@frontmcp/plugins 0.6.0 → 0.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/{src/cache → cache}/cache.types.d.ts +26 -3
- package/cache/index.js +412 -0
- package/{src/cache → cache}/providers/cache-memory.provider.d.ts +3 -3
- package/{src/cache → cache}/providers/cache-redis.provider.d.ts +3 -3
- package/cache/providers/cache-vercel-kv.provider.d.ts +24 -0
- package/codecall/index.js +2988 -0
- package/{src/codecall → codecall}/tools/invoke.schema.d.ts +6 -1
- package/esm/cache/index.mjs +395 -0
- package/esm/codecall/index.mjs +2959 -0
- package/esm/index.mjs +2951 -0
- package/esm/package.json +85 -0
- package/index.js +2973 -0
- package/package.json +49 -10
- package/src/cache/README.md +0 -186
- package/src/cache/cache.plugin.js +0 -135
- package/src/cache/cache.plugin.js.map +0 -1
- package/src/cache/cache.symbol.js +0 -5
- package/src/cache/cache.symbol.js.map +0 -1
- package/src/cache/cache.types.js +0 -3
- package/src/cache/cache.types.js.map +0 -1
- package/src/cache/index.js +0 -8
- package/src/cache/index.js.map +0 -1
- package/src/cache/providers/cache-memory.provider.js +0 -110
- package/src/cache/providers/cache-memory.provider.js.map +0 -1
- package/src/cache/providers/cache-redis.provider.js +0 -69
- package/src/cache/providers/cache-redis.provider.js.map +0 -1
- package/src/codecall/README.md +0 -999
- package/src/codecall/codecall.plugin.js +0 -152
- package/src/codecall/codecall.plugin.js.map +0 -1
- package/src/codecall/codecall.symbol.js +0 -4
- package/src/codecall/codecall.symbol.js.map +0 -1
- package/src/codecall/codecall.types.js +0 -262
- package/src/codecall/codecall.types.js.map +0 -1
- package/src/codecall/errors/index.js +0 -6
- package/src/codecall/errors/index.js.map +0 -1
- package/src/codecall/errors/tool-call.errors.js +0 -119
- package/src/codecall/errors/tool-call.errors.js.map +0 -1
- package/src/codecall/index.js +0 -8
- package/src/codecall/index.js.map +0 -1
- package/src/codecall/providers/code-call.config.js +0 -120
- package/src/codecall/providers/code-call.config.js.map +0 -1
- package/src/codecall/security/index.js +0 -7
- package/src/codecall/security/index.js.map +0 -1
- package/src/codecall/security/self-reference-guard.js +0 -70
- package/src/codecall/security/self-reference-guard.js.map +0 -1
- package/src/codecall/security/tool-access-control.service.js +0 -170
- package/src/codecall/security/tool-access-control.service.js.map +0 -1
- package/src/codecall/services/audit-logger.service.js +0 -322
- package/src/codecall/services/audit-logger.service.js.map +0 -1
- package/src/codecall/services/enclave.service.js +0 -214
- package/src/codecall/services/enclave.service.js.map +0 -1
- package/src/codecall/services/error-enrichment.service.js +0 -387
- package/src/codecall/services/error-enrichment.service.js.map +0 -1
- package/src/codecall/services/index.js +0 -13
- package/src/codecall/services/index.js.map +0 -1
- package/src/codecall/services/output-sanitizer.js +0 -260
- package/src/codecall/services/output-sanitizer.js.map +0 -1
- package/src/codecall/services/synonym-expansion.service.js +0 -374
- package/src/codecall/services/synonym-expansion.service.js.map +0 -1
- package/src/codecall/services/tool-search.service.js +0 -587
- package/src/codecall/services/tool-search.service.js.map +0 -1
- package/src/codecall/tools/describe.schema.js +0 -67
- package/src/codecall/tools/describe.schema.js.map +0 -1
- package/src/codecall/tools/describe.tool.js +0 -207
- package/src/codecall/tools/describe.tool.js.map +0 -1
- package/src/codecall/tools/execute.schema.js +0 -116
- package/src/codecall/tools/execute.schema.js.map +0 -1
- package/src/codecall/tools/execute.tool.js +0 -238
- package/src/codecall/tools/execute.tool.js.map +0 -1
- package/src/codecall/tools/index.js +0 -13
- package/src/codecall/tools/index.js.map +0 -1
- package/src/codecall/tools/invoke.schema.js +0 -27
- package/src/codecall/tools/invoke.schema.js.map +0 -1
- package/src/codecall/tools/invoke.tool.js +0 -70
- package/src/codecall/tools/invoke.tool.js.map +0 -1
- package/src/codecall/tools/search.schema.js +0 -60
- package/src/codecall/tools/search.schema.js.map +0 -1
- package/src/codecall/tools/search.tool.js +0 -108
- package/src/codecall/tools/search.tool.js.map +0 -1
- package/src/codecall/utils/describe.utils.js +0 -531
- package/src/codecall/utils/describe.utils.js.map +0 -1
- package/src/codecall/utils/index.js +0 -7
- package/src/codecall/utils/index.js.map +0 -1
- package/src/codecall/utils/mcp-result.js +0 -36
- package/src/codecall/utils/mcp-result.js.map +0 -1
- package/src/index.js +0 -9
- package/src/index.js.map +0 -1
- /package/{src/cache → cache}/cache.plugin.d.ts +0 -0
- /package/{src/cache → cache}/cache.symbol.d.ts +0 -0
- /package/{src/cache → cache}/index.d.ts +0 -0
- /package/{src/codecall → codecall}/codecall.plugin.d.ts +0 -0
- /package/{src/codecall → codecall}/codecall.symbol.d.ts +0 -0
- /package/{src/codecall → codecall}/codecall.types.d.ts +0 -0
- /package/{src/codecall → codecall}/errors/index.d.ts +0 -0
- /package/{src/codecall → codecall}/errors/tool-call.errors.d.ts +0 -0
- /package/{src/codecall → codecall}/index.d.ts +0 -0
- /package/{src/codecall → codecall}/providers/code-call.config.d.ts +0 -0
- /package/{src/codecall → codecall}/security/index.d.ts +0 -0
- /package/{src/codecall → codecall}/security/self-reference-guard.d.ts +0 -0
- /package/{src/codecall → codecall}/security/tool-access-control.service.d.ts +0 -0
- /package/{src/codecall → codecall}/services/audit-logger.service.d.ts +0 -0
- /package/{src/codecall → codecall}/services/enclave.service.d.ts +0 -0
- /package/{src/codecall → codecall}/services/error-enrichment.service.d.ts +0 -0
- /package/{src/codecall → codecall}/services/index.d.ts +0 -0
- /package/{src/codecall → codecall}/services/output-sanitizer.d.ts +0 -0
- /package/{src/codecall → codecall}/services/synonym-expansion.service.d.ts +0 -0
- /package/{src/codecall → codecall}/services/tool-search.service.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/describe.schema.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/describe.tool.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/execute.schema.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/execute.tool.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/index.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/invoke.tool.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/search.schema.d.ts +0 -0
- /package/{src/codecall → codecall}/tools/search.tool.d.ts +0 -0
- /package/{src/codecall → codecall}/utils/describe.utils.d.ts +0 -0
- /package/{src/codecall → codecall}/utils/index.d.ts +0 -0
- /package/{src/codecall → codecall}/utils/mcp-result.d.ts +0 -0
- /package/{src/index.d.ts → index.d.ts} +0 -0
|
@@ -1,322 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
// file: libs/plugins/src/codecall/services/audit-logger.service.ts
|
|
3
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
-
exports.AuditLoggerService = exports.AUDIT_EVENT_TYPES = void 0;
|
|
5
|
-
const tslib_1 = require("tslib");
|
|
6
|
-
const sdk_1 = require("@frontmcp/sdk");
|
|
7
|
-
/**
|
|
8
|
-
* Audit event types for CodeCall operations.
|
|
9
|
-
*/
|
|
10
|
-
exports.AUDIT_EVENT_TYPES = {
|
|
11
|
-
/** Script execution started */
|
|
12
|
-
EXECUTION_START: 'codecall:execution:start',
|
|
13
|
-
/** Script execution completed successfully */
|
|
14
|
-
EXECUTION_SUCCESS: 'codecall:execution:success',
|
|
15
|
-
/** Script execution failed */
|
|
16
|
-
EXECUTION_FAILURE: 'codecall:execution:failure',
|
|
17
|
-
/** Script execution timed out */
|
|
18
|
-
EXECUTION_TIMEOUT: 'codecall:execution:timeout',
|
|
19
|
-
/** Tool call initiated from script */
|
|
20
|
-
TOOL_CALL_START: 'codecall:tool:call:start',
|
|
21
|
-
/** Tool call completed successfully */
|
|
22
|
-
TOOL_CALL_SUCCESS: 'codecall:tool:call:success',
|
|
23
|
-
/** Tool call failed */
|
|
24
|
-
TOOL_CALL_FAILURE: 'codecall:tool:call:failure',
|
|
25
|
-
/** Self-reference attack blocked */
|
|
26
|
-
SECURITY_SELF_REFERENCE: 'codecall:security:self-reference',
|
|
27
|
-
/** Tool access denied */
|
|
28
|
-
SECURITY_ACCESS_DENIED: 'codecall:security:access-denied',
|
|
29
|
-
/** AST validation failed (blocked code pattern) */
|
|
30
|
-
SECURITY_AST_BLOCKED: 'codecall:security:ast-blocked',
|
|
31
|
-
/** Search performed */
|
|
32
|
-
SEARCH_PERFORMED: 'codecall:search:performed',
|
|
33
|
-
/** Tool described */
|
|
34
|
-
DESCRIBE_PERFORMED: 'codecall:describe:performed',
|
|
35
|
-
/** Direct invoke performed */
|
|
36
|
-
INVOKE_PERFORMED: 'codecall:invoke:performed',
|
|
37
|
-
};
|
|
38
|
-
/**
|
|
39
|
-
* Audit Logger Service
|
|
40
|
-
*
|
|
41
|
-
* Provides centralized audit logging for all CodeCall operations.
|
|
42
|
-
* Uses the SDK event emitter pattern for integration with external systems.
|
|
43
|
-
*
|
|
44
|
-
* Security considerations:
|
|
45
|
-
* - NEVER logs full scripts (only hashes)
|
|
46
|
-
* - NEVER logs tool inputs/outputs (only metadata)
|
|
47
|
-
* - NEVER logs sensitive error details (only sanitized messages)
|
|
48
|
-
* - All events include execution ID for correlation
|
|
49
|
-
*/
|
|
50
|
-
let AuditLoggerService = class AuditLoggerService {
|
|
51
|
-
listeners = new Set();
|
|
52
|
-
executionCounter = 0;
|
|
53
|
-
/**
|
|
54
|
-
* Subscribe to audit events.
|
|
55
|
-
*
|
|
56
|
-
* @param listener - Function to call when events occur
|
|
57
|
-
* @returns Unsubscribe function
|
|
58
|
-
*/
|
|
59
|
-
subscribe(listener) {
|
|
60
|
-
this.listeners.add(listener);
|
|
61
|
-
return () => {
|
|
62
|
-
this.listeners.delete(listener);
|
|
63
|
-
};
|
|
64
|
-
}
|
|
65
|
-
/**
|
|
66
|
-
* Generate a unique execution ID.
|
|
67
|
-
*/
|
|
68
|
-
generateExecutionId() {
|
|
69
|
-
const timestamp = Date.now().toString(36);
|
|
70
|
-
const counter = (++this.executionCounter).toString(36).padStart(4, '0');
|
|
71
|
-
const random = Math.random().toString(36).substring(2, 8);
|
|
72
|
-
return `exec_${timestamp}_${counter}_${random}`;
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Log execution start.
|
|
76
|
-
*/
|
|
77
|
-
logExecutionStart(executionId, script) {
|
|
78
|
-
this.emit({
|
|
79
|
-
type: exports.AUDIT_EVENT_TYPES.EXECUTION_START,
|
|
80
|
-
timestamp: new Date().toISOString(),
|
|
81
|
-
executionId,
|
|
82
|
-
data: {
|
|
83
|
-
scriptHash: this.hashScript(script),
|
|
84
|
-
scriptLength: script.length,
|
|
85
|
-
},
|
|
86
|
-
});
|
|
87
|
-
}
|
|
88
|
-
/**
|
|
89
|
-
* Log execution success.
|
|
90
|
-
*/
|
|
91
|
-
logExecutionSuccess(executionId, script, durationMs, toolCallCount) {
|
|
92
|
-
this.emit({
|
|
93
|
-
type: exports.AUDIT_EVENT_TYPES.EXECUTION_SUCCESS,
|
|
94
|
-
timestamp: new Date().toISOString(),
|
|
95
|
-
executionId,
|
|
96
|
-
durationMs,
|
|
97
|
-
data: {
|
|
98
|
-
scriptHash: this.hashScript(script),
|
|
99
|
-
scriptLength: script.length,
|
|
100
|
-
toolCallCount,
|
|
101
|
-
},
|
|
102
|
-
});
|
|
103
|
-
}
|
|
104
|
-
/**
|
|
105
|
-
* Log execution failure.
|
|
106
|
-
*/
|
|
107
|
-
logExecutionFailure(executionId, script, durationMs, error) {
|
|
108
|
-
this.emit({
|
|
109
|
-
type: exports.AUDIT_EVENT_TYPES.EXECUTION_FAILURE,
|
|
110
|
-
timestamp: new Date().toISOString(),
|
|
111
|
-
executionId,
|
|
112
|
-
durationMs,
|
|
113
|
-
data: {
|
|
114
|
-
scriptHash: this.hashScript(script),
|
|
115
|
-
scriptLength: script.length,
|
|
116
|
-
error: this.sanitizeError(error),
|
|
117
|
-
},
|
|
118
|
-
});
|
|
119
|
-
}
|
|
120
|
-
/**
|
|
121
|
-
* Log execution timeout.
|
|
122
|
-
*/
|
|
123
|
-
logExecutionTimeout(executionId, script, durationMs) {
|
|
124
|
-
this.emit({
|
|
125
|
-
type: exports.AUDIT_EVENT_TYPES.EXECUTION_TIMEOUT,
|
|
126
|
-
timestamp: new Date().toISOString(),
|
|
127
|
-
executionId,
|
|
128
|
-
durationMs,
|
|
129
|
-
data: {
|
|
130
|
-
scriptHash: this.hashScript(script),
|
|
131
|
-
scriptLength: script.length,
|
|
132
|
-
},
|
|
133
|
-
});
|
|
134
|
-
}
|
|
135
|
-
/**
|
|
136
|
-
* Log tool call start.
|
|
137
|
-
*/
|
|
138
|
-
logToolCallStart(executionId, toolName, callDepth) {
|
|
139
|
-
this.emit({
|
|
140
|
-
type: exports.AUDIT_EVENT_TYPES.TOOL_CALL_START,
|
|
141
|
-
timestamp: new Date().toISOString(),
|
|
142
|
-
executionId,
|
|
143
|
-
data: {
|
|
144
|
-
toolName,
|
|
145
|
-
callDepth,
|
|
146
|
-
},
|
|
147
|
-
});
|
|
148
|
-
}
|
|
149
|
-
/**
|
|
150
|
-
* Log tool call success.
|
|
151
|
-
*/
|
|
152
|
-
logToolCallSuccess(executionId, toolName, callDepth, durationMs) {
|
|
153
|
-
this.emit({
|
|
154
|
-
type: exports.AUDIT_EVENT_TYPES.TOOL_CALL_SUCCESS,
|
|
155
|
-
timestamp: new Date().toISOString(),
|
|
156
|
-
executionId,
|
|
157
|
-
durationMs,
|
|
158
|
-
data: {
|
|
159
|
-
toolName,
|
|
160
|
-
callDepth,
|
|
161
|
-
},
|
|
162
|
-
});
|
|
163
|
-
}
|
|
164
|
-
/**
|
|
165
|
-
* Log tool call failure.
|
|
166
|
-
*/
|
|
167
|
-
logToolCallFailure(executionId, toolName, callDepth, durationMs, errorCode) {
|
|
168
|
-
this.emit({
|
|
169
|
-
type: exports.AUDIT_EVENT_TYPES.TOOL_CALL_FAILURE,
|
|
170
|
-
timestamp: new Date().toISOString(),
|
|
171
|
-
executionId,
|
|
172
|
-
durationMs,
|
|
173
|
-
data: {
|
|
174
|
-
toolName,
|
|
175
|
-
callDepth,
|
|
176
|
-
errorCode,
|
|
177
|
-
},
|
|
178
|
-
});
|
|
179
|
-
}
|
|
180
|
-
/**
|
|
181
|
-
* Log security event: self-reference blocked.
|
|
182
|
-
*/
|
|
183
|
-
logSecuritySelfReference(executionId, toolName) {
|
|
184
|
-
this.emit({
|
|
185
|
-
type: exports.AUDIT_EVENT_TYPES.SECURITY_SELF_REFERENCE,
|
|
186
|
-
timestamp: new Date().toISOString(),
|
|
187
|
-
executionId,
|
|
188
|
-
data: {
|
|
189
|
-
blocked: toolName,
|
|
190
|
-
reason: 'Self-reference attack: attempted to call CodeCall tool from within AgentScript',
|
|
191
|
-
},
|
|
192
|
-
});
|
|
193
|
-
}
|
|
194
|
-
/**
|
|
195
|
-
* Log security event: access denied.
|
|
196
|
-
*/
|
|
197
|
-
logSecurityAccessDenied(executionId, toolName, reason) {
|
|
198
|
-
this.emit({
|
|
199
|
-
type: exports.AUDIT_EVENT_TYPES.SECURITY_ACCESS_DENIED,
|
|
200
|
-
timestamp: new Date().toISOString(),
|
|
201
|
-
executionId,
|
|
202
|
-
data: {
|
|
203
|
-
blocked: toolName,
|
|
204
|
-
reason: this.sanitizeError(reason),
|
|
205
|
-
},
|
|
206
|
-
});
|
|
207
|
-
}
|
|
208
|
-
/**
|
|
209
|
-
* Log security event: AST validation blocked.
|
|
210
|
-
*/
|
|
211
|
-
logSecurityAstBlocked(executionId, pattern, reason) {
|
|
212
|
-
this.emit({
|
|
213
|
-
type: exports.AUDIT_EVENT_TYPES.SECURITY_AST_BLOCKED,
|
|
214
|
-
timestamp: new Date().toISOString(),
|
|
215
|
-
executionId,
|
|
216
|
-
data: {
|
|
217
|
-
blocked: pattern,
|
|
218
|
-
reason: this.sanitizeError(reason),
|
|
219
|
-
},
|
|
220
|
-
});
|
|
221
|
-
}
|
|
222
|
-
/**
|
|
223
|
-
* Log search operation.
|
|
224
|
-
*/
|
|
225
|
-
logSearch(executionId, query, resultCount, durationMs) {
|
|
226
|
-
this.emit({
|
|
227
|
-
type: exports.AUDIT_EVENT_TYPES.SEARCH_PERFORMED,
|
|
228
|
-
timestamp: new Date().toISOString(),
|
|
229
|
-
executionId,
|
|
230
|
-
durationMs,
|
|
231
|
-
data: {
|
|
232
|
-
queryLength: query.length,
|
|
233
|
-
resultCount,
|
|
234
|
-
},
|
|
235
|
-
});
|
|
236
|
-
}
|
|
237
|
-
/**
|
|
238
|
-
* Log describe operation.
|
|
239
|
-
*/
|
|
240
|
-
logDescribe(executionId, toolNames, durationMs) {
|
|
241
|
-
this.emit({
|
|
242
|
-
type: exports.AUDIT_EVENT_TYPES.DESCRIBE_PERFORMED,
|
|
243
|
-
timestamp: new Date().toISOString(),
|
|
244
|
-
executionId,
|
|
245
|
-
durationMs,
|
|
246
|
-
data: {
|
|
247
|
-
toolCount: toolNames.length,
|
|
248
|
-
toolNames: toolNames.slice(0, 10), // Limit to first 10 for audit
|
|
249
|
-
},
|
|
250
|
-
});
|
|
251
|
-
}
|
|
252
|
-
/**
|
|
253
|
-
* Log invoke operation.
|
|
254
|
-
*/
|
|
255
|
-
logInvoke(executionId, toolName, success, durationMs) {
|
|
256
|
-
this.emit({
|
|
257
|
-
type: exports.AUDIT_EVENT_TYPES.INVOKE_PERFORMED,
|
|
258
|
-
timestamp: new Date().toISOString(),
|
|
259
|
-
executionId,
|
|
260
|
-
durationMs,
|
|
261
|
-
data: {
|
|
262
|
-
toolName,
|
|
263
|
-
success,
|
|
264
|
-
},
|
|
265
|
-
});
|
|
266
|
-
}
|
|
267
|
-
/**
|
|
268
|
-
* Emit an audit event to all listeners.
|
|
269
|
-
*/
|
|
270
|
-
emit(event) {
|
|
271
|
-
// Freeze the event to prevent modification
|
|
272
|
-
const frozenEvent = Object.freeze({ ...event, data: Object.freeze({ ...event.data }) });
|
|
273
|
-
for (const listener of this.listeners) {
|
|
274
|
-
try {
|
|
275
|
-
listener(frozenEvent);
|
|
276
|
-
}
|
|
277
|
-
catch {
|
|
278
|
-
// Never let listener errors propagate
|
|
279
|
-
}
|
|
280
|
-
}
|
|
281
|
-
}
|
|
282
|
-
/**
|
|
283
|
-
* Create a simple hash of the script for identification.
|
|
284
|
-
* Uses a fast, non-cryptographic hash for performance.
|
|
285
|
-
*/
|
|
286
|
-
hashScript(script) {
|
|
287
|
-
let hash = 0;
|
|
288
|
-
for (let i = 0; i < script.length; i++) {
|
|
289
|
-
const char = script.charCodeAt(i);
|
|
290
|
-
hash = (hash << 5) - hash + char;
|
|
291
|
-
hash = hash & hash; // Convert to 32bit integer
|
|
292
|
-
}
|
|
293
|
-
return `sh_${(hash >>> 0).toString(16).padStart(8, '0')}`;
|
|
294
|
-
}
|
|
295
|
-
/**
|
|
296
|
-
* Sanitize error messages to remove sensitive information.
|
|
297
|
-
*/
|
|
298
|
-
sanitizeError(error) {
|
|
299
|
-
if (!error)
|
|
300
|
-
return 'Unknown error';
|
|
301
|
-
// Remove file paths
|
|
302
|
-
let sanitized = error.replace(/(?:\/[\w.-]+)+|(?:[A-Za-z]:\\[\w\\.-]+)+/g, '[path]');
|
|
303
|
-
// Remove line numbers
|
|
304
|
-
sanitized = sanitized.replace(/:\d+:\d+/g, '');
|
|
305
|
-
// Remove stack traces
|
|
306
|
-
sanitized = sanitized.replace(/\n\s*at .*/g, '');
|
|
307
|
-
// Truncate
|
|
308
|
-
if (sanitized.length > 200) {
|
|
309
|
-
sanitized = sanitized.substring(0, 200) + '...';
|
|
310
|
-
}
|
|
311
|
-
return sanitized.trim();
|
|
312
|
-
}
|
|
313
|
-
};
|
|
314
|
-
exports.AuditLoggerService = AuditLoggerService;
|
|
315
|
-
exports.AuditLoggerService = AuditLoggerService = tslib_1.__decorate([
|
|
316
|
-
(0, sdk_1.Provider)({
|
|
317
|
-
name: 'codecall:audit-logger',
|
|
318
|
-
scope: sdk_1.ProviderScope.GLOBAL,
|
|
319
|
-
})
|
|
320
|
-
], AuditLoggerService);
|
|
321
|
-
exports.default = AuditLoggerService;
|
|
322
|
-
//# sourceMappingURL=audit-logger.service.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"audit-logger.service.js","sourceRoot":"","sources":["../../../../src/codecall/services/audit-logger.service.ts"],"names":[],"mappings":";AAAA,mEAAmE;;;;AAEnE,uCAAwD;AAExD;;GAEG;AACU,QAAA,iBAAiB,GAAG;IAC/B,+BAA+B;IAC/B,eAAe,EAAE,0BAA0B;IAC3C,8CAA8C;IAC9C,iBAAiB,EAAE,4BAA4B;IAC/C,8BAA8B;IAC9B,iBAAiB,EAAE,4BAA4B;IAC/C,iCAAiC;IACjC,iBAAiB,EAAE,4BAA4B;IAE/C,sCAAsC;IACtC,eAAe,EAAE,0BAA0B;IAC3C,uCAAuC;IACvC,iBAAiB,EAAE,4BAA4B;IAC/C,uBAAuB;IACvB,iBAAiB,EAAE,4BAA4B;IAE/C,oCAAoC;IACpC,uBAAuB,EAAE,kCAAkC;IAC3D,yBAAyB;IACzB,sBAAsB,EAAE,iCAAiC;IACzD,mDAAmD;IACnD,oBAAoB,EAAE,+BAA+B;IAErD,uBAAuB;IACvB,gBAAgB,EAAE,2BAA2B;IAC7C,qBAAqB;IACrB,kBAAkB,EAAE,6BAA6B;IACjD,8BAA8B;IAC9B,gBAAgB,EAAE,2BAA2B;CACrC,CAAC;AAgFX;;;;;;;;;;;GAWG;AAKI,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IACrB,SAAS,GAA4B,IAAI,GAAG,EAAE,CAAC;IAC/C,gBAAgB,GAAG,CAAC,CAAC;IAE7B;;;;;OAKG;IACH,SAAS,CAAC,QAA4B;QACpC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC7B,OAAO,GAAG,EAAE;YACV,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClC,CAAC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACxE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1D,OAAO,QAAQ,SAAS,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAC,WAAmB,EAAE,MAAc;QACnD,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,eAAe;YACvC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBACnC,YAAY,EAAE,MAAM,CAAC,MAAM;aAC5B;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,WAAmB,EAAE,MAAc,EAAE,UAAkB,EAAE,aAAqB;QAChG,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBACnC,YAAY,EAAE,MAAM,CAAC,MAAM;gBAC3B,aAAa;aACd;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,WAAmB,EAAE,MAAc,EAAE,UAAkB,EAAE,KAAa;QACxF,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBACnC,YAAY,EAAE,MAAM,CAAC,MAAM;gBAC3B,KAAK,EAAE,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC;aACjC;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,WAAmB,EAAE,MAAc,EAAE,UAAkB;QACzE,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBACnC,YAAY,EAAE,MAAM,CAAC,MAAM;aAC5B;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,WAAmB,EAAE,QAAgB,EAAE,SAAiB;QACvE,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,eAAe;YACvC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;aACV;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,WAAmB,EAAE,QAAgB,EAAE,SAAiB,EAAE,UAAkB;QAC7F,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;aACV;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,kBAAkB,CAChB,WAAmB,EACnB,QAAgB,EAChB,SAAiB,EACjB,UAAkB,EAClB,SAAiB;QAEjB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,iBAAiB;YACzC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;gBACT,SAAS;aACV;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,WAAmB,EAAE,QAAgB;QAC5D,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,uBAAuB;YAC/C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,IAAI,EAAE;gBACJ,OAAO,EAAE,QAAQ;gBACjB,MAAM,EAAE,gFAAgF;aACzF;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,WAAmB,EAAE,QAAgB,EAAE,MAAc;QAC3E,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,sBAAsB;YAC9C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,IAAI,EAAE;gBACJ,OAAO,EAAE,QAAQ;gBACjB,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;aACnC;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,WAAmB,EAAE,OAAe,EAAE,MAAc;QACxE,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,oBAAoB;YAC5C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,IAAI,EAAE;gBACJ,OAAO,EAAE,OAAO;gBAChB,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC;aACnC;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,WAAmB,EAAE,KAAa,EAAE,WAAmB,EAAE,UAAkB;QACnF,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,gBAAgB;YACxC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,WAAW,EAAE,KAAK,CAAC,MAAM;gBACzB,WAAW;aACZ;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,WAAmB,EAAE,SAAmB,EAAE,UAAkB;QACtE,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,kBAAkB;YAC1C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,SAAS,EAAE,SAAS,CAAC,MAAM;gBAC3B,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,8BAA8B;aAClE;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,WAAmB,EAAE,QAAgB,EAAE,OAAgB,EAAE,UAAkB;QACnF,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,yBAAiB,CAAC,gBAAgB;YACxC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW;YACX,UAAU;YACV,IAAI,EAAE;gBACJ,QAAQ;gBACR,OAAO;aACR;SACF,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,IAAI,CAAC,KAAiB;QAC5B,2CAA2C;QAC3C,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAExF,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,QAAQ,CAAC,WAAW,CAAC,CAAC;YACxB,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;YACxC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,UAAU,CAAC,MAAc;QAC/B,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;YACjC,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,2BAA2B;QACjD,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;IAC5D,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,KAAa;QACjC,IAAI,CAAC,KAAK;YAAE,OAAO,eAAe,CAAC;QAEnC,oBAAoB;QACpB,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,2CAA2C,EAAE,QAAQ,CAAC,CAAC;QAErF,sBAAsB;QACtB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QAE/C,sBAAsB;QACtB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAEjD,WAAW;QACX,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YAC3B,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;QAClD,CAAC;QAED,OAAO,SAAS,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;CACF,CAAA;AAnSY,gDAAkB;6BAAlB,kBAAkB;IAJ9B,IAAA,cAAQ,EAAC;QACR,IAAI,EAAE,uBAAuB;QAC7B,KAAK,EAAE,mBAAa,CAAC,MAAM;KAC5B,CAAC;GACW,kBAAkB,CAmS9B;AAED,kBAAe,kBAAkB,CAAC","sourcesContent":["// file: libs/plugins/src/codecall/services/audit-logger.service.ts\n\nimport { Provider, ProviderScope } from '@frontmcp/sdk';\n\n/**\n * Audit event types for CodeCall operations.\n */\nexport const AUDIT_EVENT_TYPES = {\n /** Script execution started */\n EXECUTION_START: 'codecall:execution:start',\n /** Script execution completed successfully */\n EXECUTION_SUCCESS: 'codecall:execution:success',\n /** Script execution failed */\n EXECUTION_FAILURE: 'codecall:execution:failure',\n /** Script execution timed out */\n EXECUTION_TIMEOUT: 'codecall:execution:timeout',\n\n /** Tool call initiated from script */\n TOOL_CALL_START: 'codecall:tool:call:start',\n /** Tool call completed successfully */\n TOOL_CALL_SUCCESS: 'codecall:tool:call:success',\n /** Tool call failed */\n TOOL_CALL_FAILURE: 'codecall:tool:call:failure',\n\n /** Self-reference attack blocked */\n SECURITY_SELF_REFERENCE: 'codecall:security:self-reference',\n /** Tool access denied */\n SECURITY_ACCESS_DENIED: 'codecall:security:access-denied',\n /** AST validation failed (blocked code pattern) */\n SECURITY_AST_BLOCKED: 'codecall:security:ast-blocked',\n\n /** Search performed */\n SEARCH_PERFORMED: 'codecall:search:performed',\n /** Tool described */\n DESCRIBE_PERFORMED: 'codecall:describe:performed',\n /** Direct invoke performed */\n INVOKE_PERFORMED: 'codecall:invoke:performed',\n} as const;\n\nexport type AuditEventType = (typeof AUDIT_EVENT_TYPES)[keyof typeof AUDIT_EVENT_TYPES];\n\n/**\n * Base audit event structure.\n */\nexport interface AuditEvent {\n /** Event type */\n type: AuditEventType;\n /** ISO timestamp */\n timestamp: string;\n /** Unique execution ID for correlation */\n executionId: string;\n /** Duration in milliseconds (if applicable) */\n durationMs?: number;\n /** Additional event-specific data */\n data?: Record<string, unknown>;\n}\n\n/**\n * Execution audit event with script details.\n */\nexport interface ExecutionAuditEvent extends AuditEvent {\n type:\n | typeof AUDIT_EVENT_TYPES.EXECUTION_START\n | typeof AUDIT_EVENT_TYPES.EXECUTION_SUCCESS\n | typeof AUDIT_EVENT_TYPES.EXECUTION_FAILURE\n | typeof AUDIT_EVENT_TYPES.EXECUTION_TIMEOUT;\n data: {\n /** Script hash (NOT the full script - security!) */\n scriptHash: string;\n /** Script length in characters */\n scriptLength: number;\n /** Number of tool calls made */\n toolCallCount?: number;\n /** Error message (sanitized) if failed */\n error?: string;\n };\n}\n\n/**\n * Tool call audit event.\n */\nexport interface ToolCallAuditEvent extends AuditEvent {\n type:\n | typeof AUDIT_EVENT_TYPES.TOOL_CALL_START\n | typeof AUDIT_EVENT_TYPES.TOOL_CALL_SUCCESS\n | typeof AUDIT_EVENT_TYPES.TOOL_CALL_FAILURE;\n data: {\n /** Tool name */\n toolName: string;\n /** Call depth (nested calls) */\n callDepth: number;\n /** Error code if failed */\n errorCode?: string;\n };\n}\n\n/**\n * Security audit event.\n */\nexport interface SecurityAuditEvent extends AuditEvent {\n type:\n | typeof AUDIT_EVENT_TYPES.SECURITY_SELF_REFERENCE\n | typeof AUDIT_EVENT_TYPES.SECURITY_ACCESS_DENIED\n | typeof AUDIT_EVENT_TYPES.SECURITY_AST_BLOCKED;\n data: {\n /** What was blocked */\n blocked: string;\n /** Reason for blocking */\n reason: string;\n };\n}\n\n/**\n * Audit event listener function type.\n */\nexport type AuditEventListener = (event: AuditEvent) => void;\n\n/**\n * Audit Logger Service\n *\n * Provides centralized audit logging for all CodeCall operations.\n * Uses the SDK event emitter pattern for integration with external systems.\n *\n * Security considerations:\n * - NEVER logs full scripts (only hashes)\n * - NEVER logs tool inputs/outputs (only metadata)\n * - NEVER logs sensitive error details (only sanitized messages)\n * - All events include execution ID for correlation\n */\n@Provider({\n name: 'codecall:audit-logger',\n scope: ProviderScope.GLOBAL,\n})\nexport class AuditLoggerService {\n private listeners: Set<AuditEventListener> = new Set();\n private executionCounter = 0;\n\n /**\n * Subscribe to audit events.\n *\n * @param listener - Function to call when events occur\n * @returns Unsubscribe function\n */\n subscribe(listener: AuditEventListener): () => void {\n this.listeners.add(listener);\n return () => {\n this.listeners.delete(listener);\n };\n }\n\n /**\n * Generate a unique execution ID.\n */\n generateExecutionId(): string {\n const timestamp = Date.now().toString(36);\n const counter = (++this.executionCounter).toString(36).padStart(4, '0');\n const random = Math.random().toString(36).substring(2, 8);\n return `exec_${timestamp}_${counter}_${random}`;\n }\n\n /**\n * Log execution start.\n */\n logExecutionStart(executionId: string, script: string): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.EXECUTION_START,\n timestamp: new Date().toISOString(),\n executionId,\n data: {\n scriptHash: this.hashScript(script),\n scriptLength: script.length,\n },\n });\n }\n\n /**\n * Log execution success.\n */\n logExecutionSuccess(executionId: string, script: string, durationMs: number, toolCallCount: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.EXECUTION_SUCCESS,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n scriptHash: this.hashScript(script),\n scriptLength: script.length,\n toolCallCount,\n },\n });\n }\n\n /**\n * Log execution failure.\n */\n logExecutionFailure(executionId: string, script: string, durationMs: number, error: string): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.EXECUTION_FAILURE,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n scriptHash: this.hashScript(script),\n scriptLength: script.length,\n error: this.sanitizeError(error),\n },\n });\n }\n\n /**\n * Log execution timeout.\n */\n logExecutionTimeout(executionId: string, script: string, durationMs: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.EXECUTION_TIMEOUT,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n scriptHash: this.hashScript(script),\n scriptLength: script.length,\n },\n });\n }\n\n /**\n * Log tool call start.\n */\n logToolCallStart(executionId: string, toolName: string, callDepth: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.TOOL_CALL_START,\n timestamp: new Date().toISOString(),\n executionId,\n data: {\n toolName,\n callDepth,\n },\n });\n }\n\n /**\n * Log tool call success.\n */\n logToolCallSuccess(executionId: string, toolName: string, callDepth: number, durationMs: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.TOOL_CALL_SUCCESS,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n toolName,\n callDepth,\n },\n });\n }\n\n /**\n * Log tool call failure.\n */\n logToolCallFailure(\n executionId: string,\n toolName: string,\n callDepth: number,\n durationMs: number,\n errorCode: string,\n ): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.TOOL_CALL_FAILURE,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n toolName,\n callDepth,\n errorCode,\n },\n });\n }\n\n /**\n * Log security event: self-reference blocked.\n */\n logSecuritySelfReference(executionId: string, toolName: string): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.SECURITY_SELF_REFERENCE,\n timestamp: new Date().toISOString(),\n executionId,\n data: {\n blocked: toolName,\n reason: 'Self-reference attack: attempted to call CodeCall tool from within AgentScript',\n },\n });\n }\n\n /**\n * Log security event: access denied.\n */\n logSecurityAccessDenied(executionId: string, toolName: string, reason: string): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.SECURITY_ACCESS_DENIED,\n timestamp: new Date().toISOString(),\n executionId,\n data: {\n blocked: toolName,\n reason: this.sanitizeError(reason),\n },\n });\n }\n\n /**\n * Log security event: AST validation blocked.\n */\n logSecurityAstBlocked(executionId: string, pattern: string, reason: string): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.SECURITY_AST_BLOCKED,\n timestamp: new Date().toISOString(),\n executionId,\n data: {\n blocked: pattern,\n reason: this.sanitizeError(reason),\n },\n });\n }\n\n /**\n * Log search operation.\n */\n logSearch(executionId: string, query: string, resultCount: number, durationMs: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.SEARCH_PERFORMED,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n queryLength: query.length,\n resultCount,\n },\n });\n }\n\n /**\n * Log describe operation.\n */\n logDescribe(executionId: string, toolNames: string[], durationMs: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.DESCRIBE_PERFORMED,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n toolCount: toolNames.length,\n toolNames: toolNames.slice(0, 10), // Limit to first 10 for audit\n },\n });\n }\n\n /**\n * Log invoke operation.\n */\n logInvoke(executionId: string, toolName: string, success: boolean, durationMs: number): void {\n this.emit({\n type: AUDIT_EVENT_TYPES.INVOKE_PERFORMED,\n timestamp: new Date().toISOString(),\n executionId,\n durationMs,\n data: {\n toolName,\n success,\n },\n });\n }\n\n /**\n * Emit an audit event to all listeners.\n */\n private emit(event: AuditEvent): void {\n // Freeze the event to prevent modification\n const frozenEvent = Object.freeze({ ...event, data: Object.freeze({ ...event.data }) });\n\n for (const listener of this.listeners) {\n try {\n listener(frozenEvent);\n } catch {\n // Never let listener errors propagate\n }\n }\n }\n\n /**\n * Create a simple hash of the script for identification.\n * Uses a fast, non-cryptographic hash for performance.\n */\n private hashScript(script: string): string {\n let hash = 0;\n for (let i = 0; i < script.length; i++) {\n const char = script.charCodeAt(i);\n hash = (hash << 5) - hash + char;\n hash = hash & hash; // Convert to 32bit integer\n }\n return `sh_${(hash >>> 0).toString(16).padStart(8, '0')}`;\n }\n\n /**\n * Sanitize error messages to remove sensitive information.\n */\n private sanitizeError(error: string): string {\n if (!error) return 'Unknown error';\n\n // Remove file paths\n let sanitized = error.replace(/(?:\\/[\\w.-]+)+|(?:[A-Za-z]:\\\\[\\w\\\\.-]+)+/g, '[path]');\n\n // Remove line numbers\n sanitized = sanitized.replace(/:\\d+:\\d+/g, '');\n\n // Remove stack traces\n sanitized = sanitized.replace(/\\n\\s*at .*/g, '');\n\n // Truncate\n if (sanitized.length > 200) {\n sanitized = sanitized.substring(0, 200) + '...';\n }\n\n return sanitized.trim();\n }\n}\n\nexport default AuditLoggerService;\n"]}
|
|
@@ -1,214 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
// file: libs/plugins/src/codecall/services/enclave.service.ts
|
|
3
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
|
-
exports.ScriptTooLargeError = void 0;
|
|
5
|
-
const tslib_1 = require("tslib");
|
|
6
|
-
const sdk_1 = require("@frontmcp/sdk");
|
|
7
|
-
const enclave_vm_1 = require("enclave-vm");
|
|
8
|
-
/**
|
|
9
|
-
* Service for executing AgentScript code using enclave-vm
|
|
10
|
-
*
|
|
11
|
-
* This service wraps the Enclave class and provides:
|
|
12
|
-
* - Safe AgentScript execution with AST validation
|
|
13
|
-
* - Automatic code transformation (callTool -> __safe_callTool)
|
|
14
|
-
* - Runtime limits (timeout, iterations, tool calls)
|
|
15
|
-
* - Tool call integration with FrontMCP pipeline
|
|
16
|
-
*/
|
|
17
|
-
/**
|
|
18
|
-
* Error thrown when script exceeds maximum length and sidecar is disabled
|
|
19
|
-
*/
|
|
20
|
-
class ScriptTooLargeError extends Error {
|
|
21
|
-
code = 'SCRIPT_TOO_LARGE';
|
|
22
|
-
scriptLength;
|
|
23
|
-
maxLength;
|
|
24
|
-
constructor(scriptLength, maxLength) {
|
|
25
|
-
super(`Script length (${scriptLength} characters) exceeds maximum allowed length (${maxLength} characters). ` +
|
|
26
|
-
`Enable sidecar to handle large data, or reduce script size.`);
|
|
27
|
-
this.name = 'ScriptTooLargeError';
|
|
28
|
-
this.scriptLength = scriptLength;
|
|
29
|
-
this.maxLength = maxLength;
|
|
30
|
-
}
|
|
31
|
-
}
|
|
32
|
-
exports.ScriptTooLargeError = ScriptTooLargeError;
|
|
33
|
-
let EnclaveService = class EnclaveService {
|
|
34
|
-
vmOptions;
|
|
35
|
-
sidecarOptions;
|
|
36
|
-
constructor(config) {
|
|
37
|
-
// Use getAll() to avoid deep type instantiation with DottedPath<T>
|
|
38
|
-
const all = config.getAll();
|
|
39
|
-
this.vmOptions = all.resolvedVm;
|
|
40
|
-
this.sidecarOptions = all.sidecar;
|
|
41
|
-
}
|
|
42
|
-
/**
|
|
43
|
-
* Execute AgentScript code in the enclave
|
|
44
|
-
*
|
|
45
|
-
* @param code - The AgentScript code to execute (raw, not transformed)
|
|
46
|
-
* @param environment - The VM environment with callTool, getTool, etc.
|
|
47
|
-
* @returns Execution result with success/error and logs
|
|
48
|
-
* @throws ScriptTooLargeError if script exceeds max length and sidecar is disabled
|
|
49
|
-
*/
|
|
50
|
-
async execute(code, environment) {
|
|
51
|
-
const logs = [];
|
|
52
|
-
// Validate script length when sidecar is disabled
|
|
53
|
-
if (!this.sidecarOptions.enabled && this.sidecarOptions.maxScriptLengthWhenDisabled !== null) {
|
|
54
|
-
const maxLength = this.sidecarOptions.maxScriptLengthWhenDisabled;
|
|
55
|
-
if (code.length > maxLength) {
|
|
56
|
-
throw new ScriptTooLargeError(code.length, maxLength);
|
|
57
|
-
}
|
|
58
|
-
}
|
|
59
|
-
// Create tool handler that bridges to CodeCallVmEnvironment
|
|
60
|
-
const toolHandler = async (toolName, args) => {
|
|
61
|
-
return environment.callTool(toolName, args);
|
|
62
|
-
};
|
|
63
|
-
// Build sidecar configuration if enabled
|
|
64
|
-
const sidecar = this.sidecarOptions.enabled
|
|
65
|
-
? {
|
|
66
|
-
enabled: true,
|
|
67
|
-
maxTotalSize: this.sidecarOptions.maxTotalSize,
|
|
68
|
-
maxReferenceSize: this.sidecarOptions.maxReferenceSize,
|
|
69
|
-
extractionThreshold: this.sidecarOptions.extractionThreshold,
|
|
70
|
-
maxResolvedSize: this.sidecarOptions.maxResolvedSize,
|
|
71
|
-
allowComposites: this.sidecarOptions.allowComposites,
|
|
72
|
-
}
|
|
73
|
-
: undefined;
|
|
74
|
-
// Create enclave with configuration from CodeCallConfig
|
|
75
|
-
const enclave = new enclave_vm_1.Enclave({
|
|
76
|
-
timeout: this.vmOptions.timeoutMs,
|
|
77
|
-
maxToolCalls: this.vmOptions.maxSteps || 100,
|
|
78
|
-
maxIterations: 10000,
|
|
79
|
-
toolHandler,
|
|
80
|
-
validate: true,
|
|
81
|
-
transform: true,
|
|
82
|
-
sidecar,
|
|
83
|
-
// Allow functions in globals since we intentionally provide getTool, mcpLog, mcpNotify, and console
|
|
84
|
-
allowFunctionsInGlobals: true,
|
|
85
|
-
globals: {
|
|
86
|
-
// Provide getTool as a custom global
|
|
87
|
-
getTool: environment.getTool,
|
|
88
|
-
// Provide logging functions if available
|
|
89
|
-
...(environment.mcpLog
|
|
90
|
-
? {
|
|
91
|
-
mcpLog: (level, message, metadata) => {
|
|
92
|
-
environment.mcpLog(level, message, metadata);
|
|
93
|
-
logs.push(`[mcp:${level}] ${message}`);
|
|
94
|
-
},
|
|
95
|
-
}
|
|
96
|
-
: {}),
|
|
97
|
-
...(environment.mcpNotify
|
|
98
|
-
? {
|
|
99
|
-
mcpNotify: (event, payload) => {
|
|
100
|
-
environment.mcpNotify(event, payload);
|
|
101
|
-
logs.push(`[notify] ${event}`);
|
|
102
|
-
},
|
|
103
|
-
}
|
|
104
|
-
: {}),
|
|
105
|
-
// Provide console if allowed
|
|
106
|
-
...(this.vmOptions.allowConsole
|
|
107
|
-
? {
|
|
108
|
-
console: {
|
|
109
|
-
log: (...args) => {
|
|
110
|
-
const message = args.map((arg) => String(arg)).join(' ');
|
|
111
|
-
logs.push(`[log] ${message}`);
|
|
112
|
-
},
|
|
113
|
-
warn: (...args) => {
|
|
114
|
-
const message = args.map((arg) => String(arg)).join(' ');
|
|
115
|
-
logs.push(`[warn] ${message}`);
|
|
116
|
-
},
|
|
117
|
-
error: (...args) => {
|
|
118
|
-
const message = args.map((arg) => String(arg)).join(' ');
|
|
119
|
-
logs.push(`[error] ${message}`);
|
|
120
|
-
},
|
|
121
|
-
},
|
|
122
|
-
}
|
|
123
|
-
: {}),
|
|
124
|
-
},
|
|
125
|
-
});
|
|
126
|
-
try {
|
|
127
|
-
const result = await enclave.run(code);
|
|
128
|
-
return this.mapEnclaveResult(result, logs);
|
|
129
|
-
}
|
|
130
|
-
finally {
|
|
131
|
-
enclave.dispose();
|
|
132
|
-
}
|
|
133
|
-
}
|
|
134
|
-
/**
|
|
135
|
-
* Map Enclave ExecutionResult to EnclaveExecutionResult
|
|
136
|
-
*/
|
|
137
|
-
mapEnclaveResult(result, logs) {
|
|
138
|
-
if (result.success) {
|
|
139
|
-
return {
|
|
140
|
-
success: true,
|
|
141
|
-
result: result.value,
|
|
142
|
-
logs,
|
|
143
|
-
timedOut: false,
|
|
144
|
-
stats: {
|
|
145
|
-
duration: result.stats.duration,
|
|
146
|
-
toolCallCount: result.stats.toolCallCount,
|
|
147
|
-
iterationCount: result.stats.iterationCount,
|
|
148
|
-
},
|
|
149
|
-
};
|
|
150
|
-
}
|
|
151
|
-
// Handle error cases
|
|
152
|
-
const error = result.error;
|
|
153
|
-
const timedOut = error.message?.includes('timed out') || error.code === 'TIMEOUT';
|
|
154
|
-
// Check if it's a validation error
|
|
155
|
-
if (error.code === 'VALIDATION_ERROR') {
|
|
156
|
-
return {
|
|
157
|
-
success: false,
|
|
158
|
-
error: {
|
|
159
|
-
message: error.message,
|
|
160
|
-
name: 'ValidationError',
|
|
161
|
-
code: error.code,
|
|
162
|
-
},
|
|
163
|
-
logs,
|
|
164
|
-
timedOut: false,
|
|
165
|
-
};
|
|
166
|
-
}
|
|
167
|
-
// Check if it's a tool error (has toolName in the error data)
|
|
168
|
-
const errorData = error.data;
|
|
169
|
-
const toolName = errorData?.['toolName'];
|
|
170
|
-
if (toolName) {
|
|
171
|
-
return {
|
|
172
|
-
success: false,
|
|
173
|
-
error: {
|
|
174
|
-
message: error.message,
|
|
175
|
-
name: error.name,
|
|
176
|
-
stack: error.stack,
|
|
177
|
-
code: error.code,
|
|
178
|
-
toolName,
|
|
179
|
-
toolInput: errorData?.['toolInput'],
|
|
180
|
-
details: errorData?.['details'],
|
|
181
|
-
},
|
|
182
|
-
logs,
|
|
183
|
-
timedOut,
|
|
184
|
-
};
|
|
185
|
-
}
|
|
186
|
-
// Generic error
|
|
187
|
-
return {
|
|
188
|
-
success: false,
|
|
189
|
-
error: {
|
|
190
|
-
message: error.message,
|
|
191
|
-
name: error.name,
|
|
192
|
-
stack: error.stack,
|
|
193
|
-
code: error.code,
|
|
194
|
-
},
|
|
195
|
-
logs,
|
|
196
|
-
timedOut,
|
|
197
|
-
stats: {
|
|
198
|
-
duration: result.stats.duration,
|
|
199
|
-
toolCallCount: result.stats.toolCallCount,
|
|
200
|
-
iterationCount: result.stats.iterationCount,
|
|
201
|
-
},
|
|
202
|
-
};
|
|
203
|
-
}
|
|
204
|
-
};
|
|
205
|
-
EnclaveService = tslib_1.__decorate([
|
|
206
|
-
(0, sdk_1.Provider)({
|
|
207
|
-
name: 'codecall:enclave',
|
|
208
|
-
description: 'Executes AgentScript code in a secure enclave',
|
|
209
|
-
scope: sdk_1.ProviderScope.GLOBAL,
|
|
210
|
-
}),
|
|
211
|
-
tslib_1.__metadata("design:paramtypes", [Function])
|
|
212
|
-
], EnclaveService);
|
|
213
|
-
exports.default = EnclaveService;
|
|
214
|
-
//# sourceMappingURL=enclave.service.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"enclave.service.js","sourceRoot":"","sources":["../../../../src/codecall/services/enclave.service.ts"],"names":[],"mappings":";AAAA,8DAA8D;;;;AAE9D,uCAAwD;AACxD,2CAA2G;AA8B3G;;;;;;;;GAQG;AACH;;GAEG;AACH,MAAa,mBAAoB,SAAQ,KAAK;IACnC,IAAI,GAAG,kBAAkB,CAAC;IAC1B,YAAY,CAAS;IACrB,SAAS,CAAS;IAE3B,YAAY,YAAoB,EAAE,SAAiB;QACjD,KAAK,CACH,kBAAkB,YAAY,gDAAgD,SAAS,gBAAgB;YACrG,6DAA6D,CAChE,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAClC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAdD,kDAcC;AAOc,IAAM,cAAc,GAApB,MAAM,cAAc;IAChB,SAAS,CAA4B;IACrC,cAAc,CAAyB;IAExD,YAAY,MAAsB;QAChC,mEAAmE;QACnE,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,UAAU,CAAC;QAChC,IAAI,CAAC,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC;IACpC,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,OAAO,CAAC,IAAY,EAAE,WAAkC;QAC5D,MAAM,IAAI,GAAa,EAAE,CAAC;QAE1B,kDAAkD;QAClD,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,IAAI,IAAI,CAAC,cAAc,CAAC,2BAA2B,KAAK,IAAI,EAAE,CAAC;YAC7F,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,2BAA2B,CAAC;YAClE,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;gBAC5B,MAAM,IAAI,mBAAmB,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QAED,4DAA4D;QAC5D,MAAM,WAAW,GAAgB,KAAK,EAAE,QAAgB,EAAE,IAA6B,EAAE,EAAE;YACzF,OAAO,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC9C,CAAC,CAAC;QAEF,yCAAyC;QACzC,MAAM,OAAO,GAAwC,IAAI,CAAC,cAAc,CAAC,OAAO;YAC9E,CAAC,CAAC;gBACE,OAAO,EAAE,IAAI;gBACb,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,YAAY;gBAC9C,gBAAgB,EAAE,IAAI,CAAC,cAAc,CAAC,gBAAgB;gBACtD,mBAAmB,EAAE,IAAI,CAAC,cAAc,CAAC,mBAAmB;gBAC5D,eAAe,EAAE,IAAI,CAAC,cAAc,CAAC,eAAe;gBACpD,eAAe,EAAE,IAAI,CAAC,cAAc,CAAC,eAAe;aACrD;YACH,CAAC,CAAC,SAAS,CAAC;QAEd,wDAAwD;QACxD,MAAM,OAAO,GAAG,IAAI,oBAAO,CAAC;YAC1B,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS;YACjC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,IAAI,GAAG;YAC5C,aAAa,EAAE,KAAK;YACpB,WAAW;YACX,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,IAAI;YACf,OAAO;YACP,oGAAoG;YACpG,uBAAuB,EAAE,IAAI;YAC7B,OAAO,EAAE;gBACP,qCAAqC;gBACrC,OAAO,EAAE,WAAW,CAAC,OAAO;gBAC5B,yCAAyC;gBACzC,GAAG,CAAC,WAAW,CAAC,MAAM;oBACpB,CAAC,CAAC;wBACE,MAAM,EAAE,CACN,KAA0C,EAC1C,OAAe,EACf,QAAkC,EAClC,EAAE;4BACF,WAAW,CAAC,MAAO,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;4BAC9C,IAAI,CAAC,IAAI,CAAC,QAAQ,KAAK,KAAK,OAAO,EAAE,CAAC,CAAC;wBACzC,CAAC;qBACF;oBACH,CAAC,CAAC,EAAE,CAAC;gBACP,GAAG,CAAC,WAAW,CAAC,SAAS;oBACvB,CAAC,CAAC;wBACE,SAAS,EAAE,CAAC,KAAa,EAAE,OAAgC,EAAE,EAAE;4BAC7D,WAAW,CAAC,SAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;4BACvC,IAAI,CAAC,IAAI,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC;wBACjC,CAAC;qBACF;oBACH,CAAC,CAAC,EAAE,CAAC;gBACP,6BAA6B;gBAC7B,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY;oBAC7B,CAAC,CAAC;wBACE,OAAO,EAAE;4BACP,GAAG,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gCAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gCACzD,IAAI,CAAC,IAAI,CAAC,SAAS,OAAO,EAAE,CAAC,CAAC;4BAChC,CAAC;4BACD,IAAI,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gCAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gCACzD,IAAI,CAAC,IAAI,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;4BACjC,CAAC;4BACD,KAAK,EAAE,CAAC,GAAG,IAAe,EAAE,EAAE;gCAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gCACzD,IAAI,CAAC,IAAI,CAAC,WAAW,OAAO,EAAE,CAAC,CAAC;4BAClC,CAAC;yBACF;qBACF;oBACH,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAU,IAAI,CAAC,CAAC;YAChD,OAAO,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7C,CAAC;gBAAS,CAAC;YACT,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,MAAgC,EAAE,IAAc;QACvE,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,IAAI;gBACJ,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE;oBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ;oBAC/B,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,aAAa;oBACzC,cAAc,EAAE,MAAM,CAAC,KAAK,CAAC,cAAc;iBAC5C;aACF,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAM,CAAC;QAC5B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC;QAElF,mCAAmC;QACnC,IAAI,KAAK,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;YACtC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,IAAI,EAAE,iBAAiB;oBACvB,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;gBACD,IAAI;gBACJ,QAAQ,EAAE,KAAK;aAChB,CAAC;QACJ,CAAC;QAED,8DAA8D;QAC9D,MAAM,SAAS,GAAG,KAAK,CAAC,IAA2C,CAAC;QACpE,MAAM,QAAQ,GAAG,SAAS,EAAE,CAAC,UAAU,CAAuB,CAAC;QAC/D,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,QAAQ;oBACR,SAAS,EAAE,SAAS,EAAE,CAAC,WAAW,CAAC;oBACnC,OAAO,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC;iBAChC;gBACD,IAAI;gBACJ,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,gBAAgB;QAChB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,IAAI,EAAE,KAAK,CAAC,IAAI;aACjB;YACD,IAAI;YACJ,QAAQ;YACR,KAAK,EAAE;gBACL,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ;gBAC/B,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,aAAa;gBACzC,cAAc,EAAE,MAAM,CAAC,KAAK,CAAC,cAAc;aAC5C;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA1LoB,cAAc;IALlC,IAAA,cAAQ,EAAC;QACR,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+CAA+C;QAC5D,KAAK,EAAE,mBAAa,CAAC,MAAM;KAC5B,CAAC;;GACmB,cAAc,CA0LlC;kBA1LoB,cAAc","sourcesContent":["// file: libs/plugins/src/codecall/services/enclave.service.ts\n\nimport { Provider, ProviderScope } from '@frontmcp/sdk';\nimport { Enclave, type ExecutionResult, type ToolHandler, type ReferenceSidecarOptions } from 'enclave-vm';\nimport type CodeCallConfig from '../providers/code-call.config';\nimport type { CodeCallVmEnvironment, ResolvedCodeCallVmOptions } from '../codecall.symbol';\nimport type { CodeCallSidecarOptions } from '../codecall.types';\n\n/**\n * Result from enclave execution - maps to existing VmExecutionResult interface\n */\nexport interface EnclaveExecutionResult {\n success: boolean;\n result?: unknown;\n error?: {\n message: string;\n name: string;\n stack?: string;\n code?: string;\n toolName?: string;\n toolInput?: unknown;\n details?: unknown;\n [key: string]: unknown;\n };\n logs: string[];\n timedOut: boolean;\n stats?: {\n duration: number;\n toolCallCount: number;\n iterationCount: number;\n };\n}\n\n/**\n * Service for executing AgentScript code using enclave-vm\n *\n * This service wraps the Enclave class and provides:\n * - Safe AgentScript execution with AST validation\n * - Automatic code transformation (callTool -> __safe_callTool)\n * - Runtime limits (timeout, iterations, tool calls)\n * - Tool call integration with FrontMCP pipeline\n */\n/**\n * Error thrown when script exceeds maximum length and sidecar is disabled\n */\nexport class ScriptTooLargeError extends Error {\n readonly code = 'SCRIPT_TOO_LARGE';\n readonly scriptLength: number;\n readonly maxLength: number;\n\n constructor(scriptLength: number, maxLength: number) {\n super(\n `Script length (${scriptLength} characters) exceeds maximum allowed length (${maxLength} characters). ` +\n `Enable sidecar to handle large data, or reduce script size.`,\n );\n this.name = 'ScriptTooLargeError';\n this.scriptLength = scriptLength;\n this.maxLength = maxLength;\n }\n}\n\n@Provider({\n name: 'codecall:enclave',\n description: 'Executes AgentScript code in a secure enclave',\n scope: ProviderScope.GLOBAL,\n})\nexport default class EnclaveService {\n private readonly vmOptions: ResolvedCodeCallVmOptions;\n private readonly sidecarOptions: CodeCallSidecarOptions;\n\n constructor(config: CodeCallConfig) {\n // Use getAll() to avoid deep type instantiation with DottedPath<T>\n const all = config.getAll();\n this.vmOptions = all.resolvedVm;\n this.sidecarOptions = all.sidecar;\n }\n\n /**\n * Execute AgentScript code in the enclave\n *\n * @param code - The AgentScript code to execute (raw, not transformed)\n * @param environment - The VM environment with callTool, getTool, etc.\n * @returns Execution result with success/error and logs\n * @throws ScriptTooLargeError if script exceeds max length and sidecar is disabled\n */\n async execute(code: string, environment: CodeCallVmEnvironment): Promise<EnclaveExecutionResult> {\n const logs: string[] = [];\n\n // Validate script length when sidecar is disabled\n if (!this.sidecarOptions.enabled && this.sidecarOptions.maxScriptLengthWhenDisabled !== null) {\n const maxLength = this.sidecarOptions.maxScriptLengthWhenDisabled;\n if (code.length > maxLength) {\n throw new ScriptTooLargeError(code.length, maxLength);\n }\n }\n\n // Create tool handler that bridges to CodeCallVmEnvironment\n const toolHandler: ToolHandler = async (toolName: string, args: Record<string, unknown>) => {\n return environment.callTool(toolName, args);\n };\n\n // Build sidecar configuration if enabled\n const sidecar: ReferenceSidecarOptions | undefined = this.sidecarOptions.enabled\n ? {\n enabled: true,\n maxTotalSize: this.sidecarOptions.maxTotalSize,\n maxReferenceSize: this.sidecarOptions.maxReferenceSize,\n extractionThreshold: this.sidecarOptions.extractionThreshold,\n maxResolvedSize: this.sidecarOptions.maxResolvedSize,\n allowComposites: this.sidecarOptions.allowComposites,\n }\n : undefined;\n\n // Create enclave with configuration from CodeCallConfig\n const enclave = new Enclave({\n timeout: this.vmOptions.timeoutMs,\n maxToolCalls: this.vmOptions.maxSteps || 100,\n maxIterations: 10000,\n toolHandler,\n validate: true,\n transform: true,\n sidecar,\n // Allow functions in globals since we intentionally provide getTool, mcpLog, mcpNotify, and console\n allowFunctionsInGlobals: true,\n globals: {\n // Provide getTool as a custom global\n getTool: environment.getTool,\n // Provide logging functions if available\n ...(environment.mcpLog\n ? {\n mcpLog: (\n level: 'debug' | 'info' | 'warn' | 'error',\n message: string,\n metadata?: Record<string, unknown>,\n ) => {\n environment.mcpLog!(level, message, metadata);\n logs.push(`[mcp:${level}] ${message}`);\n },\n }\n : {}),\n ...(environment.mcpNotify\n ? {\n mcpNotify: (event: string, payload: Record<string, unknown>) => {\n environment.mcpNotify!(event, payload);\n logs.push(`[notify] ${event}`);\n },\n }\n : {}),\n // Provide console if allowed\n ...(this.vmOptions.allowConsole\n ? {\n console: {\n log: (...args: unknown[]) => {\n const message = args.map((arg) => String(arg)).join(' ');\n logs.push(`[log] ${message}`);\n },\n warn: (...args: unknown[]) => {\n const message = args.map((arg) => String(arg)).join(' ');\n logs.push(`[warn] ${message}`);\n },\n error: (...args: unknown[]) => {\n const message = args.map((arg) => String(arg)).join(' ');\n logs.push(`[error] ${message}`);\n },\n },\n }\n : {}),\n },\n });\n\n try {\n const result = await enclave.run<unknown>(code);\n return this.mapEnclaveResult(result, logs);\n } finally {\n enclave.dispose();\n }\n }\n\n /**\n * Map Enclave ExecutionResult to EnclaveExecutionResult\n */\n private mapEnclaveResult(result: ExecutionResult<unknown>, logs: string[]): EnclaveExecutionResult {\n if (result.success) {\n return {\n success: true,\n result: result.value,\n logs,\n timedOut: false,\n stats: {\n duration: result.stats.duration,\n toolCallCount: result.stats.toolCallCount,\n iterationCount: result.stats.iterationCount,\n },\n };\n }\n\n // Handle error cases\n const error = result.error!;\n const timedOut = error.message?.includes('timed out') || error.code === 'TIMEOUT';\n\n // Check if it's a validation error\n if (error.code === 'VALIDATION_ERROR') {\n return {\n success: false,\n error: {\n message: error.message,\n name: 'ValidationError',\n code: error.code,\n },\n logs,\n timedOut: false,\n };\n }\n\n // Check if it's a tool error (has toolName in the error data)\n const errorData = error.data as Record<string, unknown> | undefined;\n const toolName = errorData?.['toolName'] as string | undefined;\n if (toolName) {\n return {\n success: false,\n error: {\n message: error.message,\n name: error.name,\n stack: error.stack,\n code: error.code,\n toolName,\n toolInput: errorData?.['toolInput'],\n details: errorData?.['details'],\n },\n logs,\n timedOut,\n };\n }\n\n // Generic error\n return {\n success: false,\n error: {\n message: error.message,\n name: error.name,\n stack: error.stack,\n code: error.code,\n },\n logs,\n timedOut,\n stats: {\n duration: result.stats.duration,\n toolCallCount: result.stats.toolCallCount,\n iterationCount: result.stats.iterationCount,\n },\n };\n }\n}\n"]}
|