@integrity-labs/agt-cli 0.10.1 → 0.10.2

package/dist/{chunk-N7TRKQMT.js → chunk-VCKY6MN2.js}

@@ -215,6 +215,25 @@ var INTEGRATION_REGISTRY = [
     },
     docs_url: "https://github.com/Pika-Labs/Pika-Skills"
   },
+  {
+    id: "claude-code",
+    name: "Claude Code",
+    category: "code",
+    description: "Claude Code AI agent runtime \u2014 code editing, task execution, file management, and development workflows",
+    supported_auth_types: ["api_key", "none"],
+    capabilities: [
+      { id: "claude-code:edit-code", name: "Edit Code", description: "Read, write, and edit source files", access: "write" },
+      { id: "claude-code:run-tasks", name: "Run Tasks", description: "Execute bash commands and development tasks", access: "write" },
+      { id: "claude-code:search", name: "Search Code", description: "Search files and grep codebase", access: "read" },
+      { id: "claude-code:git", name: "Git Operations", description: "Commit, branch, push, and manage version control", access: "write" }
+    ],
+    cli_tool: {
+      package: "@anthropic-ai/claude-code",
+      binary: "claude",
+      env_key: "ANTHROPIC_API_KEY"
+    },
+    docs_url: "https://docs.anthropic.com/en/docs/claude-code"
+  },
   {
     id: "custom",
     name: "Custom Integration",
@@ -1333,6 +1352,38 @@ ${entry.content}`
       return changed;
     }, codeName);
   },
+  executePluginHook(ctx) {
+    const agentDir = join(AUGMENTED_DIR, ctx.codeName);
+    const projectDir = join(agentDir, "project");
+    mkdirSync(agentDir, { recursive: true });
+    const startedAt = Date.now();
+    return new Promise((resolve3) => {
+      const child = execFile("bash", ["-c", ctx.script], {
+        cwd: agentDir,
+        timeout: 6e4,
+        maxBuffer: 1024 * 1024,
+        env: {
+          ...process.env,
+          AGENT_CODE_NAME: ctx.codeName,
+          AGENT_DIR: agentDir,
+          AGENT_PROJECT_DIR: projectDir,
+          AGENT_FRAMEWORK: "openclaw"
+        }
+      }, (error, stdout, stderr) => {
+        const durationMs = Date.now() - startedAt;
+        const timedOut = !!error && error.code === "ETIMEDOUT";
+        resolve3({
+          exitCode: error ? typeof error.code === "number" ? error.code : 1 : 0,
+          stdout: stdout?.toString() ?? "",
+          stderr: stderr?.toString() ?? "",
+          durationMs,
+          timedOut
+        });
+      });
+      child.on("error", () => {
+      });
+    });
+  },
   readGatewayToken(codeName) {
     const homeDir = getHomeDir();
     try {
@@ -1811,6 +1862,7 @@ registerFramework(nemoClawAdapter);
 import { readFileSync as readFileSync3, writeFileSync as writeFileSync3, mkdirSync as mkdirSync3, existsSync as existsSync3, chmodSync as chmodSync3 } from "fs";
 import { join as join3, relative } from "path";
 import { homedir as homedir2 } from "os";
+import { execFile as execFile3 } from "child_process";
 
 // ../../packages/core/dist/provisioning/frameworks/claudecode/identity.js
 function buildMemorySection(hasQmd) {
@@ -2190,6 +2242,88 @@ function provisionStopHook(codeName) {
   settings["hooks"] = hooks;
   writeFileSync3(settingsPath, JSON.stringify(settings, null, 2));
 }
+function provisionIsolationHook(codeName) {
+  const projectDir = getProjectDir(codeName);
+  const claudeDir = join3(projectDir, ".claude");
+  mkdirSync3(claudeDir, { recursive: true });
+  const homeDir = getHomeDir3();
+  const augmentedBase = join3(homeDir, ".augmented");
+  const ownAgentDir = join3(augmentedBase, codeName);
+  const logFile = join3(ownAgentDir, "isolation.log");
+  const hookScriptPath = join3(claudeDir, "agt-isolation-hook.sh");
+  const hookScript = [
+    "#!/bin/bash",
+    "# Auto-generated by Augmented \u2014 prevents cross-agent file access.",
+    "# Exit 0 = allow, Exit 2 = block (with stderr message shown to agent)",
+    "set -euo pipefail",
+    "INPUT=$(cat)",
+    `TOOL=$(echo "$INPUT" | jq -r '.tool_name // empty')`,
+    "",
+    "# Only check file-access tools",
+    'case "$TOOL" in',
+    "  Read|Edit|Write|Glob|Grep|MultiEdit) ;;",
+    "  Bash)",
+    "    # For Bash, we can't reliably parse arbitrary commands \u2014 rely on allowedDirectories.",
+    "    # But block obvious attempts to read other agent dirs.",
+    `    CMD=$(echo "$INPUT" | jq -r '.tool_input.command // empty')`,
+    `    if echo "$CMD" | grep -qE '${augmentedBase}/[^/]+/' 2>/dev/null; then`,
+    `      MATCH=$(echo "$CMD" | grep -oE '${augmentedBase}/[^/]+' | head -1)`,
+    `      AGENT_DIR=$(basename "$MATCH")`,
+    `      if [ "$AGENT_DIR" != "${codeName}" ] && [ "$AGENT_DIR" != "_mcp" ]; then`,
+    `        echo "$(date -u +%Y-%m-%dT%H:%M:%SZ) BLOCKED bash targeting $MATCH" >> "${logFile}"`,
+    `        echo "Access denied: you cannot access other agents' directories." >&2`,
+    "        exit 2",
+    "      fi",
+    "    fi",
+    "    exit 0 ;;",
+    "  *) exit 0 ;;",
+    "esac",
+    "",
+    "# Extract file_path from tool input",
+    `FILE_PATH=$(echo "$INPUT" | jq -r '.tool_input.file_path // .tool_input.path // empty')`,
+    '[ -z "$FILE_PATH" ] && exit 0',
+    "",
+    "# Resolve to absolute path",
+    'if [[ "$FILE_PATH" != /* ]]; then',
+    `  CWD=$(echo "$INPUT" | jq -r '.cwd // empty')`,
+    '  [ -n "$CWD" ] && FILE_PATH="$CWD/$FILE_PATH"',
+    "fi",
+    "",
+    "# Check if path targets another agent's directory",
+    `AUGMENTED_BASE="${augmentedBase}"`,
+    'case "$FILE_PATH" in',
+    '  "$AUGMENTED_BASE"/*/*)  ',
+    '    AGENT_DIR=$(echo "$FILE_PATH" | sed "s|$AUGMENTED_BASE/||" | cut -d/ -f1)',
+    `    if [ "$AGENT_DIR" != "${codeName}" ] && [ "$AGENT_DIR" != "_mcp" ]; then`,
+    `      echo "$(date -u +%Y-%m-%dT%H:%M:%SZ) BLOCKED $TOOL on $FILE_PATH" >> "${logFile}"`,
+    `      echo "Access denied: you cannot access other agents' directories." >&2`,
+    "      exit 2",
+    "    fi ;;",
+    "esac",
+    "",
+    "exit 0"
+  ].join("\n") + "\n";
+  writeFileSync3(hookScriptPath, hookScript, { mode: 493 });
+  const settingsPath = join3(claudeDir, "settings.local.json");
+  let settings = {};
+  try {
+    settings = JSON.parse(readFileSync3(settingsPath, "utf-8"));
+  } catch {
+  }
+  const hooks = settings["hooks"] ?? {};
+  hooks["PreToolUse"] = [
+    {
+      hooks: [
+        {
+          type: "command",
+          command: hookScriptPath
+        }
+      ]
+    }
+  ];
+  settings["hooks"] = hooks;
+  writeFileSync3(settingsPath, JSON.stringify(settings, null, 2));
+}
 function modifyJsonConfig(filePath, fn) {
   let originalContent;
   let config;
@@ -2225,6 +2359,19 @@ function buildSettingsJson(input) {
   if (agent.primary_model) {
     settings["model"] = agent.primary_model;
   }
+  const projectDir = getProjectDir(agent.code_name);
+  const agentDir = getAgentDir(agent.code_name);
+  const homeDir = getHomeDir3();
+  settings["allowedDirectories"] = [
+    projectDir,
+    // Agent's project dir (CLAUDE.md, settings.json, etc.)
+    agentDir,
+    // Agent's config dir (.env, schedules, registration)
+    join3(homeDir, ".augmented", "_mcp"),
+    // Shared MCP binaries
+    "/tmp"
+    // Temp files
+  ];
   return settings;
 }
 function buildMcpJson(input) {
@@ -2425,9 +2572,9 @@ ${entry.content}`
   // so ensureGatewayRunning() returns early with running=false
   async getVersion() {
     try {
-      const { execFile: execFile3 } = await import("child_process");
+      const { execFile: execFile4 } = await import("child_process");
       return new Promise((resolve3) => {
-        execFile3("claude", ["--version"], { timeout: 5e3 }, (err, stdout) => {
+        execFile4("claude", ["--version"], { timeout: 5e3 }, (err, stdout) => {
           if (err) {
             resolve3(null);
             return;
@@ -2675,6 +2822,23 @@ ${entry.content}`
           args: ["-y", "@composio/mcp", "start", "--url", config.url],
           env: config.headers ?? {}
         };
+      } else if (config.url.includes("mcp.pipedream.net")) {
+        const pdUrl = new URL(config.url);
+        const pathParts = pdUrl.pathname.split("/").filter(Boolean);
+        const externalUserId = decodeURIComponent(pathParts[0] ?? "");
+        const appSlug = decodeURIComponent(pathParts[1] ?? "");
+        const headers = config.headers ?? {};
+        const authToken = (headers["Authorization"] ?? "").replace("Bearer ", "");
+        serverEntry = {
+          command: "npx",
+          args: ["-y", "@pipedream/mcp", "stdio", "--app", appSlug, "--external-user-id", externalUserId],
+          env: {
+            PIPEDREAM_PROJECT_ID: headers["x-pd-project-id"] ?? process.env["PIPEDREAM_PROJECT_ID"] ?? "",
+            PIPEDREAM_CLIENT_ID: headers["x-pd-client-id"] ?? process.env["PIPEDREAM_CLIENT_ID"] ?? "",
+            PIPEDREAM_CLIENT_SECRET: headers["x-pd-client-secret"] ?? process.env["PIPEDREAM_CLIENT_SECRET"] ?? "",
+            PIPEDREAM_PROJECT_ENVIRONMENT: headers["x-pd-environment"] ?? process.env["PIPEDREAM_ENVIRONMENT"] ?? "development"
+          }
+        };
       } else {
         serverEntry = {
           command: "npx",
@@ -2748,6 +2912,40 @@ ${entry.content}`
     };
     writeFileSync3(pluginsJsonPath, JSON.stringify(pluginsConfig, null, 2));
   },
+  executePluginHook(ctx) {
+    assertValidCodeName(ctx.codeName);
+    const agentRootDir = join3(getHomeDir3(), ".augmented", ctx.codeName);
+    const projectDir = getProjectDir(ctx.codeName);
+    mkdirSync3(agentRootDir, { recursive: true });
+    mkdirSync3(projectDir, { recursive: true });
+    const startedAt = Date.now();
+    return new Promise((resolve3) => {
+      const child = execFile3("bash", ["-c", ctx.script], {
+        cwd: agentRootDir,
+        timeout: 6e4,
+        maxBuffer: 1024 * 1024,
+        env: {
+          ...process.env,
+          AGENT_CODE_NAME: ctx.codeName,
+          AGENT_DIR: agentRootDir,
+          AGENT_PROJECT_DIR: projectDir,
+          AGENT_FRAMEWORK: "claude-code"
+        }
+      }, (error, stdout, stderr) => {
+        const durationMs = Date.now() - startedAt;
+        const timedOut = !!error && error.code === "ETIMEDOUT";
+        resolve3({
+          exitCode: error ? typeof error.code === "number" ? error.code : 1 : 0,
+          stdout: stdout?.toString() ?? "",
+          stderr: stderr?.toString() ?? "",
+          durationMs,
+          timedOut
+        });
+      });
+      child.on("error", () => {
+      });
+    });
+  },
   writeTokenFile(codeName, integrations) {
     const agentDir = getAgentDir(codeName);
     mkdirSync3(agentDir, { recursive: true });
@@ -2888,6 +3086,11 @@ async function doExchange(rawKey, retried) {
   if (!res.ok) {
     const body = await res.json().catch(() => ({}));
     const errorMsg = String(body["error"] ?? res.statusText);
+    const host = requireHost();
+    const obfuscated = rawKey.length > 12 ? `${rawKey.slice(0, 8)}${"*".repeat(rawKey.length - 12)}${rawKey.slice(-4)}` : rawKey.slice(0, 4) + "****";
+    if (res.status >= 502 && res.status <= 504) {
+      throw new Error(`API unreachable (${res.status}): ${host} \u2014 is the API server running?`);
+    }
     if (errorMsg.includes("revoked") && !retried) {
       reloadFromShellProfile();
       const freshKey = getApiKey();
@@ -2895,8 +3098,6 @@ async function doExchange(rawKey, retried) {
         return doExchange(freshKey, true);
       }
     }
-    const host = requireHost();
-    const obfuscated = rawKey.length > 12 ? `${rawKey.slice(0, 8)}${"*".repeat(rawKey.length - 12)}${rawKey.slice(-4)}` : rawKey.slice(0, 4) + "****";
     throw new Error(`API key exchange failed: ${errorMsg} (host=${host}, key=${obfuscated})`);
   }
   const data = await res.json();
@@ -4546,7 +4747,12 @@ var ROLE_PERMISSIONS = {
     "audit_log.view",
     "host.create",
     "host.manage",
-    "host.view"
+    "host.view",
+    "plugin.view",
+    "plugin.install",
+    "plugin.configure",
+    "plugin.manage_scopes",
+    "plugin.approve_requests"
   ],
   admin: [
     "team.manage_members",
@@ -4560,7 +4766,12 @@ var ROLE_PERMISSIONS = {
     "audit_log.view",
     "host.create",
     "host.manage",
-    "host.view"
+    "host.view",
+    "plugin.view",
+    "plugin.install",
+    "plugin.configure",
+    "plugin.manage_scopes",
+    "plugin.approve_requests"
   ],
   member: [
     "agent.create",
@@ -4568,12 +4779,15 @@ var ROLE_PERMISSIONS = {
     "agent.deploy",
     "agent.view",
     "audit_log.view",
-    "host.view"
+    "host.view",
+    "plugin.install",
+    "plugin.view"
   ],
   viewer: [
     "agent.view",
     "audit_log.view",
-    "host.view"
+    "host.view",
+    "plugin.view"
   ]
 };
 var permissionSets = new Map(Object.entries(ROLE_PERMISSIONS).map(([role, actions]) => [role, new Set(actions)]));
@@ -4680,6 +4894,129 @@ function getTemplate(id) {
   return DEPLOYMENT_TEMPLATES.find((t) => t.id === id);
 }
 
+// ../../packages/core/dist/plugins/context-validator.js
+import Ajv20202 from "ajv/dist/2020.js";
+import addFormats2 from "ajv-formats";
+
+// ../../packages/core/dist/plugins/context-meta-schema.json
+var context_meta_schema_default = {
+  $schema: "https://json-schema.org/draft/2020-12/schema",
+  $id: "https://augmented.dev/schemas/plugin-context.meta.schema.json",
+  title: "Plugin Context Schema (meta)",
+  description: "Meta-schema for the constrained subset of JSON Schema that plugin authors may declare for their plugin context. Anything outside this subset is rejected at PUT time. See ENG-4341 / docs/plugins/plugin-context-rfc.md.",
+  type: "object",
+  required: ["type", "properties"],
+  additionalProperties: false,
+  properties: {
+    $schema: {
+      type: "string"
+    },
+    type: {
+      type: "string",
+      const: "object"
+    },
+    properties: {
+      type: "object",
+      minProperties: 0,
+      additionalProperties: {
+        $ref: "#/$defs/field"
+      }
+    },
+    required: {
+      type: "array",
+      items: { type: "string" },
+      uniqueItems: true
+    }
+  },
+  $defs: {
+    field: {
+      oneOf: [
+        { $ref: "#/$defs/stringField" },
+        { $ref: "#/$defs/booleanField" },
+        { $ref: "#/$defs/stringArrayField" },
+        { $ref: "#/$defs/stringMapField" }
+      ]
+    },
+    stringField: {
+      type: "object",
+      required: ["type"],
+      additionalProperties: false,
+      properties: {
+        type: { const: "string" },
+        title: { type: "string" },
+        description: { type: "string" },
+        enum: {
+          type: "array",
+          items: { type: "string" },
+          minItems: 1,
+          uniqueItems: true
+        },
+        default: { type: "string" }
+      }
+    },
+    booleanField: {
+      type: "object",
+      required: ["type"],
+      additionalProperties: false,
+      properties: {
+        type: { const: "boolean" },
+        title: { type: "string" },
+        description: { type: "string" },
+        default: { type: "boolean" }
+      }
+    },
+    stringArrayField: {
+      type: "object",
+      required: ["type", "items"],
+      additionalProperties: false,
+      properties: {
+        type: { const: "array" },
+        items: {
+          type: "object",
+          required: ["type"],
+          additionalProperties: false,
+          properties: {
+            type: { const: "string" }
+          }
+        },
+        title: { type: "string" },
+        description: { type: "string" },
+        default: {
+          type: "array",
+          items: { type: "string" }
+        }
+      }
+    },
+    stringMapField: {
+      type: "object",
+      required: ["type", "additionalProperties"],
+      additionalProperties: false,
+      properties: {
+        type: { const: "object" },
+        additionalProperties: {
+          type: "object",
+          required: ["type"],
+          additionalProperties: false,
+          properties: {
+            type: { const: "string" }
+          }
+        },
+        title: { type: "string" },
+        description: { type: "string" },
+        default: {
+          type: "object",
+          additionalProperties: { type: "string" }
+        }
+      }
+    }
+  }
+};
+
+// ../../packages/core/dist/plugins/context-validator.js
+var ajv2 = new Ajv20202({ allErrors: true, strict: false });
+addFormats2(ajv2);
+var compiledMetaSchema = ajv2.compile(context_meta_schema_default);
+
 // ../../packages/core/dist/drift/comparators.js
 function compareToolPolicy(expected, actual) {
   const findings = [];
@@ -4876,6 +5213,7 @@ export {
   getChannel,
   getAllChannelIds,
   provisionStopHook,
+  provisionIsolationHook,
   getApiKey,
   getActiveTeam,
   setActiveTeam,
@@ -4906,4 +5244,4 @@ export {
   detectDrift,
   provision
 };
-//# sourceMappingURL=chunk-N7TRKQMT.js.map
+//# sourceMappingURL=chunk-VCKY6MN2.js.map