rcrewai 0.1.0

data/lib/rcrewai/tools/code_executor.rb

@@ -0,0 +1,333 @@
+# frozen_string_literal: true
+
+require_relative 'base'
+require 'open3'
+require 'tempfile'
+require 'fileutils'
+
+module RCrewAI
+  module Tools
+    class CodeExecutor < Base
+      def initialize(**options)
+        super()
+        @name = 'codeexecutor'
+        @description = 'Execute code in various programming languages (Python, Ruby, JavaScript, etc.)'
+        @timeout = options.fetch(:timeout, 30)
+        @max_output_size = options.fetch(:max_output_size, 100_000)  # 100KB
+        @allowed_languages = options.fetch(:allowed_languages, %w[python ruby javascript bash])
+        @working_directory = options[:working_directory] || Dir.mktmpdir('rcrewai_code_')
+        @enable_file_operations = options.fetch(:enable_file_operations, false)
+        setup_security_restrictions
+      end
+
+      def execute(**params)
+        validate_params!(params, required: [:code, :language], optional: [:args, :stdin])
+        
+        language = params[:language].to_s.downcase
+        code = params[:code]
+        args = params[:args] || []
+        stdin_input = params[:stdin]
+        
+        begin
+          validate_execution_params!(language, code)
+          result = execute_code(language, code, args, stdin_input)
+          format_execution_result(language, code, result)
+        rescue => e
+          "Code execution failed: #{e.message}"
+        end
+      end
+
+      private
+
+      def setup_security_restrictions
+        # Create secure working directory
+        FileUtils.mkdir_p(@working_directory)
+        File.chmod(0o755, @working_directory)
+        
+        # Set environment variables for security
+        @secure_env = {
+          'PATH' => '/usr/local/bin:/usr/bin:/bin',
+          'HOME' => @working_directory,
+          'TMPDIR' => @working_directory,
+          'TEMP' => @working_directory,
+          'TMP' => @working_directory
+        }
+      end
+
+      def validate_execution_params!(language, code)
+        unless @allowed_languages.include?(language)
+          raise ToolError, "Language not allowed: #{language}. Allowed: #{@allowed_languages.join(', ')}"
+        end
+        
+        if code.to_s.strip.empty?
+          raise ToolError, "Code cannot be empty"
+        end
+        
+        if code.length > 50_000  # 50KB max
+          raise ToolError, "Code too long: #{code.length} characters (max: 50,000)"
+        end
+        
+        validate_code_safety!(language, code)
+      end
+
+      def validate_code_safety!(language, code)
+        code_lower = code.downcase
+        
+        # Common dangerous patterns across languages
+        dangerous_patterns = [
+          # System operations
+          'system(', 'exec(', 'eval(', 'subprocess', 'os.system',
+          'shell_exec', 'passthru', '`', 'require "open3"',
+          
+          # File operations (if not explicitly enabled)
+          'file.open', 'open(', 'with open', 'fopen', 'file_get_contents',
+          'file_put_contents', 'unlink', 'delete', 'remove',
+          
+          # Network operations
+          'socket', 'http', 'urllib', 'requests', 'net::',
+          'tcpsocket', 'udpsocket', 'curl', 'wget',
+          
+          # Process operations
+          'fork', 'spawn', 'thread', 'process',
+          
+          # Dangerous Python imports
+          'import os', 'import sys', 'import subprocess', 'import socket',
+          'from os', 'from sys', 'from subprocess',
+          
+          # Dangerous Ruby requires
+          'require "fileutils"', 'require "open3"', 'require "net/',
+          
+          # Shell commands
+          'rm -', 'sudo', 'chmod', 'chown', 'dd if=', 'mkfs',
+          'iptables', 'systemctl', 'service '
+        ]
+        
+        unless @enable_file_operations
+          dangerous_patterns += [
+            'file.', 'open(', 'with open', 'fopen', 'file_get_contents',
+            'file_put_contents', 'fileutils', 'fs.', 'path.', 'dir.'
+          ]
+        end
+        
+        dangerous_patterns.each do |pattern|
+          if code_lower.include?(pattern)
+            raise ToolError, "Potentially dangerous code detected: #{pattern}"
+          end
+        end
+        
+        # Language-specific checks
+        case language
+        when 'python'
+          validate_python_safety!(code_lower)
+        when 'ruby'
+          validate_ruby_safety!(code_lower)
+        when 'javascript', 'node', 'js'
+          validate_javascript_safety!(code_lower)
+        when 'bash', 'sh'
+          validate_bash_safety!(code_lower)
+        end
+      end
+
+      def validate_python_safety!(code)
+        python_dangerous = [
+          '__import__', 'getattr', 'setattr', 'delattr', 'hasattr',
+          'globals(', 'locals(', 'vars(', 'dir(',
+          'compile(', 'exec(', 'eval(',
+          'input(', 'raw_input('
+        ]
+        
+        python_dangerous.each do |pattern|
+          if code.include?(pattern)
+            raise ToolError, "Dangerous Python construct: #{pattern}"
+          end
+        end
+      end
+
+      def validate_ruby_safety!(code)
+        ruby_dangerous = [
+          'instance_eval', 'class_eval', 'module_eval',
+          'define_method', 'send(', 'method(',
+          'const_get', 'const_set', 'remove_const',
+          'gets', 'readline', 'readlines'
+        ]
+        
+        ruby_dangerous.each do |pattern|
+          if code.include?(pattern)
+            raise ToolError, "Dangerous Ruby construct: #{pattern}"
+          end
+        end
+      end
+
+      def validate_javascript_safety!(code)
+        js_dangerous = [
+          'eval(', 'function(', '=>', 'require(',
+          'process.', 'global.', 'this.',
+          'document.', 'window.', 'location.',
+          'settimeout', 'setinterval'
+        ]
+        
+        js_dangerous.each do |pattern|
+          if code.include?(pattern)
+            raise ToolError, "Dangerous JavaScript construct: #{pattern}"
+          end
+        end
+      end
+
+      def validate_bash_safety!(code)
+        bash_dangerous = [
+          'rm ', 'sudo', 'su ', 'chmod', 'chown',
+          '>', '>>', '|', '&', ';',
+          '$(', '`', 'eval ', 'exec ',
+          '/etc/', '/proc/', '/sys/', '/dev/'
+        ]
+        
+        bash_dangerous.each do |pattern|
+          if code.include?(pattern)
+            raise ToolError, "Dangerous bash construct: #{pattern}"
+          end
+        end
+      end
+
+      def execute_code(language, code, args, stdin_input)
+        case language
+        when 'python', 'python3'
+          execute_python(code, args, stdin_input)
+        when 'ruby'
+          execute_ruby(code, args, stdin_input)
+        when 'javascript', 'node', 'js'
+          execute_javascript(code, args, stdin_input)
+        when 'bash', 'sh'
+          execute_bash(code, args, stdin_input)
+        else
+          raise ToolError, "Execution not implemented for language: #{language}"
+        end
+      end
+
+      def execute_python(code, args, stdin_input)
+        with_temp_file(code, '.py') do |file_path|
+          command = ['python3', file_path] + args.map(&:to_s)
+          execute_command(command, stdin_input)
+        end
+      end
+
+      def execute_ruby(code, args, stdin_input)
+        with_temp_file(code, '.rb') do |file_path|
+          command = ['ruby', file_path] + args.map(&:to_s)
+          execute_command(command, stdin_input)
+        end
+      end
+
+      def execute_javascript(code, args, stdin_input)
+        with_temp_file(code, '.js') do |file_path|
+          command = ['node', file_path] + args.map(&:to_s)
+          execute_command(command, stdin_input)
+        end
+      end
+
+      def execute_bash(code, args, stdin_input)
+        with_temp_file(code, '.sh') do |file_path|
+          File.chmod(0o755, file_path)
+          command = ['bash', file_path] + args.map(&:to_s)
+          execute_command(command, stdin_input)
+        end
+      end
+
+      def with_temp_file(content, extension)
+        temp_file = Tempfile.new(['rcrewai_code', extension], @working_directory)
+        begin
+          temp_file.write(content)
+          temp_file.flush
+          temp_file.close
+          yield temp_file.path
+        ensure
+          temp_file.unlink if temp_file
+        end
+      end
+
+      def execute_command(command, stdin_input)
+        stdout_str = ""
+        stderr_str = ""
+        exit_status = nil
+        
+        # Execute with timeout and security restrictions
+        Open3.popen3(@secure_env, *command, chdir: @working_directory) do |stdin, stdout, stderr, wait_thread|
+          # Write stdin if provided
+          if stdin_input
+            stdin.write(stdin_input)
+            stdin.close
+          end
+          
+          # Set up timeout
+          timeout_thread = Thread.new do
+            sleep @timeout
+            Process.kill('KILL', wait_thread.pid) rescue nil
+          end
+          
+          begin
+            # Read output
+            stdout_str = read_with_limit(stdout, @max_output_size)
+            stderr_str = read_with_limit(stderr, @max_output_size)
+            
+            exit_status = wait_thread.value.exitstatus
+          rescue => e
+            exit_status = -1
+            stderr_str += "\nExecution error: #{e.message}"
+          ensure
+            timeout_thread.kill
+          end
+        end
+        
+        {
+          stdout: stdout_str,
+          stderr: stderr_str,
+          exit_status: exit_status,
+          success: exit_status == 0
+        }
+      end
+
+      def read_with_limit(io, limit)
+        output = ""
+        while output.bytesize < limit && !io.eof?
+          chunk = io.read(1024)
+          break unless chunk
+          
+          if output.bytesize + chunk.bytesize > limit
+            remaining = limit - output.bytesize
+            output += chunk[0, remaining]
+            output += "\n[OUTPUT TRUNCATED - LIMIT EXCEEDED]"
+            break
+          else
+            output += chunk
+          end
+        end
+        output
+      end
+
+      def format_execution_result(language, code, result)
+        output = []
+        output << "Code Execution Result (#{language.upcase})"
+        output << "=" * 40
+        output << "Exit Status: #{result[:exit_status]} (#{result[:success] ? 'SUCCESS' : 'FAILURE'})"
+        output << ""
+        
+        if result[:stdout] && !result[:stdout].empty?
+          output << "STDOUT:"
+          output << result[:stdout]
+          output << ""
+        end
+        
+        if result[:stderr] && !result[:stderr].empty?
+          output << "STDERR:"
+          output << result[:stderr]
+          output << ""
+        end
+        
+        if result[:stdout].empty? && result[:stderr].empty?
+          output << "No output produced."
+        end
+        
+        output.join("\n")
+      end
+    end
+  end
+end

data/lib/rcrewai/tools/email_sender.rb

@@ -0,0 +1,210 @@
+# frozen_string_literal: true
+
+require_relative 'base'
+require 'net/smtp'
+require 'mail'
+
+module RCrewAI
+  module Tools
+    class EmailSender < Base
+      def initialize(**options)
+        super()
+        @name = 'emailsender'
+        @description = 'Send emails via SMTP'
+        @smtp_server = options[:smtp_server] || 'localhost'
+        @smtp_port = options[:smtp_port] || 587
+        @username = options[:username]
+        @password = options[:password]
+        @from_address = options[:from_address] || @username
+        @use_tls = options.fetch(:use_tls, true)
+        @max_recipients = options.fetch(:max_recipients, 10)
+        setup_mail_configuration
+      end
+
+      def execute(**params)
+        validate_params!(
+          params, 
+          required: [:to, :subject, :body], 
+          optional: [:cc, :bcc, :reply_to, :attachments]
+        )
+        
+        to_addresses = normalize_email_addresses(params[:to])
+        cc_addresses = normalize_email_addresses(params[:cc]) if params[:cc]
+        bcc_addresses = normalize_email_addresses(params[:bcc]) if params[:bcc]
+        
+        begin
+          validate_email_params!(to_addresses, cc_addresses, bcc_addresses, params)
+          result = send_email(to_addresses, cc_addresses, bcc_addresses, params)
+          format_email_result(result, to_addresses)
+        rescue => e
+          "Email sending failed: #{e.message}"
+        end
+      end
+
+      private
+
+      def setup_mail_configuration
+        Mail.defaults do
+          delivery_method :smtp, {
+            address: @smtp_server,
+            port: @smtp_port,
+            user_name: @username,
+            password: @password,
+            authentication: 'login',
+            enable_starttls_auto: @use_tls
+          }
+        end
+      end
+
+      def normalize_email_addresses(addresses)
+        case addresses
+        when String
+          addresses.split(/[,;]/).map(&:strip)
+        when Array
+          addresses.map(&:to_s).map(&:strip)
+        else
+          [addresses.to_s.strip]
+        end
+      end
+
+      def validate_email_params!(to_addresses, cc_addresses, bcc_addresses, params)
+        # Validate email addresses
+        all_addresses = to_addresses + (cc_addresses || []) + (bcc_addresses || [])
+        
+        all_addresses.each do |address|
+          unless valid_email?(address)
+            raise ToolError, "Invalid email address: #{address}"
+          end
+        end
+        
+        # Check recipient limits
+        if all_addresses.length > @max_recipients
+          raise ToolError, "Too many recipients: #{all_addresses.length} (max: #{@max_recipients})"
+        end
+        
+        # Validate subject and body
+        if params[:subject].to_s.strip.empty?
+          raise ToolError, "Email subject cannot be empty"
+        end
+        
+        if params[:body].to_s.strip.empty?
+          raise ToolError, "Email body cannot be empty"
+        end
+        
+        # Check for spam-like content
+        validate_content_safety!(params[:subject], params[:body])
+      end
+
+      def valid_email?(address)
+        address.match?(/\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i)
+      end
+
+      def validate_content_safety!(subject, body)
+        # Basic spam detection
+        spam_indicators = [
+          'viagra', 'casino', 'lottery', 'winner', 'congratulations',
+          'million dollars', 'click here', 'urgent', 'act now'
+        ]
+        
+        content = "#{subject} #{body}".downcase
+        
+        spam_indicators.each do |indicator|
+          if content.include?(indicator)
+            raise ToolError, "Potentially spam content detected: #{indicator}"
+          end
+        end
+        
+        # Check for excessive caps
+        caps_ratio = content.gsub(/[^A-Z]/, '').length.to_f / content.gsub(/[^A-Za-z]/, '').length
+        if caps_ratio > 0.5 && content.length > 50
+          raise ToolError, "Excessive capitalization detected (possible spam)"
+        end
+      end
+
+      def send_email(to_addresses, cc_addresses, bcc_addresses, params)
+        mail = Mail.new do
+          from     @from_address
+          to       to_addresses
+          cc       cc_addresses if cc_addresses&.any?
+          bcc      bcc_addresses if bcc_addresses&.any?
+          subject  params[:subject]
+          body     params[:body]
+          
+          if params[:reply_to]
+            reply_to params[:reply_to]
+          end
+        end
+        
+        # Add attachments if provided
+        if params[:attachments]
+          add_attachments(mail, params[:attachments])
+        end
+        
+        # Send the email
+        mail.deliver!
+        
+        {
+          message_id: mail.message_id,
+          to: to_addresses,
+          cc: cc_addresses,
+          bcc: bcc_addresses,
+          subject: params[:subject],
+          sent_at: Time.now,
+          size: mail.to_s.bytesize
+        }
+      end
+
+      def add_attachments(mail, attachments)
+        attachment_list = case attachments
+                         when String
+                           [attachments]
+                         when Array
+                           attachments
+                         else
+                           [attachments.to_s]
+                         end
+        
+        attachment_list.each do |attachment_path|
+          if File.exist?(attachment_path)
+            # Security check - only allow certain file types
+            allowed_extensions = %w[.pdf .txt .doc .docx .xls .xlsx .jpg .png .gif .zip]
+            extension = File.extname(attachment_path).downcase
+            
+            unless allowed_extensions.include?(extension)
+              raise ToolError, "Attachment file type not allowed: #{extension}"
+            end
+            
+            # Size check (max 10MB per attachment)
+            if File.size(attachment_path) > 10_000_000
+              raise ToolError, "Attachment too large: #{File.basename(attachment_path)} (max 10MB)"
+            end
+            
+            mail.add_file(attachment_path)
+          else
+            raise ToolError, "Attachment file not found: #{attachment_path}"
+          end
+        end
+      end
+
+      def format_email_result(result, to_addresses)
+        output = []
+        output << "Email sent successfully!"
+        output << "Message ID: #{result[:message_id]}"
+        output << "Recipients: #{to_addresses.join(', ')}"
+        output << "Subject: #{result[:subject]}"
+        output << "Sent at: #{result[:sent_at].strftime('%Y-%m-%d %H:%M:%S')}"
+        output << "Message size: #{result[:size]} bytes"
+        
+        if result[:cc]&.any?
+          output << "CC: #{result[:cc].join(', ')}"
+        end
+        
+        if result[:bcc]&.any?
+          output << "BCC: #{result[:bcc].length} recipients"
+        end
+        
+        output.join("\n")
+      end
+    end
+  end
+end

data/lib/rcrewai/tools/file_reader.rb

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+require_relative 'base'
+require 'pathname'
+
+module RCrewAI
+  module Tools
+    class FileReader < Base
+      def initialize(**options)
+        super()
+        @name = 'filereader'
+        @description = 'Read contents from files'
+        @max_file_size = options.fetch(:max_file_size, 10_000_000) # 10MB
+        @allowed_extensions = options.fetch(:allowed_extensions, %w[.txt .md .json .yaml .yml .csv .log])
+      end
+
+      def execute(**params)
+        validate_params!(params, required: [:file_path], optional: [:encoding, :lines])
+        
+        file_path = params[:file_path]
+        encoding = params[:encoding] || 'utf-8'
+        lines = params[:lines] # Optional: read only N lines
+        
+        begin
+          read_file(file_path, encoding, lines)
+        rescue => e
+          "File read failed: #{e.message}"
+        end
+      end
+
+      private
+
+      def read_file(file_path, encoding, lines = nil)
+        path = Pathname.new(file_path)
+        
+        # Security checks
+        validate_file_path!(path)
+        validate_file_size!(path)
+        validate_file_extension!(path)
+        
+        content = if lines
+                   read_lines(path, encoding, lines)
+                 else
+                   read_full_file(path, encoding)
+                 end
+
+        format_file_content(path, content, lines)
+      end
+
+      def validate_file_path!(path)
+        raise ToolError, "File does not exist: #{path}" unless path.exist?
+        raise ToolError, "Path is not a file: #{path}" unless path.file?
+        raise ToolError, "File is not readable: #{path}" unless path.readable?
+        
+        # Prevent directory traversal
+        resolved_path = path.realpath.to_s
+        working_dir = Dir.pwd
+        unless resolved_path.start_with?(working_dir)
+          raise ToolError, "Access denied: file outside working directory"
+        end
+      end
+
+      def validate_file_size!(path)
+        size = path.size
+        if size > @max_file_size
+          raise ToolError, "File too large: #{size} bytes (max: #{@max_file_size})"
+        end
+      end
+
+      def validate_file_extension!(path)
+        extension = path.extname.downcase
+        unless @allowed_extensions.include?(extension) || @allowed_extensions.include?('*')
+          raise ToolError, "File type not allowed: #{extension}"
+        end
+      end
+
+      def read_lines(path, encoding, line_count)
+        lines = []
+        File.open(path, 'r', encoding: encoding) do |file|
+          line_count.times do
+            line = file.gets
+            break unless line
+            lines << line.chomp
+          end
+        end
+        lines.join("\n")
+      end
+
+      def read_full_file(path, encoding)
+        File.read(path, encoding: encoding)
+      end
+
+      def format_file_content(path, content, lines = nil)
+        header = "File: #{path.basename}"
+        header += " (first #{lines} lines)" if lines
+        header += "\nSize: #{path.size} bytes"
+        header += "\nModified: #{path.mtime.strftime('%Y-%m-%d %H:%M:%S')}"
+        header += "\n" + "="*50 + "\n"
+        
+        # Truncate very long content for display
+        display_content = if content.length > 5000
+                           content[0..4997] + "..."
+                         else
+                           content
+                         end
+        
+        header + display_content
+      end
+    end
+  end
+end