@easynet/agent-tool-buildin 0.0.1

package/dist/index.js

@@ -0,0 +1,1791 @@
+import "./chunk-BUSYA2B4.js";
+
+// context.ts
+import { AsyncLocalStorage } from "async_hooks";
+var storage = new AsyncLocalStorage();
+function getBuiltinContext() {
+  const ctx = storage.getStore();
+  if (!ctx) throw new Error("Builtin context not set; invoke only through CoreAdapter.");
+  return ctx;
+}
+function runWithBuiltinContext(ctx, fn) {
+  return storage.run(ctx, fn);
+}
+
+// CoreAdapter.ts
+var CoreAdapter = class {
+  kind = "core";
+  handlers = /* @__PURE__ */ new Map();
+  config;
+  constructor(config) {
+    this.config = config;
+  }
+  /**
+   * Register a handler for a specific core tool name.
+   */
+  registerHandler(toolName, handler) {
+    this.handlers.set(toolName, handler);
+  }
+  /**
+   * Unregister a handler.
+   */
+  unregisterHandler(toolName) {
+    return this.handlers.delete(toolName);
+  }
+  /**
+   * List registered core tool names.
+   */
+  getRegisteredTools() {
+    return Array.from(this.handlers.keys());
+  }
+  /**
+   * Invoke dispatches to the appropriate handler by spec.name.
+   */
+  async invoke(spec, args, ctx) {
+    const handler = this.handlers.get(spec.name);
+    if (!handler) {
+      throw new Error(
+        `Core tool handler not found: ${spec.name}. Available: [${this.getRegisteredTools().join(", ")}]`
+      );
+    }
+    const coreCtx = {
+      execCtx: ctx,
+      config: this.config
+    };
+    const output = await runWithBuiltinContext(
+      coreCtx,
+      () => handler(args)
+    );
+    return {
+      result: output.result,
+      raw: { evidence: output.evidence }
+    };
+  }
+};
+
+// CoreToolsModule.ts
+import { createToolSpec } from "@easynet/agent-tool/core";
+
+// types.ts
+var DEFAULT_CORE_TOOLS_CONFIG = {
+  maxReadBytes: 5 * 1024 * 1024,
+  maxHttpBytes: 5 * 1024 * 1024,
+  maxDownloadBytes: 100 * 1024 * 1024,
+  blockedCidrs: [
+    "127.0.0.0/8",
+    "10.0.0.0/8",
+    "172.16.0.0/12",
+    "192.168.0.0/16",
+    "169.254.0.0/16",
+    "::1/128",
+    "fc00::/7",
+    "fe80::/10"
+  ],
+  defaultTimeoutMs: 15e3,
+  httpUserAgent: "agent-tool-core/1.0",
+  enableAutoWriteLargeResponses: false,
+  allowedCommands: [
+    "cat",
+    "echo",
+    "env",
+    "find",
+    "grep",
+    "head",
+    "ls",
+    "pwd",
+    "tail",
+    "wc",
+    "whoami"
+  ],
+  maxCommandOutputBytes: 1024 * 1024,
+  commandTimeoutMs: 1e4
+};
+
+// fs/readText.ts
+import { readFile, stat } from "fs/promises";
+
+// security/sandbox.ts
+import { resolve, normalize, dirname, basename } from "path";
+import { realpath, access } from "fs/promises";
+import { createTaggedError } from "@easynet/agent-tool";
+async function resolveSandboxedPath(inputPath, sandboxRoot) {
+  let normalizedRoot;
+  try {
+    normalizedRoot = await realpath(resolve(sandboxRoot));
+  } catch {
+    normalizedRoot = normalize(resolve(sandboxRoot));
+  }
+  const resolved = resolve(normalizedRoot, inputPath);
+  let real;
+  try {
+    await access(resolved);
+    real = await realpath(resolved);
+  } catch {
+    const parentDir = dirname(resolved);
+    let realParent;
+    try {
+      await access(parentDir);
+      realParent = await realpath(parentDir);
+    } catch {
+      realParent = normalize(parentDir);
+    }
+    real = resolve(realParent, basename(resolved));
+  }
+  if (!isWithinRoot(real, normalizedRoot)) {
+    throw createTaggedError(
+      "PATH_OUTSIDE_SANDBOX",
+      `Path "${inputPath}" resolves to "${real}" which is outside sandbox "${normalizedRoot}"`,
+      { inputPath, resolvedPath: real, sandboxRoot: normalizedRoot }
+    );
+  }
+  return real;
+}
+function isWithinRoot(path, root) {
+  const normalizedPath = normalize(path);
+  const normalizedRoot = normalize(root);
+  return normalizedPath === normalizedRoot || normalizedPath.startsWith(normalizedRoot + "/");
+}
+
+// fs/readText.ts
+import { createTaggedError as createTaggedError2 } from "@easynet/agent-tool";
+var readTextHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const inputPath = args.path;
+  const maxBytes = args.maxBytes ?? ctx.config.maxReadBytes;
+  const resolvedPath = await resolveSandboxedPath(inputPath, ctx.config.sandboxRoot);
+  const fileStat = await stat(resolvedPath);
+  if (fileStat.size > maxBytes) {
+    throw createTaggedError2(
+      "FILE_TOO_LARGE",
+      `File size ${fileStat.size} bytes exceeds limit of ${maxBytes} bytes`,
+      { path: resolvedPath, size: fileStat.size, limit: maxBytes }
+    );
+  }
+  const text = await readFile(resolvedPath, "utf-8");
+  return {
+    result: {
+      path: resolvedPath,
+      text,
+      bytes: fileStat.size
+    },
+    evidence: [
+      {
+        type: "file",
+        ref: resolvedPath,
+        summary: `Read ${fileStat.size} bytes from ${resolvedPath}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// fs/writeText.ts
+import { writeFile, mkdir } from "fs/promises";
+import { createHash } from "crypto";
+import { dirname as dirname2 } from "path";
+var writeTextHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const inputPath = args.path;
+  const text = args.text;
+  const overwrite = args.overwrite ?? false;
+  const mkdirp = args.mkdirp ?? true;
+  const resolvedPath = await resolveSandboxedPath(inputPath, ctx.config.sandboxRoot);
+  if (!overwrite) {
+    const { access: access2 } = await import("fs/promises");
+    try {
+      await access2(resolvedPath);
+      throw new Error(
+        `File already exists: ${resolvedPath}. Set overwrite=true to allow overwriting.`
+      );
+    } catch (err) {
+      if (err instanceof Error && !err.message.includes("already exists")) {
+      } else {
+        throw err;
+      }
+    }
+  }
+  if (mkdirp) {
+    await mkdir(dirname2(resolvedPath), { recursive: true });
+  }
+  await writeFile(resolvedPath, text, "utf-8");
+  const bytes = Buffer.byteLength(text, "utf-8");
+  const sha256 = createHash("sha256").update(text).digest("hex");
+  return {
+    result: {
+      path: resolvedPath,
+      bytes,
+      sha256
+    },
+    evidence: [
+      {
+        type: "file",
+        ref: resolvedPath,
+        summary: `Wrote ${bytes} bytes to ${resolvedPath} (sha256: ${sha256.slice(0, 12)}...)`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// fs/listDir.ts
+import { readdir, stat as stat2 } from "fs/promises";
+import { resolve as resolve2, join } from "path";
+var listDirHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const inputPath = args.path;
+  const maxEntries = args.maxEntries ?? 2e3;
+  const includeHidden = args.includeHidden ?? false;
+  const recursive = args.recursive ?? false;
+  const maxDepth = args.maxDepth ?? 5;
+  const resolvedPath = await resolveSandboxedPath(inputPath, ctx.config.sandboxRoot);
+  const entries = [];
+  let truncated = false;
+  await walkDir(resolvedPath, "", entries, {
+    maxEntries,
+    includeHidden,
+    recursive,
+    maxDepth,
+    currentDepth: 0,
+    onTruncate: () => {
+      truncated = true;
+    }
+  });
+  return {
+    result: {
+      path: resolvedPath,
+      entries,
+      totalEntries: entries.length,
+      truncated
+    },
+    evidence: [
+      {
+        type: "tool",
+        ref: `core/fs.listDir:${resolvedPath}`,
+        summary: `Listed ${entries.length} entries in ${resolvedPath}${truncated ? " (truncated)" : ""}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+async function walkDir(basePath, relativePath, entries, options) {
+  if (entries.length >= options.maxEntries) {
+    options.onTruncate();
+    return;
+  }
+  const fullPath = relativePath ? resolve2(basePath, relativePath) : basePath;
+  const dirEntries = await readdir(fullPath, { withFileTypes: true });
+  for (const dirent of dirEntries) {
+    if (entries.length >= options.maxEntries) {
+      options.onTruncate();
+      return;
+    }
+    if (!options.includeHidden && dirent.name.startsWith(".")) {
+      continue;
+    }
+    const entryPath = join(fullPath, dirent.name);
+    const entryRelative = relativePath ? join(relativePath, dirent.name) : dirent.name;
+    let entryType;
+    if (dirent.isSymbolicLink()) {
+      entryType = "symlink";
+    } else if (dirent.isDirectory()) {
+      entryType = "directory";
+    } else if (dirent.isFile()) {
+      entryType = "file";
+    } else {
+      entryType = "other";
+    }
+    let size = 0;
+    let mtime = "";
+    try {
+      const entryStat = await stat2(entryPath);
+      size = entryStat.size;
+      mtime = entryStat.mtime.toISOString();
+    } catch {
+    }
+    entries.push({
+      name: entryRelative,
+      type: entryType,
+      size,
+      mtime
+    });
+    if (options.recursive && entryType === "directory" && options.currentDepth < options.maxDepth) {
+      await walkDir(basePath, entryRelative, entries, {
+        ...options,
+        currentDepth: options.currentDepth + 1
+      });
+    }
+  }
+}
+
+// fs/searchText.ts
+import { readdir as readdir2, stat as stat3 } from "fs/promises";
+import { createReadStream } from "fs";
+import { createInterface } from "readline";
+import { join as join2, relative } from "path";
+var searchTextHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const rootPath = args.root;
+  const query = args.query;
+  const glob = args.glob ?? "**/*.{md,txt,log,json,ts,js,py,java,scala}";
+  const maxMatches = args.maxMatches ?? 100;
+  const maxFiles = args.maxFiles ?? 500;
+  const resolvedRoot = await resolveSandboxedPath(rootPath, ctx.config.sandboxRoot);
+  let regex;
+  try {
+    regex = new RegExp(query, "i");
+  } catch {
+    regex = new RegExp(escapeRegExp(query), "i");
+  }
+  const extensions = parseGlobExtensions(glob);
+  const files = [];
+  await collectFiles(resolvedRoot, files, { maxFiles, extensions });
+  const matches = [];
+  let filesScanned = 0;
+  let truncated = false;
+  for (const filePath of files) {
+    if (matches.length >= maxMatches) {
+      truncated = true;
+      break;
+    }
+    filesScanned++;
+    await searchFile(filePath, resolvedRoot, regex, matches, maxMatches);
+  }
+  if (matches.length >= maxMatches) {
+    truncated = true;
+  }
+  return {
+    result: {
+      root: resolvedRoot,
+      query,
+      matches,
+      totalMatches: matches.length,
+      filesScanned,
+      truncated
+    },
+    evidence: [
+      {
+        type: "tool",
+        ref: `core/fs.searchText:${resolvedRoot}`,
+        summary: `Found ${matches.length} matches in ${filesScanned} files under ${resolvedRoot}${truncated ? " (truncated)" : ""}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+async function collectFiles(dirPath, files, options) {
+  if (files.length >= options.maxFiles) return;
+  let entries;
+  try {
+    entries = await readdir2(dirPath, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const entry of entries) {
+    if (files.length >= options.maxFiles) return;
+    const fullPath = join2(dirPath, entry.name);
+    if (entry.isDirectory()) {
+      if (entry.name.startsWith(".") || entry.name === "node_modules") continue;
+      await collectFiles(fullPath, files, options);
+    } else if (entry.isFile()) {
+      if (options.extensions.size > 0) {
+        const ext = getExtension(entry.name);
+        if (!ext || !options.extensions.has(ext)) continue;
+      }
+      files.push(fullPath);
+    }
+  }
+}
+async function searchFile(filePath, root, regex, matches, maxMatches) {
+  const fileStat = await stat3(filePath).catch(() => null);
+  if (!fileStat || fileStat.size > 1024 * 1024) return;
+  const stream = createReadStream(filePath, { encoding: "utf-8" });
+  const rl = createInterface({ input: stream, crlfDelay: Infinity });
+  let lineNo = 0;
+  for await (const line of rl) {
+    lineNo++;
+    if (matches.length >= maxMatches) {
+      stream.destroy();
+      break;
+    }
+    if (regex.test(line)) {
+      matches.push({
+        file: relative(root, filePath),
+        lineNo,
+        excerpt: line.slice(0, 200)
+      });
+    }
+  }
+}
+function parseGlobExtensions(glob) {
+  const extensions = /* @__PURE__ */ new Set();
+  const braceMatch = glob.match(/\*\.\{([^}]+)\}/);
+  if (braceMatch) {
+    for (const ext of braceMatch[1].split(",")) {
+      extensions.add(ext.trim());
+    }
+  } else {
+    const simpleMatch = glob.match(/\*\.(\w+)/);
+    if (simpleMatch) {
+      extensions.add(simpleMatch[1]);
+    }
+  }
+  return extensions;
+}
+function getExtension(filename) {
+  const dotIdx = filename.lastIndexOf(".");
+  if (dotIdx === -1 || dotIdx === 0) return null;
+  return filename.slice(dotIdx + 1);
+}
+function escapeRegExp(str) {
+  return str.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+
+// fs/sha256.ts
+import { createReadStream as createReadStream2 } from "fs";
+import { stat as stat4 } from "fs/promises";
+import { createHash as createHash2 } from "crypto";
+var sha256Handler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const inputPath = args.path;
+  const resolvedPath = await resolveSandboxedPath(inputPath, ctx.config.sandboxRoot);
+  const fileStat = await stat4(resolvedPath);
+  const hash = await new Promise((resolve3, reject) => {
+    const hasher = createHash2("sha256");
+    const stream = createReadStream2(resolvedPath);
+    stream.on("data", (chunk) => hasher.update(chunk));
+    stream.on("end", () => resolve3(hasher.digest("hex")));
+    stream.on("error", reject);
+  });
+  return {
+    result: {
+      sha256: hash,
+      path: resolvedPath,
+      bytes: fileStat.size
+    },
+    evidence: [
+      {
+        type: "file",
+        ref: resolvedPath,
+        summary: `SHA-256 of ${resolvedPath} (${fileStat.size} bytes): ${hash.slice(0, 16)}...`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// fs/deletePath.ts
+import { rm, unlink, rmdir, stat as stat5 } from "fs/promises";
+var deletePathHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const inputPath = args.path;
+  const recursive = args.recursive ?? false;
+  const confirm = args.confirm;
+  if (!confirm) {
+    throw new Error(
+      "Deletion not confirmed. Set confirm=true to proceed with deletion."
+    );
+  }
+  const resolvedPath = await resolveSandboxedPath(inputPath, ctx.config.sandboxRoot);
+  let realSandboxRoot;
+  try {
+    const { realpath: rp } = await import("fs/promises");
+    realSandboxRoot = await rp(ctx.config.sandboxRoot);
+  } catch {
+    realSandboxRoot = ctx.config.sandboxRoot;
+  }
+  if (resolvedPath === realSandboxRoot) {
+    throw new Error("Cannot delete the sandbox root directory.");
+  }
+  const fileStat = await stat5(resolvedPath);
+  const isDirectory = fileStat.isDirectory();
+  if (isDirectory) {
+    if (recursive) {
+      await rm(resolvedPath, { recursive: true, force: true });
+    } else {
+      await rmdir(resolvedPath);
+    }
+  } else {
+    await unlink(resolvedPath);
+  }
+  return {
+    result: {
+      path: resolvedPath,
+      deleted: true,
+      type: isDirectory ? "directory" : "file"
+    },
+    evidence: [
+      {
+        type: "file",
+        ref: resolvedPath,
+        summary: `Deleted ${isDirectory ? "directory" : "file"}: ${resolvedPath}${recursive ? " (recursive)" : ""}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// security/ssrf.ts
+import { lookup } from "dns/promises";
+import { createTaggedError as createTaggedError3 } from "@easynet/agent-tool";
+async function validateUrl(url, allowedHosts, blockedCidrs) {
+  let parsed;
+  try {
+    parsed = new URL(url);
+  } catch {
+    throw createTaggedError3(
+      "HTTP_DISALLOWED_HOST",
+      `Invalid URL: ${url}`,
+      { url }
+    );
+  }
+  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
+    throw createTaggedError3(
+      "HTTP_DISALLOWED_HOST",
+      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,
+      { url, protocol: parsed.protocol }
+    );
+  }
+  const hostname = parsed.hostname;
+  if (!isHostAllowed(hostname, allowedHosts)) {
+    throw createTaggedError3(
+      "HTTP_DISALLOWED_HOST",
+      `Host "${hostname}" is not in the allowed hosts list`,
+      { url, hostname, allowedHosts }
+    );
+  }
+  try {
+    const { address } = await lookup(hostname);
+    if (isIpInBlockedCidrs(address, blockedCidrs)) {
+      throw createTaggedError3(
+        "HTTP_DISALLOWED_HOST",
+        `Host "${hostname}" resolves to blocked IP: ${address}`,
+        { url, hostname, resolvedIp: address }
+      );
+    }
+  } catch (err) {
+    if (err instanceof Error && err.kind === "HTTP_DISALLOWED_HOST") {
+      throw err;
+    }
+    throw createTaggedError3(
+      "HTTP_DISALLOWED_HOST",
+      `DNS resolution failed for host "${hostname}": ${err instanceof Error ? err.message : String(err)}`,
+      { url, hostname }
+    );
+  }
+  return parsed;
+}
+function isHostAllowed(hostname, allowedHosts) {
+  for (const pattern of allowedHosts) {
+    if (pattern.startsWith("*.")) {
+      const suffix = pattern.slice(1);
+      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
+        return true;
+      }
+    } else if (hostname === pattern) {
+      return true;
+    }
+  }
+  return false;
+}
+function isIpInBlockedCidrs(ip, cidrs) {
+  const normalizedIp = normalizeIp(ip);
+  if (!normalizedIp) return false;
+  for (const cidr of cidrs) {
+    if (cidr.includes(":")) {
+      if (!ip.includes(":")) continue;
+      if (isIpv6InCidr(ip, cidr)) return true;
+    } else {
+      if (isIpv4InCidr(normalizedIp, cidr)) return true;
+    }
+  }
+  return false;
+}
+function normalizeIp(ip) {
+  if (ip.startsWith("::ffff:")) {
+    return ip.slice(7);
+  }
+  if (/^\d+\.\d+\.\d+\.\d+$/.test(ip)) {
+    return ip;
+  }
+  return null;
+}
+function isIpv4InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;
+  const ipNum = ipv4ToNum(ip);
+  const cidrNum = ipv4ToNum(cidrIp);
+  if (ipNum === null || cidrNum === null) return false;
+  const mask = prefix === 0 ? 0 : ~0 << 32 - prefix >>> 0;
+  return (ipNum & mask) === (cidrNum & mask);
+}
+function ipv4ToNum(ip) {
+  const parts = ip.split(".");
+  if (parts.length !== 4) return null;
+  let num = 0;
+  for (const part of parts) {
+    const n = parseInt(part, 10);
+    if (isNaN(n) || n < 0 || n > 255) return null;
+    num = num << 8 | n;
+  }
+  return num >>> 0;
+}
+function isIpv6InCidr(ip, cidr) {
+  const [cidrIp, prefixStr] = cidr.split("/");
+  if (!cidrIp || !prefixStr) return false;
+  const prefix = parseInt(prefixStr, 10);
+  if (isNaN(prefix)) return false;
+  const ipBytes = expandIpv6(ip);
+  const cidrBytes = expandIpv6(cidrIp);
+  if (!ipBytes || !cidrBytes) return false;
+  const fullBytes = Math.floor(prefix / 8);
+  for (let i = 0; i < fullBytes && i < 16; i++) {
+    if (ipBytes[i] !== cidrBytes[i]) return false;
+  }
+  const remainingBits = prefix % 8;
+  if (remainingBits > 0 && fullBytes < 16) {
+    const mask = ~0 << 8 - remainingBits & 255;
+    if ((ipBytes[fullBytes] & mask) !== (cidrBytes[fullBytes] & mask)) return false;
+  }
+  return true;
+}
+function expandIpv6(ip) {
+  const zoneIdx = ip.indexOf("%");
+  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);
+  const parts = ip.split("::");
+  if (parts.length > 2) return null;
+  const bytes = new Array(16).fill(0);
+  const expandGroup = (group) => {
+    if (!group) return [];
+    return group.split(":").flatMap((hex) => {
+      const val = parseInt(hex || "0", 16);
+      return [val >> 8 & 255, val & 255];
+    });
+  };
+  if (parts.length === 1) {
+    const expanded = expandGroup(parts[0]);
+    if (expanded.length !== 16) return null;
+    return expanded;
+  }
+  const left = expandGroup(parts[0]);
+  const right = expandGroup(parts[1]);
+  if (left.length + right.length > 16) return null;
+  for (let i = 0; i < left.length; i++) bytes[i] = left[i];
+  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i];
+  return bytes;
+}
+
+// http/fetchText.ts
+import { createTaggedError as createTaggedError4 } from "@easynet/agent-tool";
+var fetchTextHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const url = args.url;
+  const method = args.method ?? "GET";
+  const headers = args.headers ?? {};
+  const body = args.body ?? void 0;
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  const maxBytes = args.maxBytes ?? ctx.config.maxHttpBytes;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  if (!headers["User-Agent"] && !headers["user-agent"]) {
+    headers["User-Agent"] = ctx.config.httpUserAgent;
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method,
+      headers,
+      body: body ?? void 0,
+      signal: controller.signal
+    });
+  } catch (err) {
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError4(
+        "HTTP_TIMEOUT",
+        `Request to ${url} timed out after ${timeoutMs}ms`,
+        { url, timeoutMs }
+      );
+    }
+    throw createTaggedError4(
+      "UPSTREAM_ERROR",
+      `Fetch failed for ${url}: ${err instanceof Error ? err.message : String(err)}`,
+      { url }
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  const contentLength = response.headers.get("content-length");
+  if (contentLength && parseInt(contentLength, 10) > maxBytes) {
+    throw createTaggedError4(
+      "HTTP_TOO_LARGE",
+      `Response Content-Length ${contentLength} exceeds limit of ${maxBytes} bytes`,
+      { url, contentLength: parseInt(contentLength, 10), limit: maxBytes }
+    );
+  }
+  const text = await readResponseWithLimit(response, maxBytes, url);
+  const bytes = Buffer.byteLength(text, "utf-8");
+  const responseHeaders = {};
+  response.headers.forEach((value, key) => {
+    responseHeaders[key] = value;
+  });
+  return {
+    result: {
+      url,
+      status: response.status,
+      headers: responseHeaders,
+      text,
+      bytes
+    },
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `${method} ${url} \u2192 ${response.status} (${bytes} bytes)`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+async function readResponseWithLimit(response, maxBytes, url) {
+  if (!response.body) {
+    return response.text();
+  }
+  const reader = response.body.getReader();
+  const decoder = new TextDecoder();
+  const chunks = [];
+  let totalBytes = 0;
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) break;
+      totalBytes += value.byteLength;
+      if (totalBytes > maxBytes) {
+        reader.cancel();
+        throw createTaggedError4(
+          "HTTP_TOO_LARGE",
+          `Response body exceeded limit of ${maxBytes} bytes while reading from ${url}`,
+          { url, bytesRead: totalBytes, limit: maxBytes }
+        );
+      }
+      chunks.push(decoder.decode(value, { stream: true }));
+    }
+    chunks.push(decoder.decode());
+  } finally {
+    reader.releaseLock();
+  }
+  return chunks.join("");
+}
+
+// http/fetchJson.ts
+import { createTaggedError as createTaggedError5 } from "@easynet/agent-tool";
+var fetchJsonHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const url = args.url;
+  const method = args.method ?? "GET";
+  const headers = args.headers ?? {};
+  const body = args.body ?? void 0;
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  const maxBytes = args.maxBytes ?? ctx.config.maxHttpBytes;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  if (!headers["Accept"] && !headers["accept"]) {
+    headers["Accept"] = "application/json";
+  }
+  if (!headers["User-Agent"] && !headers["user-agent"]) {
+    headers["User-Agent"] = ctx.config.httpUserAgent;
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method,
+      headers,
+      body: body ?? void 0,
+      signal: controller.signal
+    });
+  } catch (err) {
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError5(
+        "HTTP_TIMEOUT",
+        `Request to ${url} timed out after ${timeoutMs}ms`,
+        { url, timeoutMs }
+      );
+    }
+    throw createTaggedError5(
+      "UPSTREAM_ERROR",
+      `Fetch failed for ${url}: ${err instanceof Error ? err.message : String(err)}`,
+      { url }
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  const contentLength = response.headers.get("content-length");
+  if (contentLength && parseInt(contentLength, 10) > maxBytes) {
+    throw createTaggedError5(
+      "HTTP_TOO_LARGE",
+      `Response Content-Length ${contentLength} exceeds limit of ${maxBytes} bytes`,
+      { url, contentLength: parseInt(contentLength, 10), limit: maxBytes }
+    );
+  }
+  const text = await response.text();
+  const bytes = Buffer.byteLength(text, "utf-8");
+  if (bytes > maxBytes) {
+    throw createTaggedError5(
+      "HTTP_TOO_LARGE",
+      `Response body ${bytes} bytes exceeds limit of ${maxBytes} bytes`,
+      { url, bytes, limit: maxBytes }
+    );
+  }
+  let json;
+  try {
+    json = JSON.parse(text);
+  } catch {
+    throw createTaggedError5(
+      "UPSTREAM_ERROR",
+      `Failed to parse JSON response from ${url}: ${text.slice(0, 200)}`,
+      { url, status: response.status, textPreview: text.slice(0, 500) }
+    );
+  }
+  return {
+    result: {
+      url,
+      status: response.status,
+      json,
+      bytes
+    },
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `${method} ${url} \u2192 ${response.status} JSON (${bytes} bytes)`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// http/downloadFile.ts
+import { writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
+import { createHash as createHash3 } from "crypto";
+import { dirname as dirname3 } from "path";
+import { createTaggedError as createTaggedError6 } from "@easynet/agent-tool";
+var downloadFileHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const url = args.url;
+  const destPath = args.destPath;
+  const headers = args.headers ?? {};
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  const maxBytes = args.maxBytes ?? ctx.config.maxDownloadBytes;
+  const overwrite = args.overwrite ?? false;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  const resolvedDest = await resolveSandboxedPath(destPath, ctx.config.sandboxRoot);
+  if (!overwrite) {
+    const { access: access2 } = await import("fs/promises");
+    try {
+      await access2(resolvedDest);
+      throw new Error(
+        `File already exists: ${resolvedDest}. Set overwrite=true to allow overwriting.`
+      );
+    } catch (err) {
+      if (err instanceof Error && !err.message.includes("already exists")) {
+      } else {
+        throw err;
+      }
+    }
+  }
+  if (!headers["User-Agent"] && !headers["user-agent"]) {
+    headers["User-Agent"] = ctx.config.httpUserAgent;
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method: "GET",
+      headers,
+      signal: controller.signal
+    });
+  } catch (err) {
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError6(
+        "HTTP_TIMEOUT",
+        `Download from ${url} timed out after ${timeoutMs}ms`,
+        { url, timeoutMs }
+      );
+    }
+    throw createTaggedError6(
+      "UPSTREAM_ERROR",
+      `Download failed for ${url}: ${err instanceof Error ? err.message : String(err)}`,
+      { url }
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  const contentLength = response.headers.get("content-length");
+  if (contentLength && parseInt(contentLength, 10) > maxBytes) {
+    throw createTaggedError6(
+      "HTTP_TOO_LARGE",
+      `Download Content-Length ${contentLength} exceeds limit of ${maxBytes} bytes`,
+      { url, contentLength: parseInt(contentLength, 10), limit: maxBytes }
+    );
+  }
+  if (!response.body) {
+    throw createTaggedError6("UPSTREAM_ERROR", `No response body from ${url}`, { url });
+  }
+  const reader = response.body.getReader();
+  const chunks = [];
+  let totalBytes = 0;
+  const hasher = createHash3("sha256");
+  try {
+    while (true) {
+      const { done, value } = await reader.read();
+      if (done) break;
+      totalBytes += value.byteLength;
+      if (totalBytes > maxBytes) {
+        reader.cancel();
+        throw createTaggedError6(
+          "HTTP_TOO_LARGE",
+          `Download from ${url} exceeded limit of ${maxBytes} bytes (received ${totalBytes})`,
+          { url, bytesRead: totalBytes, limit: maxBytes }
+        );
+      }
+      chunks.push(value);
+      hasher.update(value);
+    }
+  } finally {
+    reader.releaseLock();
+  }
+  const sha256 = hasher.digest("hex");
+  await mkdir2(dirname3(resolvedDest), { recursive: true });
+  const buffer = Buffer.concat(chunks);
+  await writeFile2(resolvedDest, buffer);
+  return {
+    result: {
+      destPath: resolvedDest,
+      bytes: totalBytes,
+      sha256,
+      status: response.status,
+      url
+    },
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `Downloaded ${totalBytes} bytes from ${url}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      },
+      {
+        type: "file",
+        ref: resolvedDest,
+        summary: `Saved to ${resolvedDest} (sha256: ${sha256.slice(0, 12)}...)`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// http/head.ts
+import { createTaggedError as createTaggedError7 } from "@easynet/agent-tool";
+var headHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const url = args.url;
+  const headers = args.headers ?? {};
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  if (!headers["User-Agent"] && !headers["user-agent"]) {
+    headers["User-Agent"] = ctx.config.httpUserAgent;
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method: "HEAD",
+      headers,
+      signal: controller.signal
+    });
+  } catch (err) {
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError7(
+        "HTTP_TIMEOUT",
+        `HEAD request to ${url} timed out after ${timeoutMs}ms`,
+        { url, timeoutMs }
+      );
+    }
+    throw createTaggedError7(
+      "UPSTREAM_ERROR",
+      `HEAD request failed for ${url}: ${err instanceof Error ? err.message : String(err)}`,
+      { url }
+    );
+  } finally {
+    clearTimeout(timer);
+  }
+  const responseHeaders = {};
+  response.headers.forEach((value, key) => {
+    responseHeaders[key] = value;
+  });
+  return {
+    result: {
+      url,
+      status: response.status,
+      headers: responseHeaders
+    },
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `HEAD ${url} \u2192 ${response.status}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// http/duckduckgoSearch.ts
+import { createTaggedError as createTaggedError8 } from "@easynet/agent-tool";
+var DUCKDUCKGO_API = "https://api.duckduckgo.com/";
+var duckduckgoSearchHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const query = args.query?.trim();
+  if (!query) {
+    throw createTaggedError8("DUCKDUCKGO_INVALID", "query is required", {});
+  }
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  const maxResults = args.maxResults ?? 10;
+  const url = `${DUCKDUCKGO_API}?q=${encodeURIComponent(query)}&format=json`;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method: "GET",
+      headers: { "User-Agent": ctx.config.httpUserAgent },
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timer);
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError8(
+        "HTTP_TIMEOUT",
+        `DuckDuckGo search timed out after ${timeoutMs}ms`,
+        { query, timeoutMs }
+      );
+    }
+    throw createTaggedError8(
+      "UPSTREAM_ERROR",
+      `DuckDuckGo search failed: ${err instanceof Error ? err.message : String(err)}`,
+      { query }
+    );
+  }
+  clearTimeout(timer);
+  const maxBytes = ctx.config.maxHttpBytes;
+  const text = await response.text();
+  const bytes = Buffer.byteLength(text, "utf-8");
+  if (bytes > maxBytes) {
+    throw createTaggedError8(
+      "HTTP_TOO_LARGE",
+      `DuckDuckGo response ${bytes} bytes exceeds limit of ${maxBytes} bytes`,
+      { query, bytes, limit: maxBytes }
+    );
+  }
+  let raw;
+  try {
+    raw = JSON.parse(text);
+  } catch {
+    throw createTaggedError8(
+      "UPSTREAM_ERROR",
+      `DuckDuckGo returned invalid JSON`,
+      { query, textPreview: text.slice(0, 200) }
+    );
+  }
+  const results = [];
+  if (Array.isArray(raw.Results)) {
+    for (const r of raw.Results.slice(0, maxResults)) {
+      if (r.FirstURL) {
+        results.push({
+          url: r.FirstURL,
+          title: r.Text ?? r.FirstURL,
+          snippet: r.Text
+        });
+      }
+    }
+  }
+  const relatedTopics = [];
+  if (Array.isArray(raw.RelatedTopics)) {
+    for (const t of raw.RelatedTopics.slice(0, maxResults)) {
+      const text2 = t.Text ?? t.Result;
+      if (text2) {
+        relatedTopics.push({ text: text2, url: t.FirstURL });
+      }
+    }
+  }
+  const result = {
+    query,
+    abstract: raw.Abstract ?? raw.AbstractText ?? void 0,
+    abstractUrl: raw.AbstractURL ?? void 0,
+    abstractSource: raw.AbstractSource ?? void 0,
+    heading: raw.Heading ?? void 0,
+    results,
+    relatedTopics
+  };
+  return {
+    result,
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `DuckDuckGo search: "${query}" \u2192 ${results.length} results`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// http/fetchPageMainContent.ts
+import { parse } from "node-html-parser";
+import { createTaggedError as createTaggedError9 } from "@easynet/agent-tool";
+var MAIN_SELECTORS = [
+  "main",
+  "article",
+  "[role='main']",
+  "#content",
+  "#main",
+  ".content",
+  ".main-content",
+  ".article-body",
+  ".post-content",
+  ".entry-content"
+];
+function extractMainContent(html) {
+  const root = parse(html, { comment: false });
+  let title = "";
+  const titleEl = root.querySelector("title");
+  if (titleEl) {
+    title = (titleEl.textContent ?? "").trim().replace(/\s+/g, " ");
+  }
+  let mainEl = null;
+  for (const sel of MAIN_SELECTORS) {
+    mainEl = root.querySelector(sel);
+    if (mainEl) break;
+  }
+  if (!mainEl) {
+    const body = root.querySelector("body");
+    if (body) {
+      for (const tag of ["script", "style", "nav", "header", "footer", "aside", "noscript", "iframe"]) {
+        body.querySelectorAll(tag).forEach((el) => el.remove());
+      }
+      mainEl = body;
+    } else {
+      mainEl = root;
+    }
+  }
+  const text = (mainEl.textContent ?? "").trim().replace(/\s+/g, " ");
+  return { title, mainContent: text };
+}
+var fetchPageMainContentHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const url = args.url;
+  const timeoutMs = args.timeoutMs ?? ctx.config.defaultTimeoutMs;
+  const maxBytes = args.maxBytes ?? ctx.config.maxHttpBytes;
+  await validateUrl(url, ctx.config.allowedHosts, ctx.config.blockedCidrs);
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), timeoutMs);
+  let response;
+  try {
+    response = await fetch(url, {
+      method: "GET",
+      headers: { "User-Agent": ctx.config.httpUserAgent },
+      signal: controller.signal
+    });
+  } catch (err) {
+    clearTimeout(timer);
+    if (err instanceof Error && err.name === "AbortError") {
+      throw createTaggedError9(
+        "HTTP_TIMEOUT",
+        `Request to ${url} timed out after ${timeoutMs}ms`,
+        { url, timeoutMs }
+      );
+    }
+    throw createTaggedError9(
+      "UPSTREAM_ERROR",
+      `Fetch failed for ${url}: ${err instanceof Error ? err.message : String(err)}`,
+      { url }
+    );
+  }
+  clearTimeout(timer);
+  const contentLength = response.headers.get("content-length");
+  if (contentLength && parseInt(contentLength, 10) > maxBytes) {
+    throw createTaggedError9(
+      "HTTP_TOO_LARGE",
+      `Response Content-Length ${contentLength} exceeds limit of ${maxBytes} bytes`,
+      { url, contentLength: parseInt(contentLength, 10), limit: maxBytes }
+    );
+  }
+  const rawText = await response.text();
+  const rawBytes = Buffer.byteLength(rawText, "utf-8");
+  if (rawBytes > maxBytes) {
+    throw createTaggedError9(
+      "HTTP_TOO_LARGE",
+      `Response body ${rawBytes} bytes exceeds limit of ${maxBytes} bytes`,
+      { url, bytes: rawBytes, limit: maxBytes }
+    );
+  }
+  const contentType = (response.headers.get("content-type") ?? "").toLowerCase();
+  const isHtml = contentType.includes("text/html");
+  let title;
+  let mainContent;
+  if (isHtml && rawText.trim().length > 0) {
+    try {
+      const extracted = extractMainContent(rawText);
+      title = extracted.title || void 0;
+      mainContent = extracted.mainContent;
+    } catch {
+      mainContent = rawText;
+    }
+  } else {
+    mainContent = rawText;
+  }
+  const bytes = Buffer.byteLength(mainContent, "utf-8");
+  return {
+    result: {
+      url,
+      status: response.status,
+      title,
+      mainContent,
+      bytes,
+      isHtml
+    },
+    evidence: [
+      {
+        type: "url",
+        ref: url,
+        summary: `${url} \u2192 ${response.status} main content (${bytes} bytes)`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// util/jsonSelect.ts
+var jsonSelectHandler = (async (args) => {
+  const json = args.json;
+  const path = args.path;
+  let jmespath;
+  try {
+    jmespath = await import("./jmespath-6W7SK7AH.js");
+  } catch {
+    throw new Error(
+      "jmespath package is required for core/util.json.select. Install it with: npm install jmespath"
+    );
+  }
+  let value;
+  try {
+    value = jmespath.search(json, path);
+  } catch (err) {
+    throw new Error(
+      `JMESPath expression error: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  return {
+    result: { value },
+    evidence: [
+      {
+        type: "tool",
+        ref: "core/util.json.select",
+        summary: `Selected "${path}" from JSON \u2192 ${typeof value === "object" ? JSON.stringify(value).slice(0, 100) : String(value).slice(0, 100)}`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// util/truncate.ts
+var truncateHandler = (async (args) => {
+  const text = args.text;
+  const maxChars = args.maxChars;
+  const suffix = args.suffix ?? "...";
+  const originalLength = text.length;
+  if (text.length <= maxChars) {
+    return {
+      result: { text, truncated: false, originalLength },
+      evidence: [
+        {
+          type: "tool",
+          ref: "core/util.text.truncate",
+          summary: `Text not truncated (${originalLength} chars <= ${maxChars} max)`,
+          createdAt: (/* @__PURE__ */ new Date()).toISOString()
+        }
+      ]
+    };
+  }
+  const truncatedText = text.slice(0, maxChars - suffix.length) + suffix;
+  return {
+    result: { text: truncatedText, truncated: true, originalLength },
+    evidence: [
+      {
+        type: "tool",
+        ref: "core/util.text.truncate",
+        summary: `Truncated ${originalLength} chars to ${truncatedText.length} chars`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// util/hashText.ts
+import { createHash as createHash4 } from "crypto";
+var hashTextHandler = (async (args) => {
+  const text = args.text;
+  const sha256 = createHash4("sha256").update(text, "utf-8").digest("hex");
+  return {
+    result: { sha256 },
+    evidence: [
+      {
+        type: "tool",
+        ref: "core/util.hash.sha256Text",
+        summary: `SHA-256 of ${text.length} chars: ${sha256.slice(0, 16)}...`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// util/now.ts
+var nowHandler = (async (args) => {
+  const timezone = args.timezone ?? "UTC";
+  const now = /* @__PURE__ */ new Date();
+  let formatted;
+  try {
+    formatted = new Intl.DateTimeFormat("en-US", {
+      timeZone: timezone,
+      year: "numeric",
+      month: "2-digit",
+      day: "2-digit",
+      hour: "2-digit",
+      minute: "2-digit",
+      second: "2-digit",
+      hour12: false,
+      timeZoneName: "short"
+    }).format(now);
+  } catch {
+    formatted = now.toISOString();
+  }
+  return {
+    result: {
+      iso: now.toISOString(),
+      epochMs: now.getTime(),
+      timezone,
+      formatted
+    },
+    evidence: [
+      {
+        type: "tool",
+        ref: "core/util.time.now",
+        summary: `Current time: ${now.toISOString()} (${timezone})`,
+        createdAt: now.toISOString()
+      }
+    ]
+  };
+});
+
+// util/templateRender.ts
+var templateRenderHandler = (async (args) => {
+  const template = args.template;
+  const data = args.data;
+  let renderFn;
+  try {
+    const mod = await import("./mustache-CS7KHA4H.js");
+    const mustache = mod.default ?? mod;
+    renderFn = mustache.render.bind(mustache);
+  } catch {
+    throw new Error(
+      "mustache package is required for core/util.template.render. Install it with: npm install mustache"
+    );
+  }
+  let text;
+  try {
+    text = renderFn(template, data);
+  } catch (err) {
+    throw new Error(
+      `Template rendering error: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  return {
+    result: { text },
+    evidence: [
+      {
+        type: "tool",
+        ref: "core/util.template.render",
+        summary: `Rendered template (${template.length} chars) \u2192 ${text.length} chars output`,
+        createdAt: (/* @__PURE__ */ new Date()).toISOString()
+      }
+    ]
+  };
+});
+
+// exec/runCommand.ts
+import { spawn } from "child_process";
+import { resolve as pathResolve } from "path";
+import { createTaggedError as createTaggedError10 } from "@easynet/agent-tool";
+var runCommandHandler = (async (args) => {
+  const ctx = getBuiltinContext();
+  const { allowedCommands, maxCommandOutputBytes, commandTimeoutMs } = ctx.config;
+  if (!allowedCommands.length) {
+    throw createTaggedError10(
+      "EXEC_DISABLED",
+      "Exec is disabled: allowedCommands is empty",
+      {}
+    );
+  }
+  const rawCommand = args.command?.trim();
+  if (!rawCommand) {
+    throw createTaggedError10("EXEC_INVALID", "command is required", {});
+  }
+  const baseName = rawCommand.replace(/^.*\//, "").trim();
+  if (baseName !== rawCommand || /[;&|$`\s]/.test(rawCommand)) {
+    throw createTaggedError10(
+      "EXEC_INVALID",
+      "command must be a single executable name (no path, no shell chars)",
+      { command: rawCommand }
+    );
+  }
+  if (!allowedCommands.includes(baseName)) {
+    throw createTaggedError10(
+      "EXEC_NOT_ALLOWED",
+      `Command "${baseName}" is not in allowedCommands`,
+      { command: baseName, allowed: allowedCommands }
+    );
+  }
+  const cmdArgs = Array.isArray(args.args) ? args.args : [];
+  const timeoutMs = args.timeoutMs ?? commandTimeoutMs;
+  let cwd = pathResolve(ctx.config.sandboxRoot);
+  if (args.cwd != null && args.cwd !== "") {
+    cwd = await resolveSandboxedPath(args.cwd, ctx.config.sandboxRoot);
+  }
+  return new Promise((resolvePromise, rejectPromise) => {
+    const proc = spawn(baseName, cmdArgs, {
+      cwd,
+      shell: false,
+      stdio: ["ignore", "pipe", "pipe"],
+      env: { ...process.env }
+    });
+    let stdout = "";
+    let stderr = "";
+    let totalBytes = 0;
+    const append = (chunk, dest) => {
+      const len = Buffer.byteLength(chunk, "utf-8");
+      if (totalBytes + len > maxCommandOutputBytes) {
+        proc.kill("SIGKILL");
+        rejectPromise(
+          createTaggedError10(
+            "EXEC_OUTPUT_TOO_LARGE",
+            `Command output exceeded ${maxCommandOutputBytes} bytes`,
+            { maxBytes: maxCommandOutputBytes }
+          )
+        );
+        return;
+      }
+      totalBytes += len;
+      if (dest === "stdout") stdout += chunk;
+      else stderr += chunk;
+    };
+    proc.stdout?.setEncoding("utf-8");
+    proc.stderr?.setEncoding("utf-8");
+    proc.stdout?.on("data", (chunk) => append(chunk, "stdout"));
+    proc.stderr?.on("data", (chunk) => append(chunk, "stderr"));
+    const timeout = setTimeout(() => {
+      proc.kill("SIGKILL");
+      resolvePromise({
+        result: {
+          stdout,
+          stderr,
+          exitCode: null,
+          timedOut: true,
+          signal: "SIGKILL"
+        },
+        evidence: [
+          {
+            type: "exec",
+            summary: `Command "${baseName}" timed out after ${timeoutMs}ms`,
+            createdAt: (/* @__PURE__ */ new Date()).toISOString()
+          }
+        ]
+      });
+    }, timeoutMs);
+    proc.on("error", (err) => {
+      clearTimeout(timeout);
+      rejectPromise(
+        createTaggedError10("EXEC_SPAWN_ERROR", err.message, { command: baseName })
+      );
+    });
+    proc.on("close", (code, signal) => {
+      clearTimeout(timeout);
+      resolvePromise({
+        result: {
+          stdout,
+          stderr,
+          exitCode: code,
+          timedOut: false,
+          signal: signal ?? void 0
+        },
+        evidence: [
+          {
+            type: "exec",
+            ref: baseName,
+            summary: `Ran ${baseName} (exit ${code ?? signal})`,
+            createdAt: (/* @__PURE__ */ new Date()).toISOString()
+          }
+        ]
+      });
+    });
+  });
+});
+
+// CoreToolsModule.ts
+var CORE_TOOL_MANIFEST = [
+  // Filesystem
+  {
+    name: "core/fs.readText",
+    kind: "core",
+    description: "Read a UTF-8 text file from the sandbox",
+    tags: ["filesystem", "read", "core"],
+    capabilities: ["read:fs"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/fs.writeText",
+    kind: "core",
+    description: "Write UTF-8 text to a file in the sandbox",
+    tags: ["filesystem", "write", "core"],
+    capabilities: ["write:fs"],
+    sideEffect: "local_write"
+  },
+  {
+    name: "core/fs.listDir",
+    kind: "core",
+    description: "List directory contents in the sandbox",
+    tags: ["filesystem", "read", "core"],
+    capabilities: ["read:fs"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/fs.searchText",
+    kind: "core",
+    description: "Search for text patterns in files within the sandbox",
+    tags: ["filesystem", "search", "core"],
+    capabilities: ["read:fs"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/fs.sha256",
+    kind: "core",
+    description: "Compute SHA-256 hash of a file in the sandbox",
+    tags: ["filesystem", "hash", "core"],
+    capabilities: ["read:fs"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/fs.deletePath",
+    kind: "core",
+    description: "Delete a file or directory in the sandbox (dangerous, requires explicit confirmation)",
+    tags: ["filesystem", "delete", "dangerous", "core"],
+    capabilities: ["danger:destructive", "write:fs"],
+    sideEffect: "destructive"
+  },
+  // HTTP
+  {
+    name: "core/http.fetchText",
+    kind: "core",
+    description: "Fetch a URL and return the response as text",
+    tags: ["http", "network", "core"],
+    capabilities: ["network"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/http.fetchJson",
+    kind: "core",
+    description: "Fetch a URL and return the response as parsed JSON",
+    tags: ["http", "network", "json", "core"],
+    capabilities: ["network"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/http.downloadFile",
+    kind: "core",
+    description: "Download a file from a URL to the sandbox",
+    tags: ["http", "network", "download", "core"],
+    capabilities: ["network", "write:fs"],
+    sideEffect: "local_write"
+  },
+  {
+    name: "core/http.head",
+    kind: "core",
+    description: "Send a HEAD request to get response headers without body",
+    tags: ["http", "network", "core"],
+    capabilities: ["network"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/http.duckduckgoSearch",
+    kind: "core",
+    description: "Search DuckDuckGo via Instant Answer API (no API key). Add api.duckduckgo.com to allowedHosts.",
+    tags: ["http", "search", "duckduckgo", "core"],
+    capabilities: ["network"],
+    sideEffect: "none"
+  },
+  {
+    name: "core/http.fetchPageMainContent",
+    kind: "core",
+    description: "Fetch a URL and return only the main content (main/article/body text). Strips nav, header, footer, scripts.",
+    tags: ["http", "network", "html", "main-content", "core"],
+    capabilities: ["network"],
+    sideEffect: "none"
+  },
+  // Utils
+  {
+    name: "core/util.json.select",
+    kind: "core",
+    description: "Select fields from JSON data using JMESPath expressions",
+    tags: ["util", "json", "core"],
+    capabilities: [],
+    sideEffect: "none"
+  },
+  {
+    name: "core/util.text.truncate",
+    kind: "core",
+    description: "Truncate text to a maximum character length with a suffix marker",
+    tags: ["util", "text", "core"],
+    capabilities: [],
+    sideEffect: "none"
+  },
+  {
+    name: "core/util.hash.sha256Text",
+    kind: "core",
+    description: "Compute SHA-256 hash of a text string",
+    tags: ["util", "hash", "core"],
+    capabilities: [],
+    sideEffect: "none"
+  },
+  {
+    name: "core/util.time.now",
+    kind: "core",
+    description: "Get the current time in various formats",
+    tags: ["util", "time", "core"],
+    capabilities: [],
+    sideEffect: "none"
+  },
+  {
+    name: "core/util.template.render",
+    kind: "core",
+    description: "Render a Mustache template with data",
+    tags: ["util", "template", "core"],
+    capabilities: [],
+    sideEffect: "none"
+  },
+  // Exec
+  {
+    name: "core/exec.runCommand",
+    kind: "core",
+    description: "Run a Linux command in the sandbox (allowlist, timeout, no shell). Command name only; args as array.",
+    tags: ["exec", "shell", "linux", "core"],
+    capabilities: ["exec"],
+    sideEffect: "local_write"
+  }
+];
+var CORE_TOOL_HANDLERS = [
+  readTextHandler,
+  writeTextHandler,
+  listDirHandler,
+  searchTextHandler,
+  sha256Handler,
+  deletePathHandler,
+  fetchTextHandler,
+  fetchJsonHandler,
+  downloadFileHandler,
+  headHandler,
+  duckduckgoSearchHandler,
+  fetchPageMainContentHandler,
+  jsonSelectHandler,
+  truncateHandler,
+  hashTextHandler,
+  nowHandler,
+  templateRenderHandler,
+  runCommandHandler
+];
+var readTextSpec = createToolSpec(CORE_TOOL_MANIFEST[0]);
+var writeTextSpec = createToolSpec(CORE_TOOL_MANIFEST[1]);
+var listDirSpec = createToolSpec(CORE_TOOL_MANIFEST[2]);
+var searchTextSpec = createToolSpec(CORE_TOOL_MANIFEST[3]);
+var sha256Spec = createToolSpec(CORE_TOOL_MANIFEST[4]);
+var deletePathSpec = createToolSpec(CORE_TOOL_MANIFEST[5]);
+var fetchTextSpec = createToolSpec(CORE_TOOL_MANIFEST[6]);
+var fetchJsonSpec = createToolSpec(CORE_TOOL_MANIFEST[7]);
+var downloadFileSpec = createToolSpec(CORE_TOOL_MANIFEST[8]);
+var headSpec = createToolSpec(CORE_TOOL_MANIFEST[9]);
+var jsonSelectSpec = createToolSpec(CORE_TOOL_MANIFEST[10]);
+var truncateSpec = createToolSpec(CORE_TOOL_MANIFEST[11]);
+var hashTextSpec = createToolSpec(CORE_TOOL_MANIFEST[12]);
+var nowSpec = createToolSpec(CORE_TOOL_MANIFEST[13]);
+var templateRenderSpec = createToolSpec(CORE_TOOL_MANIFEST[14]);
+var runCommandSpec = createToolSpec(CORE_TOOL_MANIFEST[15]);
+var duckduckgoSearchSpec = createToolSpec(CORE_TOOL_MANIFEST[16]);
+var fetchPageMainContentSpec = createToolSpec(CORE_TOOL_MANIFEST[17]);
+var CORE_GROUP_PREFIX = {
+  fs: "core/fs.",
+  http: "core/http.",
+  util: "core/util.",
+  exec: "core/exec."
+};
+function registerCoreTools(registry, userConfig, options) {
+  const config = {
+    ...DEFAULT_CORE_TOOLS_CONFIG,
+    ...userConfig
+  };
+  const adapter = new CoreAdapter(config);
+  const onlySet = options?.only?.length ? new Set(options.only) : null;
+  const allowedPrefixes = !onlySet && options?.groups?.length ? options.groups.map((g) => CORE_GROUP_PREFIX[g]) : null;
+  for (let i = 0; i < CORE_TOOL_MANIFEST.length; i++) {
+    const spec = createToolSpec(CORE_TOOL_MANIFEST[i]);
+    if (onlySet && !onlySet.has(spec.name)) continue;
+    if (allowedPrefixes && !allowedPrefixes.some((p) => spec.name.startsWith(p))) {
+      continue;
+    }
+    const handler = CORE_TOOL_HANDLERS[i];
+    registry.register(spec);
+    adapter.registerHandler(spec.name, handler);
+  }
+  return adapter;
+}
+export {
+  CoreAdapter,
+  DEFAULT_CORE_TOOLS_CONFIG,
+  deletePathSpec,
+  downloadFileSpec,
+  duckduckgoSearchSpec,
+  fetchJsonSpec,
+  fetchPageMainContentSpec,
+  fetchTextSpec,
+  getBuiltinContext,
+  hashTextSpec,
+  headSpec,
+  isIpInBlockedCidrs,
+  jsonSelectSpec,
+  listDirSpec,
+  nowHandler,
+  nowSpec,
+  readTextSpec,
+  registerCoreTools,
+  resolveSandboxedPath,
+  runCommandSpec,
+  runWithBuiltinContext,
+  searchTextSpec,
+  sha256Spec,
+  templateRenderSpec,
+  truncateSpec,
+  validateUrl,
+  writeTextSpec
+};
+//# sourceMappingURL=index.js.map