@agent-native/core 0.11.1 → 0.11.2

package/dist/server/agent-chat-plugin.js

@@ -58,6 +58,9 @@ function wrapCliScript(tool, cliDefault, opts) {
         },
     };
 }
+function filterReadOnlyActions(actions) {
+    return Object.fromEntries(Object.entries(actions).filter(([, entry]) => entry.readOnly === true));
+}
 function resolveArtifactBaseUrl(event) {
     const fromEnv = process.env.APP_URL ||
         process.env.URL ||
@@ -2530,17 +2533,36 @@ export function createAgentChatPlugin(options) {
                     return accumulatedText || "(no response)";
                 },
             });
-            // Resolve owner from the H3 event's session — matches how resources are created
-            const getOwnerFromEvent = async (event) => {
-                const session = await getSession(event);
-                if (!session?.email) {
-                    const { createError } = await import("h3");
-                    throw createError({
-                        statusCode: 401,
-                        statusMessage: "Unauthenticated",
-                    });
+            const OWNER_CONTEXT_KEY = "__agentNativeOwnerContext";
+            // Resolve owner from the H3 event's session, with an optional
+            // template-provided anonymous owner for public read-only surfaces.
+            const resolveOwnerContext = async (event) => {
+                const eventContext = event?.context;
+                if (eventContext?.[OWNER_CONTEXT_KEY]) {
+                    return eventContext[OWNER_CONTEXT_KEY];
                 }
-                return session.email;
+                const session = await getSession(event);
+                if (session?.email) {
+                    const resolved = { owner: session.email, anonymous: false };
+                    if (eventContext)
+                        eventContext[OWNER_CONTEXT_KEY] = resolved;
+                    return resolved;
+                }
+                const anonymousOwner = await options?.anonymousOwner?.(event);
+                if (anonymousOwner) {
+                    const resolved = { owner: anonymousOwner, anonymous: true };
+                    if (eventContext)
+                        eventContext[OWNER_CONTEXT_KEY] = resolved;
+                    return resolved;
+                }
+                const { createError } = await import("h3");
+                throw createError({
+                    statusCode: 401,
+                    statusMessage: "Unauthenticated",
+                });
+            };
+            const getOwnerFromEvent = async (event) => {
+                return (await resolveOwnerContext(event)).owner;
             };
             // Auto-mount template actions as HTTP endpoints under /_agent-native/actions/
             // Include engine management script so the UI can call manage-agent-engine.
@@ -2776,6 +2798,7 @@ export function createAgentChatPlugin(options) {
                 ...chatScripts,
                 ...toolActions,
             });
+            const anonymousReadOnlyActions = attachToolSearch(filterReadOnlyActions(templateScripts));
             const prodActions = attachToolSearch({
                 ...templateScripts,
                 ...resourceScripts,
@@ -2810,6 +2833,9 @@ export function createAgentChatPlugin(options) {
             // Skip resource loading and schema block — those add DB round-trips
             // and tokens that minimal/voice apps don't need.
             const leanBasePrompt = (options?.systemPrompt ?? "") + prodActionsPrompt;
+            const anonymousReadOnlyPrompt = (options?.systemPrompt ?? PROD_FRAMEWORK_PROMPT_COMPACT) +
+                generateActionsPrompt(filterReadOnlyActions(templateScripts), "tool") +
+                "\n\nYou are answering from a public shared page. Treat the visible resource as read-only: do not create, edit, delete, comment on, share, or otherwise mutate app data. If the user asks for a change, describe what you would change or suggest signing in to edit.";
             // Per-request preamble shared by both prod and dev handlers. Resolves
             // owner + user API key onto the AsyncLocalStorage run context so
             // downstream tool closures (automation, fetch, team) read the
@@ -2886,6 +2912,40 @@ export function createAgentChatPlugin(options) {
                 // Resolve owner from session for usage attribution in hosted prod
                 resolveOwnerEmail: isHostedProd ? getOwnerFromEvent : undefined,
             });
+            const anonymousHandler = options?.anonymousOwner && options.anonymousReadOnly !== false
+                ? createProductionAgentHandler({
+                    actions: anonymousReadOnlyActions,
+                    systemPrompt: async (event) => {
+                        const { extra } = await prepareRun(event);
+                        return setSystemPromptOnContext(anonymousReadOnlyPrompt +
+                            runtimeContextForEvent(event) +
+                            extra);
+                    },
+                    model: options?.model ?? DEFAULT_MODEL,
+                    apiKey: options?.apiKey,
+                    runSoftTimeoutMs: options?.runSoftTimeoutMs,
+                    skipFilesContext: true,
+                    onEngineResolved: (engine, model) => {
+                        const runCtx = ensureRequestRunContext();
+                        if (runCtx) {
+                            runCtx.engine = engine;
+                            runCtx.model = model;
+                        }
+                    },
+                    onRunStart: (send, threadId) => {
+                        _runSendByThread.set(threadId, send);
+                        const runCtx = ensureRequestRunContext();
+                        if (runCtx)
+                            runCtx.threadId = threadId;
+                    },
+                    onRunComplete: async (run, threadId) => {
+                        if (threadId)
+                            _runSendByThread.delete(threadId);
+                        await onRunComplete(run, threadId);
+                    },
+                    resolveOwnerEmail: getOwnerFromEvent,
+                })
+                : null;
             // Build the dev handler (with filesystem/shell/db tools) if environment allows toggling
             let devHandler = null;
             if (canToggle) {
@@ -3800,7 +3860,8 @@ export function createAgentChatPlugin(options) {
                     return { error: "Not found" };
                 }
                 // Resolve per-request auth context
-                const owner = await getOwnerFromEvent(event);
+                const ownerContext = await resolveOwnerContext(event);
+                const owner = ownerContext.owner;
                 // Resolve org ID: explicit callback > session.orgId from Better Auth
                 let resolvedOrgId;
                 if (options?.resolveOrgId) {
@@ -3825,7 +3886,11 @@ export function createAgentChatPlugin(options) {
                     ? tzRaw.trim()
                     : undefined;
                 return runWithRequestContext({ userEmail: owner, orgId: resolvedOrgId, timezone }, () => {
-                    const handler = currentDevMode && devHandler ? devHandler : prodHandler;
+                    const handler = ownerContext.anonymous && anonymousHandler
+                        ? anonymousHandler
+                        : currentDevMode && devHandler
+                            ? devHandler
+                            : prodHandler;
                     return handler(event);
                 });
             }));