@agent-vm/agent-vm 0.0.97 → 0.0.98

package/dist/tool-vm/tool-vm-secret-selection.js

@@ -0,0 +1,47 @@
+import { targetsAudience } from '@agent-vm/gateway-interface';
+function secretTargetsToolVm(secret) {
+    return secret.injection === 'http-mediation' && targetsAudience(secret.audience, 'tool-vm');
+}
+function zoneDeclaresAgent(zone, agentId) {
+    return (zone.agents ?? []).some((agent) => agent.id === agentId);
+}
+export function secretTargetsToolVmAgent(options) {
+    const { agentId, agentIsDeclared, secret, secretName, zoneId } = options;
+    if (!secretTargetsToolVm(secret)) {
+        return false;
+    }
+    if (!agentIsDeclared) {
+        throw new Error(`Tool VM mediated secrets in zone '${zoneId}' require declared agent '${agentId}' in zones[].agents before secret access can be selected.`);
+    }
+    if (!('agentAccess' in secret)) {
+        throw new Error(`Tool VM mediated secret '${secretName}' in zone '${zoneId}' is missing required agentAccess.`);
+    }
+    if (secret.agentAccess === 'all') {
+        return true;
+    }
+    return secret.agentAccess.includes(agentId);
+}
+export function selectToolVmMediatedSecretNamesForAgent(options) {
+    const toolVmMediatedSecrets = Object.entries(options.zone.secrets).filter(([, secret]) => secretTargetsToolVm(secret));
+    if (toolVmMediatedSecrets.length === 0) {
+        return new Set();
+    }
+    const agentIsDeclared = zoneDeclaresAgent(options.zone, options.agentId);
+    if (!agentIsDeclared) {
+        throw new Error(`Tool VM mediated secrets in zone '${options.zone.id}' require declared agent '${options.agentId}' in zones[].agents before secret access can be selected.`);
+    }
+    const selectedNames = new Set();
+    for (const [secretName, secret] of toolVmMediatedSecrets) {
+        if (secretTargetsToolVmAgent({
+            agentId: options.agentId,
+            secret,
+            secretName,
+            agentIsDeclared,
+            zoneId: options.zone.id,
+        })) {
+            selectedNames.add(secretName);
+        }
+    }
+    return selectedNames;
+}
+//# sourceMappingURL=tool-vm-secret-selection.js.map

package/dist/tool-vm/tool-vm-secret-selection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-vm-secret-selection.js","sourceRoot":"","sources":["../../src/tool-vm/tool-vm-secret-selection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAO9D,SAAS,mBAAmB,CAAC,MAAwB;IACpD,OAAO,MAAM,CAAC,SAAS,KAAK,gBAAgB,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AAC7F,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAgB,EAAE,OAAe;IAC3D,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,OAAO,CAAC,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,OAMxC;IACA,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IACzE,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,OAAO,KAAK,CAAC;IACd,CAAC;IACD,IAAI,CAAC,eAAe,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACd,qCAAqC,MAAM,6BAA6B,OAAO,2DAA2D,CAC1I,CAAC;IACH,CAAC;IACD,IAAI,CAAC,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CACd,4BAA4B,UAAU,cAAc,MAAM,oCAAoC,CAC9F,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;QAClC,OAAO,IAAI,CAAC;IACb,CAAC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,UAAU,uCAAuC,CAAC,OAGvD;IACA,MAAM,qBAAqB,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,EAAE,CACxF,mBAAmB,CAAC,MAAM,CAAC,CAC3B,CAAC;IACF,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,OAAO,IAAI,GAAG,EAAE,CAAC;IAClB,CAAC;IACD,MAAM,eAAe,GAAG,iBAAiB,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACzE,IAAI,CAAC,eAAe,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACd,qCAAqC,OAAO,CAAC,IAAI,CAAC,EAAE,6BAA6B,OAAO,CAAC,OAAO,2DAA2D,CAC3J,CAAC;IACH,CAAC;IACD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;IACxC,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,qBAAqB,EAAE,CAAC;QAC1D,IACC,wBAAwB,CAAC;YACxB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM;YACN,UAAU;YACV,eAAe;YACf,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,EAAE;SACvB,CAAC,EACD,CAAC;YACF,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC/B,CAAC;IACF,CAAC;IACD,OAAO,aAAa,CAAC;AACtB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agent-vm/agent-vm",
-  "version": "0.0.97",
+  "version": "0.0.98",
   "description": "Controller CLI and HTTP server for sandboxed VM coding agents.",
   "homepage": "https://github.com/ShravanSunder/agent-vm#readme",
   "bugs": {
@@ -41,16 +41,16 @@
     "jsonc-parser": "^3.3.1",
     "tasuku": "^2.3.0",
     "zod": "^4.4.3",
-    "@agent-vm/gondolin-adapter": "0.0.97",
-    "@agent-vm/agent-vm-worker": "0.0.97",
-    "@agent-vm/gateway-interface": "0.0.97",
-    "@agent-vm/mcp-portal": "0.0.97",
-    "@agent-vm/openclaw-agent-vm-plugin": "0.0.97",
-    "@agent-vm/config-contracts": "0.0.97",
-    "@agent-vm/openclaw-gateway": "0.0.97",
-    "@agent-vm/openclaw-mcp-portal-plugin": "0.0.97",
-    "@agent-vm/worker-gateway": "0.0.97",
-    "@agent-vm/secret-management": "0.0.97"
+    "@agent-vm/agent-vm-worker": "0.0.98",
+    "@agent-vm/gateway-interface": "0.0.98",
+    "@agent-vm/mcp-portal": "0.0.98",
+    "@agent-vm/openclaw-agent-vm-plugin": "0.0.98",
+    "@agent-vm/openclaw-gateway": "0.0.98",
+    "@agent-vm/config-contracts": "0.0.98",
+    "@agent-vm/secret-management": "0.0.98",
+    "@agent-vm/gondolin-adapter": "0.0.98",
+    "@agent-vm/openclaw-mcp-portal-plugin": "0.0.98",
+    "@agent-vm/worker-gateway": "0.0.98"
   },
   "scripts": {
     "build": "rm -rf dist && tsc -p tsconfig.build.json",