@1claw/mcp 0.16.1 → 0.16.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -1
- package/dist/security/index.d.ts.map +1 -1
- package/dist/security/index.js +6 -1
- package/dist/security/index.js.map +1 -1
- package/dist/tools/inspect_content.d.ts +4 -0
- package/dist/tools/inspect_content.d.ts.map +1 -1
- package/dist/tools/inspect_content.js +38 -17
- package/dist/tools/inspect_content.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -32,7 +32,7 @@ pnpm run build
|
|
|
32
32
|
| `ONECLAW_AGENT_API_KEY` | stdio* | — | Agent API key (`ocv_...`). Server exchanges this for a JWT and auto-refreshes. |
|
|
33
33
|
| `ONECLAW_AGENT_TOKEN` | stdio* | — | Static Bearer JWT (alternative to ID+key; expires in ~1 h). |
|
|
34
34
|
| `ONECLAW_VAULT_ID` | stdio only | — | UUID of the vault to operate on. |
|
|
35
|
-
| `ONECLAW_BASE_URL` | No | `https://api.1claw.xyz` | API base URL (
|
|
35
|
+
| `ONECLAW_BASE_URL` | No | `https://api.1claw.xyz` | Vault API base URL. Intents tools (`simulate_transaction`, `submit_transaction`, etc.) call this host; for TEE signing, point it at **Shroud** or **Intents** (e.g. `https://shroud.1claw.xyz` or `https://intents.1claw.xyz`) if your deployment routes signing there. Self-hosted: your Vault/Shroud URL. |
|
|
36
36
|
| `MCP_TRANSPORT` | No | `stdio` | Transport mode: `stdio` or `httpStream`. |
|
|
37
37
|
| `PORT` | No | `8080` | HTTP port (httpStream mode only). |
|
|
38
38
|
|
|
@@ -55,6 +55,9 @@ pnpm run build
|
|
|
55
55
|
| `share_secret` | Share a secret with your creator, a user/agent by ID, or create an open link |
|
|
56
56
|
| `simulate_transaction` | Simulate a transaction via Tenderly without signing or broadcasting |
|
|
57
57
|
| `submit_transaction` | Submit a transaction intent to be signed and optionally broadcast. Auto-generates an `Idempotency-Key` header for replay protection. |
|
|
58
|
+
| `sign_transaction` | Sign-only (no broadcast); returns `signed_tx` for client-side `eth_sendRawTransaction`. |
|
|
59
|
+
| `list_transactions` | List transaction intents for the agent. |
|
|
60
|
+
| `get_transaction` | Get one transaction by id (optional `include_signed_tx`). |
|
|
58
61
|
| `inspect_content` | Analyze arbitrary text for prompt injection, command injection, social engineering, PII, encoding tricks, and more. Works without vault credentials. |
|
|
59
62
|
|
|
60
63
|
## Resources
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,eAAe;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;CACpD;AAED,MAAM,WAAW,gBAAgB;IAC7B,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,WAAW,eAAe;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;CACpD;AAED,MAAM,WAAW,gBAAgB;IAC7B,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB;AA4ED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAIhE;AAED;;GAEG;AACH,wBAAgB,YAAY,IAAI,IAAI,CAEnC;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,CAE3C;AAID,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C;AAED,wBAAgB,wBAAwB,IAAI,OAAO,CAGlD;AAED,wBAAgB,qBAAqB,IAAI,OAAO,CAG/C;AAED,wBAAgB,sBAAsB,IAAI,OAAO,GAAG,MAAM,GAAG,KAAK,CAKjE;AAED,wBAAgB,mBAAmB,IAAI,OAAO,GAAG,UAAU,GAAG,UAAU,CAMvE;AAID,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,OAAO,CAAA;CAAE,CAcxF;AAoFD;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,gBAAgB,CA0C9E;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAuBhF"}
|
package/dist/security/index.js
CHANGED
|
@@ -28,7 +28,12 @@ const NETWORK_PATTERNS = [
|
|
|
28
28
|
{ name: "ngrok", pattern: /(?:ngrok\.io|ngrok\.app)/i, severity: "high" },
|
|
29
29
|
{ name: "pastebin", pattern: /pastebin\.com/i, severity: "high" },
|
|
30
30
|
{ name: "ip_url", pattern: /https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/, severity: "medium" },
|
|
31
|
-
|
|
31
|
+
// Allow HTTP verbs after flags (e.g. curl -X POST https://...) — otherwise "POST" breaks the URL match
|
|
32
|
+
{
|
|
33
|
+
name: "data_exfil",
|
|
34
|
+
pattern: /(?:curl|wget|nc)\s+(?:(?:-[a-zA-Z]*\s+)|(?:GET|POST|PUT|PATCH|DELETE|HEAD|OPTIONS)\s+)*https?:\/\//i,
|
|
35
|
+
severity: "critical",
|
|
36
|
+
},
|
|
32
37
|
];
|
|
33
38
|
const PII_PATTERNS = [
|
|
34
39
|
{ name: "email", pattern: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/, severity: "medium" },
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH,wDAAwD;AAExD,MAAM,0BAA0B,GAAG;IAC/B,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,0EAA0E,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC3I,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC/F,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,qEAAqE,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACxI,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAChF,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,sEAAsE,EAAE,QAAQ,EAAE,MAAe,EAAE;CAC1I,CAAC;AAEF,MAAM,iBAAiB,GAAG;IACtB,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,mEAAmE,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAClI,uFAAuF;IACvF,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAC3F,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,QAAiB,EAAE;CAClG,CAAC;AAEF,MAAM,2BAA2B,GAAG;IAChC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,+DAA+D,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAC1H,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,2EAA2E,EAAE,QAAQ,EAAE,MAAe,EAAE;IACtI,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,sEAAsE,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC/H,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,4GAA4G,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACxK,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,8GAA8G,EAAE,QAAQ,EAAE,UAAmB,EAAE;CACzL,CAAC;AAEF,MAAM,gBAAgB,GAAG;IACrB,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAClF,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC1E,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,+CAA+C,EAAE,QAAQ,EAAE,QAAiB,EAAE;IACzG,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH,wDAAwD;AAExD,MAAM,0BAA0B,GAAG;IAC/B,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,0EAA0E,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC3I,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC/F,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,qEAAqE,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACxI,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAChF,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,sEAAsE,EAAE,QAAQ,EAAE,MAAe,EAAE;CAC1I,CAAC;AAEF,MAAM,iBAAiB,GAAG;IACtB,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,mEAAmE,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAClI,uFAAuF;IACvF,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAC3F,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,QAAiB,EAAE;CAClG,CAAC;AAEF,MAAM,2BAA2B,GAAG;IAChC,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,+DAA+D,EAAE,QAAQ,EAAE,QAAiB,EAAE;IAC1H,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,2EAA2E,EAAE,QAAQ,EAAE,MAAe,EAAE;IACtI,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,sEAAsE,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC/H,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,4GAA4G,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACxK,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,8GAA8G,EAAE,QAAQ,EAAE,UAAmB,EAAE;CACzL,CAAC;AAEF,MAAM,gBAAgB,GAAG;IACrB,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAClF,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC1E,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,+CAA+C,EAAE,QAAQ,EAAE,QAAiB,EAAE;IACzG,uGAAuG;IACvG;QACI,IAAI,EAAE,YAAY;QAClB,OAAO,EACH,qGAAqG;QACzG,QAAQ,EAAE,UAAmB;KAChC;CACJ,CAAC;AAEF,MAAM,YAAY,GAAG;IACjB,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,gDAAgD,EAAE,QAAQ,EAAE,QAAiB,EAAE;IACzG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAChF,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,uFAAuF,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACxJ,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,kDAAkD,EAAE,QAAQ,EAAE,KAAc,EAAE;IAC3G,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC5F,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,wDAAwD,EAAE,QAAQ,EAAE,UAAmB,EAAE;CACnI,CAAC;AAEF,sCAAsC;AACtC,MAAM,gBAAgB,GAAG,gFAAgF,CAAC;AAE1G,6BAA6B;AAC7B,MAAM,WAAW,GAA2B;IACxC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;IAC1D,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;IAC1D,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;IAC1D,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;IAC1D,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;CAC7D,CAAC;AAEF,MAAM,gBAAgB,GAAG,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AAEnF,gEAAgE;AAEhE,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAC5B,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE/C,8DAA8D;AAC9D,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;IACzB,YAAY;IACZ,gBAAgB;IAChB,YAAY;IACZ,kBAAkB;CACrB,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,IAAY,EAAE,KAAa;IACtD,IAAI,KAAK,CAAC,MAAM,IAAI,iBAAiB,EAAE,CAAC;QACpC,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAClC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY;IACxB,YAAY,CAAC,KAAK,EAAE,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAC9B,OAAO,YAAY,CAAC,IAAI,CAAC;AAC7B,CAAC;AAED,wDAAwD;AAExD,MAAM,UAAU,iBAAiB;IAC7B,OAAO,OAAO,CAAC,GAAG,CAAC,4BAA4B,KAAK,OAAO,CAAC;AAChE,CAAC;AAED,MAAM,UAAU,wBAAwB;IACpC,IAAI,CAAC,iBAAiB,EAAE;QAAE,OAAO,KAAK,CAAC;IACvC,OAAO,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,OAAO,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,qBAAqB;IACjC,IAAI,CAAC,iBAAiB,EAAE;QAAE,OAAO,KAAK,CAAC;IACvC,OAAO,OAAO,CAAC,GAAG,CAAC,yBAAyB,KAAK,OAAO,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,sBAAsB;IAClC,IAAI,CAAC,iBAAiB,EAAE;QAAE,OAAO,KAAK,CAAC;IACvC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC;IACtD,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACpD,OAAO,MAAM,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,mBAAmB;IAC/B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IACvD,IAAI,IAAI,KAAK,UAAU,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAC;IAChB,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,wDAAwD;AAExD,MAAM,UAAU,gBAAgB,CAAC,IAAY;IACzC,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,IAAI,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,EAAE;QACjD,QAAQ,GAAG,IAAI,CAAC;QAChB,OAAO,EAAE,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,IAAI,EAAE,EAAE;QACvD,QAAQ,GAAG,IAAI,CAAC;QAChB,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC;AACpC,CAAC;AAED,wDAAwD;AAExD,SAAS,aAAa,CAAC,IAAY;IAC/B,MAAM,OAAO,GAAsB,EAAE,CAAC;IAEtC,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,0BAA0B,EAAE,CAAC;QACnE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7F,CAAC;IACL,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,iBAAiB,EAAE,CAAC;QAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7G,CAAC;IACL,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,2BAA2B,EAAE,CAAC;QACpE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC9F,CAAC;IACL,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,gBAAgB,EAAE,CAAC;QACzD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC1F,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC3B,IAAI,CAAC,qBAAqB,EAAE;QAAE,OAAO,EAAE,CAAC;IACxC,MAAM,OAAO,GAAsB,EAAE,CAAC;IACtC,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5F,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,wDAAwD;AAExD,SAAS,aAAa,CAAC,IAAY;IAC/B,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,IAAI,QAAQ,GAAG,IAAI,CAAC;IACpB,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,YAAY,EAAE,CAAC;QACvC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,GAAG,CAAC,CAAC;YAC5D,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3B,CAAC;IACL,CAAC;IACD,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;AACjC,CAAC;AAED,wDAAwD;AAExD,SAAS,kBAAkB,CAAC,IAAY;IACpC,MAAM,IAAI,GAAG,sBAAsB,EAAE,CAAC;IACtC,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,EAAE,CAAC;IAC9B,MAAM,OAAO,GAAsB,EAAE,CAAC;IACtC,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,YAAY,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,gBAAgB,IAAI,EAAE;gBAC/B,QAAQ,EAAE,UAAU;aACvB,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,wDAAwD;AAExD;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAa;IACxD,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACvB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACzC,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAE1C,IAAI,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC5G,CAAC;IAED,OAAO,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC;IAEvC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;QACvB,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;YAC5C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;QACtC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,mBAAmB,EAAE,CAAC;IACnC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,CAAC;IACvG,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAE3D,IAAI,IAAI,KAAK,OAAO,IAAI,CAAC,WAAW,IAAI,OAAO,CAAC,EAAE,CAAC;QAC/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IACtC,CAAC;IAED,IAAI,IAAI,KAAK,UAAU,IAAI,QAAQ,EAAE,CAAC;QAClC,IAAI,CAAC;YACD,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YAC7C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC;QAC/E,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QACrC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AACrC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB,EAAE,MAAc;IAC1D,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;QACvB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACzC,CAAC;IAED,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,OAAO,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IAEnC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,wBAAwB,EAAE,EAAE,CAAC;QAC5D,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;QACpD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACtB,OAAO,CAAC,IAAI,CAAC;oBACT,IAAI,EAAE,aAAa;oBACnB,OAAO,EAAE,YAAY,CAAC,CAAC,IAAI,EAAE;oBAC7B,QAAQ,EAAE,UAAU;iBACvB,CAAC,CAAC;YACP,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;QAC/C,CAAC;IACL,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AACrC,CAAC"}
|
|
@@ -4,13 +4,17 @@ export declare function inspectContentTool(): {
|
|
|
4
4
|
description: string;
|
|
5
5
|
parameters: z.ZodObject<{
|
|
6
6
|
content: z.ZodString;
|
|
7
|
+
context: z.ZodOptional<z.ZodEnum<["input", "output"]>>;
|
|
7
8
|
}, "strip", z.ZodTypeAny, {
|
|
8
9
|
content: string;
|
|
10
|
+
context?: "input" | "output" | undefined;
|
|
9
11
|
}, {
|
|
10
12
|
content: string;
|
|
13
|
+
context?: "input" | "output" | undefined;
|
|
11
14
|
}>;
|
|
12
15
|
execute: (args: {
|
|
13
16
|
content: string;
|
|
17
|
+
context?: "input" | "output";
|
|
14
18
|
}, { log }: {
|
|
15
19
|
log: {
|
|
16
20
|
info: (msg: string) => void;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"inspect_content.d.ts","sourceRoot":"","sources":["../../src/tools/inspect_content.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"inspect_content.d.ts","sourceRoot":"","sources":["../../src/tools/inspect_content.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAiDxB,wBAAgB,kBAAkB;;;;;;;;;;;;;oBAatB;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,GAAG,QAAQ,CAAA;KAAE,WAC9C;QAAE,GAAG,EAAE;YAAE,IAAI,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;SAAE,CAAA;KAAE,KAChD,OAAO,CAAC,MAAM,CAAC;EAarB"}
|
|
@@ -1,29 +1,50 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
-
import { inspectInput } from "../security/index.js";
|
|
2
|
+
import { inspectInput, normalizeUnicode, } from "../security/index.js";
|
|
3
|
+
/** Structured result returned as JSON (tests + programmatic callers). */
|
|
4
|
+
function buildInspectContentReport(result, unicode) {
|
|
5
|
+
const threats = result.threats;
|
|
6
|
+
const malicious = threats.some((t) => t.type === "command_injection" ||
|
|
7
|
+
t.type === "social_engineering" ||
|
|
8
|
+
(t.type === "pii" && (t.pattern === "ssn" || t.severity === "critical")) ||
|
|
9
|
+
(t.type === "network_threat" && t.severity === "critical"));
|
|
10
|
+
const verdict = malicious ? "malicious" : "clean";
|
|
11
|
+
const safe = !malicious && result.passed;
|
|
12
|
+
const base = {
|
|
13
|
+
safe,
|
|
14
|
+
verdict,
|
|
15
|
+
threat_count: threats.length,
|
|
16
|
+
threats,
|
|
17
|
+
};
|
|
18
|
+
if (unicode.modified) {
|
|
19
|
+
return {
|
|
20
|
+
...base,
|
|
21
|
+
unicode_normalized: true,
|
|
22
|
+
normalized_content: unicode.normalized,
|
|
23
|
+
};
|
|
24
|
+
}
|
|
25
|
+
return base;
|
|
26
|
+
}
|
|
3
27
|
export function inspectContentTool() {
|
|
4
28
|
return {
|
|
5
29
|
name: "inspect_content",
|
|
6
|
-
description: "Inspect text content for security threats including command injection, encoding obfuscation, social engineering, and PII. Returns a threat report
|
|
30
|
+
description: "Inspect text content for security threats including command injection, encoding obfuscation, social engineering, and PII. Returns a JSON threat report (safe, verdict, threat_count, threats). Use before processing untrusted input.",
|
|
7
31
|
parameters: z.object({
|
|
8
32
|
content: z.string().describe("The text content to inspect for threats"),
|
|
33
|
+
context: z
|
|
34
|
+
.enum(["input", "output"])
|
|
35
|
+
.optional()
|
|
36
|
+
.describe("Whether this is model input or output (affects inspection context)"),
|
|
9
37
|
}),
|
|
10
38
|
execute: async (args, { log }) => {
|
|
11
|
-
const
|
|
39
|
+
const context = args.context ?? "output";
|
|
40
|
+
const unicode = normalizeUnicode(args.content);
|
|
41
|
+
const result = inspectInput("inspect_content", {
|
|
42
|
+
content: args.content,
|
|
43
|
+
context,
|
|
44
|
+
});
|
|
12
45
|
log.info(`inspection: ${result.threats.length} threat(s) detected`);
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
}
|
|
16
|
-
const lines = [
|
|
17
|
-
result.passed ? "Content PASSED inspection (warnings below):" : "Content BLOCKED — threats detected:",
|
|
18
|
-
"",
|
|
19
|
-
];
|
|
20
|
-
for (const threat of result.threats) {
|
|
21
|
-
lines.push(`[${threat.severity.toUpperCase()}] ${threat.type}: "${threat.pattern}"${threat.location ? ` (${threat.location})` : ""}`);
|
|
22
|
-
}
|
|
23
|
-
if (result.sanitized && result.sanitized !== args.content) {
|
|
24
|
-
lines.push("", "Sanitized version available (threats removed/neutralized).");
|
|
25
|
-
}
|
|
26
|
-
return lines.join("\n");
|
|
46
|
+
const report = buildInspectContentReport(result, unicode);
|
|
47
|
+
return JSON.stringify(report);
|
|
27
48
|
},
|
|
28
49
|
};
|
|
29
50
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"inspect_content.js","sourceRoot":"","sources":["../../src/tools/inspect_content.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,
|
|
1
|
+
{"version":3,"file":"inspect_content.js","sourceRoot":"","sources":["../../src/tools/inspect_content.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,YAAY,EACZ,gBAAgB,GAGjB,MAAM,sBAAsB,CAAC;AAE9B,yEAAyE;AACzE,SAAS,yBAAyB,CAChC,MAAwB,EACxB,OAAkD;IASlD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;IAC/B,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAC5B,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,IAAI,KAAK,mBAAmB;QAC9B,CAAC,CAAC,IAAI,KAAK,oBAAoB;QAC/B,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACxE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAC7D,CAAC;IACF,MAAM,OAAO,GAA0B,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC;IACzE,MAAM,IAAI,GAAG,CAAC,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC;IAEzC,MAAM,IAAI,GAAG;QACX,IAAI;QACJ,OAAO;QACP,YAAY,EAAE,OAAO,CAAC,MAAM;QAC5B,OAAO;KACR,CAAC;IAEF,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO;YACL,GAAG,IAAI;YACP,kBAAkB,EAAE,IAAI;YACxB,kBAAkB,EAAE,OAAO,CAAC,UAAU;SACvC,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,OAAO;QACL,IAAI,EAAE,iBAA0B;QAChC,WAAW,EACT,uOAAuO;QACzO,UAAU,EAAE,CAAC,CAAC,MAAM,CAAC;YACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yCAAyC,CAAC;YACvE,OAAO,EAAE,CAAC;iBACP,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;iBACzB,QAAQ,EAAE;iBACV,QAAQ,CAAC,oEAAoE,CAAC;SAClF,CAAC;QACF,OAAO,EAAE,KAAK,EACZ,IAAuD,EACvD,EAAE,GAAG,EAA4C,EAChC,EAAE;YACnB,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC;YACzC,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAqB,YAAY,CAAC,iBAAiB,EAAE;gBAC/D,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,OAAO;aACR,CAAC,CAAC;YACH,GAAG,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,MAAM,qBAAqB,CAAC,CAAC;YAEpE,MAAM,MAAM,GAAG,yBAAyB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;KACF,CAAC;AACJ,CAAC"}
|