncTierForEstimate)
       : providerBase("fact-check") * FACT_CHECK_MAX_CLAIMS;
   }
   if ((config.skills as any).aiDetection) {

src/providers/registry.ts

@@ -4,8 +4,8 @@ export const PROVIDER_REGISTRY: Partial<Record<SkillId, ProviderMetadata[]>> = {
   "fact-check": [
     { id: "exa-search", label: "Exa Search", speed: "fast", costPerCheckUsd: 0.008, costLabel: "$0.008/check", depth: "standard", freeTier: false, requiresKey: true },
     { id: "exa-deep-reasoning", label: "Exa Deep Reasoning", speed: "slow", costPerCheckUsd: 0.025, costLabel: "$0.025/check", depth: "deep", freeTier: false, requiresKey: true },
-    { id: "gemini-grounded", label: "Gemini 3.1 Pro + Google Search", speed: "medium", costPerCheckUsd: 0.01, costLabel: "$0.01/check", depth: "standard", freeTier: false, requiresKey: true },
-    { id: "gemini-deep-research", label: "Gemini Deep Research (Premium Audit)", speed: "slow", costPerCheckUsd: 0.05, costLabel: "$0.05/check", depth: "deep", freeTier: false, requiresKey: true },
+    { id: "gemini-grounded", label: "Gemini 3.1 Pro + Google Search", speed: "medium", costPerCheckUsd: 0.04, costLabel: "$0.04/claim", depth: "standard", freeTier: false, requiresKey: true },
+    { id: "gemini-deep-research", label: "Gemini Deep Research (Premium Audit)", speed: "slow", costPerCheckUsd: 0.375, costLabel: "$0.375/claim", depth: "deep", freeTier: false, requiresKey: true },
     { id: "parallel-task", label: "Parallel Task", speed: "slow", costPerCheckUsd: 0.03, costLabel: "$0.03/check", depth: "deep", freeTier: true, requiresKey: true },
   ],
   grammar: [

src/skills/factcheck-grounded.test.ts

@@ -129,7 +129,7 @@ describe("FactCheckGroundedSkill", () => {
         provider: "gemini-grounded",
         model: "gemini-3.1-pro-preview",
         httpStatus: 200,
-        costUsd: 0.01,
+        costUsd: 0.04,
         inputTokens: 111,
         outputTokens: 22,
         totalTokens: 133,

src/skills/factcheck-grounded.ts

@@ -99,7 +99,7 @@ export class FactCheckGroundedSkill implements Skill {
     }
 
     const findings: Finding[] = [];
-    const perClaimCost = resolved.metadata?.costPerCheckUsd ?? 0.01;
+    const perClaimCost = resolved.metadata?.costPerCheckUsd ?? 0.04;
     let costUsd = 0.001;
 
     const groundedResults: GroundedClaimResult[] = [];
@@ -233,14 +233,14 @@ async function fetchGroundedAssessment(
       model,
       claimPreview: claim.slice(0, 160),
       retriesLeft,
-      costUsd: 0.01,
+      costUsd: 0.04,
       ...payload,
     });
 
   let response: Response;
   try {
     response = await fetch(
-      `${GEMINI_BASE_URL}/${model}:generateContent?key=${apiKey}`,
+      `${GEMINI_BASE_URL}/${model}:generateContent?key=${encodeURIComponent(apiKey)}`,
       {
         method: "POST",
         headers: { "Content-Type": "application/json" },

src/skills/llm.test.ts

@@ -119,12 +119,45 @@ describe("getLlmClient", () => {
     expect(capturedBody).toMatchObject({
       contents: [{ parts: [{ text: "prompt text" }] }],
       generationConfig: {
-        maxOutputTokens: 8192,
+        maxOutputTokens: 16,
         temperature: 0.1,
         thinkingConfig: { thinkingLevel: "low" },
       },
     });
   });
+
+  it("Gemini maxOutputTokens defaults to 1024 when caller passes no budget", async () => {
+    let capturedBody: Record<string, unknown> | null = null;
+    mockFetch(async (req) => {
+      capturedBody = JSON.parse((req as Request).body ? await req.text() : "{}") as Record<string, unknown>;
+      return jsonResponse({ candidates: [{ content: { parts: [{ text: "x" }] } }] });
+    });
+    const c = getLlmClient({ ...baseConfig, geminiApiKey: "gk" });
+    await c!.call("hi");
+    expect((capturedBody as any).generationConfig.maxOutputTokens).toBe(1024);
+  });
+
+  it("Gemini maxOutputTokens respects small explicit budgets (no floor bump)", async () => {
+    let capturedBody: Record<string, unknown> | null = null;
+    mockFetch(async (req) => {
+      capturedBody = JSON.parse((req as Request).body ? await req.text() : "{}") as Record<string, unknown>;
+      return jsonResponse({ candidates: [{ content: { parts: [{ text: "x" }] } }] });
+    });
+    const c = getLlmClient({ ...baseConfig, geminiApiKey: "gk" });
+    await c!.call("hi", 512);
+    expect((capturedBody as any).generationConfig.maxOutputTokens).toBe(512);
+  });
+
+  it("Gemini maxOutputTokens caps at 8192 for large budgets", async () => {
+    let capturedBody: Record<string, unknown> | null = null;
+    mockFetch(async (req) => {
+      capturedBody = JSON.parse((req as Request).body ? await req.text() : "{}") as Record<string, unknown>;
+      return jsonResponse({ candidates: [{ content: { parts: [{ text: "x" }] } }] });
+    });
+    const c = getLlmClient({ ...baseConfig, geminiApiKey: "gk" });
+    await c!.call("hi", 20000);
+    expect((capturedBody as any).generationConfig.maxOutputTokens).toBe(8192);
+  });
 });
 
 describe("parseJsonResponse", () => {

src/skills/llm.ts

@@ -75,14 +75,16 @@ function createGeminiCaller(apiKey: string, model: string): LlmClient["call"] {
   return async (prompt: string, maxTokens = 1024) => {
     assertMocksOnly("llm:gemini");
     const response = await fetch(
-      `https://generativelanguage.googleapis.com/v1beta/models/${model}:generateContent?key=${apiKey}`,
+      `https://generativelanguage.googleapis.com/v1beta/models/${model}:generateContent?key=${encodeURIComponent(apiKey)}`,
       {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify({
           contents: [{ parts: [{ text: prompt }] }],
           generationConfig: {
-            maxOutputTokens: Math.max(maxTokens, 8192),
+            // Respect caller's token budget; cap at 8192 so a large request
+            // doesn't produce runaway cost. Callers needing more should split.
+            maxOutputTokens: Math.min(maxTokens, 8192),
             temperature: 0.1,
             thinkingConfig: { thinkingLevel: "low" },
           },