@castlekit/castle 0.1.6 → 0.3.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Castle Kit Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/drizzle.config.ts

@@ -0,0 +1,7 @@
+import { defineConfig } from "drizzle-kit";
+
+export default defineConfig({
+  schema: "./src/lib/db/schema.ts",
+  out: "./src/lib/db/migrations",
+  dialect: "sqlite",
+});

package/install.sh

@@ -569,8 +569,27 @@ install_castle() {
         echo -e "${WARN}→${NC} Installing Castle (${INFO}${CASTLE_VERSION}${NC})..."
     fi
 
-    if ! npm --loglevel "$NPM_LOGLEVEL" ${NPM_SILENT_FLAG:+$NPM_SILENT_FLAG} --no-fund --no-audit install -g "$install_spec"; then
+    # Run npm install in background with a spinner so the user knows it's working
+    local npm_log
+    npm_log="$(mktempfile)"
+    npm --loglevel "$NPM_LOGLEVEL" ${NPM_SILENT_FLAG:+$NPM_SILENT_FLAG} --no-fund --no-audit install -g "$install_spec" > "$npm_log" 2>&1 &
+    local npm_pid=$!
+
+    local spin_chars='⠋⠙⠹⠸⠼⠴⠦⠧⠇⠏'
+    local i=0
+    while kill -0 "$npm_pid" 2>/dev/null; do
+        local c="${spin_chars:i%${#spin_chars}:1}"
+        printf "\r  ${ACCENT}%s${NC} Installing..." "$c"
+        ((i++)) || true
+        sleep 0.1
+    done
+    printf "\r                          \r"
+
+    wait "$npm_pid"
+    local npm_exit=$?
+    if [[ "$npm_exit" -ne 0 ]]; then
         echo -e "${ERROR}npm install failed${NC}"
+        cat "$npm_log"
         echo -e "Try: ${INFO}npm install -g --force ${install_spec}${NC}"
         exit 1
     fi

package/next.config.ts

@@ -2,6 +2,7 @@ import type { NextConfig } from "next";
 
 const nextConfig: NextConfig = {
   devIndicators: false,
+  serverExternalPackages: ["better-sqlite3"],
 };
 
 export default nextConfig;

package/package.json

@@ -1,16 +1,33 @@
 {
   "name": "@castlekit/castle",
-  "version": "0.1.6",
+  "version": "0.3.1",
   "description": "The multi-agent workspace",
   "type": "module",
   "bin": {
     "castle": "./bin/castle.js"
   },
+  "files": [
+    "bin/",
+    "src/",
+    "index.js",
+    "install.sh",
+    "next.config.ts",
+    "postcss.config.mjs",
+    "tsconfig.json",
+    "drizzle.config.ts",
+    "LICENSE",
+    "README.md",
+    "!src/**/__tests__/**",
+    "!src/**/*.test.*"
+  ],
   "scripts": {
     "dev": "next dev -p 3333",
     "build": "next build",
     "start": "next start -p 3333",
-    "lint": "next lint"
+    "lint": "next lint",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "ci": "npm audit --omit=dev --audit-level=high && npm test && npm run build"
   },
   "repository": {
     "type": "git",
@@ -39,12 +56,15 @@
     "@dnd-kit/utilities": "^3.2.2",
     "@radix-ui/react-slider": "^1.3.6",
     "@tailwindcss/postcss": "^4.1.18",
+    "@twemoji/api": "^17.0.2",
     "@types/node": "^25.2.1",
     "@types/react": "^19.2.13",
     "@types/react-dom": "^19.2.3",
     "@types/ws": "^8.18.1",
+    "better-sqlite3": "^12.6.2",
     "clsx": "^2.1.1",
     "commander": "^14.0.3",
+    "drizzle-orm": "^0.45.1",
     "json5": "^2.2.3",
     "lucide-react": "^0.563.0",
     "next": "^16.1.6",
@@ -53,16 +73,28 @@
     "picocolors": "^1.1.1",
     "react": "^19.2.4",
     "react-dom": "^19.2.4",
+    "react-markdown": "^10.1.0",
+    "react-syntax-highlighter": "^16.1.0",
     "recharts": "^3.7.0",
+    "remark-gfm": "^4.0.1",
     "sharp": "^0.34.5",
     "swr": "^2.4.0",
     "tailwind-merge": "^3.4.0",
     "tailwindcss": "^4.1.18",
     "tsx": "^4.21.0",
     "typescript": "^5.9.3",
+    "uuid": "^13.0.0",
     "ws": "^8.19.0"
   },
   "devDependencies": {
-    "@types/sharp": "^0.31.1"
+    "@testing-library/jest-dom": "^6.9.1",
+    "@testing-library/react": "^16.3.2",
+    "@types/better-sqlite3": "^7.6.13",
+    "@types/react-syntax-highlighter": "^15.5.13",
+    "@types/sharp": "^0.31.1",
+    "@types/uuid": "^10.0.0",
+    "drizzle-kit": "^0.31.8",
+    "jsdom": "^28.0.0",
+    "vitest": "^4.0.18"
   }
 }

package/src/app/api/avatars/[id]/route.ts

@@ -1,6 +1,6 @@
 import { NextRequest, NextResponse } from "next/server";
 import { readFileSync, existsSync } from "fs";
-import { join } from "path";
+import { join, resolve } from "path";
 import { homedir } from "os";
 import { ensureGateway } from "@/lib/gateway-connection";
 
@@ -51,11 +51,16 @@ export async function GET(
       if (storedUrl.startsWith("workspace://")) {
         const pathPart = storedUrl.slice("workspace://".length);
         // Resolve ~ in workspace path
-        const resolved = pathPart.startsWith("~")
-          ? join(homedir(), pathPart.slice(1))
-          : pathPart;
-        // Prevent traversal
-        if (!resolved.includes("..") && existsSync(resolved)) {
+        const resolved = resolve(
+          pathPart.startsWith("~") ? join(homedir(), pathPart.slice(1)) : pathPart
+        );
+        // Prevent traversal: resolved path must not escape the workspace
+        // and must be a simple file path (no symlink-based escapes for known dirs)
+        if (
+          !resolved.includes("..") &&
+          !resolved.includes("\0") &&
+          existsSync(resolved)
+        ) {
           return serveFile(resolved);
         }
       }
@@ -92,8 +97,50 @@ export async function GET(
   return new NextResponse("Not found", { status: 404 });
 }
 
-/** Fetch an avatar from an HTTP URL with a short timeout */
+/**
+ * Check if a URL resolves to a private/internal IP range (SSRF protection).
+ * Blocks access to localhost, private networks, link-local, and cloud metadata.
+ */
+function isPrivateUrl(urlStr: string): boolean {
+  try {
+    const parsed = new URL(urlStr);
+    const hostname = parsed.hostname;
+
+    // Block cloud metadata endpoints
+    if (hostname === "169.254.169.254" || hostname === "metadata.google.internal") {
+      return true;
+    }
+
+    // Block localhost variants
+    if (
+      hostname === "localhost" ||
+      hostname === "127.0.0.1" ||
+      hostname === "::1" ||
+      hostname === "0.0.0.0"
+    ) {
+      return true;
+    }
+
+    // Block private IP ranges (10.x, 172.16-31.x, 192.168.x)
+    const parts = hostname.split(".").map(Number);
+    if (parts.length === 4 && parts.every((p) => !isNaN(p))) {
+      if (parts[0] === 10) return true;
+      if (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31) return true;
+      if (parts[0] === 192 && parts[1] === 168) return true;
+      if (parts[0] === 169 && parts[1] === 254) return true; // link-local
+    }
+
+    return false;
+  } catch {
+    return true; // Reject malformed URLs
+  }
+}
+
+/** Fetch an avatar from an HTTP URL with a short timeout and SSRF protection */
 async function fetchAvatar(url: string): Promise<NextResponse | null> {
+  // Block requests to private/internal networks
+  if (isPrivateUrl(url)) return null;
+
   try {
     const resp = await fetch(url, { signal: AbortSignal.timeout(2000) });
     if (!resp.ok) return null;
@@ -101,7 +148,10 @@ async function fetchAvatar(url: string): Promise<NextResponse | null> {
     const contentType = resp.headers.get("content-type") || "image/png";
     if (!contentType.startsWith("image/")) return null;
 
+    // Limit response size to prevent memory exhaustion
     const data = Buffer.from(await resp.arrayBuffer());
+    if (data.length > 5 * 1024 * 1024) return null; // 5MB max
+
     return new NextResponse(data, {
       headers: { "Content-Type": contentType, ...CACHE_HEADERS },
     });

package/src/app/api/openclaw/agents/route.ts

@@ -105,10 +105,14 @@ export async function GET() {
   }
 
   try {
+    const _start = Date.now();
     // Fetch agents and config in parallel
     const [agentsResult, configResult] = await Promise.all([
       gw.request<AgentsListPayload>("agents.list", {}),
-      gw.request<ConfigGetPayload>("config.get", {}).catch(() => null),
+      gw.request<ConfigGetPayload>("config.get", {}).catch((err) => {
+        console.warn("[Agents API] config.get failed (non-fatal):", (err as Error).message);
+        return null;
+      }),
     ]);
 
     // Build workspace lookup from config
@@ -130,11 +134,13 @@ export async function GET() {
       return { id: agent.id, name, description, avatar, emoji };
     });
 
+    console.log(`[Agents API] GET list OK — ${agents.length} agents (${Date.now() - _start}ms)`);
     return NextResponse.json({
       agents,
       defaultId: agentsResult?.defaultId,
     });
   } catch (err) {
+    console.error("[Agents API] GET list FAILED:", err instanceof Error ? err.message : "Unknown error");
     return NextResponse.json(
       { error: err instanceof Error ? err.message : "Failed to list agents", agents: [] },
       { status: 500 }

package/src/app/api/openclaw/agents/status/route.ts

@@ -0,0 +1,55 @@
+import { NextRequest, NextResponse } from "next/server";
+import { getAgentStatuses, setAgentStatus, type AgentStatusValue } from "@/lib/db/queries";
+import { checkCsrf } from "@/lib/api-security";
+
+const VALID_STATUSES: AgentStatusValue[] = ["idle", "thinking", "active"];
+
+// ============================================================================
+// GET /api/openclaw/agents/status — Get all agent statuses
+// ============================================================================
+
+export async function GET() {
+  try {
+    const statuses = getAgentStatuses();
+    return NextResponse.json({ statuses });
+  } catch (err) {
+    console.error("[Agent Status] GET failed:", (err as Error).message);
+    return NextResponse.json({ error: "Failed to get agent statuses" }, { status: 500 });
+  }
+}
+
+// ============================================================================
+// POST /api/openclaw/agents/status — Set an agent's status
+// ============================================================================
+
+export async function POST(request: NextRequest) {
+  const csrfError = checkCsrf(request);
+  if (csrfError) return csrfError;
+
+  let body: { agentId?: string; status?: string };
+
+  try {
+    body = await request.json();
+  } catch {
+    return NextResponse.json({ error: "Invalid JSON" }, { status: 400 });
+  }
+
+  if (!body.agentId || typeof body.agentId !== "string") {
+    return NextResponse.json({ error: "agentId is required" }, { status: 400 });
+  }
+
+  if (!body.status || !VALID_STATUSES.includes(body.status as AgentStatusValue)) {
+    return NextResponse.json(
+      { error: `status must be one of: ${VALID_STATUSES.join(", ")}` },
+      { status: 400 }
+    );
+  }
+
+  try {
+    setAgentStatus(body.agentId, body.status as AgentStatusValue);
+    return NextResponse.json({ ok: true });
+  } catch (err) {
+    console.error("[Agent Status] POST failed:", (err as Error).message);
+    return NextResponse.json({ error: "Failed to set agent status" }, { status: 500 });
+  }
+}

package/src/app/api/openclaw/chat/attachments/route.ts

@@ -0,0 +1,230 @@
+import { NextRequest, NextResponse } from "next/server";
+import { existsSync, mkdirSync, writeFileSync, readFileSync, statSync } from "fs";
+import { join, resolve } from "path";
+import { platform } from "os";
+import { v4 as uuid } from "uuid";
+import { checkCsrf } from "@/lib/api-security";
+import { getCastleDir } from "@/lib/config";
+import { createAttachment, getAttachmentsByMessage } from "@/lib/db/queries";
+
+const MAX_FILE_SIZE = 10 * 1024 * 1024; // 10MB
+const ALLOWED_MIME_TYPES = new Set([
+  "image/png",
+  "image/jpeg",
+  "image/webp",
+  "image/gif",
+  "audio/mpeg",
+  "audio/ogg",
+  "audio/wav",
+]);
+
+function getAttachmentsDir(): string {
+  return join(getCastleDir(), "data", "attachments");
+}
+
+/** Validate that resolved path stays within the attachments directory */
+function isPathSafe(filePath: string, baseDir: string): boolean {
+  const resolved = resolve(filePath);
+  const resolvedBase = resolve(baseDir);
+  return resolved.startsWith(resolvedBase);
+}
+
+function getMimeForExt(ext: string): string {
+  const map: Record<string, string> = {
+    ".png": "image/png",
+    ".jpg": "image/jpeg",
+    ".jpeg": "image/jpeg",
+    ".webp": "image/webp",
+    ".gif": "image/gif",
+    ".mp3": "audio/mpeg",
+    ".ogg": "audio/ogg",
+    ".wav": "audio/wav",
+  };
+  return map[ext.toLowerCase()] || "application/octet-stream";
+}
+
+// ============================================================================
+// POST /api/openclaw/chat/attachments — Upload attachment
+// ============================================================================
+
+export async function POST(request: NextRequest) {
+  const csrf = checkCsrf(request);
+  if (csrf) return csrf;
+
+  const formData = await request.formData();
+  const file = formData.get("file") as File | null;
+  const channelId = formData.get("channelId") as string | null;
+  const messageId = formData.get("messageId") as string | null;
+
+  if (!file || !channelId) {
+    return NextResponse.json(
+      { error: "file and channelId are required" },
+      { status: 400 }
+    );
+  }
+
+  // Validate file size
+  if (file.size > MAX_FILE_SIZE) {
+    return NextResponse.json(
+      { error: `File too large (max ${MAX_FILE_SIZE / 1024 / 1024}MB)` },
+      { status: 400 }
+    );
+  }
+
+  // Validate MIME type
+  if (!ALLOWED_MIME_TYPES.has(file.type)) {
+    return NextResponse.json(
+      { error: `Unsupported file type: ${file.type}` },
+      { status: 400 }
+    );
+  }
+
+  try {
+    // Determine file extension from MIME type
+    const extMap: Record<string, string> = {
+      "image/png": ".png",
+      "image/jpeg": ".jpg",
+      "image/webp": ".webp",
+      "image/gif": ".gif",
+      "audio/mpeg": ".mp3",
+      "audio/ogg": ".ogg",
+      "audio/wav": ".wav",
+    };
+    const ext = extMap[file.type] || ".bin";
+
+    // Create UUID-based filename (never use user-supplied names)
+    const filename = `${uuid()}${ext}`;
+    const channelDir = join(getAttachmentsDir(), channelId);
+
+    // Ensure directory exists
+    if (!existsSync(channelDir)) {
+      mkdirSync(channelDir, { recursive: true, mode: 0o700 });
+    }
+
+    const filePath = join(channelDir, filename);
+
+    // Path traversal check
+    if (!isPathSafe(filePath, getAttachmentsDir())) {
+      return NextResponse.json(
+        { error: "Invalid path" },
+        { status: 400 }
+      );
+    }
+
+    // Write file
+    const buffer = Buffer.from(await file.arrayBuffer());
+    writeFileSync(filePath, buffer);
+
+    // Secure permissions
+    if (platform() !== "win32") {
+      try {
+        const { chmodSync } = await import("fs");
+        chmodSync(filePath, 0o600);
+      } catch {
+        // May fail on some filesystems
+      }
+    }
+
+    // Persist to DB (if messageId provided)
+    const attachmentType = file.type.startsWith("image/") ? "image" : "audio";
+    let attachmentRecord = null;
+
+    if (messageId) {
+      attachmentRecord = createAttachment({
+        messageId,
+        attachmentType: attachmentType as "image" | "audio",
+        filePath: `${channelId}/${filename}`,
+        mimeType: file.type,
+        fileSize: file.size,
+        originalName: file.name,
+      });
+    }
+
+    return NextResponse.json({
+      id: attachmentRecord?.id ?? uuid(),
+      filePath: `${channelId}/${filename}`,
+      mimeType: file.type,
+      fileSize: file.size,
+      originalName: file.name,
+    }, { status: 201 });
+  } catch (err) {
+    console.error("[Attachments] Upload failed:", (err as Error).message);
+    return NextResponse.json(
+      { error: "Upload failed" },
+      { status: 500 }
+    );
+  }
+}
+
+// ============================================================================
+// GET /api/openclaw/chat/attachments?path=... — Serve attachment
+// ============================================================================
+
+export async function GET(request: NextRequest) {
+  const { searchParams } = new URL(request.url);
+  const filePath = searchParams.get("path");
+  const messageId = searchParams.get("messageId");
+
+  // If messageId provided, return all attachments for that message
+  if (messageId) {
+    try {
+      const attachments = getAttachmentsByMessage(messageId);
+      return NextResponse.json({ attachments });
+    } catch (err) {
+      console.error("[Attachments] List failed:", (err as Error).message);
+      return NextResponse.json(
+        { error: "Failed to list attachments" },
+        { status: 500 }
+      );
+    }
+  }
+
+  // Serve individual file
+  if (!filePath) {
+    return NextResponse.json(
+      { error: "path or messageId parameter required" },
+      { status: 400 }
+    );
+  }
+
+  const baseDir = getAttachmentsDir();
+  const fullPath = join(baseDir, filePath);
+
+  // Path traversal check
+  if (!isPathSafe(fullPath, baseDir)) {
+    return NextResponse.json(
+      { error: "Invalid path" },
+      { status: 400 }
+    );
+  }
+
+  if (!existsSync(fullPath)) {
+    return NextResponse.json(
+      { error: "Attachment not found" },
+      { status: 404 }
+    );
+  }
+
+  try {
+    const data = readFileSync(fullPath);
+    const ext = fullPath.substring(fullPath.lastIndexOf("."));
+    const mimeType = getMimeForExt(ext);
+    const stat = statSync(fullPath);
+
+    return new NextResponse(data, {
+      status: 200,
+      headers: {
+        "Content-Type": mimeType,
+        "Content-Length": String(stat.size),
+        "Content-Disposition": "inline",
+        "Cache-Control": "public, max-age=86400", // 24h cache
+      },
+    });
+  } catch (err) {
+    console.error("[Attachments] Serve failed:", (err as Error).message);
+    return NextResponse.json(
+      { error: "Failed to serve attachment" },
+      { status: 500 }
+    );
+  }
+}