npm - @agentstep/agent-sdk - Versions diffs - 0.1.0 - Mend

@agentstep/agent-sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/package.json +45 -0
package/src/auth/middleware.ts +38 -0
package/src/backends/claude/args.ts +88 -0
package/src/backends/claude/index.ts +193 -0
package/src/backends/claude/permission-hook.ts +152 -0
package/src/backends/claude/tool-bridge.ts +211 -0
package/src/backends/claude/translator.ts +209 -0
package/src/backends/claude/wrapper-script.ts +45 -0
package/src/backends/codex/args.ts +69 -0
package/src/backends/codex/auth.ts +35 -0
package/src/backends/codex/index.ts +57 -0
package/src/backends/codex/setup.ts +37 -0
package/src/backends/codex/translator.ts +223 -0
package/src/backends/codex/wrapper-script.ts +26 -0
package/src/backends/factory/args.ts +45 -0
package/src/backends/factory/auth.ts +30 -0
package/src/backends/factory/index.ts +56 -0
package/src/backends/factory/setup.ts +34 -0
package/src/backends/factory/translator.ts +139 -0
package/src/backends/factory/wrapper-script.ts +33 -0
package/src/backends/gemini/args.ts +44 -0
package/src/backends/gemini/auth.ts +30 -0
package/src/backends/gemini/index.ts +53 -0
package/src/backends/gemini/setup.ts +34 -0
package/src/backends/gemini/translator.ts +139 -0
package/src/backends/gemini/wrapper-script.ts +26 -0
package/src/backends/opencode/args.ts +53 -0
package/src/backends/opencode/auth.ts +53 -0
package/src/backends/opencode/index.ts +70 -0
package/src/backends/opencode/mcp.ts +67 -0
package/src/backends/opencode/setup.ts +54 -0
package/src/backends/opencode/translator.ts +168 -0
package/src/backends/opencode/wrapper-script.ts +46 -0
package/src/backends/registry.ts +38 -0
package/src/backends/shared/ndjson.ts +29 -0
package/src/backends/shared/translator-types.ts +69 -0
package/src/backends/shared/wrap-prompt.ts +17 -0
package/src/backends/types.ts +85 -0
package/src/config/index.ts +95 -0
package/src/db/agents.ts +185 -0
package/src/db/api_keys.ts +78 -0
package/src/db/batch.ts +142 -0
package/src/db/client.ts +81 -0
package/src/db/environments.ts +127 -0
package/src/db/events.ts +208 -0
package/src/db/memory.ts +143 -0
package/src/db/migrations.ts +295 -0
package/src/db/proxy.ts +37 -0
package/src/db/sessions.ts +295 -0
package/src/db/vaults.ts +110 -0
package/src/errors.ts +53 -0
package/src/handlers/agents.ts +194 -0
package/src/handlers/batch.ts +41 -0
package/src/handlers/docs.ts +87 -0
package/src/handlers/environments.ts +154 -0
package/src/handlers/events.ts +234 -0
package/src/handlers/index.ts +12 -0
package/src/handlers/memory.ts +141 -0
package/src/handlers/openapi.ts +14 -0
package/src/handlers/sessions.ts +223 -0
package/src/handlers/stream.ts +76 -0
package/src/handlers/threads.ts +26 -0
package/src/handlers/ui/app.js +984 -0
package/src/handlers/ui/index.html +112 -0
package/src/handlers/ui/style.css +164 -0
package/src/handlers/ui.ts +1281 -0
package/src/handlers/vaults.ts +99 -0
package/src/http.ts +35 -0
package/src/index.ts +104 -0
package/src/init.ts +227 -0
package/src/openapi/registry.ts +8 -0
package/src/openapi/schemas.ts +625 -0
package/src/openapi/spec.ts +691 -0
package/src/providers/apple.ts +220 -0
package/src/providers/daytona.ts +217 -0
package/src/providers/docker.ts +264 -0
package/src/providers/e2b.ts +203 -0
package/src/providers/fly.ts +276 -0
package/src/providers/modal.ts +222 -0
package/src/providers/podman.ts +206 -0
package/src/providers/registry.ts +28 -0
package/src/providers/shared.ts +11 -0
package/src/providers/sprites.ts +55 -0
package/src/providers/types.ts +73 -0
package/src/providers/vercel.ts +208 -0
package/src/proxy/forward.ts +111 -0
package/src/queue/index.ts +111 -0
package/src/sessions/actor.ts +53 -0
package/src/sessions/bus.ts +155 -0
package/src/sessions/driver.ts +818 -0
package/src/sessions/grader.ts +120 -0
package/src/sessions/interrupt.ts +14 -0
package/src/sessions/sweeper.ts +136 -0
package/src/sessions/threads.ts +126 -0
package/src/sessions/tools.ts +50 -0
package/src/shutdown.ts +78 -0
package/src/sprite/client.ts +294 -0
package/src/sprite/exec.ts +161 -0
package/src/sprite/lifecycle.ts +339 -0
package/src/sprite/pool.ts +65 -0
package/src/sprite/setup.ts +159 -0
package/src/state.ts +61 -0
package/src/types.ts +339 -0
package/src/util/clock.ts +7 -0
package/src/util/ids.ts +11 -0

package/src/db/sessions.ts ADDED Viewed

@@ -0,0 +1,295 @@
+import { getDb } from "./client";
+import { newId } from "../util/ids";
+import { nowMs, toIso } from "../util/clock";
+import type { Session, SessionResource, SessionRow, SessionStatus } from "../types";
+export function hydrateSession(row: SessionRow): Session {
+  return {
+    id: row.id,
+    agent: { id: row.agent_id, version: row.agent_version },
+    environment_id: row.environment_id,
+    status: row.status,
+    stop_reason: row.stop_reason,
+    title: row.title,
+    metadata: JSON.parse(row.metadata_json) as Record<string, unknown>,
+    max_budget_usd: row.max_budget_usd ?? null,
+    outcome: row.outcome_criteria_json ? (JSON.parse(row.outcome_criteria_json) as Record<string, unknown>) : null,
+    resources: row.resources_json ? (JSON.parse(row.resources_json) as SessionResource[]) : null,
+    vault_ids: row.vault_ids_json ? (JSON.parse(row.vault_ids_json) as string[]) : null,
+    parent_session_id: row.parent_session_id ?? null,
+    thread_depth: row.thread_depth ?? 0,
+    stats: {
+      turn_count: row.turn_count,
+      tool_calls_count: row.tool_calls_count,
+      active_seconds: row.active_seconds,
+      duration_seconds: row.duration_seconds,
+    },
+    usage: {
+      input_tokens: row.usage_input_tokens,
+      output_tokens: row.usage_output_tokens,
+      cache_read_input_tokens: row.usage_cache_read_input_tokens,
+      cache_creation_input_tokens: row.usage_cache_creation_input_tokens,
+      cost_usd: row.usage_cost_usd,
+    },
+    created_at: toIso(row.created_at),
+    updated_at: toIso(row.updated_at),
+    archived_at: row.archived_at ? toIso(row.archived_at) : null,
+  };
+}
+export function createSession(input: {
+  agent_id: string;
+  agent_version: number;
+  environment_id: string;
+  title?: string | null;
+  metadata?: Record<string, unknown>;
+  max_budget_usd?: number | null;
+  resources?: SessionResource[] | null;
+  vault_ids?: string[] | null;
+  parent_session_id?: string | null;
+  thread_depth?: number;
+}): Session {
+  const db = getDb();
+  const id = newId("sess");
+  const now = nowMs();
+  db.prepare(
+    `INSERT INTO sessions (
+       id, agent_id, agent_version, environment_id, status,
+       title, metadata_json, max_budget_usd, resources_json,
+       vault_ids_json, parent_session_id, thread_depth,
+       created_at, updated_at
+     ) VALUES (?, ?, ?, ?, 'idle', ?, ?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    input.agent_id,
+    input.agent_version,
+    input.environment_id,
+    input.title ?? null,
+    JSON.stringify(input.metadata ?? {}),
+    input.max_budget_usd ?? null,
+    input.resources ? JSON.stringify(input.resources) : null,
+    input.vault_ids ? JSON.stringify(input.vault_ids) : null,
+    input.parent_session_id ?? null,
+    input.thread_depth ?? 0,
+    now,
+    now,
+  );
+  return getSession(id)!;
+}
+export function getSession(id: string): Session | null {
+  const row = getSessionRow(id);
+  return row ? hydrateSession(row) : null;
+}
+export function getSessionRow(id: string): SessionRow | null {
+  const db = getDb();
+  return (
+    (db
+      .prepare(`SELECT * FROM sessions WHERE id = ?`)
+      .get(id) as SessionRow | undefined) ?? null
+  );
+}
+export function updateSessionStatus(
+  id: string,
+  status: SessionStatus,
+  stopReason?: string | null,
+): void {
+  const db = getDb();
+  db.prepare(
+    `UPDATE sessions SET status = ?, stop_reason = ?, updated_at = ? WHERE id = ?`,
+  ).run(status, stopReason ?? null, nowMs(), id);
+}
+export function setSessionSprite(id: string, spriteName: string | null): void {
+  const db = getDb();
+  db.prepare(
+    `UPDATE sessions SET sprite_name = ?, updated_at = ? WHERE id = ?`,
+  ).run(spriteName, nowMs(), id);
+}
+/**
+ * Store the backend's session id for subsequent resume turns. The DB column
+ * is named `claude_session_id` for historical reasons but holds any
+ * backend's session id (claude's `session_id`, opencode's `sessionID`).
+ */
+export function setBackendSessionId(id: string, backendSessionId: string): void {
+  const db = getDb();
+  db.prepare(
+    `UPDATE sessions SET claude_session_id = ?, updated_at = ? WHERE id = ?`,
+  ).run(backendSessionId, nowMs(), id);
+}
+export function setSessionProvider(id: string, providerName: string): void {
+  const db = getDb();
+  db.prepare(
+    `UPDATE sessions SET provider_name = ?, updated_at = ? WHERE id = ?`,
+  ).run(providerName, nowMs(), id);
+}
+export function setIdleSince(id: string, idleSince: number | null): void {
+  const db = getDb();
+  db.prepare(`UPDATE sessions SET idle_since = ? WHERE id = ?`).run(idleSince, id);
+}
+export function updateSessionMutable(
+  id: string,
+  input: { title?: string | null; metadata?: Record<string, unknown> },
+): Session | null {
+  const db = getDb();
+  const existing = getSession(id);
+  if (!existing) return null;
+  db.prepare(
+    `UPDATE sessions SET title = ?, metadata_json = ?, updated_at = ? WHERE id = ?`,
+  ).run(
+    input.title ?? existing.title,
+    JSON.stringify(input.metadata ?? existing.metadata),
+    nowMs(),
+    id,
+  );
+  return getSession(id);
+}
+export interface UsageDelta {
+  input_tokens?: number;
+  output_tokens?: number;
+  cache_read_input_tokens?: number;
+  cache_creation_input_tokens?: number;
+  cost_usd?: number;
+}
+export function bumpSessionStats(
+  id: string,
+  delta: { turn_count?: number; tool_calls_count?: number; duration_seconds?: number; active_seconds?: number },
+  usage?: UsageDelta,
+): void {
+  const db = getDb();
+  db.prepare(
+    `UPDATE sessions SET
+       turn_count                        = turn_count + ?,
+       tool_calls_count                  = tool_calls_count + ?,
+       active_seconds                    = active_seconds + ?,
+       duration_seconds                  = duration_seconds + ?,
+       usage_input_tokens                = usage_input_tokens + ?,
+       usage_output_tokens               = usage_output_tokens + ?,
+       usage_cache_read_input_tokens     = usage_cache_read_input_tokens + ?,
+       usage_cache_creation_input_tokens = usage_cache_creation_input_tokens + ?,
+       usage_cost_usd                    = usage_cost_usd + ?,
+       updated_at                        = ?
+     WHERE id = ?`,
+  ).run(
+    delta.turn_count ?? 0,
+    delta.tool_calls_count ?? 0,
+    delta.active_seconds ?? 0,
+    delta.duration_seconds ?? 0,
+    usage?.input_tokens ?? 0,
+    usage?.output_tokens ?? 0,
+    usage?.cache_read_input_tokens ?? 0,
+    usage?.cache_creation_input_tokens ?? 0,
+    usage?.cost_usd ?? 0,
+    nowMs(),
+    id,
+  );
+}
+export function archiveSession(id: string): boolean {
+  const db = getDb();
+  const res = db
+    .prepare(`UPDATE sessions SET archived_at = ?, updated_at = ? WHERE id = ? AND archived_at IS NULL`)
+    .run(nowMs(), nowMs(), id);
+  return res.changes > 0;
+}
+export function listSessions(opts: {
+  agent_id?: string;
+  agent_version?: number;
+  environmentId?: string;
+  parent_session_id?: string;
+  status?: SessionStatus;
+  limit?: number;
+  order?: "asc" | "desc";
+  includeArchived?: boolean;
+  cursor?: string;
+  createdGt?: number;
+  createdGte?: number;
+  createdLt?: number;
+  createdLte?: number;
+}): Session[] {
+  const db = getDb();
+  const limit = Math.min(Math.max(opts.limit ?? 20, 1), 100);
+  const order = opts.order === "asc" ? "ASC" : "DESC";
+  const includeArchived = opts.includeArchived ?? false;
+  const clauses: string[] = [];
+  const params: unknown[] = [];
+  if (opts.agent_id) {
+    clauses.push("agent_id = ?");
+    params.push(opts.agent_id);
+  }
+  if (opts.agent_version != null) {
+    clauses.push("agent_version = ?");
+    params.push(opts.agent_version);
+  }
+  if (opts.environmentId) {
+    clauses.push("environment_id = ?");
+    params.push(opts.environmentId);
+  }
+  if (opts.parent_session_id) {
+    clauses.push("parent_session_id = ?");
+    params.push(opts.parent_session_id);
+  }
+  if (opts.status) {
+    clauses.push("status = ?");
+    params.push(opts.status);
+  }
+  if (!includeArchived) clauses.push("archived_at IS NULL");
+  if (opts.createdGt != null) {
+    clauses.push("created_at > ?");
+    params.push(opts.createdGt);
+  }
+  if (opts.createdGte != null) {
+    clauses.push("created_at >= ?");
+    params.push(opts.createdGte);
+  }
+  if (opts.createdLt != null) {
+    clauses.push("created_at < ?");
+    params.push(opts.createdLt);
+  }
+  if (opts.createdLte != null) {
+    clauses.push("created_at <= ?");
+    params.push(opts.createdLte);
+  }
+  if (opts.cursor) {
+    clauses.push(order === "DESC" ? "id < ?" : "id > ?");
+    params.push(opts.cursor);
+  }
+  const where = clauses.length ? `WHERE ${clauses.join(" AND ")}` : "";
+  const rows = db
+    .prepare(
+      `SELECT * FROM sessions ${where} ORDER BY id ${order} LIMIT ?`,
+    )
+    .all(...params, limit) as SessionRow[];
+  return rows.map(hydrateSession);
+}
+export function setOutcomeCriteria(id: string, criteria: Record<string, unknown>): void {
+  const db = getDb();
+  db.prepare(`UPDATE sessions SET outcome_criteria_json = ?, updated_at = ? WHERE id = ?`).run(
+    JSON.stringify(criteria),
+    nowMs(),
+    id,
+  );
+}
+export function getOutcomeCriteria(id: string): Record<string, unknown> | null {
+  const row = getSessionRow(id);
+  return row?.outcome_criteria_json ? (JSON.parse(row.outcome_criteria_json) as Record<string, unknown>) : null;
+}

package/src/db/vaults.ts ADDED Viewed

@@ -0,0 +1,110 @@
+/**
+ * Vault persistence: SQLite-backed key-value stores scoped to agents.
+ *
+ * Data persists across sessions. When `vault_ids` is set on a session,
+ * the driver provisions vault data into the container at turn start.
+ */
+import { getDb } from "./client";
+import { newId } from "../util/ids";
+import { nowMs, toIso } from "../util/clock";
+import type { Vault, VaultEntry, VaultEntryRow, VaultRow } from "../types";
+function hydrateVault(row: VaultRow): Vault {
+  return {
+    id: row.id,
+    agent_id: row.agent_id,
+    name: row.name,
+    created_at: toIso(row.created_at),
+    updated_at: toIso(row.updated_at),
+  };
+}
+export function createVault(input: {
+  agent_id: string;
+  name: string;
+}): Vault {
+  const db = getDb();
+  const id = newId("vault");
+  const now = nowMs();
+  db.prepare(
+    `INSERT INTO vaults (id, agent_id, name, created_at, updated_at)
+     VALUES (?, ?, ?, ?, ?)`,
+  ).run(id, input.agent_id, input.name, now, now);
+  return getVault(id)!;
+}
+export function getVault(id: string): Vault | null {
+  const db = getDb();
+  const row = db
+    .prepare(`SELECT * FROM vaults WHERE id = ?`)
+    .get(id) as VaultRow | undefined;
+  return row ? hydrateVault(row) : null;
+}
+export function listVaults(opts: { agent_id?: string }): Vault[] {
+  const db = getDb();
+  if (opts.agent_id) {
+    const rows = db
+      .prepare(
+        `SELECT * FROM vaults WHERE agent_id = ? ORDER BY created_at DESC`,
+      )
+      .all(opts.agent_id) as VaultRow[];
+    return rows.map(hydrateVault);
+  }
+  const rows = db
+    .prepare(`SELECT * FROM vaults ORDER BY created_at DESC`)
+    .all() as VaultRow[];
+  return rows.map(hydrateVault);
+}
+export function deleteVault(id: string): boolean {
+  const db = getDb();
+  const res = db.prepare(`DELETE FROM vaults WHERE id = ?`).run(id);
+  return res.changes > 0;
+}
+export function setEntry(vaultId: string, key: string, value: string): void {
+  const db = getDb();
+  const now = nowMs();
+  db.prepare(
+    `INSERT INTO vault_entries (vault_id, key, value, updated_at)
+     VALUES (?, ?, ?, ?)
+     ON CONFLICT(vault_id, key) DO UPDATE SET value = excluded.value, updated_at = excluded.updated_at`,
+  ).run(vaultId, key, value, now);
+  // Update vault's updated_at timestamp
+  db.prepare(`UPDATE vaults SET updated_at = ? WHERE id = ?`).run(now, vaultId);
+}
+export function getEntry(
+  vaultId: string,
+  key: string,
+): VaultEntry | null {
+  const db = getDb();
+  const row = db
+    .prepare(
+      `SELECT * FROM vault_entries WHERE vault_id = ? AND key = ?`,
+    )
+    .get(vaultId, key) as VaultEntryRow | undefined;
+  return row ? { key: row.key, value: row.value } : null;
+}
+export function listEntries(vaultId: string): VaultEntry[] {
+  const db = getDb();
+  const rows = db
+    .prepare(
+      `SELECT * FROM vault_entries WHERE vault_id = ? ORDER BY key ASC`,
+    )
+    .all(vaultId) as VaultEntryRow[];
+  return rows.map((r) => ({ key: r.key, value: r.value }));
+}
+export function deleteEntry(vaultId: string, key: string): boolean {
+  const db = getDb();
+  const res = db
+    .prepare(`DELETE FROM vault_entries WHERE vault_id = ? AND key = ?`)
+    .run(vaultId, key);
+  return res.changes > 0;
+}

package/src/errors.ts ADDED Viewed

@@ -0,0 +1,53 @@
+/**
+ * Managed Agents error envelope + typed HTTP error responses.
+ *
+ * Shape:
+ *   { "type": "error", "error": { "type": "...", "message": "..." } }
+ *
+ * Uses Web Standard Response — no framework dependency.
+ */
+export type ErrorType =
+  | "invalid_request_error"
+  | "authentication_error"
+  | "permission_error"
+  | "not_found_error"
+  | "rate_limit_error"
+  | "server_busy"
+  | "server_error";
+export class ApiError extends Error {
+  constructor(
+    public status: number,
+    public type: ErrorType,
+    message: string,
+  ) {
+    super(message);
+  }
+}
+export function envelope(type: ErrorType, message: string) {
+  return { type: "error", error: { type, message } };
+}
+export function toResponse(err: unknown): Response {
+  if (err instanceof ApiError) {
+    return Response.json(envelope(err.type, err.message), { status: err.status });
+  }
+  const msg = err instanceof Error ? err.message : String(err);
+  console.error("[error] unhandled:", msg);
+  return Response.json(envelope("server_error", "internal server error"), { status: 500 });
+}
+// Convenience constructors
+export const badRequest = (msg: string) => new ApiError(400, "invalid_request_error", msg);
+export const unauthorized = (msg = "missing or invalid API key") =>
+  new ApiError(401, "authentication_error", msg);
+export const forbidden = (msg: string) => new ApiError(403, "permission_error", msg);
+export const notFound = (msg: string) => new ApiError(404, "not_found_error", msg);
+export const conflict = (msg: string) => new ApiError(409, "invalid_request_error", msg);
+export const tooManyRequests = (msg = "rate limit exceeded") =>
+  new ApiError(429, "rate_limit_error", msg);
+export const serverBusy = (msg = "server is at capacity") =>
+  new ApiError(503, "server_busy", msg);

package/src/handlers/agents.ts ADDED Viewed

@@ -0,0 +1,194 @@
+import { z } from "zod";
+import { routeWrap, jsonOk } from "../http";
+import { createAgent, getAgent, updateAgent, archiveAgent, listAgents } from "../db/agents";
+import { resolveBackend } from "../backends/registry";
+import { isProxied, markProxied, unmarkProxied } from "../db/proxy";
+import { forwardToAnthropic, validateAnthropicProxy } from "../proxy/forward";
+import { badRequest, notFound } from "../errors";
+const ToolSchema = z.union([
+  z.object({
+    type: z.literal("agent_toolset_20260401"),
+    configs: z
+      .array(z.object({ name: z.string(), enabled: z.boolean().optional() }))
+      .optional(),
+    default_config: z.object({ enabled: z.boolean().optional() }).optional(),
+  }),
+  z.object({
+    type: z.literal("custom"),
+    name: z.string().min(1),
+    description: z.string(),
+    input_schema: z.record(z.unknown()),
+  }),
+]);
+const McpServerSchema = z.record(
+  z.object({
+    type: z.enum(["stdio", "http", "sse"]).optional(),
+    url: z.string().optional(),
+    command: z.union([z.string(), z.array(z.string())]).optional(),
+    args: z.array(z.string()).optional(),
+    headers: z.record(z.string()).optional(),
+    env: z.record(z.string()).optional(),
+  }),
+);
+const CreateSchema = z.object({
+  name: z.string().min(1),
+  model: z.string().min(1),
+  system: z.string().nullish(),
+  tools: z.array(ToolSchema).optional(),
+  mcp_servers: McpServerSchema.optional(),
+  backend: z.enum(["claude", "opencode", "codex", "anthropic", "gemini", "factory"]).optional(),
+  webhook_url: z.string().url().optional(),
+  webhook_events: z.array(z.string()).optional(),
+  threads_enabled: z.boolean().optional(),
+  confirmation_mode: z.boolean().optional(),
+  callable_agents: z.array(z.object({
+    type: z.literal("agent"),
+    id: z.string(),
+    version: z.number().int().optional(),
+  })).optional(),
+});
+const UpdateSchema = z.object({
+  name: z.string().min(1).optional(),
+  model: z.string().min(1).optional(),
+  system: z.string().nullish(),
+  tools: z.array(z.unknown()).optional(),
+  mcp_servers: z.record(z.unknown()).optional(),
+  webhook_url: z.string().url().nullish(),
+  webhook_events: z.array(z.string()).optional(),
+  confirmation_mode: z.boolean().optional(),
+  callable_agents: z.array(z.object({
+    type: z.literal("agent"),
+    id: z.string(),
+    version: z.number().int().optional(),
+  })).optional(),
+});
+export function handleCreateAgent(request: Request): Promise<Response> {
+  return routeWrap(request, async () => {
+    const rawBody = await request.text();
+    const body = rawBody ? JSON.parse(rawBody) : null;
+    const parsed = CreateSchema.safeParse(body);
+    if (!parsed.success) {
+      throw badRequest(`invalid body: ${parsed.error.issues.map((i) => i.message).join("; ")}`);
+    }
+    const backendName = parsed.data.backend ?? "claude";
+    if (backendName === "anthropic") {
+      const proxyErr = validateAnthropicProxy();
+      if (proxyErr) throw badRequest(proxyErr);
+      const proxyRes = await forwardToAnthropic(request, "/v1/agents", { body: rawBody });
+      if (proxyRes.ok) {
+        try {
+          const data = (await proxyRes.clone().json()) as { id: string };
+          markProxied(data.id, "agent");
+        } catch { /* best-effort */ }
+      }
+      return proxyRes;
+    }
+    const backend = resolveBackend(backendName);
+    if (backendName !== "claude" && parsed.data.tools && parsed.data.tools.length > 0) {
+      throw badRequest(
+        `${backendName} backend does not use agent tool configs; tools are managed by the backend's internal permission system. Omit the tools field for ${backendName} agents.`,
+      );
+    }
+    const createErr = backend.validateAgentCreation?.();
+    if (createErr) throw badRequest(createErr);
+    const agent = createAgent({
+      name: parsed.data.name,
+      model: parsed.data.model,
+      system: parsed.data.system ?? null,
+      tools: parsed.data.tools ?? [],
+      mcp_servers: parsed.data.mcp_servers ?? {},
+      backend: backendName,
+      webhook_url: parsed.data.webhook_url ?? null,
+      webhook_events: parsed.data.webhook_events,
+      threads_enabled: parsed.data.threads_enabled ?? false,
+      confirmation_mode: parsed.data.confirmation_mode ?? false,
+      callable_agents: parsed.data.callable_agents,
+    });
+    return jsonOk(agent, 201);
+  });
+}
+export function handleListAgents(request: Request): Promise<Response> {
+  return routeWrap(request, async ({ request: req }) => {
+    const url = new URL(req.url);
+    const limit = url.searchParams.get("limit");
+    const order = url.searchParams.get("order") as "asc" | "desc" | null;
+    const includeArchived = url.searchParams.get("include_archived") === "true";
+    const cursor = url.searchParams.get("page") ?? undefined;
+    const data = listAgents({
+      limit: limit ? Number(limit) : undefined,
+      order: order ?? undefined,
+      includeArchived,
+      cursor,
+    });
+    return jsonOk({
+      data,
+      next_page: data.length > 0 ? data[data.length - 1].id : null,
+    });
+  });
+}
+export function handleGetAgent(request: Request, id: string): Promise<Response> {
+  return routeWrap(request, async () => {
+    if (isProxied(id)) return forwardToAnthropic(request, `/v1/agents/${id}`);
+    const url = new URL(request.url);
+    const versionParam = url.searchParams.get("version");
+    const version = versionParam ? Number(versionParam) : undefined;
+    const agent = getAgent(id, version);
+    if (!agent) throw notFound(`agent ${id} not found`);
+    return jsonOk(agent);
+  });
+}
+export function handleUpdateAgent(request: Request, id: string): Promise<Response> {
+  return routeWrap(request, async () => {
+    if (isProxied(id)) return forwardToAnthropic(request, `/v1/agents/${id}`);
+    const body = (await request.json().catch(() => null)) as Record<string, unknown> | null;
+    if (body && typeof body === "object" && "backend" in body) {
+      throw badRequest("backend cannot be changed after agent creation");
+    }
+    const parsed = UpdateSchema.safeParse(body);
+    if (!parsed.success) throw badRequest(parsed.error.message);
+    const updated = updateAgent(id, {
+      name: parsed.data.name,
+      model: parsed.data.model,
+      system: parsed.data.system,
+      tools: parsed.data.tools as never,
+      mcp_servers: parsed.data.mcp_servers as never,
+      webhook_url: parsed.data.webhook_url,
+      webhook_events: parsed.data.webhook_events,
+      confirmation_mode: parsed.data.confirmation_mode,
+      callable_agents: parsed.data.callable_agents,
+    });
+    if (!updated) throw notFound(`agent ${id} not found`);
+    return jsonOk(updated);
+  });
+}
+export function handleDeleteAgent(request: Request, id: string): Promise<Response> {
+  return routeWrap(request, async () => {
+    if (isProxied(id)) {
+      const res = await forwardToAnthropic(request, `/v1/agents/${id}`);
+      if (res.ok) unmarkProxied(id);
+      return res;
+    }
+    const ok = archiveAgent(id);
+    if (!ok) throw notFound(`agent ${id} not found`);
+    return jsonOk({ id, type: "agent_deleted" });
+  });
+}

package/src/handlers/batch.ts ADDED Viewed

@@ -0,0 +1,41 @@
+import { z } from "zod";
+import { routeWrap, jsonOk } from "../http";
+import { executeBatch, BatchError } from "../db/batch";
+import { badRequest } from "../errors";
+const OperationSchema = z.object({
+  method: z.string().min(1),
+  path: z.string().min(1),
+  body: z.record(z.unknown()).optional(),
+});
+const BatchSchema = z.object({
+  operations: z.array(OperationSchema).min(1).max(50),
+});
+export function handleBatch(request: Request): Promise<Response> {
+  return routeWrap(request, async () => {
+    const body = await request.json();
+    const parsed = BatchSchema.safeParse(body);
+    if (!parsed.success) throw badRequest(parsed.error.message);
+    try {
+      const results = executeBatch(parsed.data.operations);
+      return jsonOk({ results });
+    } catch (err) {
+      if (err instanceof BatchError) {
+        return jsonOk(
+          {
+            error: {
+              type: "batch_error",
+              message: err.message,
+              failed_operation_index: err.failedIndex,
+            },
+          },
+          400,
+        );
+      }
+      throw err;
+    }
+  });
+}