@hybridaione/hybridclaw 0.2.2 → 0.2.6

package/src/update.ts

@@ -1,6 +1,6 @@
+import { spawn, spawnSync } from 'child_process';
 import fs from 'fs';
 import path from 'path';
-import { spawn, spawnSync } from 'child_process';
 import readline from 'readline/promises';
 
 const DEFAULT_PACKAGE_NAME = '@hybridaione/hybridclaw';
@@ -52,8 +52,14 @@ function readPackageInfo(packageJsonPath: string): PackageInfo {
   try {
     const raw = fs.readFileSync(packageJsonPath, 'utf-8');
     const parsed = JSON.parse(raw) as PackageManifest;
-    const name = typeof parsed.name === 'string' && parsed.name.trim() ? parsed.name.trim() : null;
-    const version = typeof parsed.version === 'string' && parsed.version.trim() ? parsed.version.trim() : null;
+    const name =
+      typeof parsed.name === 'string' && parsed.name.trim()
+        ? parsed.name.trim()
+        : null;
+    const version =
+      typeof parsed.version === 'string' && parsed.version.trim()
+        ? parsed.version.trim()
+        : null;
     return { name, version };
   } catch {
     return { name: null, version: null };
@@ -88,9 +94,10 @@ function findNearestPackageRoot(startPath: string | undefined): string | null {
   let current: string;
   try {
     const resolved = path.resolve(startPath);
-    current = fs.existsSync(resolved) && fs.statSync(resolved).isDirectory()
-      ? resolved
-      : path.dirname(resolved);
+    current =
+      fs.existsSync(resolved) && fs.statSync(resolved).isDirectory()
+        ? resolved
+        : path.dirname(resolved);
   } catch {
     return null;
   }
@@ -134,14 +141,24 @@ function detectPackageManager(): PackageManager {
   return 'npm';
 }
 
-function detectInstallContext(packageName: string, entryPath: string | undefined): InstallContext {
+function detectInstallContext(
+  packageName: string,
+  entryPath: string | undefined,
+): InstallContext {
   const preferredManager = detectPackageManager();
   const entryRoot = findNearestPackageRoot(entryPath);
   const cwdRoot = findNearestPackageRoot(process.cwd());
   const cwdInfo = readPackageInfo(path.join(process.cwd(), 'package.json'));
 
-  if (cwdInfo.name === packageName && fs.existsSync(path.join(process.cwd(), '.git'))) {
-    return { kind: 'source', root: process.cwd(), packageManager: preferredManager };
+  if (
+    cwdInfo.name === packageName &&
+    fs.existsSync(path.join(process.cwd(), '.git'))
+  ) {
+    return {
+      kind: 'source',
+      root: process.cwd(),
+      packageManager: preferredManager,
+    };
   }
 
   if (!entryRoot) {
@@ -157,15 +174,27 @@ function detectInstallContext(packageName: string, entryPath: string | undefined
         packageManager: preferredManager,
       };
     }
-    return { kind: 'unknown', root: entryRoot, packageManager: preferredManager };
+    return {
+      kind: 'unknown',
+      root: entryRoot,
+      packageManager: preferredManager,
+    };
   }
 
   if (fs.existsSync(path.join(entryRoot, '.git'))) {
-    return { kind: 'source', root: entryRoot, packageManager: preferredManager };
+    return {
+      kind: 'source',
+      root: entryRoot,
+      packageManager: preferredManager,
+    };
   }
 
   if (entryRoot.includes(`${path.sep}node_modules${path.sep}`)) {
-    return { kind: 'package', root: entryRoot, packageManager: preferredManager };
+    return {
+      kind: 'package',
+      root: entryRoot,
+      packageManager: preferredManager,
+    };
   }
 
   return { kind: 'unknown', root: entryRoot, packageManager: preferredManager };
@@ -179,7 +208,12 @@ function parseSemver(value: string): ParsedSemver | null {
   const major = Number.parseInt(match[1], 10);
   const minor = Number.parseInt(match[2], 10);
   const patch = Number.parseInt(match[3], 10);
-  if (!Number.isFinite(major) || !Number.isFinite(minor) || !Number.isFinite(patch)) return null;
+  if (
+    !Number.isFinite(major) ||
+    !Number.isFinite(minor) ||
+    !Number.isFinite(patch)
+  )
+    return null;
 
   return {
     major,
@@ -239,7 +273,9 @@ function commandAvailable(command: string): boolean {
   return result.status === 0;
 }
 
-function resolveAvailablePackageManager(preferred: PackageManager): PackageManager | null {
+function resolveAvailablePackageManager(
+  preferred: PackageManager,
+): PackageManager | null {
   const order: PackageManager[] = [preferred, 'npm', 'pnpm', 'yarn', 'bun'];
   const checked = new Set<PackageManager>();
   for (const candidate of order) {
@@ -250,7 +286,10 @@ function resolveAvailablePackageManager(preferred: PackageManager): PackageManag
   return null;
 }
 
-function buildUpdateCommand(packageManager: PackageManager, packageName: string): UpdateCommand {
+function buildUpdateCommand(
+  packageManager: PackageManager,
+  packageName: string,
+): UpdateCommand {
   switch (packageManager) {
     case 'pnpm': {
       const args = ['add', '-g', `${packageName}@latest`];
@@ -277,7 +316,9 @@ async function askForConfirmation(message: string): Promise<boolean> {
     output: process.stdout,
   });
   try {
-    const answer = (await rl.question(`${message} [y/N] `)).trim().toLowerCase();
+    const answer = (await rl.question(`${message} [y/N] `))
+      .trim()
+      .toLowerCase();
     return answer === 'y' || answer === 'yes';
   } finally {
     rl.close();
@@ -304,7 +345,10 @@ Options:
   --yes, -y        Skip confirmation prompt before install`);
 }
 
-export async function runUpdateCommand(args: string[], currentVersion: string): Promise<void> {
+export async function runUpdateCommand(
+  args: string[],
+  currentVersion: string,
+): Promise<void> {
   const options = parseUpdateArgs(args);
   if (options.help) {
     printUpdateUsage();
@@ -314,7 +358,9 @@ export async function runUpdateCommand(args: string[], currentVersion: string):
   const packageName = resolvePackageName(process.argv[1]);
   const install = detectInstallContext(packageName, process.argv[1]);
   const latest = fetchLatestVersion(packageName);
-  const comparison = latest.version ? compareSemver(currentVersion, latest.version) : null;
+  const comparison = latest.version
+    ? compareSemver(currentVersion, latest.version)
+    : null;
 
   console.log(`Current version: ${currentVersion}`);
   if (latest.version) {
@@ -325,7 +371,9 @@ export async function runUpdateCommand(args: string[], currentVersion: string):
 
   if (install.kind === 'source') {
     console.log('');
-    console.log(`Source checkout detected at ${install.root || process.cwd()}.`);
+    console.log(
+      `Source checkout detected at ${install.root || process.cwd()}.`,
+    );
     console.log('To update, run:');
     console.log('  git pull --rebase');
     console.log('  npm install');
@@ -342,14 +390,20 @@ export async function runUpdateCommand(args: string[], currentVersion: string):
   } else if (latest.version && comparison === 0) {
     console.log('HybridClaw is already up to date.');
   } else if (latest.version && comparison === 1) {
-    console.log('Installed version is newer than npm latest; skipping automatic update.');
+    console.log(
+      'Installed version is newer than npm latest; skipping automatic update.',
+    );
   } else if (latest.version) {
-    console.log('Version comparison unavailable; semver format not recognized.');
+    console.log(
+      'Version comparison unavailable; semver format not recognized.',
+    );
   }
 
   const manager = resolveAvailablePackageManager(install.packageManager);
   if (!manager) {
-    throw new Error('No supported package manager found (npm, pnpm, yarn, bun).');
+    throw new Error(
+      'No supported package manager found (npm, pnpm, yarn, bun).',
+    );
   }
   const updateCommand = buildUpdateCommand(manager, packageName);
 
@@ -370,7 +424,9 @@ export async function runUpdateCommand(args: string[], currentVersion: string):
   console.log(`Update command: ${updateCommand.display}`);
   if (!options.yes) {
     if (!process.stdin.isTTY || !process.stdout.isTTY) {
-      console.log('Non-interactive shell detected. Re-run with `--yes` to apply the update.');
+      console.log(
+        'Non-interactive shell detected. Re-run with `--yes` to apply the update.',
+      );
       return;
     }
     const confirmed = await askForConfirmation('Proceed with update now?');

package/src/workspace.ts

@@ -3,11 +3,10 @@
  * TOOLS.md, MEMORY.md, HEARTBEAT.md from the agent workspace
  * and injects them into the system prompt (like OpenClaw).
  */
-import fs from 'fs';
-import path from 'path';
-
-import { logger } from './logger.js';
+import fs from 'node:fs';
+import path from 'node:path';
 import { agentWorkspaceDir } from './ipc.js';
+import { logger } from './logger.js';
 import { truncateHeadTailText } from './token-efficiency.js';
 
 const BOOTSTRAP_FILES = [
@@ -21,6 +20,21 @@ const BOOTSTRAP_FILES = [
   'BOOTSTRAP.md',
   'BOOT.md',
 ] as const;
+const POLICY_RELATIVE_PATH = path.join('.hybridclaw', 'policy.yaml');
+const DEFAULT_POLICY_TEMPLATE = `approval:
+  pinned_red:
+    - pattern: "rm -rf /"
+    - paths: ["~/.ssh/**", "/etc/**", ".env*"]
+    - tools: ["force_push"]
+
+  workspace_fence: true
+  max_pending_approvals: 3
+  approval_timeout_secs: 120
+
+audit:
+  log_all_red: true
+  log_denials: true
+`;
 
 const MAX_FILE_CHARS = 20_000;
 const TEMPLATES_DIR = path.join(process.cwd(), 'templates');
@@ -47,6 +61,25 @@ export function ensureBootstrapFiles(agentId: string): void {
       logger.debug({ agentId, file: filename }, 'Copied bootstrap template');
     }
   }
+
+  const policyDestPath = path.join(wsDir, POLICY_RELATIVE_PATH);
+  if (!fs.existsSync(policyDestPath)) {
+    fs.mkdirSync(path.dirname(policyDestPath), { recursive: true });
+    const repoPolicyPath = path.join(process.cwd(), POLICY_RELATIVE_PATH);
+    if (fs.existsSync(repoPolicyPath)) {
+      fs.copyFileSync(repoPolicyPath, policyDestPath);
+      logger.debug(
+        { agentId, file: POLICY_RELATIVE_PATH },
+        'Copied approval policy from repository',
+      );
+    } else {
+      fs.writeFileSync(policyDestPath, DEFAULT_POLICY_TEMPLATE, 'utf-8');
+      logger.debug(
+        { agentId, file: POLICY_RELATIVE_PATH },
+        'Wrote default approval policy template',
+      );
+    }
+  }
 }
 
 /**
@@ -71,7 +104,10 @@ export function loadBootstrapFiles(agentId: string): ContextFile[] {
 
       files.push({ name: filename, content });
     } catch (err) {
-      logger.warn({ agentId, file: filename, err }, 'Failed to read bootstrap file');
+      logger.warn(
+        { agentId, file: filename, err },
+        'Failed to read bootstrap file',
+      );
     }
   }
 
@@ -83,7 +119,10 @@ export function loadBootstrapFiles(agentId: string): ContextFile[] {
  * e.g. "Tuesday, February 24th, 2026 — 14:32"
  */
 function formatCurrentTime(timezone?: string): string {
-  const tz = timezone?.trim() || Intl.DateTimeFormat().resolvedOptions().timeZone || 'UTC';
+  const tz =
+    timezone?.trim() ||
+    Intl.DateTimeFormat().resolvedOptions().timeZone ||
+    'UTC';
   const now = new Date();
   try {
     const parts = new Intl.DateTimeFormat('en-US', {
@@ -100,14 +139,27 @@ function formatCurrentTime(timezone?: string): string {
     for (const part of parts) {
       if (part.type !== 'literal') map[part.type] = part.value;
     }
-    if (!map.weekday || !map.year || !map.month || !map.day || !map.hour || !map.minute) {
+    if (
+      !map.weekday ||
+      !map.year ||
+      !map.month ||
+      !map.day ||
+      !map.hour ||
+      !map.minute
+    ) {
       return now.toISOString();
     }
     const dayNum = parseInt(map.day, 10);
-    const suffix = dayNum >= 11 && dayNum <= 13 ? 'th'
-      : dayNum % 10 === 1 ? 'st'
-      : dayNum % 10 === 2 ? 'nd'
-      : dayNum % 10 === 3 ? 'rd' : 'th';
+    const suffix =
+      dayNum >= 11 && dayNum <= 13
+        ? 'th'
+        : dayNum % 10 === 1
+          ? 'st'
+          : dayNum % 10 === 2
+            ? 'nd'
+            : dayNum % 10 === 3
+              ? 'rd'
+              : 'th';
     return `${map.weekday}, ${map.month} ${dayNum}${suffix}, ${map.year} — ${map.hour}:${map.minute} (${tz})`;
   } catch {
     return now.toISOString();

package/tests/approval-policy.test.ts

@@ -0,0 +1,224 @@
+import fs from 'fs';
+import os from 'os';
+import path from 'path';
+import { describe, expect, test } from 'vitest';
+
+import { TrustedCoworkerApprovalRuntime } from '../container/src/approval-policy.js';
+import type { ChatMessage } from '../container/src/types.js';
+
+function userMessage(text: string): ChatMessage {
+  return { role: 'user', content: text };
+}
+
+function tempTrustStorePath(name: string): string {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'hybridclaw-approval-'));
+  return path.join(dir, `${name}.json`);
+}
+
+describe('TrustedCoworkerApprovalRuntime', () => {
+  test('yellow actions promote to green after successful repeat', () => {
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      '/tmp/hybridclaw-missing-policy.yaml',
+    );
+
+    const first = runtime.evaluateToolCall({
+      toolName: 'bash',
+      argsJson: JSON.stringify({ command: 'npm install' }),
+      latestUserPrompt: 'Install dependencies',
+    });
+    expect(first.tier).toBe('yellow');
+    expect(first.decision).toBe('implicit');
+
+    runtime.afterToolExecution(first, true);
+
+    const second = runtime.evaluateToolCall({
+      toolName: 'bash',
+      argsJson: JSON.stringify({ command: 'npm install' }),
+      latestUserPrompt: 'Install dependencies',
+    });
+    expect(second.tier).toBe('green');
+  });
+
+  test('sensitive paths stay pinned red and require explicit approval', () => {
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      '/tmp/hybridclaw-missing-policy.yaml',
+    );
+
+    const evaluation = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson: JSON.stringify({ path: '.env', contents: 'API_KEY=abc' }),
+      latestUserPrompt: 'Write env file',
+    });
+
+    expect(evaluation.baseTier).toBe('red');
+    expect(evaluation.decision).toBe('required');
+    expect(evaluation.pinned).toBe(true);
+    expect(evaluation.requestId).toBeTruthy();
+  });
+
+  test('yes response approves once and replays original prompt', () => {
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      '/tmp/hybridclaw-missing-policy.yaml',
+    );
+    const originalPrompt = 'Delete dist and rebuild cleanly';
+
+    const pending = runtime.evaluateToolCall({
+      toolName: 'bash',
+      argsJson: JSON.stringify({ command: 'rm -rf dist' }),
+      latestUserPrompt: originalPrompt,
+    });
+    expect(pending.decision).toBe('required');
+
+    const prelude = runtime.handleApprovalResponse([userMessage('yes')]);
+    expect(prelude?.replayPrompt).toBe(originalPrompt);
+    expect(prelude?.approvalMode).toBe('once');
+
+    const approved = runtime.evaluateToolCall({
+      toolName: 'bash',
+      argsJson: JSON.stringify({ command: 'rm -rf dist' }),
+      latestUserPrompt: originalPrompt,
+    });
+    expect(approved.decision).toBe('approved_once');
+  });
+
+  test('yes for session persists trust for repeated action key', () => {
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      '/tmp/hybridclaw-missing-policy.yaml',
+    );
+    const originalPrompt = 'Fetch from example.com';
+
+    const first = runtime.evaluateToolCall({
+      toolName: 'web_fetch',
+      argsJson: JSON.stringify({ url: 'https://example.com' }),
+      latestUserPrompt: originalPrompt,
+    });
+    expect(first.decision).toBe('required');
+
+    const prelude = runtime.handleApprovalResponse([
+      userMessage('yes for session'),
+    ]);
+    expect(prelude?.approvalMode).toBe('session');
+
+    const second = runtime.evaluateToolCall({
+      toolName: 'web_fetch',
+      argsJson: JSON.stringify({ url: 'https://example.com' }),
+      latestUserPrompt: originalPrompt,
+    });
+    expect(second.decision).toBe('approved_session');
+  });
+
+  test('pinned red cannot be session-trusted across runs', () => {
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      '/tmp/hybridclaw-missing-policy.yaml',
+    );
+    const prompt = 'Append token to .env';
+
+    const first = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson: JSON.stringify({ path: '.env', contents: 'TOKEN=x' }),
+      latestUserPrompt: prompt,
+    });
+    expect(first.decision).toBe('required');
+    expect(first.pinned).toBe(true);
+
+    const prelude = runtime.handleApprovalResponse([
+      userMessage('yes for session'),
+    ]);
+    expect(prelude?.approvalMode).toBe('once');
+
+    const second = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson: JSON.stringify({ path: '.env', contents: 'TOKEN=x' }),
+      latestUserPrompt: prompt,
+    });
+    expect(second.decision).toBe('approved_once');
+
+    const third = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson: JSON.stringify({ path: '.env', contents: 'TOKEN=x' }),
+      latestUserPrompt: prompt,
+    });
+    expect(third.decision).toBe('required');
+  });
+
+  test('yes for agent persists trust across runtime restarts', () => {
+    const trustStorePath = tempTrustStorePath('agent-trust');
+    const policyPath = '/tmp/hybridclaw-missing-policy.yaml';
+    const prompt = 'Fetch from example.com';
+    const argsJson = JSON.stringify({ url: 'https://example.com' });
+
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      policyPath,
+      trustStorePath,
+    );
+    const first = runtime.evaluateToolCall({
+      toolName: 'web_fetch',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(first.decision).toBe('required');
+
+    const prelude = runtime.handleApprovalResponse([
+      userMessage('yes for agent'),
+    ]);
+    expect(prelude?.approvalMode).toBe('agent');
+
+    const second = runtime.evaluateToolCall({
+      toolName: 'web_fetch',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(second.decision).toBe('approved_agent');
+
+    const restarted = new TrustedCoworkerApprovalRuntime(
+      policyPath,
+      trustStorePath,
+    );
+    const third = restarted.evaluateToolCall({
+      toolName: 'web_fetch',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(third.decision).toBe('approved_agent');
+  });
+
+  test('pinned red cannot be agent-trusted across restarts', () => {
+    const trustStorePath = tempTrustStorePath('pinned-agent');
+    const policyPath = '/tmp/hybridclaw-missing-policy.yaml';
+    const prompt = 'Write .env';
+    const argsJson = JSON.stringify({ path: '.env', contents: 'TOKEN=abc' });
+
+    const runtime = new TrustedCoworkerApprovalRuntime(
+      policyPath,
+      trustStorePath,
+    );
+    const first = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(first.decision).toBe('required');
+    expect(first.pinned).toBe(true);
+
+    const prelude = runtime.handleApprovalResponse([userMessage('3')]);
+    expect(prelude?.approvalMode).toBe('once');
+
+    const second = runtime.evaluateToolCall({
+      toolName: 'write',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(second.decision).toBe('approved_once');
+
+    const restarted = new TrustedCoworkerApprovalRuntime(
+      policyPath,
+      trustStorePath,
+    );
+    const third = restarted.evaluateToolCall({
+      toolName: 'write',
+      argsJson,
+      latestUserPrompt: prompt,
+    });
+    expect(third.decision).toBe('required');
+  });
+});

package/tests/discord.basic.test.ts

@@ -1,7 +1,11 @@
 import { expect, test } from 'vitest';
 
 import { buildResponseText } from '../src/channels/discord/delivery.js';
-import { rewriteUserMentions, type MentionLookup } from '../src/channels/discord/mentions.js';
+import { isTrigger, parseCommand } from '../src/channels/discord/inbound.js';
+import {
+  type MentionLookup,
+  rewriteUserMentions,
+} from '../src/channels/discord/mentions.js';
 
 function createLookup(entries: Record<string, string[]>): MentionLookup {
   const byAlias = new Map<string, Set<string>>();
@@ -18,7 +22,9 @@ test('rewriteUserMentions rewrites a uniquely-resolved @alias', () => {
 });
 
 test('rewriteUserMentions does not rewrite ambiguous aliases', () => {
-  const lookup = createLookup({ bob: ['111111111111111111', '222222222222222222'] });
+  const lookup = createLookup({
+    bob: ['111111111111111111', '222222222222222222'],
+  });
   const output = rewriteUserMentions('hi @bob', lookup);
   expect(output).toBe('hi @bob');
 });
@@ -41,3 +47,77 @@ test('buildResponseText leaves text unchanged when no tools were used', () => {
   const output = buildResponseText('Done.');
   expect(output).toBe('Done.');
 });
+
+test('isTrigger blocks non-command chatter when channel mode is off', () => {
+  const shouldTrigger = isTrigger({
+    content: 'hello',
+    isDm: false,
+    commandsOnly: false,
+    respondToAllMessages: false,
+    guildMessageMode: 'off',
+    prefix: '!claw',
+    botMentionRegex: null,
+    hasBotMention: false,
+  });
+  expect(shouldTrigger).toBe(false);
+});
+
+test('isTrigger still allows prefixed commands when channel mode is off', () => {
+  const shouldTrigger = isTrigger({
+    content: '!claw status',
+    isDm: false,
+    commandsOnly: false,
+    respondToAllMessages: false,
+    guildMessageMode: 'off',
+    prefix: '!claw',
+    botMentionRegex: null,
+    hasBotMention: false,
+  });
+  expect(shouldTrigger).toBe(true);
+});
+
+test('isTrigger allows free-response mode in guild channels', () => {
+  const shouldTrigger = isTrigger({
+    content: 'Can you review this patch?',
+    isDm: false,
+    commandsOnly: false,
+    respondToAllMessages: false,
+    guildMessageMode: 'free',
+    prefix: '!claw',
+    botMentionRegex: null,
+    hasBotMention: false,
+  });
+  expect(shouldTrigger).toBe(true);
+});
+
+test('isTrigger keeps mention mode even when respondToAllMessages is enabled', () => {
+  const shouldTrigger = isTrigger({
+    content: 'hello',
+    isDm: false,
+    commandsOnly: false,
+    respondToAllMessages: true,
+    guildMessageMode: 'mention',
+    prefix: '!claw',
+    botMentionRegex: null,
+    hasBotMention: false,
+  });
+  expect(shouldTrigger).toBe(false);
+});
+
+test('parseCommand recognizes channel command namespace', () => {
+  const parsed = parseCommand('!claw channel mode free', null, '!claw');
+  expect(parsed).toEqual({
+    isCommand: true,
+    command: 'channel',
+    args: ['mode', 'free'],
+  });
+});
+
+test('parseCommand recognizes usage command namespace', () => {
+  const parsed = parseCommand('!claw usage monthly', null, '!claw');
+  expect(parsed).toEqual({
+    isCommand: true,
+    command: 'usage',
+    args: ['monthly'],
+  });
+});