@easynet/agent-tool-buildin 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/CoreToolsModule.d.ts +1 -1
- package/dist/CoreToolsModule.d.ts.map +1 -1
- package/dist/http/downloadFile.d.ts.map +1 -1
- package/dist/http/duckduckgoSearch.d.ts.map +1 -1
- package/dist/http/fetchJson.d.ts.map +1 -1
- package/dist/http/fetchPageMainContent.d.ts.map +1 -1
- package/dist/http/fetchText.d.ts.map +1 -1
- package/dist/http/head.d.ts.map +1 -1
- package/dist/http/yahooFinance.d.ts.map +1 -1
- package/dist/index.cjs +156 -309
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +1 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +130 -283
- package/dist/index.js.map +1 -1
- package/dist/types.d.ts +5 -2
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/dist/security/sandbox.d.ts +0 -9
- package/dist/security/sandbox.d.ts.map +0 -1
- package/dist/security/ssrf.d.ts +0 -12
- package/dist/security/ssrf.d.ts.map +0 -1
package/dist/types.d.ts
CHANGED
|
@@ -2,12 +2,15 @@ import type { ExecContext } from "@easynet/agent-tool";
|
|
|
2
2
|
import type { Evidence } from "@easynet/agent-tool";
|
|
3
3
|
/**
|
|
4
4
|
* Configuration for core tools runtime.
|
|
5
|
+
* HTTP: allow iff (host in allowedHosts) AND (host not in blockedHosts). tool.yaml and code are merged (union).
|
|
5
6
|
*/
|
|
6
7
|
export interface CoreToolsConfig {
|
|
7
8
|
/** Absolute path. All FS operations are confined within this root. */
|
|
8
9
|
sandboxRoot: string;
|
|
9
|
-
/**
|
|
10
|
+
/** Allowed hosts. Use ["*"] for allow-all. Supports "*.github.com", exact host. */
|
|
10
11
|
allowedHosts: string[];
|
|
12
|
+
/** Block these hosts even if allowed. Supports "*.internal", exact host. */
|
|
13
|
+
blockedHosts: string[];
|
|
11
14
|
/** Maximum bytes for fs.readText (default: 5MB) */
|
|
12
15
|
maxReadBytes: number;
|
|
13
16
|
/** Maximum bytes for HTTP response body (default: 5MB) */
|
|
@@ -32,7 +35,7 @@ export interface CoreToolsConfig {
|
|
|
32
35
|
/**
|
|
33
36
|
* Default configuration values for core tools.
|
|
34
37
|
*/
|
|
35
|
-
export declare const DEFAULT_CORE_TOOLS_CONFIG: Omit<CoreToolsConfig, "sandboxRoot" | "allowedHosts">;
|
|
38
|
+
export declare const DEFAULT_CORE_TOOLS_CONFIG: Omit<CoreToolsConfig, "sandboxRoot" | "allowedHosts" | "blockedHosts">;
|
|
36
39
|
/**
|
|
37
40
|
* Context passed to each core tool handler.
|
|
38
41
|
*/
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAEpD
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAEpD;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,sEAAsE;IACtE,WAAW,EAAE,MAAM,CAAC;IACpB,mFAAmF;IACnF,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,4EAA4E;IAC5E,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,mDAAmD;IACnD,YAAY,EAAE,MAAM,CAAC;IACrB,0DAA0D;IAC1D,YAAY,EAAE,MAAM,CAAC;IACrB,2DAA2D;IAC3D,gBAAgB,EAAE,MAAM,CAAC;IACzB,8EAA8E;IAC9E,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,kDAAkD;IAClD,gBAAgB,EAAE,MAAM,CAAC;IACzB,0CAA0C;IAC1C,aAAa,EAAE,MAAM,CAAC;IACtB,2FAA2F;IAC3F,6BAA6B,EAAE,OAAO,CAAC;IACvC,gGAAgG;IAChG,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,+DAA+D;IAC/D,qBAAqB,EAAE,MAAM,CAAC;IAC9B,sDAAsD;IACtD,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,eAAO,MAAM,yBAAyB,EAAE,IAAI,CAC1C,eAAe,EACf,aAAa,GAAG,cAAc,GAAG,cAAc,CAiChD,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,WAAW,CAAC;IACrB,MAAM,EAAE,eAAe,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,QAAQ,EAAE,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Resolve an input path to an absolute path within the sandbox.
|
|
3
|
-
* Throws PATH_OUTSIDE_SANDBOX if the resolved path escapes the sandbox root.
|
|
4
|
-
*
|
|
5
|
-
* For existing files: uses realpath to resolve symlinks.
|
|
6
|
-
* For non-existing files (write targets): resolves the parent directory.
|
|
7
|
-
*/
|
|
8
|
-
export declare function resolveSandboxedPath(inputPath: string, sandboxRoot: string): Promise<string>;
|
|
9
|
-
//# sourceMappingURL=sandbox.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"sandbox.d.ts","sourceRoot":"","sources":["../../security/sandbox.ts"],"names":[],"mappings":"AAIA;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,MAAM,CAAC,CA0CjB"}
|
package/dist/security/ssrf.d.ts
DELETED
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Validate a URL against allowed hosts and blocked CIDRs.
|
|
3
|
-
* Prevents SSRF by checking both hostname allowlist and resolved IP addresses.
|
|
4
|
-
*
|
|
5
|
-
* @throws HTTP_DISALLOWED_HOST if the URL is blocked
|
|
6
|
-
*/
|
|
7
|
-
export declare function validateUrl(url: string, allowedHosts: string[], blockedCidrs: string[]): Promise<URL>;
|
|
8
|
-
/**
|
|
9
|
-
* Check if an IPv4 address falls within any blocked CIDR range.
|
|
10
|
-
*/
|
|
11
|
-
export declare function isIpInBlockedCidrs(ip: string, cidrs: string[]): boolean;
|
|
12
|
-
//# sourceMappingURL=ssrf.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ssrf.d.ts","sourceRoot":"","sources":["../../security/ssrf.ts"],"names":[],"mappings":"AAGA;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM,EAAE,EACtB,YAAY,EAAE,MAAM,EAAE,GACrB,OAAO,CAAC,GAAG,CAAC,CAwDd;AAuBD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAevE"}
|