@calliopelabs/cli 0.4.6 → 0.6.0

package/dist/risk.js

@@ -0,0 +1,367 @@
+/**
+ * Calliope CLI - Risk Assessment
+ *
+ * Evaluates the risk level of tool operations and shell commands.
+ */
+/**
+ * Shell command patterns by risk level
+ */
+const SHELL_PATTERNS = {
+    none: [], // Shell commands are never 'none' risk
+    low: [
+        /^ls(\s|$)/,
+        /^cat\s/,
+        /^head\s/,
+        /^tail\s/,
+        /^grep\s/,
+        /^find\s/,
+        /^pwd$/,
+        /^echo\s/,
+        /^wc\s/,
+        /^sort\s/,
+        /^uniq\s/,
+        /^diff\s/,
+        /^which\s/,
+        /^whoami$/,
+        /^date$/,
+        /^cal(\s|$)/,
+        /^git\s+status/,
+        /^git\s+log/,
+        /^git\s+diff/,
+        /^git\s+branch/,
+        /^git\s+show/,
+        /^git\s+remote\s+-v/,
+        /^npm\s+list/,
+        /^npm\s+view/,
+        /^npm\s+search/,
+        /^node\s+--version/,
+        /^npm\s+--version/,
+        /^tsc\s+--version/,
+        /^python\s+--version/,
+        /^env$/,
+        /^printenv/,
+    ],
+    medium: [
+        /^git\s+add/,
+        /^git\s+commit/,
+        /^git\s+checkout/,
+        /^git\s+branch\s+-[dD]/,
+        /^git\s+stash/,
+        /^git\s+merge/,
+        /^git\s+rebase/,
+        /^npm\s+install/,
+        /^npm\s+i(\s|$)/,
+        /^npm\s+update/,
+        /^npm\s+ci/,
+        /^yarn(\s+install)?/,
+        /^pnpm\s+install/,
+        /^pip\s+install/,
+        /^mkdir\s/,
+        /^touch\s/,
+        /^cp\s/,
+        /^tsc(\s|$)/,
+        /^npx\s/,
+        /^node\s/,
+        /^python\s/,
+    ],
+    high: [
+        /^rm\s/,
+        /^rmdir\s/,
+        /^mv\s/,
+        /^chmod\s/,
+        /^chown\s/,
+        /^git\s+push/,
+        /^git\s+reset/,
+        /^git\s+revert/,
+        /^git\s+clean/,
+        /^git\s+fetch.*--prune/,
+        /^npm\s+publish/,
+        /^npm\s+unpublish/,
+        /^npm\s+deprecate/,
+        /^npm\s+link/,
+        /^npm\s+uninstall/,
+        /^pip\s+uninstall/,
+        /^docker\s+rm/,
+        /^docker\s+rmi/,
+        /^docker\s+stop/,
+        /^docker\s+kill/,
+        /^kill\s/,
+        /^pkill\s/,
+        /^killall\s/,
+    ],
+    critical: [
+        /^sudo\s/,
+        /^su\s/,
+        /^rm\s+-rf/,
+        /^rm\s+-fr/,
+        /^rm\s+.*-rf/,
+        /^rm\s+.*-fr/,
+        /^rm\s+-r\s+\//,
+        /^chmod\s+777/,
+        /^chmod\s+-R/,
+        /^chown\s+-R/,
+        /^dd\s/,
+        /^mkfs/,
+        /^fdisk/,
+        /^parted/,
+        /^format/,
+        />\s*\/dev\//,
+        /^git\s+push.*--force/,
+        /^git\s+push.*-f/,
+        /^git\s+reset\s+--hard/,
+        /^npm\s+exec/,
+        /^eval\s/,
+        /\|\s*sh(\s|$)/,
+        /\|\s*bash(\s|$)/,
+        /curl.*\|\s*(sh|bash)/,
+        /wget.*\|\s*(sh|bash)/,
+    ],
+};
+/**
+ * Paths that elevate risk to critical
+ */
+const CRITICAL_PATHS = [
+    '/etc',
+    '/usr',
+    '/var',
+    '/sys',
+    '/proc',
+    '/boot',
+    '/root',
+    '/bin',
+    '/sbin',
+    '/lib',
+    '/opt',
+    '~/.ssh',
+    '~/.gnupg',
+    '~/.config',
+];
+/**
+ * Assess risk level for a shell command
+ */
+export function assessShellRisk(command) {
+    const trimmed = command.trim();
+    // Check for critical patterns first
+    for (const pattern of SHELL_PATTERNS.critical) {
+        if (pattern.test(trimmed)) {
+            return {
+                level: 'critical',
+                reason: 'Potentially destructive or system-altering command',
+                requiresConfirmation: true,
+            };
+        }
+    }
+    // Check for critical paths
+    for (const criticalPath of CRITICAL_PATHS) {
+        const expandedPath = criticalPath.replace('~', process.env.HOME || '');
+        if (trimmed.includes(expandedPath) || trimmed.includes(criticalPath)) {
+            // Only elevate if it's a write operation
+            if (/\b(rm|mv|cp|chmod|chown|write|echo.*>)\b/.test(trimmed)) {
+                return {
+                    level: 'critical',
+                    reason: `Operation targets sensitive path: ${criticalPath}`,
+                    requiresConfirmation: true,
+                };
+            }
+        }
+    }
+    // Check high risk
+    for (const pattern of SHELL_PATTERNS.high) {
+        if (pattern.test(trimmed)) {
+            return {
+                level: 'high',
+                reason: 'Command modifies or deletes files/resources',
+                requiresConfirmation: true,
+            };
+        }
+    }
+    // Check medium risk
+    for (const pattern of SHELL_PATTERNS.medium) {
+        if (pattern.test(trimmed)) {
+            return {
+                level: 'medium',
+                reason: 'Command creates or modifies files',
+                requiresConfirmation: false,
+            };
+        }
+    }
+    // Check low risk
+    for (const pattern of SHELL_PATTERNS.low) {
+        if (pattern.test(trimmed)) {
+            return {
+                level: 'low',
+                reason: 'Read-only or informational command',
+                requiresConfirmation: false,
+            };
+        }
+    }
+    // Default to medium for unknown commands
+    return {
+        level: 'medium',
+        reason: 'Unknown command - defaulting to medium risk',
+        requiresConfirmation: false,
+    };
+}
+/**
+ * Base risk levels for each tool type
+ */
+const TOOL_BASE_RISK = {
+    think: 'none',
+    read_file: 'none',
+    list_files: 'none',
+    write_file: 'medium',
+    shell: 'low', // Will be overridden by command analysis
+};
+/**
+ * Assess risk level for a tool call
+ */
+export function assessToolRisk(toolCall) {
+    const { name, arguments: args } = toolCall;
+    // Special handling for shell commands
+    if (name === 'shell' && typeof args.command === 'string') {
+        return assessShellRisk(args.command);
+    }
+    // Special handling for write_file - check the path
+    if (name === 'write_file' && typeof args.path === 'string') {
+        const filePath = args.path;
+        // Check for critical paths
+        for (const criticalPath of CRITICAL_PATHS) {
+            const expandedPath = criticalPath.replace('~', process.env.HOME || '');
+            if (filePath.startsWith(expandedPath) || filePath.startsWith(criticalPath)) {
+                return {
+                    level: 'critical',
+                    reason: `Writing to sensitive path: ${criticalPath}`,
+                    requiresConfirmation: true,
+                };
+            }
+        }
+        // Check for sensitive file types
+        if (/\.(env|pem|key|crt|ssh|gpg)$/i.test(filePath)) {
+            return {
+                level: 'high',
+                reason: 'Writing to sensitive file type',
+                requiresConfirmation: true,
+            };
+        }
+        return {
+            level: 'medium',
+            reason: 'File write operation',
+            requiresConfirmation: false,
+        };
+    }
+    // Default risk based on tool type
+    const baseRisk = TOOL_BASE_RISK[name] || 'medium';
+    return {
+        level: baseRisk,
+        reason: getRiskReason(name, baseRisk),
+        requiresConfirmation: baseRisk === 'high' || baseRisk === 'critical',
+    };
+}
+/**
+ * Get a human-readable reason for the risk level
+ */
+function getRiskReason(toolName, level) {
+    switch (toolName) {
+        case 'think':
+            return 'Pure reasoning, no side effects';
+        case 'read_file':
+            return 'Read-only file access';
+        case 'list_files':
+            return 'Read-only directory listing';
+        case 'write_file':
+            return 'File write operation';
+        case 'shell':
+            return 'Shell command execution';
+        default:
+            return `Tool operation: ${toolName}`;
+    }
+}
+/**
+ * Format risk level as a visual bar
+ */
+export function formatRiskBar(level) {
+    const bars = {
+        none: '░░░░░',
+        low: '█░░░░',
+        medium: '███░░',
+        high: '████░',
+        critical: '█████',
+    };
+    return bars[level];
+}
+/**
+ * Check if an operation requires confirmation regardless of mode
+ */
+export function requiresConfirmation(risk, godMode) {
+    // Critical operations ALWAYS require confirmation
+    if (risk.level === 'critical') {
+        return true;
+    }
+    // In god mode, skip confirmation for non-critical
+    if (godMode) {
+        return false;
+    }
+    // Otherwise, defer to the risk assessment
+    return risk.requiresConfirmation;
+}
+/**
+ * Complexity triggers for hybrid mode planning
+ */
+const COMPLEXITY_KEYWORDS = [
+    'refactor',
+    'rewrite',
+    'migrate',
+    'upgrade',
+    'convert',
+    'restructure',
+    'reorganize',
+    'overhaul',
+    'replace all',
+    'delete all',
+    'remove all',
+    'update all',
+    'change all',
+    'fix all',
+    'across all',
+    'entire codebase',
+    'whole project',
+    'every file',
+];
+const AMBIGUOUS_KEYWORDS = [
+    'clean up',
+    'clean this',
+    'fix this',
+    'improve',
+    'make better',
+    'optimize',
+    'handle',
+    'deal with',
+    'sort out',
+];
+/**
+ * Detect if a user prompt suggests a complex operation
+ * that should trigger planning in hybrid mode
+ */
+export function detectComplexity(prompt) {
+    const lower = prompt.toLowerCase();
+    // Check for complexity keywords
+    for (const keyword of COMPLEXITY_KEYWORDS) {
+        if (lower.includes(keyword)) {
+            return {
+                isComplex: true,
+                reason: `Detected complex operation: "${keyword}"`,
+            };
+        }
+    }
+    // Check for ambiguous requests
+    for (const keyword of AMBIGUOUS_KEYWORDS) {
+        if (lower.includes(keyword)) {
+            return {
+                isComplex: true,
+                reason: `Ambiguous request may need clarification: "${keyword}"`,
+            };
+        }
+    }
+    return { isComplex: false };
+}
+//# sourceMappingURL=risk.js.map

package/dist/risk.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"risk.js","sourceRoot":"","sources":["../src/risk.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,cAAc,GAAgC;IAClD,IAAI,EAAE,EAAE,EAAE,uCAAuC;IAEjD,GAAG,EAAE;QACH,WAAW;QACX,QAAQ;QACR,SAAS;QACT,SAAS;QACT,SAAS;QACT,SAAS;QACT,OAAO;QACP,SAAS;QACT,OAAO;QACP,SAAS;QACT,SAAS;QACT,SAAS;QACT,UAAU;QACV,UAAU;QACV,QAAQ;QACR,YAAY;QACZ,eAAe;QACf,YAAY;QACZ,aAAa;QACb,eAAe;QACf,aAAa;QACb,oBAAoB;QACpB,aAAa;QACb,aAAa;QACb,eAAe;QACf,mBAAmB;QACnB,kBAAkB;QAClB,kBAAkB;QAClB,qBAAqB;QACrB,OAAO;QACP,WAAW;KACZ;IAED,MAAM,EAAE;QACN,YAAY;QACZ,eAAe;QACf,iBAAiB;QACjB,uBAAuB;QACvB,cAAc;QACd,cAAc;QACd,eAAe;QACf,gBAAgB;QAChB,gBAAgB;QAChB,eAAe;QACf,WAAW;QACX,oBAAoB;QACpB,iBAAiB;QACjB,gBAAgB;QAChB,UAAU;QACV,UAAU;QACV,OAAO;QACP,YAAY;QACZ,QAAQ;QACR,SAAS;QACT,WAAW;KACZ;IAED,IAAI,EAAE;QACJ,OAAO;QACP,UAAU;QACV,OAAO;QACP,UAAU;QACV,UAAU;QACV,aAAa;QACb,cAAc;QACd,eAAe;QACf,cAAc;QACd,uBAAuB;QACvB,gBAAgB;QAChB,kBAAkB;QAClB,kBAAkB;QAClB,aAAa;QACb,kBAAkB;QAClB,kBAAkB;QAClB,cAAc;QACd,eAAe;QACf,gBAAgB;QAChB,gBAAgB;QAChB,SAAS;QACT,UAAU;QACV,YAAY;KACb;IAED,QAAQ,EAAE;QACR,SAAS;QACT,OAAO;QACP,WAAW;QACX,WAAW;QACX,aAAa;QACb,aAAa;QACb,eAAe;QACf,cAAc;QACd,aAAa;QACb,aAAa;QACb,OAAO;QACP,OAAO;QACP,QAAQ;QACR,SAAS;QACT,SAAS;QACT,aAAa;QACb,sBAAsB;QACtB,iBAAiB;QACjB,uBAAuB;QACvB,aAAa;QACb,SAAS;QACT,eAAe;QACf,iBAAiB;QACjB,sBAAsB;QACtB,sBAAsB;KACvB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAG;IACrB,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,OAAO;IACP,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,QAAQ;IACR,UAAU;IACV,WAAW;CACZ,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAE/B,oCAAoC;IACpC,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;QAC9C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,UAAU;gBACjB,MAAM,EAAE,oDAAoD;gBAC5D,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,KAAK,MAAM,YAAY,IAAI,cAAc,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QACvE,IAAI,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YACrE,yCAAyC;YACzC,IAAI,0CAA0C,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7D,OAAO;oBACL,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,qCAAqC,YAAY,EAAE;oBAC3D,oBAAoB,EAAE,IAAI;iBAC3B,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,MAAM;gBACb,MAAM,EAAE,6CAA6C;gBACrD,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,MAAM,EAAE,CAAC;QAC5C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,QAAQ;gBACf,MAAM,EAAE,mCAAmC;gBAC3C,oBAAoB,EAAE,KAAK;aAC5B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,GAAG,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,oCAAoC;gBAC5C,oBAAoB,EAAE,KAAK;aAC5B,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,OAAO;QACL,KAAK,EAAE,QAAQ;QACf,MAAM,EAAE,6CAA6C;QACrD,oBAAoB,EAAE,KAAK;KAC5B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,cAAc,GAA8B;IAChD,KAAK,EAAE,MAAM;IACb,SAAS,EAAE,MAAM;IACjB,UAAU,EAAE,MAAM;IAClB,UAAU,EAAE,QAAQ;IACpB,KAAK,EAAE,KAAK,EAAE,yCAAyC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAkB;IAC/C,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,QAAQ,CAAC;IAE3C,sCAAsC;IACtC,IAAI,IAAI,KAAK,OAAO,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QACzD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,mDAAmD;IACnD,IAAI,IAAI,KAAK,YAAY,IAAI,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC;QAE3B,2BAA2B;QAC3B,KAAK,MAAM,YAAY,IAAI,cAAc,EAAE,CAAC;YAC1C,MAAM,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;YACvE,IAAI,QAAQ,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC3E,OAAO;oBACL,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,8BAA8B,YAAY,EAAE;oBACpD,oBAAoB,EAAE,IAAI;iBAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,+BAA+B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,OAAO;gBACL,KAAK,EAAE,MAAM;gBACb,MAAM,EAAE,gCAAgC;gBACxC,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;QAED,OAAO;YACL,KAAK,EAAE,QAAQ;YACf,MAAM,EAAE,sBAAsB;YAC9B,oBAAoB,EAAE,KAAK;SAC5B,CAAC;IACJ,CAAC;IAED,kCAAkC;IAClC,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC;IAElD,OAAO;QACL,KAAK,EAAE,QAAQ;QACf,MAAM,EAAE,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC;QACrC,oBAAoB,EAAE,QAAQ,KAAK,MAAM,IAAI,QAAQ,KAAK,UAAU;KACrE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,QAAgB,EAAE,KAAgB;IACvD,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,iCAAiC,CAAC;QAC3C,KAAK,WAAW;YACd,OAAO,uBAAuB,CAAC;QACjC,KAAK,YAAY;YACf,OAAO,6BAA6B,CAAC;QACvC,KAAK,YAAY;YACf,OAAO,sBAAsB,CAAC;QAChC,KAAK,OAAO;YACV,OAAO,yBAAyB,CAAC;QACnC;YACE,OAAO,mBAAmB,QAAQ,EAAE,CAAC;IACzC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAgB;IAC5C,MAAM,IAAI,GAA8B;QACtC,IAAI,EAAE,OAAO;QACb,GAAG,EAAE,OAAO;QACZ,MAAM,EAAE,OAAO;QACf,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,OAAO;KAClB,CAAC;IACF,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAoB,EAAE,OAAgB;IACzE,kDAAkD;IAClD,IAAI,IAAI,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kDAAkD;IAClD,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,KAAK,CAAC;IACf,CAAC;IAED,0CAA0C;IAC1C,OAAO,IAAI,CAAC,oBAAoB,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,mBAAmB,GAAG;IAC1B,UAAU;IACV,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,aAAa;IACb,YAAY;IACZ,UAAU;IACV,aAAa;IACb,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,SAAS;IACT,YAAY;IACZ,iBAAiB;IACjB,eAAe;IACf,YAAY;CACb,CAAC;AAEF,MAAM,kBAAkB,GAAG;IACzB,UAAU;IACV,YAAY;IACZ,UAAU;IACV,SAAS;IACT,aAAa;IACb,UAAU;IACV,QAAQ;IACR,WAAW;IACX,UAAU;CACX,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAI7C,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IAEnC,gCAAgC;IAChC,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;QAC1C,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,OAAO;gBACL,SAAS,EAAE,IAAI;gBACf,MAAM,EAAE,gCAAgC,OAAO,GAAG;aACnD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,OAAO;gBACL,SAAS,EAAE,IAAI;gBACf,MAAM,EAAE,8CAA8C,OAAO,GAAG;aACjE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAC9B,CAAC"}

package/dist/sandbox.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Calliope CLI - Code Execution Sandbox
+ *
+ * Secure code execution using Docker containers.
+ */
+export interface SandboxConfig {
+    enabled: boolean;
+    image: string;
+    timeout: number;
+    memoryLimit: string;
+    cpuLimit: string;
+    networkEnabled: boolean;
+    mountWorkdir: boolean;
+    readOnly: boolean;
+}
+export interface ExecutionResult {
+    success: boolean;
+    exitCode: number;
+    stdout: string;
+    stderr: string;
+    duration: number;
+    sandboxed: boolean;
+}
+export type Language = 'python' | 'node' | 'bash' | 'ruby' | 'go' | 'rust';
+/**
+ * Check if Docker is available
+ */
+export declare function isDockerAvailable(): boolean;
+/**
+ * Check if Docker image exists
+ */
+export declare function imageExists(image: string): boolean;
+/**
+ * Pull Docker image if needed
+ */
+export declare function ensureImage(image: string): Promise<boolean>;
+/**
+ * Execute code in Docker sandbox
+ */
+export declare function executeInSandbox(language: Language, code: string, config?: Partial<SandboxConfig>): Promise<ExecutionResult>;
+/**
+ * Execute code without sandbox (fallback)
+ */
+export declare function executeUnsafe(language: Language, code: string, timeout?: number): Promise<ExecutionResult>;
+/**
+ * Execute code (with or without sandbox based on availability)
+ */
+export declare function execute(language: Language, code: string, config?: Partial<SandboxConfig>): Promise<ExecutionResult>;
+//# sourceMappingURL=sandbox.d.ts.map

package/dist/sandbox.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sandbox.d.ts","sourceRoot":"","sources":["../src/sandbox.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAWH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,OAAO,CAAC;IACxB,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC;AAiC3E;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,CAW3C;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAOlD;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAQjE;AAMD;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,MAAM,EACZ,MAAM,GAAE,OAAO,CAAC,aAAa,CAAM,GAClC,OAAO,CAAC,eAAe,CAAC,CAmH1B;AAoFD;;GAEG;AACH,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,MAAc,GACtB,OAAO,CAAC,eAAe,CAAC,CAoF1B;AAMD;;GAEG;AACH,wBAAsB,OAAO,CAC3B,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,MAAM,EACZ,MAAM,GAAE,OAAO,CAAC,aAAa,CAAM,GAClC,OAAO,CAAC,eAAe,CAAC,CAQ1B"}