@agent-native/core 0.7.83 → 0.8.0

package/dist/{tools → extensions}/actions.js

@@ -1,20 +1,20 @@
-import { createTool, getTool, updateTool, updateToolContent } from "./store.js";
-import { addToolSlotTarget, installToolSlot, uninstallToolSlot, listToolsForSlot, listSlotsForTool, } from "./slots/store.js";
-export function createToolActionEntries() {
+import { createExtension, getExtension, updateExtension, updateExtensionContent, } from "./store.js";
+import { addExtensionSlotTarget, installExtensionSlot, uninstallExtensionSlot, listExtensionsForSlot, listSlotsForExtension, } from "./slots/store.js";
+export function createExtensionActionEntries() {
     return {
-        "create-tool": {
+        "create-extension": {
             tool: {
-                description: "Create a sandboxed Alpine.js mini-app tool. Use this when the user asks to create, build, or make a tool/widget/dashboard/calculator. The content must be a self-contained Alpine.js HTML body snippet that can use appAction(), appFetch(), dbQuery(), dbExec(), toolFetch(), and toolData.",
+                description: "Create a sandboxed Alpine.js mini-app extension. Use this when the user asks to create, build, or make an extension/widget/dashboard/calculator. The content must be a self-contained Alpine.js HTML body snippet that can use appAction(), appFetch(), dbQuery(), dbExec(), extensionFetch(), and extensionData.",
                 parameters: {
                     type: "object",
                     properties: {
                         name: {
                             type: "string",
-                            description: 'Short display name for the tool. Do not include "app" — e.g. name a todo app "Todos", a weather app "Weather".',
+                            description: 'Short display name for the extension. Do not include "app" — e.g. name a todo app "Todos", a weather app "Weather".',
                         },
                         description: {
                             type: "string",
-                            description: "One-sentence summary of what the tool does.",
+                            description: "One-sentence summary of what the extension does.",
                         },
                         content: {
                             type: "string",
@@ -35,7 +35,7 @@ export function createToolActionEntries() {
                     return "Error: name is required.";
                 if (!content)
                     return "Error: content is required.";
-                const tool = await createTool({
+                const extension = await createExtension({
                     name,
                     description: String(args?.description ?? "").trim(),
                     content,
@@ -43,20 +43,20 @@ export function createToolActionEntries() {
                 });
                 return {
                     ok: true,
-                    tool,
-                    next: `Navigate to /tools/${tool.id} or use the navigate action with --view=tools --toolId=${tool.id}.`,
+                    extension,
+                    next: `Navigate to /extensions/${extension.id} or use the navigate action with --view=extensions --extensionId=${extension.id}.`,
                 };
             },
         },
-        "update-tool": {
+        "update-extension": {
             tool: {
-                description: "Update an existing sandboxed Alpine.js mini-app tool. Prefer patches for surgical edits; use full content replacement only when necessary.",
+                description: "Update an existing sandboxed Alpine.js mini-app extension. Prefer patches for surgical edits; use full content replacement only when necessary.",
                 parameters: {
                     type: "object",
                     properties: {
                         id: {
                             type: "string",
-                            description: "Tool id to update.",
+                            description: "Extension id to update.",
                         },
                         name: {
                             type: "string",
@@ -97,7 +97,7 @@ export function createToolActionEntries() {
                     if (args?.patches !== undefined && !patches) {
                         return "Error: patches must be a JSON array of { find, replace } objects.";
                     }
-                    result = await updateToolContent(id, {
+                    result = await updateExtensionContent(id, {
                         content: args?.content !== undefined ? String(args.content) : undefined,
                         patches,
                     });
@@ -114,22 +114,22 @@ export function createToolActionEntries() {
                     meta.visibility = String(args.visibility);
                 }
                 if (Object.keys(meta).length > 0) {
-                    result = await updateTool(id, meta);
+                    result = await updateExtension(id, meta);
                 }
                 if (!result)
-                    result = await getTool(id);
+                    result = await getExtension(id);
                 if (!result)
-                    return `Error: tool not found: ${id}`;
-                return { ok: true, tool: result };
+                    return `Error: extension not found: ${id}`;
+                return { ok: true, extension: result };
             },
         },
-        "add-tool-slot-target": {
+        "add-extension-slot-target": {
             tool: {
-                description: 'Declare that a tool can render in a UI extension-point slot of an app (e.g. "mail.contact-sidebar.bottom"). Apps drop ExtensionSlot components in their UI; this action registers a tool as installable into one of those slots. Slot IDs follow the convention <app>.<area>.<position>. Caller must have editor access to the tool.',
+                description: 'Declare that an extension can render in a UI extension-point slot of an app (e.g. "mail.contact-sidebar.bottom"). Apps drop ExtensionSlot components in their UI; this action registers an extension as installable into one of those slots. Slot IDs follow the convention <app>.<area>.<position>. Caller must have editor access to the extension.',
                 parameters: {
                     type: "object",
                     properties: {
-                        toolId: { type: "string", description: "Tool id." },
+                        extensionId: { type: "string", description: "Extension id." },
                         slotId: {
                             type: "string",
                             description: 'Slot identifier — e.g. "mail.contact-sidebar.bottom".',
@@ -139,27 +139,30 @@ export function createToolActionEntries() {
                             description: "Optional JSON string with slot-specific config (defaults, hints, etc.).",
                         },
                     },
-                    required: ["toolId", "slotId"],
+                    required: ["extensionId", "slotId"],
                 },
             },
             run: async (args) => {
-                const toolId = String(args?.toolId ?? "").trim();
+                const extensionId = String(args?.extensionId ?? "").trim();
                 const slotId = String(args?.slotId ?? "").trim();
-                if (!toolId)
-                    return "Error: toolId is required.";
+                if (!extensionId)
+                    return "Error: extensionId is required.";
                 if (!slotId)
                     return "Error: slotId is required.";
-                const row = await addToolSlotTarget(toolId, slotId, args?.config ? String(args.config) : undefined);
+                const row = await addExtensionSlotTarget(extensionId, slotId, args?.config ? String(args.config) : undefined);
                 return { ok: true, slot: row };
             },
         },
         "install-extension": {
             tool: {
-                description: "Install a tool as a widget in an extension-point slot for the current user. The tool must already declare the slot via add-tool-slot-target. Per-user installation — only affects the calling user's view. Use after creating a tool that targets a slot, or when the user asks to add an existing widget to a slot.",
+                description: "Install an extension as a widget in an extension-point slot for the current user. The extension must already declare the slot via add-extension-slot-target. Per-user installation — only affects the calling user's view. Use after creating an extension that targets a slot, or when the user asks to add an existing widget to a slot.",
                 parameters: {
                     type: "object",
                     properties: {
-                        toolId: { type: "string", description: "Tool id to install." },
+                        extensionId: {
+                            type: "string",
+                            description: "Extension id to install.",
+                        },
                         slotId: {
                             type: "string",
                             description: 'Slot identifier — e.g. "mail.contact-sidebar.bottom".',
@@ -173,20 +176,20 @@ export function createToolActionEntries() {
                             description: "Optional JSON string with per-install config (overrides, settings).",
                         },
                     },
-                    required: ["toolId", "slotId"],
+                    required: ["extensionId", "slotId"],
                 },
             },
             run: async (args) => {
-                const toolId = String(args?.toolId ?? "").trim();
+                const extensionId = String(args?.extensionId ?? "").trim();
                 const slotId = String(args?.slotId ?? "").trim();
-                if (!toolId)
-                    return "Error: toolId is required.";
+                if (!extensionId)
+                    return "Error: extensionId is required.";
                 if (!slotId)
                     return "Error: slotId is required.";
                 const position = args?.position !== undefined && args.position !== null
                     ? Number(args.position)
                     : undefined;
-                const row = await installToolSlot(toolId, slotId, {
+                const row = await installExtensionSlot(extensionId, slotId, {
                     position: Number.isFinite(position) ? position : undefined,
                     config: args?.config ? String(args.config) : undefined,
                 });
@@ -195,30 +198,30 @@ export function createToolActionEntries() {
         },
         "uninstall-extension": {
             tool: {
-                description: "Remove a tool from an extension-point slot for the current user. Does not delete the tool itself.",
+                description: "Remove an extension from an extension-point slot for the current user. Does not delete the extension itself.",
                 parameters: {
                     type: "object",
                     properties: {
-                        toolId: { type: "string", description: "Tool id." },
+                        extensionId: { type: "string", description: "Extension id." },
                         slotId: { type: "string", description: "Slot identifier." },
                     },
-                    required: ["toolId", "slotId"],
+                    required: ["extensionId", "slotId"],
                 },
             },
             run: async (args) => {
-                const toolId = String(args?.toolId ?? "").trim();
+                const extensionId = String(args?.extensionId ?? "").trim();
                 const slotId = String(args?.slotId ?? "").trim();
-                if (!toolId)
-                    return "Error: toolId is required.";
+                if (!extensionId)
+                    return "Error: extensionId is required.";
                 if (!slotId)
                     return "Error: slotId is required.";
-                await uninstallToolSlot(toolId, slotId);
+                await uninstallExtensionSlot(extensionId, slotId);
                 return { ok: true };
             },
         },
-        "list-tools-for-slot": {
+        "list-extensions-for-slot": {
             tool: {
-                description: "List tools the current user has access to that declare a given extension-point slot. Use to discover what's available to install into a slot the user mentioned.",
+                description: "List extensions the current user has access to that declare a given extension-point slot. Use to discover what's available to install into a slot the user mentioned.",
                 parameters: {
                     type: "object",
                     properties: {
@@ -231,26 +234,26 @@ export function createToolActionEntries() {
                 const slotId = String(args?.slotId ?? "").trim();
                 if (!slotId)
                     return "Error: slotId is required.";
-                return { tools: await listToolsForSlot(slotId) };
+                return { extensions: await listExtensionsForSlot(slotId) };
             },
             readOnly: true,
         },
-        "list-tool-slots": {
+        "list-extension-slots": {
             tool: {
-                description: "List the extension-point slots a specific tool declares it can render in. Caller must have viewer access to the tool.",
+                description: "List the extension-point slots a specific extension declares it can render in. Caller must have viewer access to the extension.",
                 parameters: {
                     type: "object",
                     properties: {
-                        toolId: { type: "string", description: "Tool id." },
+                        extensionId: { type: "string", description: "Extension id." },
                     },
-                    required: ["toolId"],
+                    required: ["extensionId"],
                 },
             },
             run: async (args) => {
-                const toolId = String(args?.toolId ?? "").trim();
-                if (!toolId)
-                    return "Error: toolId is required.";
-                return { slots: await listSlotsForTool(toolId) };
+                const extensionId = String(args?.extensionId ?? "").trim();
+                if (!extensionId)
+                    return "Error: extensionId is required.";
+                return { slots: await listSlotsForExtension(extensionId) };
             },
             readOnly: true,
         },

package/dist/extensions/actions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"actions.js","sourceRoot":"","sources":["../../src/extensions/actions.ts"],"names":[],"mappings":"AACA,OAAO,EACL,eAAe,EACf,YAAY,EACZ,eAAe,EACf,sBAAsB,GACvB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,kBAAkB,CAAC;AAI1B,MAAM,UAAU,4BAA4B;IAC1C,OAAO;QACL,kBAAkB,EAAE;YAClB,IAAI,EAAE;gBACJ,WAAW,EACT,mTAAmT;gBACrT,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,qHAAqH;yBACxH;wBACD,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,kDAAkD;yBAChE;wBACD,OAAO,EAAE;4BACP,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,2RAA2R;yBAC9R;wBACD,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,oCAAoC;yBAClD;qBACF;oBACD,QAAQ,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC;iBAC9B;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnD,IAAI,CAAC,IAAI;oBAAE,OAAO,0BAA0B,CAAC;gBAC7C,IAAI,CAAC,OAAO;oBAAE,OAAO,6BAA6B,CAAC;gBAEnD,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC;oBACtC,IAAI;oBACJ,WAAW,EAAE,MAAM,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE;oBACnD,OAAO;oBACP,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;iBACjD,CAAC,CAAC;gBAEH,OAAO;oBACL,EAAE,EAAE,IAAI;oBACR,SAAS;oBACT,IAAI,EAAE,2BAA2B,SAAS,CAAC,EAAE,oEAAoE,SAAS,CAAC,EAAE,GAAG;iBACjI,CAAC;YACJ,CAAC;SACF;QAED,kBAAkB,EAAE;YAClB,IAAI,EAAE;gBACJ,WAAW,EACT,iJAAiJ;gBACnJ,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,EAAE,EAAE;4BACF,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,yBAAyB;yBACvC;wBACD,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,4BAA4B;yBAC1C;wBACD,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,2BAA2B;yBACzC;wBACD,OAAO,EAAE;4BACP,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,wDAAwD;yBAC3D;wBACD,OAAO,EAAE;4BACP,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,qGAAqG;yBACxG;wBACD,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,oCAAoC;yBAClD;wBACD,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,8BAA8B;4BAC3C,IAAI,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,QAAQ,CAAC;yBACnC;qBACF;oBACD,QAAQ,EAAE,CAAC,IAAI,CAAC;iBACjB;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzC,IAAI,CAAC,EAAE;oBAAE,OAAO,wBAAwB,CAAC;gBAEzC,IAAI,MAAM,GAAG,IAAI,CAAC;gBAClB,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,EAAE,CAAC;oBAC/D,MAAM,OAAO,GAAG,YAAY,CAAE,IAAY,CAAC,OAAO,CAAC,CAAC;oBACpD,IAAI,IAAI,EAAE,OAAO,KAAK,SAAS,IAAI,CAAC,OAAO,EAAE,CAAC;wBAC5C,OAAO,mEAAmE,CAAC;oBAC7E,CAAC;oBACD,MAAM,GAAG,MAAM,sBAAsB,CAAC,EAAE,EAAE;wBACxC,OAAO,EACL,IAAI,EAAE,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;wBAChE,OAAO;qBACR,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,IAAI,GAA2B,EAAE,CAAC;gBACxC,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS;oBAAE,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnE,IAAI,IAAI,EAAE,WAAW,KAAK,SAAS,EAAE,CAAC;oBACpC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrD,CAAC;gBACD,IAAI,IAAI,EAAE,IAAI,KAAK,SAAS;oBAAE,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC5D,IAAI,IAAI,EAAE,UAAU,KAAK,SAAS,EAAE,CAAC;oBACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC5C,CAAC;gBACD,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjC,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,EAAE,IAAW,CAAC,CAAC;gBAClD,CAAC;gBAED,IAAI,CAAC,MAAM;oBAAE,MAAM,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,CAAC;gBAC7C,IAAI,CAAC,MAAM;oBAAE,OAAO,+BAA+B,EAAE,EAAE,CAAC;gBACxD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;YACzC,CAAC;SACF;QAED,2BAA2B,EAAE;YAC3B,IAAI,EAAE;gBACJ,WAAW,EACT,uVAAuV;gBACzV,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;wBAC7D,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,uDAAuD;yBAC1D;wBACD,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,yEAAyE;yBAC5E;qBACF;oBACD,QAAQ,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC;iBACpC;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjD,IAAI,CAAC,WAAW;oBAAE,OAAO,iCAAiC,CAAC;gBAC3D,IAAI,CAAC,MAAM;oBAAE,OAAO,4BAA4B,CAAC;gBACjD,MAAM,GAAG,GAAG,MAAM,sBAAsB,CACtC,WAAW,EACX,MAAM,EACN,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,CAC/C,CAAC;gBACF,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;YACjC,CAAC;SACF;QAED,mBAAmB,EAAE;YACnB,IAAI,EAAE;gBACJ,WAAW,EACT,4UAA4U;gBAC9U,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,0BAA0B;yBACxC;wBACD,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,uDAAuD;yBAC1D;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,+EAA+E;yBAClF;wBACD,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,qEAAqE;yBACxE;qBACF;oBACD,QAAQ,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC;iBACpC;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjD,IAAI,CAAC,WAAW;oBAAE,OAAO,iCAAiC,CAAC;gBAC3D,IAAI,CAAC,MAAM;oBAAE,OAAO,4BAA4B,CAAC;gBACjD,MAAM,QAAQ,GACZ,IAAI,EAAE,QAAQ,KAAK,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI;oBACpD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC;oBACvB,CAAC,CAAC,SAAS,CAAC;gBAChB,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,WAAW,EAAE,MAAM,EAAE;oBAC1D,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAkB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;oBACpE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;iBACvD,CAAC,CAAC;gBACH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;YACpC,CAAC;SACF;QAED,qBAAqB,EAAE;YACrB,IAAI,EAAE;gBACJ,WAAW,EACT,8GAA8G;gBAChH,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;wBAC7D,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;qBAC5D;oBACD,QAAQ,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC;iBACpC;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjD,IAAI,CAAC,WAAW;oBAAE,OAAO,iCAAiC,CAAC;gBAC3D,IAAI,CAAC,MAAM;oBAAE,OAAO,4BAA4B,CAAC;gBACjD,MAAM,sBAAsB,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;gBAClD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;YACtB,CAAC;SACF;QAED,0BAA0B,EAAE;YAC1B,IAAI,EAAE;gBACJ,WAAW,EACT,uKAAuK;gBACzK,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;qBAC5D;oBACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;iBACrB;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACjD,IAAI,CAAC,MAAM;oBAAE,OAAO,4BAA4B,CAAC;gBACjD,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC,MAAM,CAAC,EAAE,CAAC;YAC7D,CAAC;YACD,QAAQ,EAAE,IAAI;SACf;QAED,sBAAsB,EAAE;YACtB,IAAI,EAAE;gBACJ,WAAW,EACT,iIAAiI;gBACnI,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;qBAC9D;oBACD,QAAQ,EAAE,CAAC,aAAa,CAAC;iBAC1B;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;gBAClB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3D,IAAI,CAAC,WAAW;oBAAE,OAAO,iCAAiC,CAAC;gBAC3D,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7D,CAAC;YACD,QAAQ,EAAE,IAAI;SACf;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,KAAc;IAClC,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAC1C,MAAM,MAAM,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IACrE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,SAAS,CAAC;IAC7C,IACE,MAAM,CAAC,IAAI,CACT,CAAC,KAAK,EAAE,EAAE,CACR,CAAC,KAAK;QACN,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ;QAC9B,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,CACpC,EACD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["import type { ActionEntry } from \"../agent/production-agent.js\";\nimport {\n  createExtension,\n  getExtension,\n  updateExtension,\n  updateExtensionContent,\n} from \"./store.js\";\nimport {\n  addExtensionSlotTarget,\n  installExtensionSlot,\n  uninstallExtensionSlot,\n  listExtensionsForSlot,\n  listSlotsForExtension,\n} from \"./slots/store.js\";\n\ntype ExtensionPatch = { find: string; replace: string };\n\nexport function createExtensionActionEntries(): Record<string, ActionEntry> {\n  return {\n    \"create-extension\": {\n      tool: {\n        description:\n          \"Create a sandboxed Alpine.js mini-app extension. Use this when the user asks to create, build, or make an extension/widget/dashboard/calculator. The content must be a self-contained Alpine.js HTML body snippet that can use appAction(), appFetch(), dbQuery(), dbExec(), extensionFetch(), and extensionData.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            name: {\n              type: \"string\",\n              description:\n                'Short display name for the extension. Do not include \"app\" — e.g. name a todo app \"Todos\", a weather app \"Weather\".',\n            },\n            description: {\n              type: \"string\",\n              description: \"One-sentence summary of what the extension does.\",\n            },\n            content: {\n              type: \"string\",\n              description:\n                \"Self-contained Alpine.js HTML body snippet. The iframe body has no padding, so add p-4 or p-6 to the outermost element. Use semantic Tailwind colors (bg-background, text-foreground, bg-primary, etc.) for native theming. Do not include a full app build, React code, or source files.\",\n            },\n            icon: {\n              type: \"string\",\n              description: \"Optional icon name or short label.\",\n            },\n          },\n          required: [\"name\", \"content\"],\n        },\n      },\n      run: async (args) => {\n        const name = String(args?.name ?? \"\").trim();\n        const content = String(args?.content ?? \"\").trim();\n        if (!name) return \"Error: name is required.\";\n        if (!content) return \"Error: content is required.\";\n\n        const extension = await createExtension({\n          name,\n          description: String(args?.description ?? \"\").trim(),\n          content,\n          icon: args?.icon ? String(args.icon) : undefined,\n        });\n\n        return {\n          ok: true,\n          extension,\n          next: `Navigate to /extensions/${extension.id} or use the navigate action with --view=extensions --extensionId=${extension.id}.`,\n        };\n      },\n    },\n\n    \"update-extension\": {\n      tool: {\n        description:\n          \"Update an existing sandboxed Alpine.js mini-app extension. Prefer patches for surgical edits; use full content replacement only when necessary.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            id: {\n              type: \"string\",\n              description: \"Extension id to update.\",\n            },\n            name: {\n              type: \"string\",\n              description: \"Optional new display name.\",\n            },\n            description: {\n              type: \"string\",\n              description: \"Optional new description.\",\n            },\n            content: {\n              type: \"string\",\n              description:\n                \"Optional full replacement Alpine.js HTML body snippet.\",\n            },\n            patches: {\n              type: \"string\",\n              description:\n                'Optional JSON array of { \"find\": \"...\", \"replace\": \"...\" } patches to apply to the current content.',\n            },\n            icon: {\n              type: \"string\",\n              description: \"Optional icon name or short label.\",\n            },\n            visibility: {\n              type: \"string\",\n              description: \"Optional sharing visibility.\",\n              enum: [\"private\", \"org\", \"public\"],\n            },\n          },\n          required: [\"id\"],\n        },\n      },\n      run: async (args) => {\n        const id = String(args?.id ?? \"\").trim();\n        if (!id) return \"Error: id is required.\";\n\n        let result = null;\n        if (args?.content !== undefined || args?.patches !== undefined) {\n          const patches = parsePatches((args as any).patches);\n          if (args?.patches !== undefined && !patches) {\n            return \"Error: patches must be a JSON array of { find, replace } objects.\";\n          }\n          result = await updateExtensionContent(id, {\n            content:\n              args?.content !== undefined ? String(args.content) : undefined,\n            patches,\n          });\n        }\n\n        const meta: Record<string, string> = {};\n        if (args?.name !== undefined) meta.name = String(args.name).trim();\n        if (args?.description !== undefined) {\n          meta.description = String(args.description).trim();\n        }\n        if (args?.icon !== undefined) meta.icon = String(args.icon);\n        if (args?.visibility !== undefined) {\n          meta.visibility = String(args.visibility);\n        }\n        if (Object.keys(meta).length > 0) {\n          result = await updateExtension(id, meta as any);\n        }\n\n        if (!result) result = await getExtension(id);\n        if (!result) return `Error: extension not found: ${id}`;\n        return { ok: true, extension: result };\n      },\n    },\n\n    \"add-extension-slot-target\": {\n      tool: {\n        description:\n          'Declare that an extension can render in a UI extension-point slot of an app (e.g. \"mail.contact-sidebar.bottom\"). Apps drop ExtensionSlot components in their UI; this action registers an extension as installable into one of those slots. Slot IDs follow the convention <app>.<area>.<position>. Caller must have editor access to the extension.',\n        parameters: {\n          type: \"object\",\n          properties: {\n            extensionId: { type: \"string\", description: \"Extension id.\" },\n            slotId: {\n              type: \"string\",\n              description:\n                'Slot identifier — e.g. \"mail.contact-sidebar.bottom\".',\n            },\n            config: {\n              type: \"string\",\n              description:\n                \"Optional JSON string with slot-specific config (defaults, hints, etc.).\",\n            },\n          },\n          required: [\"extensionId\", \"slotId\"],\n        },\n      },\n      run: async (args) => {\n        const extensionId = String(args?.extensionId ?? \"\").trim();\n        const slotId = String(args?.slotId ?? \"\").trim();\n        if (!extensionId) return \"Error: extensionId is required.\";\n        if (!slotId) return \"Error: slotId is required.\";\n        const row = await addExtensionSlotTarget(\n          extensionId,\n          slotId,\n          args?.config ? String(args.config) : undefined,\n        );\n        return { ok: true, slot: row };\n      },\n    },\n\n    \"install-extension\": {\n      tool: {\n        description:\n          \"Install an extension as a widget in an extension-point slot for the current user. The extension must already declare the slot via add-extension-slot-target. Per-user installation — only affects the calling user's view. Use after creating an extension that targets a slot, or when the user asks to add an existing widget to a slot.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            extensionId: {\n              type: \"string\",\n              description: \"Extension id to install.\",\n            },\n            slotId: {\n              type: \"string\",\n              description:\n                'Slot identifier — e.g. \"mail.contact-sidebar.bottom\".',\n            },\n            position: {\n              type: \"number\",\n              description:\n                \"Optional integer position within the slot (lower = earlier). Defaults to end.\",\n            },\n            config: {\n              type: \"string\",\n              description:\n                \"Optional JSON string with per-install config (overrides, settings).\",\n            },\n          },\n          required: [\"extensionId\", \"slotId\"],\n        },\n      },\n      run: async (args) => {\n        const extensionId = String(args?.extensionId ?? \"\").trim();\n        const slotId = String(args?.slotId ?? \"\").trim();\n        if (!extensionId) return \"Error: extensionId is required.\";\n        if (!slotId) return \"Error: slotId is required.\";\n        const position =\n          args?.position !== undefined && args.position !== null\n            ? Number(args.position)\n            : undefined;\n        const row = await installExtensionSlot(extensionId, slotId, {\n          position: Number.isFinite(position as number) ? position : undefined,\n          config: args?.config ? String(args.config) : undefined,\n        });\n        return { ok: true, install: row };\n      },\n    },\n\n    \"uninstall-extension\": {\n      tool: {\n        description:\n          \"Remove an extension from an extension-point slot for the current user. Does not delete the extension itself.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            extensionId: { type: \"string\", description: \"Extension id.\" },\n            slotId: { type: \"string\", description: \"Slot identifier.\" },\n          },\n          required: [\"extensionId\", \"slotId\"],\n        },\n      },\n      run: async (args) => {\n        const extensionId = String(args?.extensionId ?? \"\").trim();\n        const slotId = String(args?.slotId ?? \"\").trim();\n        if (!extensionId) return \"Error: extensionId is required.\";\n        if (!slotId) return \"Error: slotId is required.\";\n        await uninstallExtensionSlot(extensionId, slotId);\n        return { ok: true };\n      },\n    },\n\n    \"list-extensions-for-slot\": {\n      tool: {\n        description:\n          \"List extensions the current user has access to that declare a given extension-point slot. Use to discover what's available to install into a slot the user mentioned.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            slotId: { type: \"string\", description: \"Slot identifier.\" },\n          },\n          required: [\"slotId\"],\n        },\n      },\n      run: async (args) => {\n        const slotId = String(args?.slotId ?? \"\").trim();\n        if (!slotId) return \"Error: slotId is required.\";\n        return { extensions: await listExtensionsForSlot(slotId) };\n      },\n      readOnly: true,\n    },\n\n    \"list-extension-slots\": {\n      tool: {\n        description:\n          \"List the extension-point slots a specific extension declares it can render in. Caller must have viewer access to the extension.\",\n        parameters: {\n          type: \"object\",\n          properties: {\n            extensionId: { type: \"string\", description: \"Extension id.\" },\n          },\n          required: [\"extensionId\"],\n        },\n      },\n      run: async (args) => {\n        const extensionId = String(args?.extensionId ?? \"\").trim();\n        if (!extensionId) return \"Error: extensionId is required.\";\n        return { slots: await listSlotsForExtension(extensionId) };\n      },\n      readOnly: true,\n    },\n  };\n}\n\nfunction parsePatches(value: unknown): ExtensionPatch[] | undefined {\n  if (value === undefined) return undefined;\n  const parsed = typeof value === \"string\" ? JSON.parse(value) : value;\n  if (!Array.isArray(parsed)) return undefined;\n  if (\n    parsed.some(\n      (patch) =>\n        !patch ||\n        typeof patch.find !== \"string\" ||\n        typeof patch.replace !== \"string\",\n    )\n  ) {\n    return undefined;\n  }\n  return parsed;\n}\n"]}

package/dist/{tools → extensions}/fetch-tool.d.ts

@@ -1,6 +1,10 @@
 /**
  * Fetch tool — outbound HTTP for automations and agent use.
  *
+ * NOTE: this is an *agent* tool (LLM function call), not an *extension* (the
+ * sandboxed Alpine.js mini-app primitive). It lives in this directory because
+ * it shares SSRF-safe URL/proxy helpers with the extension iframe proxy.
+ *
  * Supports ${keys.NAME} reference substitution in URL, headers, and body.
  * Values are resolved server-side AFTER the model emits the tool call —
  * the raw secret never enters the model's context.

package/dist/extensions/fetch-tool.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch-tool.d.ts","sourceRoot":"","sources":["../../src/extensions/fetch-tool.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAchE,MAAM,WAAW,gBAAgB;IAC/B,6EAA6E;IAC7E,WAAW,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC;QACtC,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;KACzB,CAAC,CAAC;IACH,+CAA+C;IAC/C,WAAW,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CACrE;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,IAAI,GAAE,gBAAqB,GAC1B,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAmM7B"}

package/dist/{tools → extensions}/fetch-tool.js

@@ -1,12 +1,16 @@
 /**
  * Fetch tool — outbound HTTP for automations and agent use.
  *
+ * NOTE: this is an *agent* tool (LLM function call), not an *extension* (the
+ * sandboxed Alpine.js mini-app primitive). It lives in this directory because
+ * it shares SSRF-safe URL/proxy helpers with the extension iframe proxy.
+ *
  * Supports ${keys.NAME} reference substitution in URL, headers, and body.
  * Values are resolved server-side AFTER the model emits the tool call —
  * the raw secret never enters the model's context.
  */
-import { collectSecretValues, MAX_TOOL_PROXY_RESPONSE_SIZE, normalizeToolProxyMethod, readResponseTextWithLimit, redactSecrets, redactString, sanitizeOutboundHeaders, } from "./proxy-security.js";
-import { isBlockedToolUrlWithDns } from "./url-safety.js";
+import { collectSecretValues, MAX_EXTENSION_PROXY_RESPONSE_SIZE, normalizeExtensionProxyMethod, readResponseTextWithLimit, redactSecrets, redactString, sanitizeOutboundHeaders, } from "./proxy-security.js";
+import { isBlockedExtensionUrlWithDns } from "./url-safety.js";
 const DEFAULT_TIMEOUT_MS = 15_000;
 /**
  * Create the fetch tool entry for the agent tool registry.
@@ -15,7 +19,7 @@ export function createFetchToolEntry(opts = {}) {
     return {
         "web-request": {
             tool: {
-                description: `Make an outbound HTTP request to EXTERNAL APIs, webhooks, and services only. Supports \${keys.NAME} placeholders in url, headers, and body — these are resolved server-side from the user's saved keys (the raw value never enters your context). Example: \${keys.SLACK_WEBHOOK} in the url field. IMPORTANT: Never use this to call internal /_agent-native/ endpoints or localhost action URLs — use the registered action tools directly (e.g. \`log-meal\`, \`bigquery\`, \`hubspot-deals\`). Actions are already available as native tools; calling them via HTTP is slower and bypasses validation.`,
+                description: `Make an outbound HTTP request to EXTERNAL APIs, webhooks, and services only. Supports \${keys.NAME} placeholders in url, headers, and body — these are resolved server-side from the user's saved keys (the raw value never enters your context). Example: \${keys.SLACK_WEBHOOK} in the url field. IMPORTANT: Never use this to call internal /_agent-native/ endpoints or localhost action URLs — use the registered actions directly (e.g. \`log-meal\`, \`bigquery\`, \`hubspot-deals\`). Actions are already available as native tools; calling them via HTTP is slower and bypasses validation.`,
                 parameters: {
                     type: "object",
                     properties: {
@@ -47,7 +51,7 @@ export function createFetchToolEntry(opts = {}) {
             run: async (args) => {
                 const startTime = Date.now();
                 const rawUrl = args.url;
-                const method = normalizeToolProxyMethod(args.method || "GET");
+                const method = normalizeExtensionProxyMethod(args.method || "GET");
                 if (!method) {
                     return "Unsupported HTTP method. Allowed methods: GET, POST, PUT, PATCH, DELETE, HEAD.";
                 }
@@ -83,7 +87,7 @@ export function createFetchToolEntry(opts = {}) {
                 }
                 const secretValues = collectSecretValues(allSecretValues);
                 // Block SSRF targets regardless of key usage
-                if (await isBlockedToolUrlWithDns(resolvedUrl)) {
+                if (await isBlockedExtensionUrlWithDns(resolvedUrl)) {
                     return `Requests to private/internal addresses are not allowed: "${rawUrl}".`;
                 }
                 // Validate URL against per-key allowlists
@@ -129,7 +133,8 @@ export function createFetchToolEntry(opts = {}) {
                         const redirectUrl = location
                             ? new URL(location, resolvedUrl).href
                             : null;
-                        if (redirectUrl && (await isBlockedToolUrlWithDns(redirectUrl))) {
+                        if (redirectUrl &&
+                            (await isBlockedExtensionUrlWithDns(redirectUrl))) {
                             return "Redirect to private/internal address blocked.";
                         }
                         if (redirectUrl && opts.validateUrl && allUsedKeys.length > 0) {
@@ -142,7 +147,7 @@ export function createFetchToolEntry(opts = {}) {
                     }
                     let body;
                     try {
-                        const result = await readResponseTextWithLimit(response, MAX_TOOL_PROXY_RESPONSE_SIZE);
+                        const result = await readResponseTextWithLimit(response, MAX_EXTENSION_PROXY_RESPONSE_SIZE);
                         body = result.text;
                     }
                     catch {

package/dist/extensions/fetch-tool.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch-tool.js","sourceRoot":"","sources":["../../src/extensions/fetch-tool.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EACL,mBAAmB,EACnB,iCAAiC,EACjC,6BAA6B,EAC7B,yBAAyB,EACzB,aAAa,EACb,YAAY,EACZ,uBAAuB,GACxB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAE/D,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAalC;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,OAAyB,EAAE;IAE3B,OAAO;QACL,aAAa,EAAE;YACb,IAAI,EAAE;gBACJ,WAAW,EAAE,ukBAAukB;gBACplB,UAAU,EAAE;oBACV,IAAI,EAAE,QAAiB;oBACvB,UAAU,EAAE;wBACV,GAAG,EAAE;4BACH,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,8EAA8E;yBACjF;wBACD,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,4BAA4B;4BACzC,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC;yBACxD;wBACD,OAAO,EAAE;4BACP,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,0HAA0H;yBAC7H;wBACD,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,yEAAyE;yBAC5E;wBACD,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,qCAAqC,kBAAkB,eAAe;yBACpF;qBACF;oBACD,QAAQ,EAAE,CAAC,KAAK,CAAC;iBAClB;aACF;YACD,GAAG,EAAE,KAAK,EAAE,IAA4B,EAAE,EAAE;gBAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC7B,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC;gBACxB,MAAM,MAAM,GAAG,6BAA6B,CAAC,IAAI,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC;gBACnE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,gFAAgF,CAAC;gBAC1F,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC;gBACxC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC;gBAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CACxB,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,kBAAkB,EAC7C,MAAM,CACP,CAAC;gBAEF,yBAAyB;gBACzB,IAAI,WAAW,GAAG,MAAM,CAAC;gBACzB,IAAI,eAAe,GAAG,UAAU,CAAC;gBACjC,IAAI,YAAY,GAAG,OAAO,CAAC;gBAC3B,MAAM,WAAW,GAAa,EAAE,CAAC;gBACjC,MAAM,eAAe,GAAa,EAAE,CAAC;gBAErC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,IAAI,CAAC;wBACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;wBACjD,WAAW,GAAG,SAAS,CAAC,QAAQ,CAAC;wBACjC,WAAW,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;wBACxC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC;wBAExD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;wBACxD,eAAe,GAAG,YAAY,CAAC,QAAQ,CAAC;wBACxC,WAAW,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;wBAC3C,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC;wBAE3D,IAAI,OAAO,EAAE,CAAC;4BACZ,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;4BACnD,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;4BACnC,WAAW,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;4BACzC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC;wBAC3D,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAQ,EAAE,CAAC;wBAClB,OAAO,mCAAmC,GAAG,EAAE,OAAO,IAAI,GAAG,EAAE,CAAC;oBAClE,CAAC;gBACH,CAAC;gBACD,MAAM,YAAY,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAC;gBAE1D,6CAA6C;gBAC7C,IAAI,MAAM,4BAA4B,CAAC,WAAW,CAAC,EAAE,CAAC;oBACpD,OAAO,4DAA4D,MAAM,IAAI,CAAC;gBAChF,CAAC;gBAED,0CAA0C;gBAC1C,IAAI,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC/C,IAAI,CAAC;wBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;wBACjE,IAAI,CAAC,OAAO,EAAE,CAAC;4BACb,OAAO,QAAQ,MAAM,6EAA6E,CAAC;wBACrG,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAQ,EAAE,CAAC;wBAClB,OAAO,yBAAyB,GAAG,EAAE,OAAO,IAAI,GAAG,EAAE,CAAC;oBACxD,CAAC;gBACH,CAAC;gBAED,gBAAgB;gBAChB,IAAI,OAA+B,CAAC;gBACpC,IAAI,CAAC;oBACH,OAAO,GAAG,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;gBACjE,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,yBAAyB,UAAU,EAAE,CAAC;gBAC/C,CAAC;gBAED,mBAAmB;gBACnB,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;gBACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;gBAEhE,IAAI,CAAC;oBACH,MAAM,SAAS,GAAgB;wBAC7B,MAAM;wBACN,OAAO;wBACP,MAAM,EAAE,UAAU,CAAC,MAAM;wBACzB,QAAQ,EAAE,QAAQ;qBACnB,CAAC;oBACF,IAAI,YAAY,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;wBAC9D,SAAS,CAAC,IAAI,GAAG,YAAY,CAAC;wBAC9B,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;4BACzD,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;wBAC/C,CAAC;oBACH,CAAC;oBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;oBACrD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;oBAEvC,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;wBACpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;wBAClD,MAAM,WAAW,GAAG,QAAQ;4BAC1B,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,IAAI;4BACrC,CAAC,CAAC,IAAI,CAAC;wBACT,IACE,WAAW;4BACX,CAAC,MAAM,4BAA4B,CAAC,WAAW,CAAC,CAAC,EACjD,CAAC;4BACD,OAAO,+CAA+C,CAAC;wBACzD,CAAC;wBACD,IAAI,WAAW,IAAI,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;4BAC9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;4BACjE,IAAI,CAAC,OAAO,EAAE,CAAC;gCACb,OAAO,+DAA+D,CAAC;4BACzE,CAAC;wBACH,CAAC;wBACD,OAAO,QAAQ,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,iBACnD,WAAW,CAAC,CAAC,CAAC,YAAY,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,QAC1D,EAAE,CAAC;oBACL,CAAC;oBAED,IAAI,IAAY,CAAC;oBACjB,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAC5C,QAAQ,EACR,iCAAiC,CAClC,CAAC;wBACF,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;oBACrB,CAAC;oBAAC,MAAM,CAAC;wBACP,IAAI,GAAG,gCAAgC,CAAC;oBAC1C,CAAC;oBACD,IAAI,GAAG,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;oBAExC,6CAA6C;oBAC7C,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI,EAAE,CAAC;wBACvB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,mBAAmB,CAAC;oBACnD,CAAC;oBAED,YAAY;oBACZ,OAAO,CAAC,GAAG,CACT,gBAAgB,MAAM,IAAI,MAAM,MAAM,QAAQ,CAAC,MAAM,KAAK,OAAO,aAAa,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,MAAM,GAAG,CACjH,CAAC;oBAEF,OAAO,QAAQ,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,OAAO,IAAI,EAAE,CAAC;gBACrE,CAAC;gBAAC,OAAO,GAAQ,EAAE,CAAC;oBAClB,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;oBACvC,IAAI,GAAG,EAAE,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/B,OAAO,CAAC,GAAG,CACT,gBAAgB,MAAM,IAAI,MAAM,eAAe,OAAO,KAAK,CAC5D,CAAC;wBACF,OAAO,2BAA2B,SAAS,KAAK,CAAC;oBACnD,CAAC;oBACD,MAAM,OAAO,GAAG,aAAa,CAC3B,GAAG,EAAE,OAAO,IAAI,MAAM,CAAC,GAAG,CAAC,EAC3B,YAAY,CACb,CAAC;oBACF,OAAO,CAAC,GAAG,CACT,gBAAgB,MAAM,IAAI,MAAM,aAAa,OAAO,KAAK,OAAO,KAAK,CACtE,CAAC;oBACF,OAAO,mBAAmB,OAAO,EAAE,CAAC;gBACtC,CAAC;wBAAS,CAAC;oBACT,YAAY,CAAC,OAAO,CAAC,CAAC;gBACxB,CAAC;YACH,CAAC;YACD,QAAQ,EAAE,IAAI;SACf;KACF,CAAC;AACJ,CAAC","sourcesContent":["/**\n * Fetch tool — outbound HTTP for automations and agent use.\n *\n * NOTE: this is an *agent* tool (LLM function call), not an *extension* (the\n * sandboxed Alpine.js mini-app primitive). It lives in this directory because\n * it shares SSRF-safe URL/proxy helpers with the extension iframe proxy.\n *\n * Supports ${keys.NAME} reference substitution in URL, headers, and body.\n * Values are resolved server-side AFTER the model emits the tool call —\n * the raw secret never enters the model's context.\n */\n\nimport type { ActionEntry } from \"../agent/production-agent.js\";\nimport {\n  collectSecretValues,\n  MAX_EXTENSION_PROXY_RESPONSE_SIZE,\n  normalizeExtensionProxyMethod,\n  readResponseTextWithLimit,\n  redactSecrets,\n  redactString,\n  sanitizeOutboundHeaders,\n} from \"./proxy-security.js\";\nimport { isBlockedExtensionUrlWithDns } from \"./url-safety.js\";\n\nconst DEFAULT_TIMEOUT_MS = 15_000;\n\nexport interface FetchToolOptions {\n  /** Resolve ${keys.NAME} references. Injected by the plugin at setup time. */\n  resolveKeys?: (text: string) => Promise<{\n    resolved: string;\n    usedKeys: string[];\n    secretValues?: string[];\n  }>;\n  /** Validate URL against per-key allowlists. */\n  validateUrl?: (url: string, usedKeys: string[]) => Promise<boolean>;\n}\n\n/**\n * Create the fetch tool entry for the agent tool registry.\n */\nexport function createFetchToolEntry(\n  opts: FetchToolOptions = {},\n): Record<string, ActionEntry> {\n  return {\n    \"web-request\": {\n      tool: {\n        description: `Make an outbound HTTP request to EXTERNAL APIs, webhooks, and services only. Supports \\${keys.NAME} placeholders in url, headers, and body — these are resolved server-side from the user's saved keys (the raw value never enters your context). Example: \\${keys.SLACK_WEBHOOK} in the url field. IMPORTANT: Never use this to call internal /_agent-native/ endpoints or localhost action URLs — use the registered actions directly (e.g. \\`log-meal\\`, \\`bigquery\\`, \\`hubspot-deals\\`). Actions are already available as native tools; calling them via HTTP is slower and bypasses validation.`,\n        parameters: {\n          type: \"object\" as const,\n          properties: {\n            url: {\n              type: \"string\",\n              description:\n                'Full URL. May contain ${keys.NAME} references, e.g. \"${keys.SLACK_WEBHOOK}\".',\n            },\n            method: {\n              type: \"string\",\n              description: \"HTTP method. Default: GET.\",\n              enum: [\"GET\", \"POST\", \"PUT\", \"PATCH\", \"DELETE\", \"HEAD\"],\n            },\n            headers: {\n              type: \"string\",\n              description:\n                'JSON object of headers. May contain ${keys.NAME} references. Example: \\'{\"Authorization\": \"Bearer ${keys.API_TOKEN}\"}\\'.',\n            },\n            body: {\n              type: \"string\",\n              description:\n                \"Request body (for POST/PUT/PATCH). May contain ${keys.NAME} references.\",\n            },\n            timeout_ms: {\n              type: \"number\",\n              description: `Timeout in milliseconds. Default: ${DEFAULT_TIMEOUT_MS}. Max: 30000.`,\n            },\n          },\n          required: [\"url\"],\n        },\n      },\n      run: async (args: Record<string, string>) => {\n        const startTime = Date.now();\n        const rawUrl = args.url;\n        const method = normalizeExtensionProxyMethod(args.method || \"GET\");\n        if (!method) {\n          return \"Unsupported HTTP method. Allowed methods: GET, POST, PUT, PATCH, DELETE, HEAD.\";\n        }\n        const rawHeaders = args.headers || \"{}\";\n        const rawBody = args.body;\n        const timeoutMs = Math.min(\n          Number(args.timeout_ms) || DEFAULT_TIMEOUT_MS,\n          30_000,\n        );\n\n        // Resolve key references\n        let resolvedUrl = rawUrl;\n        let resolvedHeaders = rawHeaders;\n        let resolvedBody = rawBody;\n        const allUsedKeys: string[] = [];\n        const allSecretValues: string[] = [];\n\n        if (opts.resolveKeys) {\n          try {\n            const urlResult = await opts.resolveKeys(rawUrl);\n            resolvedUrl = urlResult.resolved;\n            allUsedKeys.push(...urlResult.usedKeys);\n            allSecretValues.push(...(urlResult.secretValues ?? []));\n\n            const headerResult = await opts.resolveKeys(rawHeaders);\n            resolvedHeaders = headerResult.resolved;\n            allUsedKeys.push(...headerResult.usedKeys);\n            allSecretValues.push(...(headerResult.secretValues ?? []));\n\n            if (rawBody) {\n              const bodyResult = await opts.resolveKeys(rawBody);\n              resolvedBody = bodyResult.resolved;\n              allUsedKeys.push(...bodyResult.usedKeys);\n              allSecretValues.push(...(bodyResult.secretValues ?? []));\n            }\n          } catch (err: any) {\n            return `Error resolving key references: ${err?.message ?? err}`;\n          }\n        }\n        const secretValues = collectSecretValues(allSecretValues);\n\n        // Block SSRF targets regardless of key usage\n        if (await isBlockedExtensionUrlWithDns(resolvedUrl)) {\n          return `Requests to private/internal addresses are not allowed: \"${rawUrl}\".`;\n        }\n\n        // Validate URL against per-key allowlists\n        if (opts.validateUrl && allUsedKeys.length > 0) {\n          try {\n            const allowed = await opts.validateUrl(resolvedUrl, allUsedKeys);\n            if (!allowed) {\n              return `URL \"${rawUrl}\" is not in the allowlist for the referenced keys. Check your key settings.`;\n            }\n          } catch (err: any) {\n            return `URL validation error: ${err?.message ?? err}`;\n          }\n        }\n\n        // Parse headers\n        let headers: Record<string, string>;\n        try {\n          headers = sanitizeOutboundHeaders(JSON.parse(resolvedHeaders));\n        } catch {\n          return `Invalid headers JSON: ${rawHeaders}`;\n        }\n\n        // Make the request\n        const controller = new AbortController();\n        const timeout = setTimeout(() => controller.abort(), timeoutMs);\n\n        try {\n          const fetchOpts: RequestInit = {\n            method,\n            headers,\n            signal: controller.signal,\n            redirect: \"manual\",\n          };\n          if (resolvedBody && [\"POST\", \"PUT\", \"PATCH\"].includes(method)) {\n            fetchOpts.body = resolvedBody;\n            if (!headers[\"content-type\"] && !headers[\"Content-Type\"]) {\n              headers[\"Content-Type\"] = \"application/json\";\n            }\n          }\n\n          const response = await fetch(resolvedUrl, fetchOpts);\n          const elapsed = Date.now() - startTime;\n\n          if (response.status >= 300 && response.status < 400) {\n            const location = response.headers.get(\"location\");\n            const redirectUrl = location\n              ? new URL(location, resolvedUrl).href\n              : null;\n            if (\n              redirectUrl &&\n              (await isBlockedExtensionUrlWithDns(redirectUrl))\n            ) {\n              return \"Redirect to private/internal address blocked.\";\n            }\n            if (redirectUrl && opts.validateUrl && allUsedKeys.length > 0) {\n              const allowed = await opts.validateUrl(redirectUrl, allUsedKeys);\n              if (!allowed) {\n                return \"Redirect URL is not in the allowlist for the referenced keys.\";\n              }\n            }\n            return `HTTP ${response.status} ${response.statusText}\\n\\nRedirect: ${\n              redirectUrl ? redactString(redirectUrl, secretValues) : \"(none)\"\n            }`;\n          }\n\n          let body: string;\n          try {\n            const result = await readResponseTextWithLimit(\n              response,\n              MAX_EXTENSION_PROXY_RESPONSE_SIZE,\n            );\n            body = result.text;\n          } catch {\n            body = \"(could not read response body)\";\n          }\n          body = redactString(body, secretValues);\n\n          // Truncate very long responses for the agent\n          if (body.length > 8000) {\n            body = body.slice(0, 8000) + \"\\n... (truncated)\";\n          }\n\n          // Audit log\n          console.log(\n            `[fetch-tool] ${method} ${rawUrl} → ${response.status} (${elapsed}ms, keys: ${allUsedKeys.join(\",\") || \"none\"})`,\n          );\n\n          return `HTTP ${response.status} ${response.statusText}\\n\\n${body}`;\n        } catch (err: any) {\n          const elapsed = Date.now() - startTime;\n          if (err?.name === \"AbortError\") {\n            console.log(\n              `[fetch-tool] ${method} ${rawUrl} → TIMEOUT (${elapsed}ms)`,\n            );\n            return `Request timed out after ${timeoutMs}ms.`;\n          }\n          const message = redactSecrets(\n            err?.message ?? String(err),\n            secretValues,\n          );\n          console.log(\n            `[fetch-tool] ${method} ${rawUrl} → ERROR: ${message} (${elapsed}ms)`,\n          );\n          return `Request failed: ${message}`;\n        } finally {\n          clearTimeout(timeout);\n        }\n      },\n      readOnly: true,\n    },\n  };\n}\n"]}

package/dist/extensions/html-shell.d.ts

@@ -0,0 +1,56 @@
+export declare const EXTENSION_IFRAME_CSP = "default-src 'none'; script-src 'self' https://cdn.jsdelivr.net 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com; font-src https://fonts.gstatic.com; connect-src 'self'; img-src 'self' data: blob:; media-src 'self' data: blob:; frame-src 'none'; object-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'self';";
+export declare const EXTENSION_IFRAME_META_CSP: string;
+/**
+ * SECURITY — EXTENSION CONTENT IS UNTRUSTED.
+ *
+ * `${content}` (line ~Body) interpolates raw HTML/JS authored by a user. This
+ * file is the boundary between framework-controlled HTML and user-controlled
+ * HTML. Two non-negotiable invariants for every change here:
+ *
+ *   1. The iframe MUST be rendered with a `sandbox` attribute that does NOT
+ *      include `allow-same-origin`. The viewer (`ExtensionViewer.tsx`,
+ *      `EmbeddedExtension.tsx`) sets `sandbox="allow-scripts allow-forms"` —
+ *      and that is the only acceptable shape. Adding `allow-same-origin`
+ *      would give the extension full DOM access to the parent window via
+ *      cross-frame script.
+ *
+ *   2. Every reachable parent action must treat the postMessage payload as
+ *      hostile. The bridge in `iframe-bridge.ts` enforces a path allowlist,
+ *      header sanitization, and method allowlist; do not relax those gates
+ *      for "convenience" in this file or any caller.
+ *
+ * For the trust model rationale, see audit 05-tools-sandbox.md (C1) and the
+ * `extensions` skill. When in doubt, fail closed.
+ *
+ * BACKWARDS COMPAT — the iframe injects helpers under both their canonical
+ * `extension*` names (`extensionFetch`, `extensionData`, `extensionId`,
+ * `extensionBinding`) AND legacy `tool*` aliases (`toolFetch`, `toolData`,
+ * `toolId`, `toolBinding`) so existing user-authored extension bodies that
+ * pre-date the rename keep working. Same for layout opt-ins:
+ * `data-extension-layout="full-bleed"` / `data-extension-padding="none"` /
+ * class `agent-native-extension-bleed` / CSS var
+ * `--agent-native-extension-padding` are canonical; the `data-tool-*`,
+ * `agent-native-tool-bleed`, and `--agent-native-tool-padding` variants are
+ * accepted as aliases.
+ */
+export interface ExtensionRenderBinding {
+    /** Email of the user who authored / owns the extension. */
+    authorEmail: string;
+    /** Email of the user currently viewing/running the extension. */
+    viewerEmail: string;
+    /** True when viewer === author. */
+    isAuthor: boolean;
+    /**
+     * Resolved role for the viewer ("owner" | "admin" | "editor" | "viewer").
+     *
+     * TODO(security, audit H4): the host-side bridge does not yet gate any
+     * helper based on this value — every viewer gets the same powers as the
+     * author. The role is plumbed through so a follow-up PR can constrain
+     * `appAction` / `dbExec` / `extensionFetch` for non-author viewers (and
+     * eventually require an explicit consent step before running a shared
+     * extension, audit C1). For now this is metadata only.
+     */
+    role: "owner" | "admin" | "editor" | "viewer";
+}
+export declare function buildExtensionHtml(content: string, themeVars: string, isDark: boolean, extensionId?: string, binding?: ExtensionRenderBinding): string;
+//# sourceMappingURL=html-shell.d.ts.map

package/dist/extensions/html-shell.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"html-shell.d.ts","sourceRoot":"","sources":["../../src/extensions/html-shell.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,oBAAoB,8YAC4W,CAAC;AAE9Y,eAAO,MAAM,yBAAyB,QAGrC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,MAAM,WAAW,sBAAsB;IACrC,2DAA2D;IAC3D,WAAW,EAAE,MAAM,CAAC;IACpB,iEAAiE;IACjE,WAAW,EAAE,MAAM,CAAC;IACpB,mCAAmC;IACnC,QAAQ,EAAE,OAAO,CAAC;IAClB;;;;;;;;;OASG;IACH,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;CAC/C;AAED,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,OAAO,EACf,WAAW,CAAC,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,sBAAsB,GAC/B,MAAM,CA4gBR"}