@agent-native/core 0.51.15 → 0.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/README.md +3 -3
  2. package/dist/cli/connect.d.ts +4 -3
  3. package/dist/cli/connect.d.ts.map +1 -1
  4. package/dist/cli/connect.js +67 -26
  5. package/dist/cli/connect.js.map +1 -1
  6. package/dist/cli/mcp-config-writers.d.ts +20 -13
  7. package/dist/cli/mcp-config-writers.d.ts.map +1 -1
  8. package/dist/cli/mcp-config-writers.js +152 -13
  9. package/dist/cli/mcp-config-writers.js.map +1 -1
  10. package/dist/cli/mcp.d.ts +2 -2
  11. package/dist/cli/mcp.d.ts.map +1 -1
  12. package/dist/cli/mcp.js +41 -193
  13. package/dist/cli/mcp.js.map +1 -1
  14. package/dist/cli/plan-local.d.ts +3 -1
  15. package/dist/cli/plan-local.d.ts.map +1 -1
  16. package/dist/cli/plan-local.js +24 -6
  17. package/dist/cli/plan-local.js.map +1 -1
  18. package/dist/cli/recap.d.ts.map +1 -1
  19. package/dist/cli/recap.js +1 -1
  20. package/dist/cli/recap.js.map +1 -1
  21. package/dist/cli/skills.d.ts +11 -4
  22. package/dist/cli/skills.d.ts.map +1 -1
  23. package/dist/cli/skills.js +218 -53
  24. package/dist/cli/skills.js.map +1 -1
  25. package/dist/client/agent-engine-key.d.ts +6 -4
  26. package/dist/client/agent-engine-key.d.ts.map +1 -1
  27. package/dist/client/agent-engine-key.js +9 -6
  28. package/dist/client/agent-engine-key.js.map +1 -1
  29. package/dist/client/chat/run-recovery.js +1 -1
  30. package/dist/client/chat/run-recovery.js.map +1 -1
  31. package/dist/client/settings/SettingsPanel.d.ts.map +1 -1
  32. package/dist/client/settings/SettingsPanel.js +7 -14
  33. package/dist/client/settings/SettingsPanel.js.map +1 -1
  34. package/dist/coding-tools/run-code.d.ts +7 -0
  35. package/dist/coding-tools/run-code.d.ts.map +1 -1
  36. package/dist/coding-tools/run-code.js +21 -106
  37. package/dist/coding-tools/run-code.js.map +1 -1
  38. package/dist/coding-tools/sandbox/adapter.d.ts +79 -0
  39. package/dist/coding-tools/sandbox/adapter.d.ts.map +1 -0
  40. package/dist/coding-tools/sandbox/adapter.js +24 -0
  41. package/dist/coding-tools/sandbox/adapter.js.map +1 -0
  42. package/dist/coding-tools/sandbox/index.d.ts +51 -0
  43. package/dist/coding-tools/sandbox/index.d.ts.map +1 -0
  44. package/dist/coding-tools/sandbox/index.js +79 -0
  45. package/dist/coding-tools/sandbox/index.js.map +1 -0
  46. package/dist/coding-tools/sandbox/local-child-process-adapter.d.ts +24 -0
  47. package/dist/coding-tools/sandbox/local-child-process-adapter.d.ts.map +1 -0
  48. package/dist/coding-tools/sandbox/local-child-process-adapter.js +141 -0
  49. package/dist/coding-tools/sandbox/local-child-process-adapter.js.map +1 -0
  50. package/dist/server/agent-engine-api-key-route.d.ts +37 -0
  51. package/dist/server/agent-engine-api-key-route.d.ts.map +1 -0
  52. package/dist/server/agent-engine-api-key-route.js +105 -0
  53. package/dist/server/agent-engine-api-key-route.js.map +1 -0
  54. package/dist/server/core-routes-plugin.d.ts.map +1 -1
  55. package/dist/server/core-routes-plugin.js +10 -6
  56. package/dist/server/core-routes-plugin.js.map +1 -1
  57. package/dist/server/create-server.js +1 -1
  58. package/dist/server/create-server.js.map +1 -1
  59. package/dist/templates/workspace-core/.agents/skills/external-agents/SKILL.md +7 -4
  60. package/package.json +1 -1
  61. package/src/templates/workspace-core/.agents/skills/external-agents/SKILL.md +7 -4
package/dist/server/create-server.js CHANGED
@@ -181,7 +181,7 @@ export function createServer(options = {}) {
181
181
  if (!isEnvVarWriteAllowed()) {
182
182
  setResponseStatus(event, 403);
183
183
  return {
184
- error: "env-vars endpoint disabled on multi-tenant deployments. Use saveCredential(key, value, { userEmail, orgId, scope: 'org' }) to store per-org credentials.",
184
+ error: "env-vars endpoint disabled on multi-tenant deployments. Use scoped secrets or credentials for user/org API keys.",
185
185
  };
186
186
  }
187
187
  const body = await readBody(event);
package/dist/server/create-server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"create-server.js","sourceRoot":"","sources":["../../src/server/create-server.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,YAAY,EACZ,kBAAkB,EAClB,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,IAAI,CAAC;AACZ,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EACL,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,gCAAgC,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AA0BxD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,IAA2C;IAE3C,gEAAgE;IAChE,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,IAAI,EAAE,CAAC;QAClC,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,6BAA6B,GAAG,mDAAmD,CACpF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IAE9B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,yBAAyB;IAC3B,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE7D,iCAAiC;IACjC,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,OAAO,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7C,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;YAClC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACtB,OAAO,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,kBAAkB;IAClB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,SAAS,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,0BAA0B;IAC1B,IAAI,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,IAAI,CAAC;IAE3C,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;IACjE,CAAC;AACH,CAAC;AAOD;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,UAA+B,EAAE;IAEjC,MAAM,GAAG,GAAG,SAAS,CAAC;QACpB,OAAO,CAAC,KAAK,EAAE,KAAK;YAClB,yFAAyF;YACzF,MAAM,GAAG,GAAG,KAA8B,CAAC;YAC3C,MAAM,IAAI,GAAG,GAAG,EAAE,IAAI,IAAK,GAAG,EAAE,KAA+B,EAAE,IAAI,CAAC;YACtE,IAAI,IAAI,KAAK,YAAY,IAAI,IAAI,KAAK,cAAc;gBAAE,OAAO;YAC7D,IAAI,GAAG,EAAE,OAAO,KAAK,SAAS;gBAAE,OAAO;YACvC,OAAO,CAAC,KAAK,CACX,gCAAgC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,IAAI,EAAE,EAC5D,KAAK,CACN,CAAC;QACJ,CAAC;KACF,CAAC,CAAC;IAEH,kBAAkB;IAClB,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC3B,MAAM,cAAc,GAAG,sBAAsB,EAAE,CAAC;QAChD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;QAE3D;;;;WAIG;QACH,GAAG,CAAC,GAAG,CACL,kBAAkB,CAAC,CAAC,KAAK,EAAE,EAAE;YAC3B,MAAM,aAAa,GAAG,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACxD,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,gBAAgB,GAAG,MAAM,CAC7B,gBAAgB,CAAC,KAAK,EAAE,gCAAgC,CAAC,IAAI,EAAE,CAChE;iBACE,WAAW,EAAE;iBACb,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YAClC,MAAM,gBAAgB,GACpB,oBAAoB,CAAC,aAAa,CAAC;gBACnC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,mBAAmB,CAAC,WAAW,EAAE,CAAC;oBAC3D,gBAAgB,CAAC,QAAQ,CAAC,uBAAuB,CAAC;oBAClD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAC;oBACrD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;oBACzD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;YAEvD;;;;;;;eAOG;YACH,MAAM,aAAa,GAAG,gBAAgB;gBACpC,CAAC,CAAC,aAAa;gBACf,CAAC,CAAC,oBAAoB,CAAC,aAAa,EAAE;oBAClC,cAAc;oBACd,6BAA6B,EAAE,CAAC,YAAY;oBAC5C,gEAAgE;oBAChE,mEAAmE;iBACpE,CAAC,CAAC;YACP,oEAAoE;YACpE,kEAAkE;YAClE,mEAAmE;YAEnE,IAAI,aAAa,EAAE,CAAC;gBAClB,iBAAiB,CACf,KAAK,EACL,6BAA6B,EAC7B,aAAa,CACd,CAAC;gBACF,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC3C,6DAA6D;gBAC7D,8DAA8D;gBAC9D,4DAA4D;gBAC5D,8DAA8D;gBAC9D,iDAAiD;gBACjD,IAAI,8BAA8B,CAAC,aAAa,CAAC,EAAE,CAAC;oBAClD,iBAAiB,CACf,KAAK,EACL,kCAAkC,EAClC,MAAM,CACP,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,IAAI,CAAC,aAAa,EAAE,CAAC;gBAC1B,kEAAkE;gBAClE,gEAAgE;gBAChE,2CAA2C;gBAC3C,iBAAiB,CAAC,KAAK,EAAE,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC/D,CAAC;YAED,iBAAiB,CACf,KAAK,EACL,8BAA8B,EAC9B,wCAAwC,CACzC,CAAC;YACF,iBAAiB,CACf,KAAK,EACL,8BAA8B,EAC9B,4BAA4B,CAC7B,CAAC;YAEF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,kEAAkE;gBAClE,+DAA+D;gBAC/D,mEAAmE;gBACnE,iEAAiE;gBACjE,qEAAqE;gBACrE,IAAI,aAAa,IAAI,CAAC,aAAa,EAAE,CAAC;oBACpC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC7C,CAAC;gBACD,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,EAAE,CAAC;IAC9B,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAEhB,eAAe;IACf,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CACR,qBAAqB,EACrB,kBAAkB,CAAC,GAAG,EAAE;YACtB,MAAM,OAAO,GACX,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC;YAC5D,OAAO,EAAE,OAAO,EAAE,CAAC;QACrB,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,4BAA4B;IAC5B,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAEhC,MAAM,CAAC,GAAG,CACR,2BAA2B,EAC3B,kBAAkB,CAAC,GAAG,EAAE;YACtB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBAC3B,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,KAAK;gBAC/B,UAAU,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC;gBAClC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACpD,CAAC,CAAC,CAAC;QACN,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,CAAC,IAAI,CACT,yBAAyB,EACzB,kBAAkB,CAAC,KAAK,EAAE,KAAc,EAAE,EAAE;YAC1C,kEAAkE;YAClE,0DAA0D;YAC1D,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBAC5B,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO;oBACL,KAAK,EACH,0JAA0J;iBAC7J,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;YACnC,MAAM,EAAE,IAAI,EAAE,GAAG,IAEhB,CAAC;YAEF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC;YAC1C,CAAC;YAED,6CAA6C;YAC7C,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvD,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;YACjE,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAC1B,CAAC,CAAC,EAAE,EAAE,CACJ,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ;gBACzB,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACtB,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CACrC,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;YACxD,CAAC;YAED,qBAAqB;YACrB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;YACjD,MAAM,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAEvC,oEAAoE;YACpE,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAC3B,CAAC;YAED,mDAAmD;YACnD,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAE3B,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;AACzB,CAAC","sourcesContent":["import {\n createApp,\n createRouter,\n defineEventHandler,\n getMethod,\n getRequestHeader,\n setResponseHeader,\n setResponseStatus,\n type H3Event,\n} from \"h3\";\nimport path from \"path\";\nimport { agentEnv } from \"../shared/agent-env.js\";\nimport { readBody } from \"../server/h3-helpers.js\";\nimport {\n getAllowedCorsOrigin,\n readCorsAllowedOrigins,\n} from \"./cors-origins.js\";\nimport { isEnvVarWriteAllowed } from \"./env-var-writes.js\";\nimport { EMBED_TARGET_HEADER } from \"../shared/embed-auth.js\";\nimport {\n EMBED_TRANSPLANT_HEADER,\n isMcpEmbedCorsOrigin,\n MCP_EMBED_CORS_ALLOW_HEADERS,\n shouldAllowMcpEmbedCredentials,\n} from \"../shared/mcp-embed-headers.js\";\nimport { BUILDER_ENV_KEYS } from \"./builder-browser.js\";\n\nexport interface EnvKeyConfig {\n /** Environment variable name (e.g. \"HUBSPOT_ACCESS_TOKEN\") */\n key: string;\n /** Human-readable label (e.g. \"HubSpot\") */\n label: string;\n /** Whether this key is required for the app to function */\n required?: boolean;\n /** Optional UI hint shown next to the field describing where to find this value. */\n helpText?: string;\n}\n\nexport interface CreateServerOptions {\n /** CORS options. Ignored (H3 handles CORS via middleware). Default: enabled. */\n cors?: Record<string, unknown> | false;\n /** JSON body parser limit. Kept for API compatibility (H3 uses readBody). */\n jsonLimit?: string;\n /** Custom ping message. Default: reads PING_MESSAGE env var, falls back to \"pong\" */\n pingMessage?: string;\n /** Disable the /_agent-native/ping health check. Default: false */\n disablePing?: boolean;\n /** Env key configuration for the settings UI. Enables /_agent-native/env-status and /_agent-native/env-vars routes. */\n envKeys?: EnvKeyConfig[];\n}\n\n/**\n * Upsert vars into a .env file, preserving existing structure.\n */\nexport async function upsertEnvFile(\n envPath: string,\n vars: Array<{ key: string; value: string }>,\n): Promise<void> {\n // Sanitize: reject values that could inject additional env vars\n for (const { key, value } of vars) {\n if (/[\\n\\r\\0]/.test(value)) {\n throw new Error(\n `Invalid env var value for ${key}: must not contain newlines or control characters`,\n );\n }\n }\n\n const fs = await import(\"fs\");\n\n let content = \"\";\n try {\n content = fs.readFileSync(envPath, \"utf-8\");\n } catch {\n // File doesn't exist yet\n }\n\n const lines = content.split(\"\\n\");\n const remaining = new Map(vars.map((v) => [v.key, v.value]));\n\n // Update existing lines in place\n const updated = lines.map((line) => {\n const trimmed = line.trim();\n if (!trimmed || trimmed.startsWith(\"#\")) return line;\n const eqIndex = trimmed.indexOf(\"=\");\n if (eqIndex === -1) return line;\n const key = trimmed.slice(0, eqIndex).trim();\n if (remaining.has(key)) {\n const value = remaining.get(key)!;\n remaining.delete(key);\n return `${key}=${value}`;\n }\n return line;\n });\n\n // Append new vars\n for (const [key, value] of remaining) {\n updated.push(`${key}=${value}`);\n }\n\n // Ensure trailing newline\n let result = updated.join(\"\\n\");\n if (!result.endsWith(\"\\n\")) result += \"\\n\";\n\n try {\n fs.mkdirSync(path.dirname(envPath), { recursive: true });\n fs.writeFileSync(envPath, result);\n } catch {\n // Edge runtimes don't have writable filesystem — skip silently\n }\n}\n\nexport interface CreateServerResult {\n app: ReturnType<typeof createApp>;\n router: ReturnType<typeof createRouter>;\n}\n\n/**\n * Create a pre-configured H3 app with standard agent-native setup:\n * - CORS headers via middleware\n * - /_agent-native/ping health check\n * - /_agent-native/env-status and /_agent-native/env-vars (when envKeys is provided)\n *\n * Returns { app, router } — mount routes on `router`.\n */\nexport function createServer(\n options: CreateServerOptions = {},\n): CreateServerResult {\n const app = createApp({\n onError(error, event) {\n // Suppress connection-reset errors — client disconnected mid-request (tab close, reload)\n const err = error as NodeJS.ErrnoException;\n const code = err?.code || (err?.cause as NodeJS.ErrnoException)?.code;\n if (code === \"ECONNRESET\" || code === \"ECONNABORTED\") return;\n if (err?.message === \"aborted\") return;\n console.error(\n `[agent-native] Server error: ${event.method} ${event.path}`,\n error,\n );\n },\n });\n\n // CORS middleware\n if (options.cors !== false) {\n const allowedOrigins = readCorsAllowedOrigins();\n const isProduction = process.env.NODE_ENV === \"production\";\n\n /**\n * When CORS_ALLOWED_ORIGINS is unset, production only allows trusted\n * localhost/native desktop origins. Development keeps the legacy \"echo\n * any origin\" behavior so local tools and docs previews keep working.\n */\n app.use(\n defineEventHandler((event) => {\n const requestOrigin = getRequestHeader(event, \"origin\");\n const method = getMethod(event);\n const requestedHeaders = String(\n getRequestHeader(event, \"access-control-request-headers\") ?? \"\",\n )\n .toLowerCase()\n .split(\",\")\n .map((header) => header.trim());\n const embedCorsRequest =\n isMcpEmbedCorsOrigin(requestOrigin) &&\n (requestedHeaders.includes(EMBED_TARGET_HEADER.toLowerCase()) ||\n requestedHeaders.includes(EMBED_TRANSPLANT_HEADER) ||\n Boolean(getRequestHeader(event, EMBED_TARGET_HEADER)) ||\n Boolean(getRequestHeader(event, EMBED_TRANSPLANT_HEADER)) ||\n Boolean(getRequestHeader(event, \"authorization\")));\n\n /**\n * Decide whether the requesting origin is allowed. We never fall back\n * to \"the first allowlist entry\" when the origin isn't in the list —\n * that previously sent `Access-Control-Allow-Origin: <other-origin>`\n * with credentials enabled to attacker-controlled origins, which was\n * permissive enough that some clients followed through with the\n * credentialed request.\n */\n const allowedOrigin = embedCorsRequest\n ? requestOrigin\n : getAllowedCorsOrigin(requestOrigin, {\n allowedOrigins,\n allowAnyOriginWhenNoAllowlist: !isProduction,\n // Let the cors-origins default apply (dev-only). Passing `true`\n // here unconditionally would re-open the production localhost gap.\n });\n // No origin header at all (same-origin fetch, server-to-server) and\n // no allowlist → fall through with `*`-equivalent behaviour: omit\n // ACAO entirely and let the browser apply its same-origin default.\n\n if (allowedOrigin) {\n setResponseHeader(\n event,\n \"Access-Control-Allow-Origin\",\n allowedOrigin,\n );\n setResponseHeader(event, \"Vary\", \"Origin\");\n // A specific origin means we can honor credentialed requests\n // (fetch with `credentials: \"include\"` — used by desktop tray\n // apps that share a same-site cookie with the web app). The\n // wildcard `*` is spec-incompatible with credentials, so only\n // set this when we're echoing a concrete origin.\n if (shouldAllowMcpEmbedCredentials(allowedOrigin)) {\n setResponseHeader(\n event,\n \"Access-Control-Allow-Credentials\",\n \"true\",\n );\n }\n } else if (!requestOrigin) {\n // No origin header — preserve the legacy permissive behaviour for\n // tools/scripts that hit the API directly (no credentialed CORS\n // semantics apply when there's no Origin).\n setResponseHeader(event, \"Access-Control-Allow-Origin\", \"*\");\n }\n\n setResponseHeader(\n event,\n \"Access-Control-Allow-Methods\",\n \"GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS\",\n );\n setResponseHeader(\n event,\n \"Access-Control-Allow-Headers\",\n MCP_EMBED_CORS_ALLOW_HEADERS,\n );\n\n if (method === \"OPTIONS\") {\n // Reject preflights from disallowed cross-origin callers. We only\n // 204 if either (a) there was no Origin header (same-origin or\n // direct script invocation) or (b) the origin was in the allowlist\n // / dev fallback above. Otherwise we 403 so the browser surfaces\n // a hard CORS failure rather than blindly retrying with credentials.\n if (requestOrigin && !allowedOrigin) {\n return new Response(null, { status: 403 });\n }\n return new Response(null, { status: 204 });\n }\n }),\n );\n }\n\n const router = createRouter();\n app.use(router);\n\n // Health check\n if (!options.disablePing) {\n router.get(\n \"/_agent-native/ping\",\n defineEventHandler(() => {\n const message =\n options.pingMessage ?? process.env.PING_MESSAGE ?? \"pong\";\n return { message };\n }),\n );\n }\n\n // Env key management routes\n if (options.envKeys) {\n const envKeys = options.envKeys;\n\n router.get(\n \"/_agent-native/env-status\",\n defineEventHandler(() => {\n return envKeys.map((cfg) => ({\n key: cfg.key,\n label: cfg.label,\n required: cfg.required ?? false,\n configured: !!process.env[cfg.key],\n ...(cfg.helpText ? { helpText: cfg.helpText } : {}),\n }));\n }),\n );\n\n router.post(\n \"/_agent-native/env-vars\",\n defineEventHandler(async (event: H3Event) => {\n // Env vars are deployment-wide globals — see isEnvVarWriteAllowed\n // above. Disable the endpoint on any multi-tenant deploy.\n if (!isEnvVarWriteAllowed()) {\n setResponseStatus(event, 403);\n return {\n error:\n \"env-vars endpoint disabled on multi-tenant deployments. Use saveCredential(key, value, { userEmail, orgId, scope: 'org' }) to store per-org credentials.\",\n };\n }\n\n const body = await readBody(event);\n const { vars } = body as {\n vars?: Array<{ key: string; value: string }>;\n };\n\n if (!Array.isArray(vars) || vars.length === 0) {\n setResponseStatus(event, 400);\n return { error: \"vars array required\" };\n }\n\n // Only allow keys that are in the env config\n const allowedKeys = new Set(envKeys.map((k) => k.key));\n const blockedEnvVarWriteKeys = new Set<string>(BUILDER_ENV_KEYS);\n const filtered = vars.filter(\n (v) =>\n typeof v.key === \"string\" &&\n allowedKeys.has(v.key) &&\n !blockedEnvVarWriteKeys.has(v.key),\n );\n if (filtered.length === 0) {\n setResponseStatus(event, 400);\n return { error: \"No recognized env keys in request\" };\n }\n\n // Write to .env file\n const envPath = path.join(process.cwd(), \".env\");\n await upsertEnvFile(envPath, filtered);\n\n // Update process.env so the app picks up the new values immediately\n for (const { key, value } of filtered) {\n process.env[key] = value;\n }\n\n // Notify parent (Builder or frame) via postMessage\n agentEnv.setVars(filtered);\n\n return { saved: filtered.map((v) => v.key) };\n }),\n );\n }\n\n return { app, router };\n}\n"]}
1
+ {"version":3,"file":"create-server.js","sourceRoot":"","sources":["../../src/server/create-server.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,SAAS,EACT,YAAY,EACZ,kBAAkB,EAClB,SAAS,EACT,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,IAAI,CAAC;AACZ,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EACL,oBAAoB,EACpB,sBAAsB,GACvB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EACL,uBAAuB,EACvB,oBAAoB,EACpB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,gCAAgC,CAAC;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AA0BxD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,IAA2C;IAE3C,gEAAgE;IAChE,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,IAAI,EAAE,CAAC;QAClC,IAAI,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,6BAA6B,GAAG,mDAAmD,CACpF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IAE9B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,yBAAyB;IAC3B,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAE7D,iCAAiC;IACjC,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,OAAO,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAChC,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7C,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;YAClC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACtB,OAAO,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,kBAAkB;IAClB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,SAAS,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,0BAA0B;IAC1B,IAAI,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,IAAI,CAAC;IAE3C,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;IACjE,CAAC;AACH,CAAC;AAOD;;;;;;;GAOG;AACH,MAAM,UAAU,YAAY,CAC1B,UAA+B,EAAE;IAEjC,MAAM,GAAG,GAAG,SAAS,CAAC;QACpB,OAAO,CAAC,KAAK,EAAE,KAAK;YAClB,yFAAyF;YACzF,MAAM,GAAG,GAAG,KAA8B,CAAC;YAC3C,MAAM,IAAI,GAAG,GAAG,EAAE,IAAI,IAAK,GAAG,EAAE,KAA+B,EAAE,IAAI,CAAC;YACtE,IAAI,IAAI,KAAK,YAAY,IAAI,IAAI,KAAK,cAAc;gBAAE,OAAO;YAC7D,IAAI,GAAG,EAAE,OAAO,KAAK,SAAS;gBAAE,OAAO;YACvC,OAAO,CAAC,KAAK,CACX,gCAAgC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,IAAI,EAAE,EAC5D,KAAK,CACN,CAAC;QACJ,CAAC;KACF,CAAC,CAAC;IAEH,kBAAkB;IAClB,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC3B,MAAM,cAAc,GAAG,sBAAsB,EAAE,CAAC;QAChD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;QAE3D;;;;WAIG;QACH,GAAG,CAAC,GAAG,CACL,kBAAkB,CAAC,CAAC,KAAK,EAAE,EAAE;YAC3B,MAAM,aAAa,GAAG,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACxD,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,gBAAgB,GAAG,MAAM,CAC7B,gBAAgB,CAAC,KAAK,EAAE,gCAAgC,CAAC,IAAI,EAAE,CAChE;iBACE,WAAW,EAAE;iBACb,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YAClC,MAAM,gBAAgB,GACpB,oBAAoB,CAAC,aAAa,CAAC;gBACnC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,mBAAmB,CAAC,WAAW,EAAE,CAAC;oBAC3D,gBAAgB,CAAC,QAAQ,CAAC,uBAAuB,CAAC;oBAClD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAC;oBACrD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;oBACzD,OAAO,CAAC,gBAAgB,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;YAEvD;;;;;;;eAOG;YACH,MAAM,aAAa,GAAG,gBAAgB;gBACpC,CAAC,CAAC,aAAa;gBACf,CAAC,CAAC,oBAAoB,CAAC,aAAa,EAAE;oBAClC,cAAc;oBACd,6BAA6B,EAAE,CAAC,YAAY;oBAC5C,gEAAgE;oBAChE,mEAAmE;iBACpE,CAAC,CAAC;YACP,oEAAoE;YACpE,kEAAkE;YAClE,mEAAmE;YAEnE,IAAI,aAAa,EAAE,CAAC;gBAClB,iBAAiB,CACf,KAAK,EACL,6BAA6B,EAC7B,aAAa,CACd,CAAC;gBACF,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC3C,6DAA6D;gBAC7D,8DAA8D;gBAC9D,4DAA4D;gBAC5D,8DAA8D;gBAC9D,iDAAiD;gBACjD,IAAI,8BAA8B,CAAC,aAAa,CAAC,EAAE,CAAC;oBAClD,iBAAiB,CACf,KAAK,EACL,kCAAkC,EAClC,MAAM,CACP,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,IAAI,CAAC,aAAa,EAAE,CAAC;gBAC1B,kEAAkE;gBAClE,gEAAgE;gBAChE,2CAA2C;gBAC3C,iBAAiB,CAAC,KAAK,EAAE,6BAA6B,EAAE,GAAG,CAAC,CAAC;YAC/D,CAAC;YAED,iBAAiB,CACf,KAAK,EACL,8BAA8B,EAC9B,wCAAwC,CACzC,CAAC;YACF,iBAAiB,CACf,KAAK,EACL,8BAA8B,EAC9B,4BAA4B,CAC7B,CAAC;YAEF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,kEAAkE;gBAClE,+DAA+D;gBAC/D,mEAAmE;gBACnE,iEAAiE;gBACjE,qEAAqE;gBACrE,IAAI,aAAa,IAAI,CAAC,aAAa,EAAE,CAAC;oBACpC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC7C,CAAC;gBACD,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,EAAE,CAAC;IAC9B,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAEhB,eAAe;IACf,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CACR,qBAAqB,EACrB,kBAAkB,CAAC,GAAG,EAAE;YACtB,MAAM,OAAO,GACX,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC;YAC5D,OAAO,EAAE,OAAO,EAAE,CAAC;QACrB,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,4BAA4B;IAC5B,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAEhC,MAAM,CAAC,GAAG,CACR,2BAA2B,EAC3B,kBAAkB,CAAC,GAAG,EAAE;YACtB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBAC3B,GAAG,EAAE,GAAG,CAAC,GAAG;gBACZ,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,KAAK;gBAC/B,UAAU,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC;gBAClC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACpD,CAAC,CAAC,CAAC;QACN,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,CAAC,IAAI,CACT,yBAAyB,EACzB,kBAAkB,CAAC,KAAK,EAAE,KAAc,EAAE,EAAE;YAC1C,kEAAkE;YAClE,0DAA0D;YAC1D,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBAC5B,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO;oBACL,KAAK,EACH,kHAAkH;iBACrH,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;YACnC,MAAM,EAAE,IAAI,EAAE,GAAG,IAEhB,CAAC;YAEF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9C,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO,EAAE,KAAK,EAAE,qBAAqB,EAAE,CAAC;YAC1C,CAAC;YAED,6CAA6C;YAC7C,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvD,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAS,gBAAgB,CAAC,CAAC;YACjE,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAC1B,CAAC,CAAC,EAAE,EAAE,CACJ,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ;gBACzB,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACtB,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CACrC,CAAC;YACF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAC9B,OAAO,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;YACxD,CAAC;YAED,qBAAqB;YACrB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;YACjD,MAAM,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAEvC,oEAAoE;YACpE,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACtC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YAC3B,CAAC;YAED,mDAAmD;YACnD,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAE3B,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;AACzB,CAAC","sourcesContent":["import {\n createApp,\n createRouter,\n defineEventHandler,\n getMethod,\n getRequestHeader,\n setResponseHeader,\n setResponseStatus,\n type H3Event,\n} from \"h3\";\nimport path from \"path\";\nimport { agentEnv } from \"../shared/agent-env.js\";\nimport { readBody } from \"../server/h3-helpers.js\";\nimport {\n getAllowedCorsOrigin,\n readCorsAllowedOrigins,\n} from \"./cors-origins.js\";\nimport { isEnvVarWriteAllowed } from \"./env-var-writes.js\";\nimport { EMBED_TARGET_HEADER } from \"../shared/embed-auth.js\";\nimport {\n EMBED_TRANSPLANT_HEADER,\n isMcpEmbedCorsOrigin,\n MCP_EMBED_CORS_ALLOW_HEADERS,\n shouldAllowMcpEmbedCredentials,\n} from \"../shared/mcp-embed-headers.js\";\nimport { BUILDER_ENV_KEYS } from \"./builder-browser.js\";\n\nexport interface EnvKeyConfig {\n /** Environment variable name (e.g. \"HUBSPOT_ACCESS_TOKEN\") */\n key: string;\n /** Human-readable label (e.g. \"HubSpot\") */\n label: string;\n /** Whether this key is required for the app to function */\n required?: boolean;\n /** Optional UI hint shown next to the field describing where to find this value. */\n helpText?: string;\n}\n\nexport interface CreateServerOptions {\n /** CORS options. Ignored (H3 handles CORS via middleware). Default: enabled. */\n cors?: Record<string, unknown> | false;\n /** JSON body parser limit. Kept for API compatibility (H3 uses readBody). */\n jsonLimit?: string;\n /** Custom ping message. Default: reads PING_MESSAGE env var, falls back to \"pong\" */\n pingMessage?: string;\n /** Disable the /_agent-native/ping health check. Default: false */\n disablePing?: boolean;\n /** Env key configuration for the settings UI. Enables /_agent-native/env-status and /_agent-native/env-vars routes. */\n envKeys?: EnvKeyConfig[];\n}\n\n/**\n * Upsert vars into a .env file, preserving existing structure.\n */\nexport async function upsertEnvFile(\n envPath: string,\n vars: Array<{ key: string; value: string }>,\n): Promise<void> {\n // Sanitize: reject values that could inject additional env vars\n for (const { key, value } of vars) {\n if (/[\\n\\r\\0]/.test(value)) {\n throw new Error(\n `Invalid env var value for ${key}: must not contain newlines or control characters`,\n );\n }\n }\n\n const fs = await import(\"fs\");\n\n let content = \"\";\n try {\n content = fs.readFileSync(envPath, \"utf-8\");\n } catch {\n // File doesn't exist yet\n }\n\n const lines = content.split(\"\\n\");\n const remaining = new Map(vars.map((v) => [v.key, v.value]));\n\n // Update existing lines in place\n const updated = lines.map((line) => {\n const trimmed = line.trim();\n if (!trimmed || trimmed.startsWith(\"#\")) return line;\n const eqIndex = trimmed.indexOf(\"=\");\n if (eqIndex === -1) return line;\n const key = trimmed.slice(0, eqIndex).trim();\n if (remaining.has(key)) {\n const value = remaining.get(key)!;\n remaining.delete(key);\n return `${key}=${value}`;\n }\n return line;\n });\n\n // Append new vars\n for (const [key, value] of remaining) {\n updated.push(`${key}=${value}`);\n }\n\n // Ensure trailing newline\n let result = updated.join(\"\\n\");\n if (!result.endsWith(\"\\n\")) result += \"\\n\";\n\n try {\n fs.mkdirSync(path.dirname(envPath), { recursive: true });\n fs.writeFileSync(envPath, result);\n } catch {\n // Edge runtimes don't have writable filesystem — skip silently\n }\n}\n\nexport interface CreateServerResult {\n app: ReturnType<typeof createApp>;\n router: ReturnType<typeof createRouter>;\n}\n\n/**\n * Create a pre-configured H3 app with standard agent-native setup:\n * - CORS headers via middleware\n * - /_agent-native/ping health check\n * - /_agent-native/env-status and /_agent-native/env-vars (when envKeys is provided)\n *\n * Returns { app, router } — mount routes on `router`.\n */\nexport function createServer(\n options: CreateServerOptions = {},\n): CreateServerResult {\n const app = createApp({\n onError(error, event) {\n // Suppress connection-reset errors — client disconnected mid-request (tab close, reload)\n const err = error as NodeJS.ErrnoException;\n const code = err?.code || (err?.cause as NodeJS.ErrnoException)?.code;\n if (code === \"ECONNRESET\" || code === \"ECONNABORTED\") return;\n if (err?.message === \"aborted\") return;\n console.error(\n `[agent-native] Server error: ${event.method} ${event.path}`,\n error,\n );\n },\n });\n\n // CORS middleware\n if (options.cors !== false) {\n const allowedOrigins = readCorsAllowedOrigins();\n const isProduction = process.env.NODE_ENV === \"production\";\n\n /**\n * When CORS_ALLOWED_ORIGINS is unset, production only allows trusted\n * localhost/native desktop origins. Development keeps the legacy \"echo\n * any origin\" behavior so local tools and docs previews keep working.\n */\n app.use(\n defineEventHandler((event) => {\n const requestOrigin = getRequestHeader(event, \"origin\");\n const method = getMethod(event);\n const requestedHeaders = String(\n getRequestHeader(event, \"access-control-request-headers\") ?? \"\",\n )\n .toLowerCase()\n .split(\",\")\n .map((header) => header.trim());\n const embedCorsRequest =\n isMcpEmbedCorsOrigin(requestOrigin) &&\n (requestedHeaders.includes(EMBED_TARGET_HEADER.toLowerCase()) ||\n requestedHeaders.includes(EMBED_TRANSPLANT_HEADER) ||\n Boolean(getRequestHeader(event, EMBED_TARGET_HEADER)) ||\n Boolean(getRequestHeader(event, EMBED_TRANSPLANT_HEADER)) ||\n Boolean(getRequestHeader(event, \"authorization\")));\n\n /**\n * Decide whether the requesting origin is allowed. We never fall back\n * to \"the first allowlist entry\" when the origin isn't in the list —\n * that previously sent `Access-Control-Allow-Origin: <other-origin>`\n * with credentials enabled to attacker-controlled origins, which was\n * permissive enough that some clients followed through with the\n * credentialed request.\n */\n const allowedOrigin = embedCorsRequest\n ? requestOrigin\n : getAllowedCorsOrigin(requestOrigin, {\n allowedOrigins,\n allowAnyOriginWhenNoAllowlist: !isProduction,\n // Let the cors-origins default apply (dev-only). Passing `true`\n // here unconditionally would re-open the production localhost gap.\n });\n // No origin header at all (same-origin fetch, server-to-server) and\n // no allowlist → fall through with `*`-equivalent behaviour: omit\n // ACAO entirely and let the browser apply its same-origin default.\n\n if (allowedOrigin) {\n setResponseHeader(\n event,\n \"Access-Control-Allow-Origin\",\n allowedOrigin,\n );\n setResponseHeader(event, \"Vary\", \"Origin\");\n // A specific origin means we can honor credentialed requests\n // (fetch with `credentials: \"include\"` — used by desktop tray\n // apps that share a same-site cookie with the web app). The\n // wildcard `*` is spec-incompatible with credentials, so only\n // set this when we're echoing a concrete origin.\n if (shouldAllowMcpEmbedCredentials(allowedOrigin)) {\n setResponseHeader(\n event,\n \"Access-Control-Allow-Credentials\",\n \"true\",\n );\n }\n } else if (!requestOrigin) {\n // No origin header — preserve the legacy permissive behaviour for\n // tools/scripts that hit the API directly (no credentialed CORS\n // semantics apply when there's no Origin).\n setResponseHeader(event, \"Access-Control-Allow-Origin\", \"*\");\n }\n\n setResponseHeader(\n event,\n \"Access-Control-Allow-Methods\",\n \"GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS\",\n );\n setResponseHeader(\n event,\n \"Access-Control-Allow-Headers\",\n MCP_EMBED_CORS_ALLOW_HEADERS,\n );\n\n if (method === \"OPTIONS\") {\n // Reject preflights from disallowed cross-origin callers. We only\n // 204 if either (a) there was no Origin header (same-origin or\n // direct script invocation) or (b) the origin was in the allowlist\n // / dev fallback above. Otherwise we 403 so the browser surfaces\n // a hard CORS failure rather than blindly retrying with credentials.\n if (requestOrigin && !allowedOrigin) {\n return new Response(null, { status: 403 });\n }\n return new Response(null, { status: 204 });\n }\n }),\n );\n }\n\n const router = createRouter();\n app.use(router);\n\n // Health check\n if (!options.disablePing) {\n router.get(\n \"/_agent-native/ping\",\n defineEventHandler(() => {\n const message =\n options.pingMessage ?? process.env.PING_MESSAGE ?? \"pong\";\n return { message };\n }),\n );\n }\n\n // Env key management routes\n if (options.envKeys) {\n const envKeys = options.envKeys;\n\n router.get(\n \"/_agent-native/env-status\",\n defineEventHandler(() => {\n return envKeys.map((cfg) => ({\n key: cfg.key,\n label: cfg.label,\n required: cfg.required ?? false,\n configured: !!process.env[cfg.key],\n ...(cfg.helpText ? { helpText: cfg.helpText } : {}),\n }));\n }),\n );\n\n router.post(\n \"/_agent-native/env-vars\",\n defineEventHandler(async (event: H3Event) => {\n // Env vars are deployment-wide globals — see isEnvVarWriteAllowed\n // above. Disable the endpoint on any multi-tenant deploy.\n if (!isEnvVarWriteAllowed()) {\n setResponseStatus(event, 403);\n return {\n error:\n \"env-vars endpoint disabled on multi-tenant deployments. Use scoped secrets or credentials for user/org API keys.\",\n };\n }\n\n const body = await readBody(event);\n const { vars } = body as {\n vars?: Array<{ key: string; value: string }>;\n };\n\n if (!Array.isArray(vars) || vars.length === 0) {\n setResponseStatus(event, 400);\n return { error: \"vars array required\" };\n }\n\n // Only allow keys that are in the env config\n const allowedKeys = new Set(envKeys.map((k) => k.key));\n const blockedEnvVarWriteKeys = new Set<string>(BUILDER_ENV_KEYS);\n const filtered = vars.filter(\n (v) =>\n typeof v.key === \"string\" &&\n allowedKeys.has(v.key) &&\n !blockedEnvVarWriteKeys.has(v.key),\n );\n if (filtered.length === 0) {\n setResponseStatus(event, 400);\n return { error: \"No recognized env keys in request\" };\n }\n\n // Write to .env file\n const envPath = path.join(process.cwd(), \".env\");\n await upsertEnvFile(envPath, filtered);\n\n // Update process.env so the app picks up the new values immediately\n for (const { key, value } of filtered) {\n process.env[key] = value;\n }\n\n // Notify parent (Builder or frame) via postMessage\n agentEnv.setVars(filtered);\n\n return { saved: filtered.map((v) => v.key) };\n }),\n );\n }\n\n return { app, router };\n}\n"]}
package/dist/templates/workspace-core/.agents/skills/external-agents/SKILL.md CHANGED
@@ -329,16 +329,19 @@ The hosted `connect` flow above is the recommended path. For local dev, run
329
329
  the app (`pnpm dev` / `pnpm exec agent-native dev`) then point a local agent at it:
330
330
 
331
331
  ```bash
332
- pnpm exec agent-native mcp install --client claude-code|claude-code-cli|codex|cowork \
332
+ pnpm exec agent-native mcp install --client claude-code|claude-code-cli|codex|cowork|cursor|opencode|github-copilot \
333
333
  [--app <id>] [--scope user|project]
334
334
  ```
335
335
 
336
336
  It provisions a token (random `ACCESS_TOKEN` into the workspace `.env` for
337
337
  local dev, or a `signA2AToken` JWT for a detected hosted origin) and writes an
338
338
  idempotent stdio server entry — `.mcp.json` / `~/.claude.json` for Claude Code,
339
- the `[mcp_servers.*]` block in `~/.codex/config.toml` for Codex, the
340
- Claude-Code JSON shape for Cowork. The entry runs `pnpm exec agent-native mcp serve
341
- --app <id>`, by default a **thin stdio proxy** to the running local app's
339
+ the `[mcp_servers.*]` block in `~/.codex/config.toml` for Codex,
340
+ `.cursor/mcp.json` / `~/.cursor/mcp.json` for Cursor, `opencode.json` /
341
+ `~/.config/opencode/opencode.json` for OpenCode, `.vscode/mcp.json` / VS Code
342
+ user `mcp.json` for GitHub Copilot / VS Code, and the Claude-Code JSON shape
343
+ for Cowork. The entry runs `pnpm exec agent-native mcp serve --app <id>`, by
344
+ default a **thin stdio proxy** to the running local app's
342
345
  `/_agent-native/mcp` (live registry + HMR + correct deep links stay the single
343
346
  source of truth; `--standalone` builds the registry in-process). Companion
344
347
  subcommands: `mcp uninstall`, `mcp status`, `mcp token [--rotate]`. You can
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@agent-native/core",
3
- "version": "0.51.15",
3
+ "version": "0.52.0",
4
4
  "type": "module",
5
5
  "engines": {
6
6
  "node": ">=22"
package/src/templates/workspace-core/.agents/skills/external-agents/SKILL.md CHANGED
@@ -329,16 +329,19 @@ The hosted `connect` flow above is the recommended path. For local dev, run
329
329
  the app (`pnpm dev` / `pnpm exec agent-native dev`) then point a local agent at it:
330
330
 
331
331
  ```bash
332
- pnpm exec agent-native mcp install --client claude-code|claude-code-cli|codex|cowork \
332
+ pnpm exec agent-native mcp install --client claude-code|claude-code-cli|codex|cowork|cursor|opencode|github-copilot \
333
333
  [--app <id>] [--scope user|project]
334
334
  ```
335
335
 
336
336
  It provisions a token (random `ACCESS_TOKEN` into the workspace `.env` for
337
337
  local dev, or a `signA2AToken` JWT for a detected hosted origin) and writes an
338
338
  idempotent stdio server entry — `.mcp.json` / `~/.claude.json` for Claude Code,
339
- the `[mcp_servers.*]` block in `~/.codex/config.toml` for Codex, the
340
- Claude-Code JSON shape for Cowork. The entry runs `pnpm exec agent-native mcp serve
341
- --app <id>`, by default a **thin stdio proxy** to the running local app's
339
+ the `[mcp_servers.*]` block in `~/.codex/config.toml` for Codex,
340
+ `.cursor/mcp.json` / `~/.cursor/mcp.json` for Cursor, `opencode.json` /
341
+ `~/.config/opencode/opencode.json` for OpenCode, `.vscode/mcp.json` / VS Code
342
+ user `mcp.json` for GitHub Copilot / VS Code, and the Claude-Code JSON shape
343
+ for Cowork. The entry runs `pnpm exec agent-native mcp serve --app <id>`, by
344
+ default a **thin stdio proxy** to the running local app's
342
345
  `/_agent-native/mcp` (live registry + HMR + correct deep links stay the single
343
346
  source of truth; `--standalone` builds the registry in-process). Companion
344
347
  subcommands: `mcp uninstall`, `mcp status`, `mcp token [--rotate]`. You can