@agent-native/core 0.7.7 → 0.7.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (338) hide show
  1. package/dist/agent/engine/ai-sdk-engine.d.ts +14 -2
  2. package/dist/agent/engine/ai-sdk-engine.d.ts.map +1 -1
  3. package/dist/agent/engine/ai-sdk-engine.js +70 -54
  4. package/dist/agent/engine/ai-sdk-engine.js.map +1 -1
  5. package/dist/agent/engine/anthropic-engine.d.ts +1 -6
  6. package/dist/agent/engine/anthropic-engine.d.ts.map +1 -1
  7. package/dist/agent/engine/anthropic-engine.js +3 -14
  8. package/dist/agent/engine/anthropic-engine.js.map +1 -1
  9. package/dist/agent/engine/builtin.d.ts.map +1 -1
  10. package/dist/agent/engine/builtin.js +3 -0
  11. package/dist/agent/engine/builtin.js.map +1 -1
  12. package/dist/agent/engine/translate-ai-sdk.d.ts +35 -10
  13. package/dist/agent/engine/translate-ai-sdk.d.ts.map +1 -1
  14. package/dist/agent/engine/translate-ai-sdk.js +190 -91
  15. package/dist/agent/engine/translate-ai-sdk.js.map +1 -1
  16. package/dist/agent/engine/types.d.ts +10 -1
  17. package/dist/agent/engine/types.d.ts.map +1 -1
  18. package/dist/agent/production-agent.d.ts +15 -1
  19. package/dist/agent/production-agent.d.ts.map +1 -1
  20. package/dist/agent/production-agent.js +78 -21
  21. package/dist/agent/production-agent.js.map +1 -1
  22. package/dist/agent/thread-data-builder.js +1 -1
  23. package/dist/agent/thread-data-builder.js.map +1 -1
  24. package/dist/agent/types.d.ts +4 -0
  25. package/dist/agent/types.d.ts.map +1 -1
  26. package/dist/application-state/script-helpers.d.ts +12 -5
  27. package/dist/application-state/script-helpers.d.ts.map +1 -1
  28. package/dist/application-state/script-helpers.js +41 -20
  29. package/dist/application-state/script-helpers.js.map +1 -1
  30. package/dist/catalog.json +15 -0
  31. package/dist/chat-threads/store.d.ts.map +1 -1
  32. package/dist/chat-threads/store.js +7 -5
  33. package/dist/chat-threads/store.js.map +1 -1
  34. package/dist/checkpoints/index.d.ts +3 -0
  35. package/dist/checkpoints/index.d.ts.map +1 -0
  36. package/dist/checkpoints/index.js +3 -0
  37. package/dist/checkpoints/index.js.map +1 -0
  38. package/dist/checkpoints/service.d.ts +6 -0
  39. package/dist/checkpoints/service.d.ts.map +1 -0
  40. package/dist/checkpoints/service.js +107 -0
  41. package/dist/checkpoints/service.js.map +1 -0
  42. package/dist/checkpoints/store.d.ts +27 -0
  43. package/dist/checkpoints/store.d.ts.map +1 -0
  44. package/dist/checkpoints/store.js +92 -0
  45. package/dist/checkpoints/store.js.map +1 -0
  46. package/dist/cli/create.d.ts.map +1 -1
  47. package/dist/cli/create.js +85 -1
  48. package/dist/cli/create.js.map +1 -1
  49. package/dist/cli/index.js +46 -3
  50. package/dist/cli/index.js.map +1 -1
  51. package/dist/cli/templates-meta.d.ts.map +1 -1
  52. package/dist/cli/templates-meta.js +33 -0
  53. package/dist/cli/templates-meta.js.map +1 -1
  54. package/dist/client/AgentPanel.d.ts.map +1 -1
  55. package/dist/client/AgentPanel.js +3 -1
  56. package/dist/client/AgentPanel.js.map +1 -1
  57. package/dist/client/AssistantChat.d.ts +15 -0
  58. package/dist/client/AssistantChat.d.ts.map +1 -1
  59. package/dist/client/AssistantChat.js +145 -67
  60. package/dist/client/AssistantChat.js.map +1 -1
  61. package/dist/client/CommandMenu.d.ts.map +1 -1
  62. package/dist/client/CommandMenu.js +9 -5
  63. package/dist/client/CommandMenu.js.map +1 -1
  64. package/dist/client/ConnectBuilderCard.js +1 -1
  65. package/dist/client/ConnectBuilderCard.js.map +1 -1
  66. package/dist/client/MultiTabAssistantChat.d.ts.map +1 -1
  67. package/dist/client/MultiTabAssistantChat.js +78 -4
  68. package/dist/client/MultiTabAssistantChat.js.map +1 -1
  69. package/dist/client/agent-chat-adapter.d.ts +6 -0
  70. package/dist/client/agent-chat-adapter.d.ts.map +1 -1
  71. package/dist/client/agent-chat-adapter.js +4 -0
  72. package/dist/client/agent-chat-adapter.js.map +1 -1
  73. package/dist/client/composer/TiptapComposer.d.ts +12 -1
  74. package/dist/client/composer/TiptapComposer.d.ts.map +1 -1
  75. package/dist/client/composer/TiptapComposer.js +71 -3
  76. package/dist/client/composer/TiptapComposer.js.map +1 -1
  77. package/dist/client/notifications/NotificationsBell.d.ts +23 -0
  78. package/dist/client/notifications/NotificationsBell.d.ts.map +1 -0
  79. package/dist/client/notifications/NotificationsBell.js +165 -0
  80. package/dist/client/notifications/NotificationsBell.js.map +1 -0
  81. package/dist/client/notifications/index.d.ts +2 -0
  82. package/dist/client/notifications/index.d.ts.map +1 -0
  83. package/dist/client/notifications/index.js +2 -0
  84. package/dist/client/notifications/index.js.map +1 -0
  85. package/dist/client/onboarding/OnboardingPanel.js +6 -3
  86. package/dist/client/onboarding/OnboardingPanel.js.map +1 -1
  87. package/dist/client/progress/RunsTray.d.ts +18 -0
  88. package/dist/client/progress/RunsTray.d.ts.map +1 -0
  89. package/dist/client/progress/RunsTray.js +70 -0
  90. package/dist/client/progress/RunsTray.js.map +1 -0
  91. package/dist/client/progress/index.d.ts +2 -0
  92. package/dist/client/progress/index.d.ts.map +1 -0
  93. package/dist/client/progress/index.js +2 -0
  94. package/dist/client/progress/index.js.map +1 -0
  95. package/dist/client/resources/ResourcesPanel.d.ts.map +1 -1
  96. package/dist/client/resources/ResourcesPanel.js +19 -4
  97. package/dist/client/resources/ResourcesPanel.js.map +1 -1
  98. package/dist/client/settings/AutomationsSection.d.ts +2 -0
  99. package/dist/client/settings/AutomationsSection.d.ts.map +1 -0
  100. package/dist/client/settings/AutomationsSection.js +214 -0
  101. package/dist/client/settings/AutomationsSection.js.map +1 -0
  102. package/dist/client/settings/ComingSoonSection.d.ts.map +1 -1
  103. package/dist/client/settings/ComingSoonSection.js +2 -1
  104. package/dist/client/settings/ComingSoonSection.js.map +1 -1
  105. package/dist/client/settings/LLMSection.d.ts.map +1 -1
  106. package/dist/client/settings/LLMSection.js +137 -10
  107. package/dist/client/settings/LLMSection.js.map +1 -1
  108. package/dist/client/settings/SecretsSection.d.ts.map +1 -1
  109. package/dist/client/settings/SecretsSection.js +122 -3
  110. package/dist/client/settings/SecretsSection.js.map +1 -1
  111. package/dist/client/settings/SettingsPanel.d.ts.map +1 -1
  112. package/dist/client/settings/SettingsPanel.js +140 -11
  113. package/dist/client/settings/SettingsPanel.js.map +1 -1
  114. package/dist/client/settings/VoiceTranscriptionSection.d.ts.map +1 -1
  115. package/dist/client/settings/VoiceTranscriptionSection.js +2 -2
  116. package/dist/client/settings/VoiceTranscriptionSection.js.map +1 -1
  117. package/dist/client/use-pausing-interval.d.ts +11 -0
  118. package/dist/client/use-pausing-interval.d.ts.map +1 -0
  119. package/dist/client/use-pausing-interval.js +49 -0
  120. package/dist/client/use-pausing-interval.js.map +1 -0
  121. package/dist/db/client.d.ts +26 -0
  122. package/dist/db/client.d.ts.map +1 -1
  123. package/dist/db/client.js +84 -2
  124. package/dist/db/client.js.map +1 -1
  125. package/dist/db/drizzle-config.d.ts +33 -0
  126. package/dist/db/drizzle-config.d.ts.map +1 -0
  127. package/dist/db/drizzle-config.js +132 -0
  128. package/dist/db/drizzle-config.js.map +1 -0
  129. package/dist/db/migrations.d.ts.map +1 -1
  130. package/dist/db/migrations.js +11 -6
  131. package/dist/db/migrations.js.map +1 -1
  132. package/dist/deploy/build.js +2 -1
  133. package/dist/deploy/build.js.map +1 -1
  134. package/dist/event-bus/bus.d.ts +20 -0
  135. package/dist/event-bus/bus.d.ts.map +1 -0
  136. package/dist/event-bus/bus.js +108 -0
  137. package/dist/event-bus/bus.js.map +1 -0
  138. package/dist/event-bus/index.d.ts +4 -0
  139. package/dist/event-bus/index.d.ts.map +1 -0
  140. package/dist/event-bus/index.js +3 -0
  141. package/dist/event-bus/index.js.map +1 -0
  142. package/dist/event-bus/registry.d.ts +22 -0
  143. package/dist/event-bus/registry.d.ts.map +1 -0
  144. package/dist/event-bus/registry.js +63 -0
  145. package/dist/event-bus/registry.js.map +1 -0
  146. package/dist/event-bus/types.d.ts +27 -0
  147. package/dist/event-bus/types.d.ts.map +1 -0
  148. package/dist/event-bus/types.js +2 -0
  149. package/dist/event-bus/types.js.map +1 -0
  150. package/dist/integrations/config-store.d.ts.map +1 -1
  151. package/dist/integrations/config-store.js +16 -12
  152. package/dist/integrations/config-store.js.map +1 -1
  153. package/dist/integrations/google-docs-poller.d.ts.map +1 -1
  154. package/dist/integrations/google-docs-poller.js +5 -1
  155. package/dist/integrations/google-docs-poller.js.map +1 -1
  156. package/dist/jobs/scheduler.d.ts.map +1 -1
  157. package/dist/jobs/scheduler.js +7 -3
  158. package/dist/jobs/scheduler.js.map +1 -1
  159. package/dist/notifications/actions.d.ts +10 -0
  160. package/dist/notifications/actions.d.ts.map +1 -0
  161. package/dist/notifications/actions.js +114 -0
  162. package/dist/notifications/actions.js.map +1 -0
  163. package/dist/notifications/channels.d.ts +15 -0
  164. package/dist/notifications/channels.d.ts.map +1 -0
  165. package/dist/notifications/channels.js +97 -0
  166. package/dist/notifications/channels.js.map +1 -0
  167. package/dist/notifications/index.d.ts +4 -0
  168. package/dist/notifications/index.d.ts.map +1 -0
  169. package/dist/notifications/index.js +3 -0
  170. package/dist/notifications/index.js.map +1 -0
  171. package/dist/notifications/registry.d.ts +9 -0
  172. package/dist/notifications/registry.d.ts.map +1 -0
  173. package/dist/notifications/registry.js +146 -0
  174. package/dist/notifications/registry.js.map +1 -0
  175. package/dist/notifications/routes.d.ts +34 -0
  176. package/dist/notifications/routes.d.ts.map +1 -0
  177. package/dist/notifications/routes.js +69 -0
  178. package/dist/notifications/routes.js.map +1 -0
  179. package/dist/notifications/store.d.ts +25 -0
  180. package/dist/notifications/store.d.ts.map +1 -0
  181. package/dist/notifications/store.js +158 -0
  182. package/dist/notifications/store.js.map +1 -0
  183. package/dist/notifications/types.d.ts +43 -0
  184. package/dist/notifications/types.d.ts.map +1 -0
  185. package/dist/notifications/types.js +2 -0
  186. package/dist/notifications/types.js.map +1 -0
  187. package/dist/org/handlers.d.ts.map +1 -1
  188. package/dist/org/handlers.js +7 -26
  189. package/dist/org/handlers.js.map +1 -1
  190. package/dist/progress/actions.d.ts +8 -0
  191. package/dist/progress/actions.d.ts.map +1 -0
  192. package/dist/progress/actions.js +158 -0
  193. package/dist/progress/actions.js.map +1 -0
  194. package/dist/progress/index.d.ts +3 -0
  195. package/dist/progress/index.d.ts.map +1 -0
  196. package/dist/progress/index.js +2 -0
  197. package/dist/progress/index.js.map +1 -0
  198. package/dist/progress/registry.d.ts +22 -0
  199. package/dist/progress/registry.d.ts.map +1 -0
  200. package/dist/progress/registry.js +98 -0
  201. package/dist/progress/registry.js.map +1 -0
  202. package/dist/progress/routes.d.ts +21 -0
  203. package/dist/progress/routes.d.ts.map +1 -0
  204. package/dist/progress/routes.js +59 -0
  205. package/dist/progress/routes.js.map +1 -0
  206. package/dist/progress/store.d.ts +7 -0
  207. package/dist/progress/store.d.ts.map +1 -0
  208. package/dist/progress/store.js +195 -0
  209. package/dist/progress/store.js.map +1 -0
  210. package/dist/progress/types.d.ts +49 -0
  211. package/dist/progress/types.d.ts.map +1 -0
  212. package/dist/progress/types.js +7 -0
  213. package/dist/progress/types.js.map +1 -0
  214. package/dist/resources/store.d.ts.map +1 -1
  215. package/dist/resources/store.js +19 -15
  216. package/dist/resources/store.js.map +1 -1
  217. package/dist/secrets/index.d.ts +3 -2
  218. package/dist/secrets/index.d.ts.map +1 -1
  219. package/dist/secrets/index.js +3 -2
  220. package/dist/secrets/index.js.map +1 -1
  221. package/dist/secrets/routes.d.ts +41 -2
  222. package/dist/secrets/routes.d.ts.map +1 -1
  223. package/dist/secrets/routes.js +167 -1
  224. package/dist/secrets/routes.js.map +1 -1
  225. package/dist/secrets/schema.d.ts +39 -1
  226. package/dist/secrets/schema.d.ts.map +1 -1
  227. package/dist/secrets/schema.js +6 -0
  228. package/dist/secrets/schema.js.map +1 -1
  229. package/dist/secrets/storage.d.ts +26 -0
  230. package/dist/secrets/storage.d.ts.map +1 -1
  231. package/dist/secrets/storage.js +111 -5
  232. package/dist/secrets/storage.js.map +1 -1
  233. package/dist/secrets/substitution.d.ts +39 -0
  234. package/dist/secrets/substitution.d.ts.map +1 -0
  235. package/dist/secrets/substitution.js +93 -0
  236. package/dist/secrets/substitution.js.map +1 -0
  237. package/dist/server/agent-chat-plugin.d.ts.map +1 -1
  238. package/dist/server/agent-chat-plugin.js +1657 -1410
  239. package/dist/server/agent-chat-plugin.js.map +1 -1
  240. package/dist/server/auth.d.ts +11 -0
  241. package/dist/server/auth.d.ts.map +1 -1
  242. package/dist/server/auth.js +74 -21
  243. package/dist/server/auth.js.map +1 -1
  244. package/dist/server/better-auth-instance.d.ts.map +1 -1
  245. package/dist/server/better-auth-instance.js +34 -16
  246. package/dist/server/better-auth-instance.js.map +1 -1
  247. package/dist/server/core-routes-plugin.d.ts.map +1 -1
  248. package/dist/server/core-routes-plugin.js +115 -1
  249. package/dist/server/core-routes-plugin.js.map +1 -1
  250. package/dist/server/email-templates.d.ts +43 -0
  251. package/dist/server/email-templates.d.ts.map +1 -0
  252. package/dist/server/email-templates.js +86 -0
  253. package/dist/server/email-templates.js.map +1 -0
  254. package/dist/server/framework-request-handler.d.ts +15 -0
  255. package/dist/server/framework-request-handler.d.ts.map +1 -1
  256. package/dist/server/framework-request-handler.js +64 -1
  257. package/dist/server/framework-request-handler.js.map +1 -1
  258. package/dist/server/onboarding-html.d.ts +11 -0
  259. package/dist/server/onboarding-html.d.ts.map +1 -1
  260. package/dist/server/onboarding-html.js +275 -16
  261. package/dist/server/onboarding-html.js.map +1 -1
  262. package/dist/server/schema-prompt.d.ts.map +1 -1
  263. package/dist/server/schema-prompt.js +5 -0
  264. package/dist/server/schema-prompt.js.map +1 -1
  265. package/dist/shared/index.d.ts +1 -0
  266. package/dist/shared/index.d.ts.map +1 -1
  267. package/dist/shared/index.js +1 -0
  268. package/dist/shared/index.js.map +1 -1
  269. package/dist/shared/truncate.d.ts +8 -0
  270. package/dist/shared/truncate.d.ts.map +1 -0
  271. package/dist/shared/truncate.js +12 -0
  272. package/dist/shared/truncate.js.map +1 -0
  273. package/dist/templates/default/.agents/skills/agent-engines/SKILL.md +60 -4
  274. package/dist/templates/default/.agents/skills/notifications/SKILL.md +95 -0
  275. package/dist/templates/default/.agents/skills/progress/SKILL.md +97 -0
  276. package/dist/templates/default/AGENTS.md +12 -10
  277. package/dist/templates/default/package.json +10 -10
  278. package/dist/templates/workspace-core/package.json +5 -5
  279. package/dist/templates/workspace-root/package.json +1 -1
  280. package/dist/templates/workspace-root/tsconfig.base.json +1 -2
  281. package/dist/tools/fetch-tool.d.ts +22 -0
  282. package/dist/tools/fetch-tool.d.ts.map +1 -0
  283. package/dist/tools/fetch-tool.js +156 -0
  284. package/dist/tools/fetch-tool.js.map +1 -0
  285. package/dist/tracking/index.d.ts +4 -0
  286. package/dist/tracking/index.d.ts.map +1 -0
  287. package/dist/tracking/index.js +3 -0
  288. package/dist/tracking/index.js.map +1 -0
  289. package/dist/tracking/providers.d.ts +15 -0
  290. package/dist/tracking/providers.d.ts.map +1 -0
  291. package/dist/tracking/providers.js +195 -0
  292. package/dist/tracking/providers.js.map +1 -0
  293. package/dist/tracking/registry.d.ts +10 -0
  294. package/dist/tracking/registry.d.ts.map +1 -0
  295. package/dist/tracking/registry.js +75 -0
  296. package/dist/tracking/registry.js.map +1 -0
  297. package/dist/tracking/types.d.ts +13 -0
  298. package/dist/tracking/types.d.ts.map +1 -0
  299. package/dist/tracking/types.js +2 -0
  300. package/dist/tracking/types.js.map +1 -0
  301. package/dist/triggers/actions.d.ts +10 -0
  302. package/dist/triggers/actions.d.ts.map +1 -0
  303. package/dist/triggers/actions.js +277 -0
  304. package/dist/triggers/actions.js.map +1 -0
  305. package/dist/triggers/condition-evaluator.d.ts +15 -0
  306. package/dist/triggers/condition-evaluator.d.ts.map +1 -0
  307. package/dist/triggers/condition-evaluator.js +107 -0
  308. package/dist/triggers/condition-evaluator.js.map +1 -0
  309. package/dist/triggers/dispatcher.d.ts +32 -0
  310. package/dist/triggers/dispatcher.d.ts.map +1 -0
  311. package/dist/triggers/dispatcher.js +291 -0
  312. package/dist/triggers/dispatcher.js.map +1 -0
  313. package/dist/triggers/index.d.ts +5 -0
  314. package/dist/triggers/index.d.ts.map +1 -0
  315. package/dist/triggers/index.js +4 -0
  316. package/dist/triggers/index.js.map +1 -0
  317. package/dist/triggers/types.d.ts +35 -0
  318. package/dist/triggers/types.d.ts.map +1 -0
  319. package/dist/triggers/types.js +9 -0
  320. package/dist/triggers/types.js.map +1 -0
  321. package/dist/vite/client.d.ts.map +1 -1
  322. package/dist/vite/client.js +66 -16
  323. package/dist/vite/client.js.map +1 -1
  324. package/docs/content/automations.md +239 -0
  325. package/docs/content/multi-tenancy.md +88 -0
  326. package/docs/content/notifications.md +199 -0
  327. package/docs/content/progress.md +176 -0
  328. package/docs/content/tracking.md +168 -0
  329. package/package.json +54 -35
  330. package/src/templates/default/.agents/skills/agent-engines/SKILL.md +60 -4
  331. package/src/templates/default/.agents/skills/notifications/SKILL.md +95 -0
  332. package/src/templates/default/.agents/skills/progress/SKILL.md +97 -0
  333. package/src/templates/default/AGENTS.md +12 -10
  334. package/src/templates/default/package.json +10 -10
  335. package/src/templates/workspace-core/package.json +5 -5
  336. package/src/templates/workspace-root/package.json +1 -1
  337. package/src/templates/workspace-root/tsconfig.base.json +1 -2
  338. package/tsconfig.base.json +1 -1
package/dist/secrets/substitution.d.ts ADDED
@@ -0,0 +1,39 @@
1
+ /**
2
+ * Server-side key substitution for automation tools.
3
+ *
4
+ * Resolves `${keys.NAME}` references in user-supplied strings (URLs, headers,
5
+ * bodies, etc.) by looking up the named secret at tool-dispatch time. The
6
+ * raw secret value NEVER enters the model's context — substitution happens
7
+ * after the agent emits its tool call and before the request is dispatched.
8
+ *
9
+ * Falls back from user-scope to workspace-scope so users can override shared
10
+ * keys without breaking automations that reference workspace defaults.
11
+ */
12
+ import type { SecretScope } from "./register.js";
13
+ export interface ResolveKeyReferencesResult {
14
+ resolved: string;
15
+ usedKeys: string[];
16
+ }
17
+ /**
18
+ * Resolve `${keys.NAME}` references in `text`. For each reference, looks up
19
+ * the named secret at the given scope, falling back to workspace-scope when
20
+ * the user-scope row doesn't exist. Throws when a referenced key is missing
21
+ * so the agent receives a clear error rather than dispatching with the
22
+ * literal placeholder.
23
+ */
24
+ export declare function resolveKeyReferences(text: string, scope: SecretScope, scopeId: string): Promise<ResolveKeyReferencesResult>;
25
+ /**
26
+ * Check if a URL is allowed by a key's URL allowlist. Returns true when no
27
+ * allowlist is configured (permissive default — the allowlist is opt-in).
28
+ *
29
+ * Matching is exact on the URL's origin (scheme + host + port), so an entry
30
+ * like `https://hooks.slack.com` blocks `https://evil.example.com` even if
31
+ * the agent tries to redirect the request elsewhere.
32
+ */
33
+ export declare function validateUrlAllowlist(url: string, allowlist: string[] | null): boolean;
34
+ /**
35
+ * Convenience helper: look up a key's allowlist by name+scope. Returns null
36
+ * when the key doesn't exist or has no allowlist configured.
37
+ */
38
+ export declare function getKeyAllowlist(name: string, scope: SecretScope, scopeId: string): Promise<string[] | null>;
39
+ //# sourceMappingURL=substitution.d.ts.map
package/dist/secrets/substitution.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"substitution.d.ts","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAIjD,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,0BAA0B,CAAC,CAkCrC;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,EAAE,GAAG,IAAI,GACzB,OAAO,CAeT;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAU1B"}
package/dist/secrets/substitution.js ADDED
@@ -0,0 +1,93 @@
1
+ /**
2
+ * Server-side key substitution for automation tools.
3
+ *
4
+ * Resolves `${keys.NAME}` references in user-supplied strings (URLs, headers,
5
+ * bodies, etc.) by looking up the named secret at tool-dispatch time. The
6
+ * raw secret value NEVER enters the model's context — substitution happens
7
+ * after the agent emits its tool call and before the request is dispatched.
8
+ *
9
+ * Falls back from user-scope to workspace-scope so users can override shared
10
+ * keys without breaking automations that reference workspace defaults.
11
+ */
12
+ import { readAppSecret, readAppSecretMeta } from "./storage.js";
13
+ const KEY_REFERENCE_REGEX = /\$\{keys\.([A-Za-z0-9_-]+)\}/g;
14
+ /**
15
+ * Resolve `${keys.NAME}` references in `text`. For each reference, looks up
16
+ * the named secret at the given scope, falling back to workspace-scope when
17
+ * the user-scope row doesn't exist. Throws when a referenced key is missing
18
+ * so the agent receives a clear error rather than dispatching with the
19
+ * literal placeholder.
20
+ */
21
+ export async function resolveKeyReferences(text, scope, scopeId) {
22
+ const usedKeys = [];
23
+ const matches = Array.from(text.matchAll(KEY_REFERENCE_REGEX));
24
+ if (matches.length === 0) {
25
+ return { resolved: text, usedKeys };
26
+ }
27
+ const resolutions = new Map();
28
+ for (const match of matches) {
29
+ const name = match[1];
30
+ if (resolutions.has(name))
31
+ continue;
32
+ let result = await readAppSecret({ key: name, scope, scopeId });
33
+ if (!result && scope === "user") {
34
+ result = await readAppSecret({ key: name, scope: "workspace", scopeId });
35
+ }
36
+ if (!result) {
37
+ throw new Error(`Referenced key "${name}" is not defined for scope "${scope}". Create it in Settings or via the secrets API before using this automation.`);
38
+ }
39
+ resolutions.set(name, result.value);
40
+ usedKeys.push(name);
41
+ }
42
+ const resolved = text.replace(KEY_REFERENCE_REGEX, (_, name) => {
43
+ const value = resolutions.get(name);
44
+ if (value === undefined) {
45
+ throw new Error(`Referenced key "${name}" was not resolved`);
46
+ }
47
+ return value;
48
+ });
49
+ return { resolved, usedKeys };
50
+ }
51
+ /**
52
+ * Check if a URL is allowed by a key's URL allowlist. Returns true when no
53
+ * allowlist is configured (permissive default — the allowlist is opt-in).
54
+ *
55
+ * Matching is exact on the URL's origin (scheme + host + port), so an entry
56
+ * like `https://hooks.slack.com` blocks `https://evil.example.com` even if
57
+ * the agent tries to redirect the request elsewhere.
58
+ */
59
+ export function validateUrlAllowlist(url, allowlist) {
60
+ if (!allowlist || allowlist.length === 0)
61
+ return true;
62
+ let origin;
63
+ try {
64
+ origin = new URL(url).origin;
65
+ }
66
+ catch {
67
+ return false;
68
+ }
69
+ return allowlist.some((entry) => {
70
+ try {
71
+ return new URL(entry).origin === origin;
72
+ }
73
+ catch {
74
+ return false;
75
+ }
76
+ });
77
+ }
78
+ /**
79
+ * Convenience helper: look up a key's allowlist by name+scope. Returns null
80
+ * when the key doesn't exist or has no allowlist configured.
81
+ */
82
+ export async function getKeyAllowlist(name, scope, scopeId) {
83
+ let meta = await readAppSecretMeta({ key: name, scope, scopeId });
84
+ if (!meta && scope === "user") {
85
+ meta = await readAppSecretMeta({
86
+ key: name,
87
+ scope: "workspace",
88
+ scopeId,
89
+ });
90
+ }
91
+ return meta?.urlAllowlist ?? null;
92
+ }
93
+ //# sourceMappingURL=substitution.js.map
package/dist/secrets/substitution.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"substitution.js","sourceRoot":"","sources":["../../src/secrets/substitution.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAGhE,MAAM,mBAAmB,GAAG,+BAA+B,CAAC;AAO5D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACtC,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC9C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAEpC,IAAI,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;YAChC,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CACb,mBAAmB,IAAI,+BAA+B,KAAK,+EAA+E,CAC3I,CAAC;QACJ,CAAC;QACD,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,EAAE,CAAC,CAAC,EAAE,IAAY,EAAE,EAAE;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,oBAAoB,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAChC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAW,EACX,SAA0B;IAE1B,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QAC9B,IAAI,CAAC;YACH,OAAO,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAY,EACZ,KAAkB,EAClB,OAAe;IAEf,IAAI,IAAI,GAAG,MAAM,iBAAiB,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAClE,IAAI,CAAC,IAAI,IAAI,KAAK,KAAK,MAAM,EAAE,CAAC;QAC9B,IAAI,GAAG,MAAM,iBAAiB,CAAC;YAC7B,GAAG,EAAE,IAAI;YACT,KAAK,EAAE,WAAW;YAClB,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,EAAE,YAAY,IAAI,IAAI,CAAC;AACpC,CAAC"}
package/dist/server/agent-chat-plugin.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"agent-chat-plugin.d.ts","sourceRoot":"","sources":["../../src/server/agent-chat-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,EASL,KAAK,WAAW,EACjB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,KAAK,EAEV,eAAe,EAEhB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,gBAAgB,EAUjB,MAAM,wBAAwB,CAAC;AAoiChC,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,sBAAsB;IACrC,+DAA+D;IAC/D,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAC9C,wCAAwC;IACxC,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAC9C,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qDAAqD;IACrD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,sDAAsD;IACtD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iEAAiE;IACjE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,MAAM,CAAC,EACH,OAAO,0BAA0B,EAAE,WAAW,GAC9C,MAAM,GACN;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC;IACtD,qDAAqD;IACrD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+DAA+D;IAC/D,gBAAgB,CAAC,EACb,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,GAC/B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,GAC/B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;IAClD,kFAAkF;IAClF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;;;;;;OASG;IACH,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACtE;;;;;;;;;;OAUG;IACH,YAAY,CAAC,EAAE,CACb,KAAK,EAAE,GAAG,EACV,KAAK,EAAE,MAAM,KACV,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC5C;;;;;;;;;;;;;;OAcG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAogBD,wBAAgB,qBAAqB,CACnC,OAAO,CAAC,EAAE,sBAAsB,GAC/B,cAAc,CA00DhB;AAED;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,EAAE,cAAwC,CAAC;AAa9E,yEAAyE;AACzE,wBAAgB,mBAAmB,IAAI,gBAAgB,GAAG,IAAI,CAE7D"}
1
+ {"version":3,"file":"agent-chat-plugin.d.ts","sourceRoot":"","sources":["../../src/server/agent-chat-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,EASL,KAAK,WAAW,EACjB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,KAAK,EAEV,eAAe,EAEhB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,gBAAgB,EAUjB,MAAM,wBAAwB,CAAC;AAoiChC,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,sBAAsB;IACrC,+DAA+D;IAC/D,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAC9C,wCAAwC;IACxC,OAAO,CAAC,EACJ,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAC3B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;IAC9C,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qDAAqD;IACrD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,sDAAsD;IACtD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,iEAAiE;IACjE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,MAAM,CAAC,EACH,OAAO,0BAA0B,EAAE,WAAW,GAC9C,MAAM,GACN;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC;IACtD,qDAAqD;IACrD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,+DAA+D;IAC/D,gBAAgB,CAAC,EACb,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,GAC/B,CAAC,MACG,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,GAC/B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;IAClD,kFAAkF;IAClF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;;;;;;OASG;IACH,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACtE;;;;;;;;;;OAUG;IACH,YAAY,CAAC,EAAE,CACb,KAAK,EAAE,GAAG,EACV,KAAK,EAAE,MAAM,KACV,MAAM,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC5C;;;;;;;;;;;;;;OAcG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAsgBD,wBAAgB,qBAAqB,CACnC,OAAO,CAAC,EAAE,sBAAsB,GAC/B,cAAc,CA8mEhB;AAED;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,EAAE,cAAwC,CAAC;AAa9E,yEAAyE;AACzE,wBAAgB,mBAAmB,IAAI,gBAAgB,GAAG,IAAI,CAE7D"}