@dominusnode/pi-extension 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +21 -0
- package/LICENSE +21 -0
- package/README.md +118 -0
- package/dist/index.d.ts +37 -0
- package/dist/index.js +373 -0
- package/dist/toolkit.d.ts +94 -0
- package/dist/toolkit.js +1109 -0
- package/package.json +39 -0
- package/skills/use-dominus-proxy.md +115 -0
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dominus Node Pi Extension Toolkit
|
|
3
|
+
*
|
|
4
|
+
* Provides 26 tools for the pi-mono agent framework (github.com/badlogic/pi-mono).
|
|
5
|
+
* Covers proxied fetching, wallet management, agentic wallets, teams,
|
|
6
|
+
* Stripe/PayPal/crypto top-up, and x402 micropayment info.
|
|
7
|
+
*
|
|
8
|
+
* Security:
|
|
9
|
+
* - Full SSRF protection (private IP blocking, DNS rebinding, Teredo/6to4,
|
|
10
|
+
* IPv4-mapped/compatible IPv6, hex/octal/decimal normalization, zone ID
|
|
11
|
+
* stripping, .localhost/.local/.internal/.arpa TLD blocking, embedded
|
|
12
|
+
* credential blocking)
|
|
13
|
+
* - OFAC sanctioned country validation (CU, IR, KP, RU, SY)
|
|
14
|
+
* - Credential scrubbing in all error outputs
|
|
15
|
+
* - Prototype pollution prevention on all parsed JSON (recursive)
|
|
16
|
+
* - HTTP method restriction (GET/HEAD/OPTIONS only for proxied fetch)
|
|
17
|
+
* - 10 MB response cap, 4000 char truncation, 30 s timeout
|
|
18
|
+
* - Redirect following disabled to prevent open redirect abuse
|
|
19
|
+
* - DNS rebinding protection on all proxied requests
|
|
20
|
+
*/
|
|
21
|
+
/** OFAC sanctioned countries — must never be used as geo-targeting destinations. */
|
|
22
|
+
export declare const SANCTIONED_COUNTRIES: Set<string>;
|
|
23
|
+
export declare const BLOCKED_HOSTNAMES: Set<string>;
|
|
24
|
+
/** Remove any dn_live_* or dn_test_* tokens from error messages. */
|
|
25
|
+
export declare function scrubCredentials(msg: string): string;
|
|
26
|
+
export declare function truncate(text: string, max?: number): string;
|
|
27
|
+
/**
|
|
28
|
+
* Normalize non-standard IPv4 representations to dotted-decimal.
|
|
29
|
+
* Handles: decimal integers (2130706433), hex (0x7f000001), octal octets (0177.0.0.1).
|
|
30
|
+
*/
|
|
31
|
+
export declare function normalizeIpv4(hostname: string): string | null;
|
|
32
|
+
export declare function isPrivateIp(hostname: string): boolean;
|
|
33
|
+
export declare function validateTargetUrl(url: string): URL;
|
|
34
|
+
export declare function validateCountry(country: string | undefined): string | undefined;
|
|
35
|
+
export declare function validateUuid(id: string, label: string): string;
|
|
36
|
+
export declare function checkDnsRebinding(hostname: string): Promise<void>;
|
|
37
|
+
export declare function stripDangerousKeys(obj: unknown, depth?: number): void;
|
|
38
|
+
export declare function formatBytes(bytes: number): string;
|
|
39
|
+
export declare function formatCents(cents: number): string;
|
|
40
|
+
export interface PiToolResult {
|
|
41
|
+
content: Array<{
|
|
42
|
+
type: "text";
|
|
43
|
+
text: string;
|
|
44
|
+
}>;
|
|
45
|
+
details: Record<string, unknown>;
|
|
46
|
+
}
|
|
47
|
+
export interface DominusNodeToolkitOptions {
|
|
48
|
+
apiKey?: string;
|
|
49
|
+
baseUrl?: string;
|
|
50
|
+
proxyHost?: string;
|
|
51
|
+
proxyPort?: number;
|
|
52
|
+
timeout?: number;
|
|
53
|
+
}
|
|
54
|
+
export declare class DominusNodeToolkit {
|
|
55
|
+
private apiKey;
|
|
56
|
+
private baseUrl;
|
|
57
|
+
private proxyHost;
|
|
58
|
+
private proxyPort;
|
|
59
|
+
private timeout;
|
|
60
|
+
private token;
|
|
61
|
+
private tokenExpiresAt;
|
|
62
|
+
private _authPromise;
|
|
63
|
+
constructor(options?: DominusNodeToolkitOptions);
|
|
64
|
+
private _authenticate;
|
|
65
|
+
private _ensureAuth;
|
|
66
|
+
private _apiRequest;
|
|
67
|
+
private _req;
|
|
68
|
+
proxiedFetch(url: string, method?: string, country?: string, proxyType?: string): Promise<PiToolResult>;
|
|
69
|
+
checkBalance(): Promise<PiToolResult>;
|
|
70
|
+
checkUsage(days?: number): Promise<PiToolResult>;
|
|
71
|
+
getProxyConfig(): Promise<PiToolResult>;
|
|
72
|
+
listSessions(): Promise<PiToolResult>;
|
|
73
|
+
createAgenticWallet(label: string, spendingLimitCents?: number): Promise<PiToolResult>;
|
|
74
|
+
fundAgenticWallet(walletId: string, amountCents: number): Promise<PiToolResult>;
|
|
75
|
+
checkAgenticBalance(walletId: string): Promise<PiToolResult>;
|
|
76
|
+
listAgenticWallets(): Promise<PiToolResult>;
|
|
77
|
+
agenticTransactions(walletId: string, limit?: number): Promise<PiToolResult>;
|
|
78
|
+
freezeAgenticWallet(walletId: string): Promise<PiToolResult>;
|
|
79
|
+
unfreezeAgenticWallet(walletId: string): Promise<PiToolResult>;
|
|
80
|
+
deleteAgenticWallet(walletId: string): Promise<PiToolResult>;
|
|
81
|
+
createTeam(name: string, maxMembers?: number): Promise<PiToolResult>;
|
|
82
|
+
listTeams(limit?: number): Promise<PiToolResult>;
|
|
83
|
+
teamDetails(teamId: string): Promise<PiToolResult>;
|
|
84
|
+
teamFund(teamId: string, amountCents: number): Promise<PiToolResult>;
|
|
85
|
+
teamCreateApiKey(teamId: string, label: string): Promise<PiToolResult>;
|
|
86
|
+
teamUsage(teamId: string, days?: number): Promise<PiToolResult>;
|
|
87
|
+
updateTeam(teamId: string, name?: string, maxMembers?: number): Promise<PiToolResult>;
|
|
88
|
+
updateTeamMemberRole(teamId: string, userId: string, role: string): Promise<PiToolResult>;
|
|
89
|
+
topupPaypal(amountCents: number): Promise<PiToolResult>;
|
|
90
|
+
topupStripe(amountCents: number): Promise<PiToolResult>;
|
|
91
|
+
topupCrypto(amountUsd: number, currency: string): Promise<PiToolResult>;
|
|
92
|
+
x402Info(): Promise<PiToolResult>;
|
|
93
|
+
updateWalletPolicy(walletId: string, dailyLimitCents?: number, allowedDomains?: string[]): Promise<PiToolResult>;
|
|
94
|
+
}
|