@elizaos/plugin-shell 2.0.0-alpha.9 → 2.0.11-beta.7

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 ElizaOS Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE. 

package/README.md

@@ -0,0 +1,111 @@
+# @elizaos/plugin-shell
+
+Shell command execution plugin for elizaOS. Adds sandboxed shell access, PTY support, background session management, command approval, and shell history to an Eliza agent.
+
+## What it does
+
+- Executes shell commands restricted to a configured directory (`SHELL_ALLOWED_DIRECTORY`).
+- Supports interactive terminal applications via PTY (`@lydell/node-pty`, optional).
+- Runs long commands in the background with named sessions; poll, send-keys, paste, and kill them later.
+- Maintains per-conversation command history with stdout/stderr/exit-code capture.
+- Provides the `SHELL_HISTORY` context provider so the agent always knows its cwd and recent commands.
+- Provides `ExecApprovalService` to gate commands through an allowlist and user-approval flow.
+
+The agent-facing `SHELL` action that exposes shell execution is in `@elizaos/plugin-coding-tools`, which consumes this plugin's services. Its `action` parameter (list/poll/kill/etc.) drives `ShellService.processAction()`.
+
+## Installation
+
+```bash
+bun add @elizaos/plugin-shell
+```
+
+## Configuration
+
+```bash
+# Required — commands cannot execute outside this directory
+SHELL_ALLOWED_DIRECTORY=/path/to/safe/workspace
+
+# Optional
+SHELL_TIMEOUT=30000                  # per-command timeout ms (simple executeCommand)
+SHELL_FORBIDDEN_COMMANDS=rm,mv       # comma-separated additions to the default blocklist
+SHELL_MAX_OUTPUT_CHARS=200000        # max captured output chars per session
+SHELL_BACKGROUND_MS=10000            # yield window before auto-backgrounding (ms)
+SHELL_ALLOW_BACKGROUND=true          # set "false" to disable background execution
+SHELL_JOB_TTL_MS=1800000            # finished session record TTL (ms)
+```
+
+`SHELL_ALLOWED_DIRECTORY` must point to an existing directory. The service throws at start if it is missing.
+
+## Enabling
+
+Auto-enabled when `config.features.shell` is truthy. Not available on iOS, `ELIZA_BUILD_VARIANT=store` builds, or Android unless `ELIZA_RUNTIME_MODE=local-yolo`.
+
+To enable explicitly in a character file:
+
+```typescript
+import shellPlugin from "@elizaos/plugin-shell";
+
+const character = {
+  plugins: [shellPlugin],
+};
+```
+
+## Security
+
+- All commands execute within `SHELL_ALLOWED_DIRECTORY`. Path traversal and absolute paths outside the boundary are rejected.
+- A built-in blocklist prevents the most destructive commands (see `DEFAULT_FORBIDDEN_COMMANDS` in `utils/config.ts`).
+- Additional forbidden commands can be added via `SHELL_FORBIDDEN_COMMANDS`.
+- Commands time out automatically. Output is capped at `SHELL_MAX_OUTPUT_CHARS`.
+- `ExecApprovalService` can gate commands through an allowlist + user approval before execution.
+- Local execution is disabled in cloud mode (`isCloudExecutionMode`).
+
+## Process actions
+
+Background sessions support these operations via `ShellService.processAction()`:
+
+| Action | Description |
+|---|---|
+| `list` | List all running and finished sessions |
+| `poll` | Drain new output from a running session |
+| `log` | Read session output with offset/limit pagination |
+| `write` | Write raw data to session stdin |
+| `send-keys` | Send terminal key sequences (arrows, ctrl+c, etc.) |
+| `submit` | Send carriage return (Enter) |
+| `paste` | Paste text with bracketed paste mode |
+| `kill` | Kill a running session |
+| `clear` | Remove a finished session record |
+| `remove` | Kill (if running) and remove a session |
+
+## Usage from code
+
+```typescript
+import { ShellService } from "@elizaos/plugin-shell";
+
+// Simple synchronous execution
+const shellService = runtime.getService<ShellService>("shell");
+const result = await shellService.executeCommand("ls -la", conversationId);
+
+// Advanced: PTY + background
+const execResult = await shellService.exec("bun install", {
+  pty: true,
+  yieldMs: 5000,   // background after 5 s if still running
+  timeout: 300,    // 5-minute hard timeout (seconds)
+  workdir: "/project",
+});
+
+if (execResult.status === "running") {
+  // Poll later
+  const poll = await shellService.processAction({
+    action: "poll",
+    sessionId: execResult.sessionId,
+  });
+}
+```
+
+## Development
+
+```bash
+bun run --cwd plugins/plugin-shell build    # build dist/
+bun run --cwd plugins/plugin-shell test     # vitest
+bun run --cwd plugins/plugin-shell dev      # hot-reload build
+```

package/auto-enable.ts

@@ -0,0 +1,37 @@
+// Auto-enable check for @elizaos/plugin-shell.
+//
+// Plugin manifest entry-point — referenced by package.json's
+// `elizaos.plugin.autoEnableModule`. Keep this module light: env reads only,
+// no service init, no transitive imports of the full plugin runtime. The
+// auto-enable engine loads dozens of these per boot.
+import type { PluginAutoEnableContext } from "@elizaos/core";
+
+function isFeatureEnabled(config: PluginAutoEnableContext["config"], key: string): boolean {
+  const f = (config.features as Record<string, unknown> | undefined)?.[key];
+  if (f === true) return true;
+  if (f && typeof f === "object" && f !== null) {
+    return (f as Record<string, unknown>).enabled !== false;
+  }
+  return false;
+}
+
+function terminalSupportedByEnv(ctx: PluginAutoEnableContext): boolean {
+  const env = ctx.env;
+  const variant = (env.ELIZA_BUILD_VARIANT ?? "").trim().toLowerCase();
+  if (variant === "store") return false;
+
+  const platform = env.ELIZA_PLATFORM?.trim().toLowerCase();
+  const mobile =
+    platform === "android" || platform === "ios" || Boolean(env.ANDROID_ROOT || env.ANDROID_DATA);
+  if (!mobile) return true;
+
+  const mode = (env.ELIZA_RUNTIME_MODE ?? env.RUNTIME_MODE ?? env.LOCAL_RUNTIME_MODE ?? "")
+    .trim()
+    .toLowerCase();
+  return platform === "android" && mode === "local-yolo";
+}
+
+/** Enable when `config.features.shell` is truthy / not explicitly disabled. */
+export function shouldEnable(ctx: PluginAutoEnableContext): boolean {
+  return isFeatureEnabled(ctx.config, "shell") && terminalSupportedByEnv(ctx);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elizaos/plugin-shell",
-  "version": "2.0.0-alpha.9",
+  "version": "2.0.11-beta.7",
   "description": "Shell history and observability plugin for ElizaOS",
   "type": "module",
   "main": "dist/index.js",
@@ -15,13 +15,30 @@
     "./package.json": "./package.json",
     ".": {
       "types": "./dist/index.d.ts",
+      "bun": "./index.ts",
+      "development": "./index.ts",
       "import": "./dist/index.js",
       "default": "./dist/index.js"
+    },
+    "./*.css": "./dist/*.css",
+    "./*": {
+      "types": "./dist/*.d.ts",
+      "import": "./dist/*.js",
+      "default": "./dist/*.js"
     }
   },
   "files": [
-    "dist"
+    "dist",
+    "auto-enable.ts"
   ],
+  "elizaos": {
+    "plugin": {
+      "autoEnableModule": "./auto-enable.ts",
+      "capabilities": [
+        "shell-access"
+      ]
+    }
+  },
   "keywords": [
     "eliza",
     "plugin",
@@ -33,23 +50,43 @@
   "author": "elizaOS",
   "license": "MIT",
   "dependencies": {
-    "@elizaos/core": "next",
+    "@elizaos/core": "2.0.11-beta.7",
+    "@elizaos/shared": "2.0.11-beta.7",
     "cross-spawn": "^7.0.6",
-    "zod": "^4.3.6"
+    "zod": "^4.4.3"
   },
   "optionalDependencies": {
     "@lydell/node-pty": "^1.1.0"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.3.11",
+    "@biomejs/biome": "^2.4.14",
     "@types/cross-spawn": "^6.0.6",
     "@types/node": "^25.0.3",
-    "typescript": "^5.9.3",
+    "bun-types": "^1.2.25",
+    "typescript": "^6.0.3",
     "vitest": "^4.0.0"
   },
+  "scripts": {
+    "build": "bun run build.ts",
+    "build:ts": "bun run build.ts",
+    "dev": "bun --hot build.ts",
+    "clean": "rm -rf dist .turbo",
+    "test": "vitest run",
+    "typecheck": "tsgo --noEmit -p tsconfig.json",
+    "lint": "bunx @biomejs/biome check .",
+    "lint:check": "bun run lint",
+    "format": "bunx @biomejs/biome format --write .",
+    "format:check": "bunx @biomejs/biome format ."
+  },
   "publishConfig": {
     "access": "public"
   },
+  "resolutions": {
+    "@noble/hashes": "2.2.0"
+  },
+  "overrides": {
+    "@noble/hashes": "2.2.0"
+  },
   "agentConfig": {
     "pluginType": "elizaos:plugin:1.0.0",
     "pluginParameters": {
@@ -102,7 +139,7 @@
       }
     }
   },
-  "milady": {
+  "eliza": {
     "platforms": [
       "node"
     ],
@@ -111,16 +148,5 @@
       "node": "Default export (Node.js)"
     }
   },
-  "scripts": {
-    "build": "bun run build.ts",
-    "build:ts": "bun run build.ts",
-    "dev": "bun --hot build.ts",
-    "clean": "rm -rf dist .turbo node_modules",
-    "test": "vitest run",
-    "typecheck": "echo \"Typecheck skipped for release\"",
-    "lint": "echo \"Lint skipped for release\"",
-    "lint:check": "bun run lint",
-    "format": "bunx @biomejs/biome format --write .",
-    "format:check": "bunx @biomejs/biome format ."
-  }
-}
+  "gitHead": "cdbc876f793d96073d7eb0d09715a031ce0cd32e"
+}

package/dist/actions/clearHistory.d.ts

@@ -1,4 +0,0 @@
-import { type Action } from "@elizaos/core";
-export declare const clearHistory: Action;
-export default clearHistory;
-//# sourceMappingURL=clearHistory.d.ts.map

package/dist/actions/clearHistory.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"clearHistory.d.ts","sourceRoot":"","sources":["../../actions/clearHistory.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,KAAK,MAAM,EASX,MAAM,eAAe,CAAC;AAMvB,eAAO,MAAM,YAAY,EAAE,MAsG1B,CAAC;AAEF,eAAe,YAAY,CAAC"}

package/dist/actions/index.d.ts

@@ -1,2 +0,0 @@
-export { clearHistory } from "./clearHistory";
-//# sourceMappingURL=index.d.ts.map

package/dist/actions/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../actions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/approvals/allowlist.d.ts

@@ -1,76 +0,0 @@
-/**
- * Allowlist Management
- *
- * Functions for managing the exec approval allowlist.
- * Handles loading, saving, and modifying allowlist entries.
- */
-import type { CommandResolution, ExecAllowlistEntry, ExecApprovalsDefaults, ExecApprovalsFile, ExecApprovalsResolved, ExecApprovalsSnapshot, ExecAsk, ExecSecurity } from "./types";
-/**
- * Get the default approval file path
- */
-export declare function getApprovalFilePath(): string;
-/**
- * Get the default socket path
- */
-export declare function getApprovalSocketPath(): string;
-/**
- * Normalize approval configuration file
- */
-export declare function normalizeApprovals(file: ExecApprovalsFile): ExecApprovalsFile;
-/**
- * Read approval configuration snapshot
- */
-export declare function readApprovalsSnapshot(): ExecApprovalsSnapshot;
-/**
- * Load approval configuration
- */
-export declare function loadApprovals(): ExecApprovalsFile;
-/**
- * Save approval configuration
- * @throws Error if file cannot be written
- */
-export declare function saveApprovals(file: ExecApprovalsFile): void;
-/**
- * Ensure approval configuration exists with socket/token
- * @throws Error if configuration cannot be loaded or saved
- */
-export declare function ensureApprovals(): ExecApprovalsFile;
-/**
- * Resolve approval configuration for an agent
- * @throws Error if configuration cannot be loaded or saved
- */
-export declare function resolveApprovals(agentId?: string, overrides?: Partial<ExecApprovalsDefaults>): ExecApprovalsResolved;
-/**
- * Resolve approval configuration from a loaded file
- */
-export declare function resolveApprovalsFromFile(params: {
-    file: ExecApprovalsFile;
-    agentId?: string;
-    overrides?: Partial<ExecApprovalsDefaults>;
-    path?: string;
-    socketPath?: string;
-    token?: string;
-}): ExecApprovalsResolved;
-/**
- * Match command against allowlist
- */
-export declare function matchAllowlist(entries: ExecAllowlistEntry[], resolution: CommandResolution | null): ExecAllowlistEntry | null;
-/**
- * Record allowlist usage
- * @returns true if successful, false if save failed
- */
-export declare function recordAllowlistUse(approvals: ExecApprovalsFile, agentId: string | undefined, entry: ExecAllowlistEntry, command: string, resolvedPath?: string): boolean;
-/**
- * Add a new allowlist entry
- * @returns true if entry was added, false if already exists or save failed
- */
-export declare function addAllowlistEntry(approvals: ExecApprovalsFile, agentId: string | undefined, pattern: string): boolean;
-/**
- * Get minimum security level
- */
-export declare function minSecurity(a: ExecSecurity, b: ExecSecurity): ExecSecurity;
-/**
- * Get maximum ask level
- */
-export declare function maxAsk(a: ExecAsk, b: ExecAsk): ExecAsk;
-//# sourceMappingURL=allowlist.d.ts.map

package/dist/approvals/allowlist.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"allowlist.d.ts","sourceRoot":"","sources":["../../approvals/allowlist.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EACX,iBAAiB,EACjB,kBAAkB,EAElB,qBAAqB,EACrB,iBAAiB,EACjB,qBAAqB,EACrB,qBAAqB,EACrB,OAAO,EACP,YAAY,EACZ,MAAM,SAAS,CAAC;AAgCjB;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAE5C;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,CAE9C;AAmED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,iBAAiB,GAAG,iBAAiB,CAqC7E;AASD;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,qBAAqB,CA8C7D;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,iBAAiB,CAyCjD;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,iBAAiB,GAAG,IAAI,CAsB3D;AAED;;;GAGG;AACH,wBAAgB,eAAe,IAAI,iBAAiB,CAiCnD;AAyBD;;;GAGG;AACH,wBAAgB,gBAAgB,CAC/B,OAAO,CAAC,EAAE,MAAM,EAChB,SAAS,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC,GACxC,qBAAqB,CAuBvB;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE;IAChD,IAAI,EAAE,iBAAiB,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CACf,GAAG,qBAAqB,CA+DxB;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC7B,OAAO,EAAE,kBAAkB,EAAE,EAC7B,UAAU,EAAE,iBAAiB,GAAG,IAAI,GAClC,kBAAkB,GAAG,IAAI,CAqB3B;AAqFD;;;GAGG;AACH,wBAAgB,kBAAkB,CACjC,SAAS,EAAE,iBAAiB,EAC5B,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,KAAK,EAAE,kBAAkB,EACzB,OAAO,EAAE,MAAM,EACf,YAAY,CAAC,EAAE,MAAM,GACnB,OAAO,CA+BT;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAChC,SAAS,EAAE,iBAAiB,EAC5B,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,OAAO,EAAE,MAAM,GACb,OAAO,CA8CT;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,GAAG,YAAY,CAO1E;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,GAAG,OAAO,CAGtD"}

package/dist/approvals/analysis.d.ts

@@ -1,76 +0,0 @@
-/**
- * Command Analysis
- *
- * Functions for analyzing shell commands for security evaluation.
- * Parses commands, resolves executables, and evaluates against allowlists.
- */
-import type { CommandResolution, ExecAllowlistAnalysis, ExecAllowlistEntry, ExecAllowlistEvaluation, ExecCommandAnalysis } from "./types";
-/**
- * Resolve command to executable info
- */
-export declare function resolveCommandResolution(command: string, cwd?: string, env?: NodeJS.ProcessEnv): CommandResolution | null;
-/**
- * Resolve command from argv
- */
-export declare function resolveCommandFromArgv(argv: string[], cwd?: string, env?: NodeJS.ProcessEnv): CommandResolution | null;
-/**
- * Analyze a shell command
- */
-export declare function analyzeShellCommand(params: {
-    command: string;
-    cwd?: string;
-    env?: NodeJS.ProcessEnv;
-    platform?: string | null;
-}): ExecCommandAnalysis;
-/**
- * Normalize safe bins set
- */
-export declare function normalizeSafeBins(entries?: string[]): Set<string>;
-/**
- * Resolve safe bins with defaults
- */
-export declare function resolveSafeBins(entries?: string[] | null): Set<string>;
-/**
- * Check if command is safe bin usage (no file args)
- */
-export declare function isSafeBinUsage(params: {
-    argv: string[];
-    resolution: CommandResolution | null;
-    safeBins: Set<string>;
-    cwd?: string;
-    fileExists?: (filePath: string) => boolean;
-}): boolean;
-/**
- * Evaluate command against allowlist
- */
-export declare function evaluateExecAllowlist(params: {
-    analysis: ExecCommandAnalysis;
-    allowlist: ExecAllowlistEntry[];
-    safeBins: Set<string>;
-    cwd?: string;
-    skillBins?: Set<string>;
-    autoAllowSkills?: boolean;
-}): ExecAllowlistEvaluation;
-/**
- * Evaluate shell command for allowlist (combined analysis + evaluation)
- */
-export declare function evaluateShellAllowlist(params: {
-    command: string;
-    allowlist: ExecAllowlistEntry[];
-    safeBins: Set<string>;
-    cwd?: string;
-    env?: NodeJS.ProcessEnv;
-    skillBins?: Set<string>;
-    autoAllowSkills?: boolean;
-    platform?: string | null;
-}): ExecAllowlistAnalysis;
-/**
- * Check if approval is required
- */
-export declare function requiresExecApproval(params: {
-    ask: "off" | "on-miss" | "always";
-    security: "deny" | "allowlist" | "full";
-    analysisOk: boolean;
-    allowlistSatisfied: boolean;
-}): boolean;
-//# sourceMappingURL=analysis.d.ts.map

package/dist/approvals/analysis.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"analysis.d.ts","sourceRoot":"","sources":["../../approvals/analysis.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EACX,iBAAiB,EACjB,qBAAqB,EACrB,kBAAkB,EAClB,uBAAuB,EACvB,mBAAmB,EAEnB,MAAM,SAAS,CAAC;AAgJjB;;GAEG;AACH,wBAAgB,wBAAwB,CACvC,OAAO,EAAE,MAAM,EACf,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,GACrB,iBAAiB,GAAG,IAAI,CAU1B;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CACrC,IAAI,EAAE,MAAM,EAAE,EACd,GAAG,CAAC,EAAE,MAAM,EACZ,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,GACrB,iBAAiB,GAAG,IAAI,CAU1B;AAsQD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE;IAC3C,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,GAAG,mBAAmB,CAqDtB;AA4KD;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,CAMjE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,CAKtE;AA6BD;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE;IACtC,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,UAAU,EAAE,iBAAiB,GAAG,IAAI,CAAC;IACrC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC;CAC3C,GAAG,OAAO,CAyCV;AAwED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC7C,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,SAAS,EAAE,kBAAkB,EAAE,CAAC;IAChC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC1B,GAAG,uBAAuB,CAuC1B;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE;IAC9C,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,kBAAkB,EAAE,CAAC;IAChC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;IACxB,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,GAAG,qBAAqB,CAwFxB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE;IAC5C,GAAG,EAAE,KAAK,GAAG,SAAS,GAAG,QAAQ,CAAC;IAClC,QAAQ,EAAE,MAAM,GAAG,WAAW,GAAG,MAAM,CAAC;IACxC,UAAU,EAAE,OAAO,CAAC;IACpB,kBAAkB,EAAE,OAAO,CAAC;CAC5B,GAAG,OAAO,CAOV"}

package/dist/approvals/index.d.ts

@@ -1,12 +0,0 @@
-/**
- * Exec Approvals Module
- *
- * Command execution approval system for plugin-shell.
- * Provides allowlist management, command analysis, and approval workflows.
- */
-export { addAllowlistEntry, ensureApprovals, getApprovalFilePath, getApprovalSocketPath, loadApprovals, matchAllowlist, maxAsk, minSecurity, normalizeApprovals, readApprovalsSnapshot, recordAllowlistUse, resolveApprovals, resolveApprovalsFromFile, saveApprovals, } from "./allowlist";
-export { analyzeShellCommand, evaluateExecAllowlist, evaluateShellAllowlist, isSafeBinUsage, normalizeSafeBins, requiresExecApproval, resolveCommandFromArgv, resolveCommandResolution, resolveSafeBins, } from "./analysis";
-export { type CommandCheckResult, ExecApprovalService } from "./service";
-export type { CommandResolution, ExecAllowlistAnalysis, ExecAllowlistEntry, ExecAllowlistEvaluation, ExecApprovalDecision, ExecApprovalRequest, ExecApprovalResult, ExecApprovalsAgent, ExecApprovalsDefaults, ExecApprovalsFile, ExecApprovalsResolved, ExecApprovalsSnapshot, ExecAsk, ExecCommandAnalysis, ExecCommandSegment, ExecHost, ExecSecurity, } from "./types";
-export { DEFAULT_SAFE_BINS, EXEC_APPROVAL_DEFAULTS } from "./types";
-//# sourceMappingURL=index.d.ts.map

package/dist/approvals/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../approvals/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACN,iBAAiB,EACjB,eAAe,EACf,mBAAmB,EACnB,qBAAqB,EACrB,aAAa,EACb,cAAc,EACd,MAAM,EACN,WAAW,EACX,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,gBAAgB,EAChB,wBAAwB,EACxB,aAAa,GACb,MAAM,aAAa,CAAC;AAErB,OAAO,EACN,mBAAmB,EACnB,qBAAqB,EACrB,sBAAsB,EACtB,cAAc,EACd,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,EACtB,wBAAwB,EACxB,eAAe,GACf,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,KAAK,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAEzE,YAAY,EACX,iBAAiB,EACjB,qBAAqB,EACrB,kBAAkB,EAClB,uBAAuB,EACvB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,qBAAqB,EACrB,qBAAqB,EACrB,OAAO,EACP,mBAAmB,EACnB,kBAAkB,EAClB,QAAQ,EACR,YAAY,GACZ,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,SAAS,CAAC"}

package/dist/approvals/service.d.ts

@@ -1,121 +0,0 @@
-/**
- * ExecApprovalService
- *
- * Service for managing command execution approvals in plugin-shell.
- * Integrates with Eliza's ApprovalService for approval UI,
- * and provides allowlist management and command analysis.
- *
- * @example
- * ```typescript
- * const approvalService = runtime.getService('exec_approval') as ExecApprovalService;
- *
- * // Check if command needs approval
- * const check = await approvalService.checkCommand({
- *   command: 'rm -rf /tmp/cache',
- *   cwd: '/home/user',
- *   roomId: message.roomId,
- * });
- *
- * if (check.requiresApproval) {
- *   const result = await approvalService.requestApproval(check.request);
- *   if (result.decision === 'deny') {
- *     return { error: 'Command denied' };
- *   }
- *   if (result.decision === 'allow-always') {
- *     await approvalService.addToAllowlist(command);
- *   }
- * }
- * ```
- */
-import type { IAgentRuntime, UUID } from "@elizaos/core";
-import { Service } from "@elizaos/core";
-import type { ExecAllowlistEntry, ExecApprovalDecision, ExecApprovalRequest, ExecApprovalResult, ExecApprovalsResolved, ExecCommandAnalysis } from "./types";
-/**
- * Command check result
- */
-export interface CommandCheckResult {
-    /** Whether the command can be executed */
-    allowed: boolean;
-    /** Whether approval is required */
-    requiresApproval: boolean;
-    /** Reason for denial (if not allowed and no approval needed) */
-    reason?: string;
-    /** Approval request (if approval required) */
-    request?: ExecApprovalRequest;
-    /** Command analysis result */
-    analysis: ExecCommandAnalysis;
-    /** Matching allowlist entries */
-    allowlistMatches: ExecAllowlistEntry[];
-}
-/**
- * ExecApprovalService provides command execution approval management.
- */
-export declare class ExecApprovalService extends Service {
-    static serviceType: string;
-    capabilityDescription: string;
-    private approvalConfig;
-    private safeBins;
-    private skillBins;
-    constructor(runtime?: IAgentRuntime);
-    /**
-     * Start the ExecApprovalService
-     */
-    static start(runtime: IAgentRuntime): Promise<Service>;
-    /**
-     * Stop the ExecApprovalService
-     */
-    stop(): Promise<void>;
-    /**
-     * Load/reload configuration
-     */
-    loadConfig(agentId?: string): ExecApprovalsResolved;
-    /**
-     * Get current configuration
-     */
-    getConfig(): ExecApprovalsResolved;
-    /**
-     * Set safe binaries that don't need approval
-     */
-    setSafeBins(bins: string[]): void;
-    /**
-     * Set skill binaries that are auto-allowed
-     */
-    setSkillBins(bins: string[]): void;
-    /**
-     * Check if a command is allowed to execute
-     */
-    checkCommand(params: {
-        command: string;
-        cwd?: string;
-        roomId: UUID;
-        env?: NodeJS.ProcessEnv;
-        agentId?: string;
-    }): Promise<CommandCheckResult>;
-    /**
-     * Request approval for a command
-     */
-    requestApproval(request: ExecApprovalRequest): Promise<ExecApprovalResult>;
-    /**
-     * Request approval asynchronously (fire and forget with callbacks)
-     */
-    requestApprovalAsync(request: ExecApprovalRequest, callbacks?: {
-        onApproved?: (decision: ExecApprovalDecision) => Promise<void>;
-        onDenied?: () => Promise<void>;
-        onTimeout?: () => Promise<void>;
-    }): Promise<UUID>;
-    /**
-     * Add a pattern to the allowlist
-     * @returns true if pattern was added successfully
-     */
-    addToAllowlist(pattern: string, agentId?: string): Promise<boolean>;
-    /**
-     * Cancel a pending approval
-     */
-    cancelApproval(taskId: UUID): Promise<void>;
-    /**
-     * Get all pending exec approvals for a room
-     */
-    getPendingApprovals(roomId: UUID): Promise<ExecApprovalRequest[]>;
-}
-export default ExecApprovalService;
-//# sourceMappingURL=service.d.ts.map

package/dist/approvals/service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../approvals/service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAQ,IAAI,EAAE,MAAM,eAAe,CAAC;AAC/D,OAAO,EAAgC,OAAO,EAAE,MAAM,eAAe,CAAC;AAyBtE,OAAO,KAAK,EACX,kBAAkB,EAClB,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,qBAAqB,EAErB,mBAAmB,EAEnB,MAAM,SAAS,CAAC;AAGjB;;GAEG;AACH,MAAM,WAAW,kBAAkB;IAClC,0CAA0C;IAC1C,OAAO,EAAE,OAAO,CAAC;IACjB,mCAAmC;IACnC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,gEAAgE;IAChE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,8CAA8C;IAC9C,OAAO,CAAC,EAAE,mBAAmB,CAAC;IAC9B,8BAA8B;IAC9B,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,iCAAiC;IACjC,gBAAgB,EAAE,kBAAkB,EAAE,CAAC;CACvC;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,OAAO;IAC/C,MAAM,CAAC,WAAW,SAAmB;IACrC,qBAAqB,SACuD;IAE5E,OAAO,CAAC,cAAc,CAAsC;IAC5D,OAAO,CAAC,QAAQ,CAAc;IAC9B,OAAO,CAAC,SAAS,CAAc;gBAEnB,OAAO,CAAC,EAAE,aAAa;IAMnC;;OAEG;WACU,KAAK,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;IAyC5D;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAO3B;;OAEG;IACH,UAAU,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,qBAAqB;IAKnD;;OAEG;IACH,SAAS,IAAI,qBAAqB;IAOlC;;OAEG;IACH,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI;IAIjC;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI;IAIlC;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE;QAC1B,OAAO,EAAE,MAAM,CAAC;QAChB,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,IAAI,CAAC;QACb,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;QACxB,OAAO,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA6I/B;;OAEG;IACG,eAAe,CACpB,OAAO,EAAE,mBAAmB,GAC1B,OAAO,CAAC,kBAAkB,CAAC;IAoE9B;;OAEG;IACG,oBAAoB,CACzB,OAAO,EAAE,mBAAmB,EAC5B,SAAS,CAAC,EAAE;QACX,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,oBAAoB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/D,QAAQ,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/B,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC;KAChC,GACC,OAAO,CAAC,IAAI,CAAC;IA2EhB;;;OAGG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAczE;;OAEG;IACG,cAAc,CAAC,MAAM,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjD;;OAEG;IACG,mBAAmB,CAAC,MAAM,EAAE,IAAI,GAAG,OAAO,CAAC,mBAAmB,EAAE,CAAC;CA2CvE;AAgBD,eAAe,mBAAmB,CAAC"}