npm - @goplus/agentguard - Versions diffs - 1.1.4 → 1.1.5 - Mend

@goplus/agentguard 1.1.4 → 1.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

package/README.md +20 -2
package/dist/action/index.d.ts.map +1 -1
package/dist/action/index.js +3 -1
package/dist/action/index.js.map +1 -1
package/dist/adapters/hermes.d.ts +25 -0
package/dist/adapters/hermes.d.ts.map +1 -0
package/dist/adapters/hermes.js +131 -0
package/dist/adapters/hermes.js.map +1 -0
package/dist/adapters/index.d.ts +1 -0
package/dist/adapters/index.d.ts.map +1 -1
package/dist/adapters/index.js +3 -1
package/dist/adapters/index.js.map +1 -1
package/dist/adapters/openclaw-plugin.d.ts +12 -1
package/dist/adapters/openclaw-plugin.d.ts.map +1 -1
package/dist/adapters/openclaw-plugin.js +165 -9
package/dist/adapters/openclaw-plugin.js.map +1 -1
package/dist/cli.js +85 -12
package/dist/cli.js.map +1 -1
package/dist/feed/cron.d.ts +25 -0
package/dist/feed/cron.d.ts.map +1 -0
package/dist/feed/cron.js +173 -0
package/dist/feed/cron.js.map +1 -0
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +2 -1
package/dist/index.js.map +1 -1
package/dist/installers.js +0 -1
package/dist/installers.js.map +1 -1
package/dist/runtime/protect.d.ts.map +1 -1
package/dist/runtime/protect.js +6 -1
package/dist/runtime/protect.js.map +1 -1
package/dist/tests/adapter.test.js +146 -0
package/dist/tests/adapter.test.js.map +1 -1
package/dist/tests/feed-cron.test.d.ts +2 -0
package/dist/tests/feed-cron.test.d.ts.map +1 -0
package/dist/tests/feed-cron.test.js +78 -0
package/dist/tests/feed-cron.test.js.map +1 -0
package/dist/tests/installer.test.js +3 -1
package/dist/tests/installer.test.js.map +1 -1
package/dist/tests/integration.test.js +211 -1
package/dist/tests/integration.test.js.map +1 -1
package/dist/tests/runtime-cloud.test.js +24 -0
package/dist/tests/runtime-cloud.test.js.map +1 -1
package/dist/tests/smoke.test.js +141 -7
package/dist/tests/smoke.test.js.map +1 -1
package/docs/hermes.md +70 -0
package/package.json +1 -1
package/skills/agentguard/README.md +12 -0
package/skills/agentguard/SKILL.md +104 -3
package/skills/agentguard/hermes-hooks.yaml +31 -0
package/skills/agentguard/package.json +1 -1
package/skills/agentguard/scripts/auto-scan.js +3 -2
package/skills/agentguard/scripts/hermes-hook.js +201 -0

package/skills/agentguard/scripts/hermes-hook.js ADDED Viewed

@@ -0,0 +1,201 @@
+#!/usr/bin/env node
+/**
+ * GoPlus AgentGuard Hermes shell hook.
+ *
+ * Hermes shell hooks read JSON from stdin and use stdout JSON to influence
+ * behavior. For pre_tool_call, returning { action: "block", message: "..." }
+ * vetoes tool execution. There is no native "ask" decision in Hermes'
+ * pre_tool_call contract, so AgentGuard's ask decision is represented as a
+ * block with a confirmation-oriented message.
+ */
+import { join } from 'node:path';
+function isPostHook(input) {
+  const event = typeof input?.hook_event_name === 'string' ? input.hook_event_name : '';
+  return event.startsWith('post');
+}
+function isPreHook(input) {
+  return !isPostHook(input);
+}
+function toolNameFrom(input) {
+  return typeof input?.tool_name === 'string' ? input.tool_name : '';
+}
+function toolInputFrom(input) {
+  const toolInput = input?.tool_input ?? input?.args;
+  return toolInput && typeof toolInput === 'object' && !Array.isArray(toolInput)
+    ? toolInput
+    : {};
+}
+function firstString(...values) {
+  for (const value of values) {
+    if (typeof value === 'string' && value.length > 0) return value;
+  }
+  return '';
+}
+function validatePreToolPayload(input) {
+  const toolName = toolNameFrom(input);
+  const toolInput = toolInputFrom(input);
+  switch (toolName) {
+    case 'terminal':
+      if (!firstString(toolInput.command)) return 'Hermes terminal hook payload is missing command';
+      return null;
+    case 'execute_code':
+      if (!firstString(toolInput.code, toolInput.command)) return 'Hermes execute_code hook payload is missing code';
+      return null;
+    case 'write_file':
+    case 'patch':
+    case 'read_file':
+      if (!firstString(toolInput.path, toolInput.file_path)) return `Hermes ${toolName} hook payload is missing path`;
+      return null;
+    case 'skill_manage':
+      if (!firstString(toolInput.path, toolInput.file_path, toolInput.target, toolInput.skill_path)) {
+        return 'Hermes skill_manage hook payload is missing target path';
+      }
+      return null;
+    case 'web_extract':
+    case 'browser_navigate':
+      if (!firstString(toolInput.url, toolInput.href, toolInput.target)) return `Hermes ${toolName} hook payload is missing URL`;
+      return null;
+    case 'web_search':
+      if (!firstString(toolInput.query, toolInput.url)) return 'Hermes web_search hook payload is missing query';
+      return null;
+    default:
+      return `Hermes tool "${toolName || '(missing)'}" is not recognized by AgentGuard`;
+  }
+}
+function shouldFailClosed(input) {
+  return !input || isPreHook(input);
+}
+// ---------------------------------------------------------------------------
+// Load AgentGuard engine + Hermes adapter
+// ---------------------------------------------------------------------------
+const agentguardPath = join(import.meta.url.replace('file://', ''), '..', '..', '..', '..', 'dist', 'index.js');
+let createAgentGuard, HermesAdapter, evaluateHook, loadConfig;
+async function loadEngine() {
+  if (process.env.AGENTGUARD_TEST_FORCE_ENGINE_LOAD_FAILURE === '1') {
+    return null;
+  }
+  try {
+    const gs = await import(agentguardPath);
+    return {
+      createAgentGuard: gs.createAgentGuard || gs.default,
+      HermesAdapter: gs.HermesAdapter,
+      evaluateHook: gs.evaluateHook,
+      loadConfig: gs.loadConfig,
+    };
+  } catch {
+    try {
+      const gs = await import('@goplus/agentguard');
+      return {
+        createAgentGuard: gs.createAgentGuard || gs.default,
+        HermesAdapter: gs.HermesAdapter,
+        evaluateHook: gs.evaluateHook,
+        loadConfig: gs.loadConfig,
+      };
+    } catch {
+      return null;
+    }
+  }
+}
+// ---------------------------------------------------------------------------
+// Read stdin
+// ---------------------------------------------------------------------------
+function readStdin() {
+  return new Promise((resolve) => {
+    let data = '';
+    let settled = false;
+    const finish = (value) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      resolve(value);
+    };
+    const timer = setTimeout(() => finish(null), 5000);
+    process.stdin.setEncoding('utf-8');
+    process.stdin.on('data', (chunk) => (data += chunk));
+    process.stdin.on('end', () => {
+      try {
+        finish(JSON.parse(data));
+      } catch {
+        finish(null);
+      }
+    });
+    process.stdin.on('error', () => finish(null));
+  });
+}
+// ---------------------------------------------------------------------------
+// Hermes output helpers
+// ---------------------------------------------------------------------------
+function outputBlock(reason) {
+  console.log(JSON.stringify({
+    action: 'block',
+    message: reason || 'GoPlus AgentGuard blocked this action',
+  }));
+  process.exit(0);
+}
+function outputAllow() {
+  console.log('{}');
+  process.exit(0);
+}
+// ---------------------------------------------------------------------------
+// Main
+// ---------------------------------------------------------------------------
+async function main() {
+  const input = await readStdin();
+  if (!input) {
+    outputBlock('GoPlus AgentGuard: invalid or missing Hermes hook payload');
+  }
+  const validationError = isPreHook(input) ? validatePreToolPayload(input) : null;
+  if (validationError) {
+    outputBlock(`GoPlus AgentGuard: ${validationError}`);
+  }
+  const engine = await loadEngine();
+  if (!engine) {
+    if (shouldFailClosed(input)) {
+      outputBlock('GoPlus AgentGuard: unable to load Hermes hook engine; blocking fail-closed');
+    }
+    outputAllow();
+  }
+  ({ createAgentGuard, HermesAdapter, evaluateHook, loadConfig } = engine);
+  const adapter = new HermesAdapter();
+  const config = loadConfig();
+  const agentguard = createAgentGuard();
+  const result = await evaluateHook(adapter, input, { config, agentguard });
+  if (result.decision === 'deny') {
+    outputBlock(result.reason || 'GoPlus AgentGuard blocked this Hermes tool call');
+  } else if (result.decision === 'ask') {
+    outputBlock(result.reason || 'GoPlus AgentGuard requires confirmation for this Hermes tool call');
+  } else {
+    outputAllow();
+  }
+}
+main();