@easynet/agent-tool 1.0.61 → 1.0.62

package/dist/security.js

@@ -1,182 +1,5 @@
+export { isIpInBlockedCidrs, validateUrl } from './chunk-NKYFYALQ.js';
 export { resolveSandboxedPath, setSandboxValidationEnabled } from './chunk-QXQ4477T.js';
-import { createTaggedError } from './chunk-RZTTO5MQ.js';
-import { lookup } from 'dns/promises';
-
-async function validateUrl(url, options) {
-  let parsed;
-  try {
-    parsed = new URL(url);
-  } catch {
-    throw createTaggedError(
-      "HTTP_DISALLOWED_HOST",
-      `Invalid URL: ${url}`,
-      { url }
-    );
-  }
-  if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
-    throw createTaggedError(
-      "HTTP_DISALLOWED_HOST",
-      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,
-      { url, protocol: parsed.protocol }
-    );
-  }
-  const hostname = parsed.hostname;
-  if (!isHostAllowed(hostname, options.allowedHosts)) {
-    throw createTaggedError(
-      "HTTP_DISALLOWED_HOST",
-      `Host "${hostname}" is not in the allowed hosts list`,
-      { url, hostname, allowedHosts: options.allowedHosts }
-    );
-  }
-  if (isHostBlocked(hostname, options.blockedHosts)) {
-    throw createTaggedError(
-      "HTTP_DISALLOWED_HOST",
-      `Host "${hostname}" is in the blocked hosts list`,
-      { url, hostname, blockedHosts: options.blockedHosts }
-    );
-  }
-  try {
-    const { address } = await lookup(hostname);
-    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {
-      throw createTaggedError(
-        "HTTP_DISALLOWED_HOST",
-        `Host "${hostname}" resolves to blocked IP: ${address}`,
-        { url, hostname, resolvedIp: address }
-      );
-    }
-  } catch (err) {
-    if (err instanceof Error && err.kind === "HTTP_DISALLOWED_HOST") {
-      throw err;
-    }
-    throw createTaggedError(
-      "HTTP_DISALLOWED_HOST",
-      `DNS resolution failed for host "${hostname}": ${err instanceof Error ? err.message : String(err)}`,
-      { url, hostname }
-    );
-  }
-  return parsed;
-}
-function isHostAllowed(hostname, allowedHosts) {
-  for (const pattern of allowedHosts) {
-    if (pattern === "*") {
-      return true;
-    }
-    if (pattern.startsWith("*.")) {
-      const suffix = pattern.slice(1);
-      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
-        return true;
-      }
-    } else if (hostname === pattern) {
-      return true;
-    }
-  }
-  return false;
-}
-function isHostBlocked(hostname, blockedHosts) {
-  for (const pattern of blockedHosts) {
-    if (pattern === "*") {
-      return true;
-    }
-    if (pattern.startsWith("*.")) {
-      const suffix = pattern.slice(1);
-      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {
-        return true;
-      }
-    } else if (hostname === pattern) {
-      return true;
-    }
-  }
-  return false;
-}
-function isIpInBlockedCidrs(ip, cidrs) {
-  const normalizedIp = normalizeIp(ip);
-  if (!normalizedIp) return false;
-  for (const cidr of cidrs) {
-    if (cidr.includes(":")) {
-      if (!ip.includes(":")) continue;
-      if (isIpv6InCidr(ip, cidr)) return true;
-    } else {
-      if (isIpv4InCidr(normalizedIp, cidr)) return true;
-    }
-  }
-  return false;
-}
-function normalizeIp(ip) {
-  if (ip.startsWith("::ffff:")) {
-    return ip.slice(7);
-  }
-  if (/^\d+\.\d+\.\d+\.\d+$/.test(ip)) {
-    return ip;
-  }
-  return null;
-}
-function isIpv4InCidr(ip, cidr) {
-  const [cidrIp, prefixStr] = cidr.split("/");
-  if (!cidrIp || !prefixStr) return false;
-  const prefix = parseInt(prefixStr, 10);
-  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;
-  const ipNum = ipv4ToNum(ip);
-  const cidrNum = ipv4ToNum(cidrIp);
-  if (ipNum === null || cidrNum === null) return false;
-  const mask = prefix === 0 ? 0 : -1 << 32 - prefix >>> 0;
-  return (ipNum & mask) === (cidrNum & mask);
-}
-function ipv4ToNum(ip) {
-  const parts = ip.split(".");
-  if (parts.length !== 4) return null;
-  let num = 0;
-  for (const part of parts) {
-    const n = parseInt(part, 10);
-    if (isNaN(n) || n < 0 || n > 255) return null;
-    num = num << 8 | n;
-  }
-  return num >>> 0;
-}
-function isIpv6InCidr(ip, cidr) {
-  const [cidrIp, prefixStr] = cidr.split("/");
-  if (!cidrIp || !prefixStr) return false;
-  const prefix = parseInt(prefixStr, 10);
-  if (isNaN(prefix)) return false;
-  const ipBytes = expandIpv6(ip);
-  const cidrBytes = expandIpv6(cidrIp);
-  if (!ipBytes || !cidrBytes) return false;
-  const fullBytes = Math.floor(prefix / 8);
-  for (let i = 0; i < fullBytes && i < 16; i++) {
-    if (ipBytes[i] !== cidrBytes[i]) return false;
-  }
-  const remainingBits = prefix % 8;
-  if (remainingBits > 0 && fullBytes < 16) {
-    const mask = -1 << 8 - remainingBits & 255;
-    if ((ipBytes[fullBytes] & mask) !== (cidrBytes[fullBytes] & mask)) return false;
-  }
-  return true;
-}
-function expandIpv6(ip) {
-  const zoneIdx = ip.indexOf("%");
-  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);
-  const parts = ip.split("::");
-  if (parts.length > 2) return null;
-  const bytes = new Array(16).fill(0);
-  const expandGroup = (group) => {
-    if (!group) return [];
-    return group.split(":").flatMap((hex) => {
-      const val = parseInt(hex || "0", 16);
-      return [val >> 8 & 255, val & 255];
-    });
-  };
-  if (parts.length === 1) {
-    const expanded = expandGroup(parts[0]);
-    if (expanded.length !== 16) return null;
-    return expanded;
-  }
-  const left = expandGroup(parts[0]);
-  const right = expandGroup(parts[1]);
-  if (left.length + right.length > 16) return null;
-  for (let i = 0; i < left.length; i++) bytes[i] = left[i];
-  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i];
-  return bytes;
-}
-
-export { isIpInBlockedCidrs, validateUrl };
+import './chunk-RZTTO5MQ.js';
 //# sourceMappingURL=security.js.map
 //# sourceMappingURL=security.js.map

package/dist/security.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/security/ssrf.ts"],"names":[],"mappings":";;;;AAsBA,eAAsB,WAAA,CAAY,KAAa,OAAA,EAA2C;AACxF,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,GAAG,CAAA;AAAA,EACtB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,gBAAgB,GAAG,CAAA,CAAA;AAAA,MACnB,EAAE,GAAA;AAAI,KACR;AAAA,EACF;AAGA,EAAA,IAAI,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,MAAA,CAAO,aAAa,QAAA,EAAU;AAC/D,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,sBAAA,EAAyB,OAAO,QAAQ,CAAA,sCAAA,CAAA;AAAA,MACxC,EAAE,GAAA,EAAK,QAAA,EAAU,MAAA,CAAO,QAAA;AAAS,KACnC;AAAA,EACF;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,QAAA;AAExB,EAAA,IAAI,CAAC,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AAClD,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,kCAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AACA,EAAA,IAAI,aAAA,CAAc,QAAA,EAAU,OAAA,CAAQ,YAAY,CAAA,EAAG;AACjD,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,SAAS,QAAQ,CAAA,8BAAA,CAAA;AAAA,MACjB,EAAE,GAAA,EAAK,QAAA,EAAU,YAAA,EAAc,QAAQ,YAAA;AAAa,KACtD;AAAA,EACF;AAGA,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,OAAO,QAAQ,CAAA;AACzC,IAAA,IAAI,kBAAA,CAAmB,OAAA,EAAS,OAAA,CAAQ,YAAY,CAAA,EAAG;AACrD,MAAA,MAAM,iBAAA;AAAA,QACJ,sBAAA;AAAA,QACA,CAAA,MAAA,EAAS,QAAQ,CAAA,0BAAA,EAA6B,OAAO,CAAA,CAAA;AAAA,QACrD,EAAE,GAAA,EAAK,QAAA,EAAU,UAAA,EAAY,OAAA;AAAQ,OACvC;AAAA,IACF;AAAA,EACF,SAAS,GAAA,EAAK;AAEZ,IAAA,IAAI,GAAA,YAAe,KAAA,IAAU,GAAA,CAAY,IAAA,KAAS,sBAAA,EAAwB;AACxE,MAAA,MAAM,GAAA;AAAA,IACR;AAEA,IAAA,MAAM,iBAAA;AAAA,MACJ,sBAAA;AAAA,MACA,CAAA,gCAAA,EAAmC,QAAQ,CAAA,GAAA,EAAM,GAAA,YAAe,QAAQ,GAAA,CAAI,OAAA,GAAU,MAAA,CAAO,GAAG,CAAC,CAAA,CAAA;AAAA,MACjG,EAAE,KAAK,QAAA;AAAS,KAClB;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAMA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKA,SAAS,aAAA,CAAc,UAAkB,YAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,WAAW,YAAA,EAAc;AAClC,IAAA,IAAI,YAAY,GAAA,EAAK;AACnB,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,IAAI,OAAA,CAAQ,UAAA,CAAW,IAAI,CAAA,EAAG;AAC5B,MAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA;AAC9B,MAAA,IAAI,QAAA,CAAS,SAAS,MAAM,CAAA,IAAK,aAAa,OAAA,CAAQ,KAAA,CAAM,CAAC,CAAA,EAAG;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,aAAa,OAAA,EAAS;AAC/B,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAKO,SAAS,kBAAA,CAAmB,IAAY,KAAA,EAA0B;AAEvE,EAAA,MAAM,YAAA,GAAe,YAAY,EAAE,CAAA;AACnC,EAAA,IAAI,CAAC,cAAc,OAAO,KAAA;AAE1B,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,IAAI,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,EAAG;AAEtB,MAAA,IAAI,CAAC,EAAA,CAAG,QAAA,CAAS,GAAG,CAAA,EAAG;AACvB,MAAA,IAAI,YAAA,CAAa,EAAA,EAAI,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IACrC,CAAA,MAAO;AACL,MAAA,IAAI,YAAA,CAAa,YAAA,EAAc,IAAI,CAAA,EAAG,OAAO,IAAA;AAAA,IAC/C;AAAA,EACF;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,YAAY,EAAA,EAA2B;AAE9C,EAAA,IAAI,EAAA,CAAG,UAAA,CAAW,SAAS,CAAA,EAAG;AAC5B,IAAA,OAAO,EAAA,CAAG,MAAM,CAAC,CAAA;AAAA,EACnB;AAEA,EAAA,IAAI,sBAAA,CAAuB,IAAA,CAAK,EAAE,CAAA,EAAG;AACnC,IAAA,OAAO,EAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AACvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,MAAM,MAAM,CAAA,IAAK,SAAS,CAAA,IAAK,MAAA,GAAS,IAAI,OAAO,KAAA;AAEvD,EAAA,MAAM,KAAA,GAAQ,UAAU,EAAE,CAAA;AAC1B,EAAA,MAAM,OAAA,GAAU,UAAU,MAAM,CAAA;AAChC,EAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,OAAA,KAAY,IAAA,EAAM,OAAO,KAAA;AAE/C,EAAA,MAAM,OAAO,MAAA,KAAW,CAAA,GAAI,IAAK,EAAC,IAAM,KAAK,MAAA,KAAa,CAAA;AAC1D,EAAA,OAAA,CAAQ,KAAA,GAAQ,WAAW,OAAA,GAAU,IAAA,CAAA;AACvC;AAEA,SAAS,UAAU,EAAA,EAA2B;AAC5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,GAAG,CAAA;AAC1B,EAAA,IAAI,KAAA,CAAM,MAAA,KAAW,CAAA,EAAG,OAAO,IAAA;AAC/B,EAAA,IAAI,GAAA,GAAM,CAAA;AACV,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACxB,IAAA,MAAM,CAAA,GAAI,QAAA,CAAS,IAAA,EAAM,EAAE,CAAA;AAC3B,IAAA,IAAI,MAAM,CAAC,CAAA,IAAK,IAAI,CAAA,IAAK,CAAA,GAAI,KAAK,OAAO,IAAA;AACzC,IAAA,GAAA,GAAO,OAAO,CAAA,GAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,GAAA,KAAQ,CAAA;AACjB;AAEA,SAAS,YAAA,CAAa,IAAY,IAAA,EAAuB;AAEvD,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAI,IAAA,CAAK,MAAM,GAAG,CAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,SAAA,EAAW,OAAO,KAAA;AAElC,EAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACrC,EAAA,IAAI,KAAA,CAAM,MAAM,CAAA,EAAG,OAAO,KAAA;AAE1B,EAAA,MAAM,OAAA,GAAU,WAAW,EAAE,CAAA;AAC7B,EAAA,MAAM,SAAA,GAAY,WAAW,MAAM,CAAA;AACnC,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,SAAA,EAAW,OAAO,KAAA;AAGnC,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AACvC,EAAA,KAAA,IAAS,IAAI,CAAA,EAAG,CAAA,GAAI,SAAA,IAAa,CAAA,GAAI,IAAI,CAAA,EAAA,EAAK;AAC5C,IAAA,IAAI,QAAQ,CAAC,CAAA,KAAM,SAAA,CAAU,CAAC,GAAG,OAAO,KAAA;AAAA,EAC1C;AAEA,EAAA,MAAM,gBAAgB,MAAA,GAAS,CAAA;AAC/B,EAAA,IAAI,aAAA,GAAgB,CAAA,IAAK,SAAA,GAAY,EAAA,EAAI;AACvC,IAAA,MAAM,IAAA,GAAQ,EAAC,IAAM,CAAA,GAAI,aAAA,GAAkB,GAAA;AAC3C,IAAA,IAAA,CAAK,OAAA,CAAQ,SAAS,CAAA,GAAK,IAAA,OAAW,UAAU,SAAS,CAAA,GAAK,OAAO,OAAO,KAAA;AAAA,EAC9E;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,WAAW,EAAA,EAA6B;AAE/C,EAAA,MAAM,OAAA,GAAU,EAAA,CAAG,OAAA,CAAQ,GAAG,CAAA;AAC9B,EAAA,IAAI,YAAY,EAAA,EAAI,EAAA,GAAK,EAAA,CAAG,KAAA,CAAM,GAAG,OAAO,CAAA;AAE5C,EAAA,MAAM,KAAA,GAAQ,EAAA,CAAG,KAAA,CAAM,IAAI,CAAA;AAC3B,EAAA,IAAI,KAAA,CAAM,MAAA,GAAS,CAAA,EAAG,OAAO,IAAA;AAE7B,EAAA,MAAM,QAAkB,IAAI,KAAA,CAAM,EAAE,CAAA,CAAE,KAAK,CAAC,CAAA;AAE5C,EAAA,MAAM,WAAA,GAAc,CAAC,KAAA,KAA4B;AAC/C,IAAA,IAAI,CAAC,KAAA,EAAO,OAAO,EAAC;AACpB,IAAA,OAAO,MAAM,KAAA,CAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AACvC,MAAA,MAAM,GAAA,GAAM,QAAA,CAAS,GAAA,IAAO,GAAA,EAAK,EAAE,CAAA;AACnC,MAAA,OAAO,CAAE,GAAA,IAAO,CAAA,GAAK,GAAA,EAAM,MAAM,GAAI,CAAA;AAAA,IACvC,CAAC,CAAA;AAAA,EACH,CAAA;AAEA,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,QAAA,GAAW,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AACtC,IAAA,IAAI,QAAA,CAAS,MAAA,KAAW,EAAA,EAAI,OAAO,IAAA;AACnC,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,MAAM,IAAA,GAAO,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAClC,EAAA,MAAM,KAAA,GAAQ,WAAA,CAAY,KAAA,CAAM,CAAC,CAAE,CAAA;AAEnC,EAAA,IAAI,IAAA,CAAK,MAAA,GAAS,KAAA,CAAM,MAAA,GAAS,IAAI,OAAO,IAAA;AAE5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,MAAA,EAAQ,KAAK,KAAA,CAAM,CAAC,CAAA,GAAI,IAAA,CAAK,CAAC,CAAA;AACvD,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,MAAA,EAAQ,CAAA,EAAA,EAAK,KAAA,CAAM,EAAA,GAAK,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA,GAAI,MAAM,CAAC,CAAA;AAE7E,EAAA,OAAO,KAAA;AACT","file":"security.js","sourcesContent":["import { lookup } from \"node:dns/promises\";\nimport { createTaggedError } from \"../core/runtime/Retry.js\";\n\n/**\n * Options for validateUrl. Unified rule: allow iff host is in allowedHosts AND not in blockedHosts.\n * - \"Default allow all + blocklist\": allowedHosts: [\"*\"], blockedHosts: [\"*.internal\", ...]\n * - \"Default disallow all + allowlist\": allowedHosts: [\"api.github.com\", ...], blockedHosts: []\n */\nexport interface ValidateUrlOptions {\n  /** Allow only these hosts. Use [\"*\"] for allow-all. Supports \"*.example.com\", exact host. */\n  allowedHosts: string[];\n  /** Block these hosts even if allowed. Supports \"*.internal\", exact host. Merged with allowlist. */\n  blockedHosts: string[];\n  /** CIDR ranges to block (resolved IP). */\n  blockedCidrs: string[];\n}\n\n/**\n * Validate a URL: allow iff (host in allowedHosts) AND (host not in blockedHosts). Then check blockedCidrs on resolved IP.\n *\n * @throws HTTP_DISALLOWED_HOST if the URL is blocked\n */\nexport async function validateUrl(url: string, options: ValidateUrlOptions): Promise<URL> {\n  let parsed: URL;\n  try {\n    parsed = new URL(url);\n  } catch {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Invalid URL: ${url}`,\n      { url },\n    );\n  }\n\n  // Only allow http/https\n  if (parsed.protocol !== \"http:\" && parsed.protocol !== \"https:\") {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Protocol not allowed: ${parsed.protocol}. Only http: and https: are supported.`,\n      { url, protocol: parsed.protocol },\n    );\n  }\n\n  const hostname = parsed.hostname;\n\n  if (!isHostAllowed(hostname, options.allowedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is not in the allowed hosts list`,\n      { url, hostname, allowedHosts: options.allowedHosts },\n    );\n  }\n  if (isHostBlocked(hostname, options.blockedHosts)) {\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `Host \"${hostname}\" is in the blocked hosts list`,\n      { url, hostname, blockedHosts: options.blockedHosts },\n    );\n  }\n\n  // DNS resolve and check against blocked CIDRs\n  try {\n    const { address } = await lookup(hostname);\n    if (isIpInBlockedCidrs(address, options.blockedCidrs)) {\n      throw createTaggedError(\n        \"HTTP_DISALLOWED_HOST\",\n        `Host \"${hostname}\" resolves to blocked IP: ${address}`,\n        { url, hostname, resolvedIp: address },\n      );\n    }\n  } catch (err) {\n    // Re-throw our tagged errors\n    if (err instanceof Error && (err as any).kind === \"HTTP_DISALLOWED_HOST\") {\n      throw err;\n    }\n    // DNS resolution failure — block by default\n    throw createTaggedError(\n      \"HTTP_DISALLOWED_HOST\",\n      `DNS resolution failed for host \"${hostname}\": ${err instanceof Error ? err.message : String(err)}`,\n      { url, hostname },\n    );\n  }\n\n  return parsed;\n}\n\n/**\n * Check if a hostname matches any entry in the allowed hosts list.\n * Supports: exact \"*\" (allow any host), wildcard prefix (e.g. \"*.github.com\"), or exact host.\n */\nfunction isHostAllowed(hostname: string, allowedHosts: string[]): boolean {\n  for (const pattern of allowedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1); // \".github.com\"\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if a hostname matches any entry in the blocked hosts list (same pattern rules as allowlist).\n */\nfunction isHostBlocked(hostname: string, blockedHosts: string[]): boolean {\n  for (const pattern of blockedHosts) {\n    if (pattern === \"*\") {\n      return true;\n    }\n    if (pattern.startsWith(\"*.\")) {\n      const suffix = pattern.slice(1);\n      if (hostname.endsWith(suffix) || hostname === pattern.slice(2)) {\n        return true;\n      }\n    } else if (hostname === pattern) {\n      return true;\n    }\n  }\n  return false;\n}\n\n/**\n * Check if an IPv4 address falls within any blocked CIDR range.\n */\nexport function isIpInBlockedCidrs(ip: string, cidrs: string[]): boolean {\n  // Handle IPv4-mapped IPv6\n  const normalizedIp = normalizeIp(ip);\n  if (!normalizedIp) return false;\n\n  for (const cidr of cidrs) {\n    if (cidr.includes(\":\")) {\n      // IPv6 CIDR — skip for IPv4 addresses\n      if (!ip.includes(\":\")) continue;\n      if (isIpv6InCidr(ip, cidr)) return true;\n    } else {\n      if (isIpv4InCidr(normalizedIp, cidr)) return true;\n    }\n  }\n  return false;\n}\n\nfunction normalizeIp(ip: string): string | null {\n  // Handle IPv4-mapped IPv6 (e.g. \"::ffff:127.0.0.1\")\n  if (ip.startsWith(\"::ffff:\")) {\n    return ip.slice(7);\n  }\n  // Pure IPv4\n  if (/^\\d+\\.\\d+\\.\\d+\\.\\d+$/.test(ip)) {\n    return ip;\n  }\n  return null;\n}\n\nfunction isIpv4InCidr(ip: string, cidr: string): boolean {\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix) || prefix < 0 || prefix > 32) return false;\n\n  const ipNum = ipv4ToNum(ip);\n  const cidrNum = ipv4ToNum(cidrIp);\n  if (ipNum === null || cidrNum === null) return false;\n\n  const mask = prefix === 0 ? 0 : (~0 << (32 - prefix)) >>> 0;\n  return (ipNum & mask) === (cidrNum & mask);\n}\n\nfunction ipv4ToNum(ip: string): number | null {\n  const parts = ip.split(\".\");\n  if (parts.length !== 4) return null;\n  let num = 0;\n  for (const part of parts) {\n    const n = parseInt(part, 10);\n    if (isNaN(n) || n < 0 || n > 255) return null;\n    num = (num << 8) | n;\n  }\n  return num >>> 0;\n}\n\nfunction isIpv6InCidr(ip: string, cidr: string): boolean {\n  // Simplified IPv6 CIDR matching for common cases (::1, fc00::, fe80::)\n  const [cidrIp, prefixStr] = cidr.split(\"/\");\n  if (!cidrIp || !prefixStr) return false;\n\n  const prefix = parseInt(prefixStr, 10);\n  if (isNaN(prefix)) return false;\n\n  const ipBytes = expandIpv6(ip);\n  const cidrBytes = expandIpv6(cidrIp);\n  if (!ipBytes || !cidrBytes) return false;\n\n  // Compare prefix bits\n  const fullBytes = Math.floor(prefix / 8);\n  for (let i = 0; i < fullBytes && i < 16; i++) {\n    if (ipBytes[i] !== cidrBytes[i]) return false;\n  }\n\n  const remainingBits = prefix % 8;\n  if (remainingBits > 0 && fullBytes < 16) {\n    const mask = (~0 << (8 - remainingBits)) & 0xff;\n    if ((ipBytes[fullBytes]! & mask) !== (cidrBytes[fullBytes]! & mask)) return false;\n  }\n\n  return true;\n}\n\nfunction expandIpv6(ip: string): number[] | null {\n  // Remove zone ID\n  const zoneIdx = ip.indexOf(\"%\");\n  if (zoneIdx !== -1) ip = ip.slice(0, zoneIdx);\n\n  const parts = ip.split(\"::\");\n  if (parts.length > 2) return null;\n\n  const bytes: number[] = new Array(16).fill(0);\n\n  const expandGroup = (group: string): number[] => {\n    if (!group) return [];\n    return group.split(\":\").flatMap((hex) => {\n      const val = parseInt(hex || \"0\", 16);\n      return [(val >> 8) & 0xff, val & 0xff];\n    });\n  };\n\n  if (parts.length === 1) {\n    const expanded = expandGroup(parts[0]!);\n    if (expanded.length !== 16) return null;\n    return expanded;\n  }\n\n  const left = expandGroup(parts[0]!);\n  const right = expandGroup(parts[1]!);\n\n  if (left.length + right.length > 16) return null;\n\n  for (let i = 0; i < left.length; i++) bytes[i] = left[i]!;\n  for (let i = 0; i < right.length; i++) bytes[16 - right.length + i] = right[i]!;\n\n  return bytes;\n}\n"]}
+{"version":3,"sources":[],"names":[],"mappings":"","file":"security.js"}

package/dist/utils/cli/help.d.ts

@@ -0,0 +1,2 @@
+export declare function printHelp(bin?: string): void;
+//# sourceMappingURL=help.d.ts.map

package/dist/utils/cli/help.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"help.d.ts","sourceRoot":"","sources":["../../../src/utils/cli/help.ts"],"names":[],"mappings":"AAAA,wBAAgB,SAAS,CAAC,GAAG,SAAe,GAAG,IAAI,CA2ClD"}

package/dist/utils/cli/index.cjs

@@ -2,7 +2,7 @@
 'use strict';
 
 var chunkNMZ4IMEW_cjs = require('../../chunk-NMZ4IMEW.cjs');
-var chunkHK4GTFTQ_cjs = require('../../chunk-HK4GTFTQ.cjs');
+var chunkM2GEHWPN_cjs = require('../../chunk-M2GEHWPN.cjs');
 var chunkUUNG3GL3_cjs = require('../../chunk-UUNG3GL3.cjs');
 require('../../chunk-OG5ZSXQ5.cjs');
 require('../../chunk-JNIWNSCQ.cjs');
@@ -40,9 +40,8 @@ var fs__namespace = /*#__PURE__*/_interopNamespace(fs$1);
 function toPackageName(name) {
   return name.trim().toLowerCase().replace(/\s+/g, "-").replace(/[^a-z0-9-]/g, "");
 }
-function templates(packageName) {
-  return {
-    "package.json": `{
+function packageJsonTemplate(packageName) {
+  return `{
   "name": "${packageName}",
   "version": "0.0.1",
   "description": "Tools extension for @easynet/agent-tool",
@@ -77,8 +76,10 @@ function templates(packageName) {
   },
   "license": "MIT"
 }
-`,
-    "tsconfig.json": `{
+`;
+}
+function tsconfigTemplate() {
+  return `{
   "compilerOptions": {
     "target": "ES2022",
     "module": "NodeNext",
@@ -97,23 +98,29 @@ function templates(packageName) {
   "include": ["./**/*.ts"],
   "exclude": ["node_modules", "dist", "**/dist/**"]
 }
-`,
-    "tsconfig.build.json": `{
+`;
+}
+function tsconfigBuildTemplate() {
+  return `{
   "extends": "./tsconfig.json",
   "compilerOptions": { "rootDir": ".", "outDir": "dist" },
   "include": ["./**/*.ts"],
   "exclude": ["node_modules", "dist", "**/dist/**", "**/tsconfig*.json", "**/*.test.ts", "test", "scripts", "generate-manifest.ts"]
 }
-`,
-    "generate-manifest.ts": `/**
+`;
+}
+function generateManifestTemplate() {
+  return `/**
  * Build step: run framework generateManifest (scan src, emit manifest).
  * Tool names in the manifest are the exported function names.
  */
 import { generateManifest } from "@easynet/agent-tool/extension";
 
 generateManifest(process.cwd());
-`,
-    "index.ts": `import { createExtension } from "@easynet/agent-tool/extension";
+`;
+}
+function extensionIndexTemplate() {
+  return `import { createExtension } from "@easynet/agent-tool/extension";
 import type { ToolRegistry, ToolAdapter } from "@easynet/agent-tool/runtime";
 
 const ext = createExtension({ importMeta: import.meta });
@@ -128,8 +135,10 @@ export function register(
 
 export const getExtensionContext = ext.getContext;
 export const runWithExtensionContext = ext.runWith;
-`,
-    "src/helloWorld.ts": `/**
+`;
+}
+function helloWorldTemplate() {
+  return `/**
  * A simple hello-world tool.
  * @tool
  * @effect none
@@ -147,8 +156,10 @@ export async function helloWorld(_args: Record<string, unknown>) {
     ],
   };
 }
-`,
-    "README.md": `# ${packageName}
+`;
+}
+function readmeTemplate(packageName) {
+  return `# ${packageName}
 
 Scaffolded by \`agent-tool init ${packageName}\`.
 
@@ -172,7 +183,17 @@ tools:
 \`\`\`
 
 Or publish and use: \`npm:@your-scope/${packageName}\`
-`
+`;
+}
+function templates(packageName) {
+  return {
+    "package.json": packageJsonTemplate(packageName),
+    "tsconfig.json": tsconfigTemplate(),
+    "tsconfig.build.json": tsconfigBuildTemplate(),
+    "generate-manifest.ts": generateManifestTemplate(),
+    "index.ts": extensionIndexTemplate(),
+    "src/helloWorld.ts": helloWorldTemplate(),
+    "README.md": readmeTemplate(packageName)
   };
 }
 async function initExtension(options) {
@@ -197,6 +218,52 @@ async function initExtension(options) {
   return { targetPath, filesCreated };
 }
 
+// src/utils/cli/help.ts
+function printHelp(bin = "agent-tool") {
+  process.stdout.write(`
+Usage: ${bin} <command> [options] [args]
+
+Primary commands:
+  ls                      List all tools (scope, name, description).
+  describe <tool path>    Show tool details (schema, capabilities, etc.).
+  run <tool path> [params] Run a tool. Params: JSON, e.g. '{"path":"README.md"}'
+  start mcp                Start MCP server (default: Streamable HTTP; use --stdio for stdio).
+  start http               Start OpenAPI HTTP server (API + Swagger).
+
+Other commands:
+  init [extension name]   Create extension scaffold (folder + src + hello-world + generate-manifest + index + package.json). With no name: create MCP project in --path. Then: cd <folder> && npm install && npm run build.
+  build                   Scan folder for @tool / SKILL / n8n, generate MCP npm package.
+  serve                   Start the generated MCP server (stdio) for testing.
+  list                    Alias for ls.
+  show <tool>             Alias for describe.
+  help                    Show this help.
+
+Options:
+  --path, -p <path>       For init/build/serve: path (default: cwd).
+  --scope, -s <scope>     For init [extension name]: npm package scope (e.g. wallee \u2192 @wallee/<name>).
+  --out, -o <path>        For build: output directory.
+  --include, -i <glob>    For build: glob for TS files.
+  --include-n8n           For build: include n8n workflow tools.
+  --verbose, -v            Print step logs (config load, cache, tools registered).
+  --stdio                  For start mcp: use stdio transport (default: Streamable HTTP).
+  --port <number>         For start mcp/http: port (default: 3000).
+  --host <string>         For start mcp/http: host (default: 127.0.0.1).
+  --help, -h              Show this help.
+
+Examples:
+  ${bin} ls
+  ${bin} describe core.fs.readText
+  ${bin} run core.fs.readText '{"path":"README.md"}'
+  ${bin} start mcp
+  ${bin} start mcp --stdio
+  ${bin} start http --port 3000
+  ${bin} build --path . --out dist
+  ${bin} init my-extension
+
+For agent run (ReAct + agent.yaml): npx @easynet/agent-orchestra run "task" -c agent.yaml
+`);
+}
+
 // src/utils/cli/index.ts
 var DEFAULT_CORE_CONFIG = {
   sandboxRoot: process.cwd(),
@@ -207,10 +274,10 @@ async function getRuntimeWithTools(pathOpt, verbose = false) {
   const stepLog = verbose ? (msg) => process.stderr.write(`[agent-tool] ${msg}
 `) : void 0;
   if (stepLog) stepLog(`Loading tool config from ${searchDir}`);
-  const config = chunkHK4GTFTQ_cjs.findAndLoadToolConfig(searchDir);
+  const config = chunkM2GEHWPN_cjs.findAndLoadToolConfig(searchDir);
   let sandboxRoot = cwd;
   if (config.sandboxedPath && typeof config.sandboxedPath === "string" && config.configPath) {
-    sandboxRoot = chunkHK4GTFTQ_cjs.resolveSandboxedPath(config.configPath, config.sandboxedPath);
+    sandboxRoot = chunkM2GEHWPN_cjs.resolveSandboxedPath(config.configPath, config.sandboxedPath);
   }
   if (stepLog) {
     if (config.configPath) {
@@ -225,7 +292,7 @@ async function getRuntimeWithTools(pathOpt, verbose = false) {
     enableSandboxValidation: config.enableSandboxValidation ?? DEFAULT_CORE_CONFIG.enableSandboxValidation,
     allowedHosts: []
   };
-  const result = await chunkHK4GTFTQ_cjs.createRuntimeFromConfig({
+  const result = await chunkM2GEHWPN_cjs.createRuntimeFromConfig({
     coreTools: coreConfig,
     configFilePath: config.configPath,
     stepLog
@@ -313,51 +380,6 @@ function parseArgv(argv) {
   }
   return { command, startSub, help, verbose, mcpStdio, pathOpt, extensionName, scope, outDir, include, includeN8n, toolName, toolArgsJson, port, host };
 }
-function printHelp() {
-  const bin = "agent-tool";
-  process.stdout.write(`
-Usage: ${bin} <command> [options] [args]
-
-Primary commands:
-  ls                      List all tools (scope, name, description).
-  describe <tool path>    Show tool details (schema, capabilities, etc.).
-  run <tool path> [params] Run a tool. Params: JSON, e.g. '{"path":"README.md"}'
-  start mcp                Start MCP server (default: Streamable HTTP; use --stdio for stdio).
-  start http               Start OpenAPI HTTP server (API + Swagger).
-
-Other commands:
-  init [extension name]   Create extension scaffold (folder + src + hello-world + generate-manifest + index + package.json). With no name: create MCP project in --path. Then: cd <folder> && npm install && npm run build.
-  build                   Scan folder for @tool / SKILL / n8n, generate MCP npm package.
-  serve                   Start the generated MCP server (stdio) for testing.
-  list                    Alias for ls.
-  show <tool>             Alias for describe.
-  help                    Show this help.
-
-Options:
-  --path, -p <path>       For init/build/serve: path (default: cwd).
-  --scope, -s <scope>     For init [extension name]: npm package scope (e.g. wallee \u2192 @wallee/<name>).
-  --out, -o <path>        For build: output directory.
-  --include, -i <glob>    For build: glob for TS files.
-  --include-n8n           For build: include n8n workflow tools.
-  --verbose, -v            Print step logs (config load, cache, tools registered).
-  --stdio                  For start mcp: use stdio transport (default: Streamable HTTP).
-  --port <number>         For start mcp/http: port (default: 3000).
-  --host <string>         For start mcp/http: host (default: 127.0.0.1).
-  --help, -h              Show this help.
-
-Examples:
-  ${bin} ls
-  ${bin} describe core.fs.readText
-  ${bin} run core.fs.readText '{"path":"README.md"}'
-  ${bin} start mcp
-  ${bin} start mcp --stdio
-  ${bin} start http --port 3000
-  ${bin} build --path . --out dist
-  ${bin} init my-extension
-
-For agent run (ReAct + agent.yaml): npx @easynet/agent-orchestra run "task" -c agent.yaml
-`);
-}
 async function cmdInitExtension(extensionName, pathOpt, scope) {
   try {
     const parentDir = pathOpt ? path2__namespace.default.resolve(process.cwd(), pathOpt) : void 0;
@@ -434,7 +456,7 @@ var LS_DESC_MAX = 72;
 function formatLsOutput(specs) {
   const rows = specs.map((spec) => {
     const { name } = parseToolName(spec.name);
-    const scope = chunkHK4GTFTQ_cjs.getDisplayScope(spec.name, spec.kind, spec.version);
+    const scope = chunkM2GEHWPN_cjs.getDisplayScope(spec.name, spec.kind, spec.version);
     const desc = (spec.description ?? "").replace(/\n/g, " ").trim().slice(0, LS_DESC_MAX);
     return { scope, name, description: desc || "(no description)" };
   });
@@ -461,7 +483,7 @@ function formatLsOutput(specs) {
 }
 function formatDescribeOutput(spec) {
   const { name: localName } = parseToolName(spec.name);
-  const scope = chunkHK4GTFTQ_cjs.getDisplayScope(spec.name, spec.kind, spec.version);
+  const scope = chunkM2GEHWPN_cjs.getDisplayScope(spec.name, spec.kind, spec.version);
   const sections = [];
   sections.push("\u250C\u2500 Tool");
   sections.push(`\u2502  name:        ${spec.name}`);
@@ -497,7 +519,7 @@ async function cmdLs(pathOpt, verbose = false) {
       process.stdout.write("No tools registered.\n");
       const cwd = process.cwd();
       const searchDir = path2__namespace.default.resolve(cwd, pathOpt ?? ".");
-      const config = chunkHK4GTFTQ_cjs.findAndLoadToolConfig(searchDir);
+      const config = chunkM2GEHWPN_cjs.findAndLoadToolConfig(searchDir);
       const hasNpmTools = Array.isArray(config.tools) && config.tools.some((t) => typeof t === "string" && t.startsWith("npm:"));
       if (hasNpmTools) {
         process.stdout.write(
@@ -522,7 +544,7 @@ async function cmdDescribe(toolName, pathOpt, verbose = false) {
   }
   try {
     const { registry } = await getRuntimeWithTools(pathOpt, verbose);
-    const registryName = chunkHK4GTFTQ_cjs.resolveToolDescriptor(toolName.trim());
+    const registryName = chunkM2GEHWPN_cjs.resolveToolDescriptor(toolName.trim());
     const spec = registry.get(registryName);
     if (!spec) {
       process.stderr.write(`Tool not found: ${toolName}
@@ -571,7 +593,7 @@ async function cmdRun(toolName, toolArgsJson, pathOpt, verbose = false) {
   }
   try {
     const { runtime, registry } = await getRuntimeWithTools(pathOpt, verbose);
-    const registryName = chunkHK4GTFTQ_cjs.resolveToolDescriptor(toolName.trim());
+    const registryName = chunkM2GEHWPN_cjs.resolveToolDescriptor(toolName.trim());
     if (!registry.get(registryName)) {
       process.stderr.write(`Tool not found: ${toolName}
 `);
@@ -599,10 +621,10 @@ async function cmdStartMcp(pathOpt, verbose = false, stdio = false, port = 3e3,
   try {
     const { runtime } = await getRuntimeWithTools(pathOpt, verbose);
     if (stdio) {
-      await chunkHK4GTFTQ_cjs.runMCPServerOverStdio(runtime);
+      await chunkM2GEHWPN_cjs.runMCPServerOverStdio(runtime);
       return 0;
     }
-    const streamable = await chunkHK4GTFTQ_cjs.createMCPServerStreamableHttp(runtime, { port, host, path: "/mcp" });
+    const streamable = await chunkM2GEHWPN_cjs.createMCPServerStreamableHttp(runtime, { port, host, path: "/mcp" });
     const { url, port: actualPort } = await streamable.listen(port, host);
     process.stdout.write(`MCP Streamable HTTP: ${url}
 `);
@@ -618,7 +640,7 @@ async function cmdStartMcp(pathOpt, verbose = false, stdio = false, port = 3e3,
 async function cmdStartHttp(port, host, pathOpt, verbose = false) {
   try {
     const { runtime } = await getRuntimeWithTools(pathOpt, verbose);
-    const http = await chunkHK4GTFTQ_cjs.createHttpService(runtime);
+    const http = await chunkM2GEHWPN_cjs.createHttpService(runtime);
     const { port: actualPort, host: actualHost } = await http.listen({ port, host });
     const base = `http://${actualHost}:${actualPort}`;
     process.stdout.write(`API: ${base}/invoke (POST), ${base}/tools (GET)