@jcheesepkg/nanobot 0.6.96 → 0.6.98

package/dist/agent/tools/shell.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"shell.d.mts","names":[],"sources":["../../../src/agent/tools/shell.ts"],"mappings":";;;cAoCa,QAAA,SAAiB,IAAA;EAAA,SACnB,IAAA;EAAA,SACA,WAAA;EAAA,SAEA,UAAA;;;;;;;;;;;;;;UAYD,UAAA;EAAA,QACA,cAAA;EAAA,QACA,mBAAA;cAEI,MAAA;IACV,UAAA;IACA,OAAA;IACA,mBAAA;EAAA;EAQI,OAAA,CAAQ,IAAA,EAAM,MAAA,oBAA0B,OAAA;AAAA"}
+{"version":3,"file":"shell.d.mts","names":[],"sources":["../../../src/agent/tools/shell.ts"],"mappings":";;;cAuEa,QAAA,SAAiB,IAAA;EAAA,SACnB,IAAA;EAAA,SACA,WAAA;EAAA,SAEA,UAAA;;;;;;;;;;;;;;UAYD,UAAA;EAAA,QACA,cAAA;EAAA,QACA,mBAAA;cAEI,MAAA;IACV,UAAA;IACA,OAAA;IACA,mBAAA;EAAA;EAQI,OAAA,CAAQ,IAAA,EAAM,MAAA,oBAA0B,OAAA;AAAA"}

package/dist/agent/tools/shell.mjs

@@ -11,6 +11,7 @@ const SENSITIVE_ENV_PATTERNS = [
 	/token/i,
 	/password/i,
 	/credential/i,
+	/^LLM_/i,
 	/^OPENROUTER_/i,
 	/^OPENAI_/i,
 	/^ANTHROPIC_/i,
@@ -21,9 +22,23 @@ const SENSITIVE_ENV_PATTERNS = [
 	/^BRAVE_/i,
 	/^AWS_/i,
 	/^GOOGLE_/i,
-	/^AZURE_/i
+	/^AZURE_/i,
+	/^NANOBOT_/i
 ];
-/** Build a sanitized env for child processes — strips secrets, keeps PATH etc. */
+/**
+* Trusted commands that receive skill-specific env vars.
+* Only the first word (binary name) of the command is matched.
+* These commands still do NOT get the core LLM/channel secrets.
+*/
+const TRUSTED_COMMANDS = ["summarize"];
+/** Env vars injected for trusted commands only. */
+const SKILL_ENV_KEYS = [
+	"Z_AI_API_KEY",
+	"Z_AI_BASE_URL",
+	"APIFY_API_TOKEN",
+	"BRAVE_API_KEY"
+];
+/** Build a sanitized env for child processes — strips all secrets. */
 function buildSafeEnv() {
 	const safe = {};
 	for (const [key, value] of Object.entries(process.env)) {
@@ -33,6 +48,20 @@ function buildSafeEnv() {
 	}
 	return safe;
 }
+/** Build env for trusted skill commands — safe env + skill-specific keys. */
+function buildSkillEnv() {
+	const env = buildSafeEnv();
+	for (const key of SKILL_ENV_KEYS) {
+		const value = process.env[key];
+		if (value) env[key] = value;
+	}
+	return env;
+}
+/** Check if a command starts with a trusted binary. */
+function isTrustedCommand(command) {
+	const firstWord = command.replace(/^\s*(timeout\s+\d+\s+|env\s+\S+=\S+\s+)*/, "").trim().split(/\s+/)[0];
+	return TRUSTED_COMMANDS.includes(firstWord);
+}
 var ExecTool = class extends Tool {
 	name = "exec";
 	description = "Execute a shell command and return its output. Use for running programs, scripts, git, etc.";
@@ -71,10 +100,15 @@ var ExecTool = class extends Tool {
 				"> /dev/"
 			]) if (command.includes(pattern)) return `Error: Command blocked for safety: ${pattern}`;
 		}
-		const env = this.restrictToWorkspace ? buildSafeEnv() : {
+		let env;
+		if (!this.restrictToWorkspace) env = {
 			...process.env,
 			HOME: process.env.HOME ?? ""
 		};
+		else if (isTrustedCommand(command)) {
+			env = buildSkillEnv();
+			console.log(`Exec: trusted command detected, injecting skill env keys`, env);
+		} else env = buildSafeEnv();
 		return new Promise((resolve) => {
 			exec(command, {
 				cwd: this.workingDir,

package/dist/agent/tools/shell.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"shell.mjs","names":[],"sources":["../../../src/agent/tools/shell.ts"],"sourcesContent":["import { exec, spawn } from \"node:child_process\";\nimport { Tool } from \"./base.js\";\n\n/** Env var patterns that should never leak to user-invoked commands. */\nconst SENSITIVE_ENV_PATTERNS = [\n  /api[_-]?key/i,\n  /api[_-]?token/i,\n  /api[_-]?secret/i,\n  /secret/i,\n  /token/i,\n  /password/i,\n  /credential/i,\n  /^OPENROUTER_/i,\n  /^OPENAI_/i,\n  /^ANTHROPIC_/i,\n  /^STRIPE_/i,\n  /^LINE_CHANNEL/i,\n  /^APIFY_/i,\n  /^Z_AI_/i,\n  /^BRAVE_/i,\n  /^AWS_/i,\n  /^GOOGLE_/i,\n  /^AZURE_/i,\n];\n\n/** Build a sanitized env for child processes — strips secrets, keeps PATH etc. */\nfunction buildSafeEnv(): Record<string, string> {\n  const safe: Record<string, string> = {};\n  for (const [key, value] of Object.entries(process.env)) {\n    if (!value) continue;\n    if (SENSITIVE_ENV_PATTERNS.some((re) => re.test(key))) continue;\n    safe[key] = value;\n  }\n  return safe;\n}\n\nexport class ExecTool extends Tool {\n  readonly name = \"exec\";\n  readonly description =\n    \"Execute a shell command and return its output. Use for running programs, scripts, git, etc.\";\n  readonly parameters = {\n    type: \"object\",\n    properties: {\n      command: { type: \"string\", description: \"Shell command to execute\" },\n      timeout: {\n        type: \"integer\",\n        description: \"Timeout in seconds (default: 60)\",\n      },\n    },\n    required: [\"command\"],\n  };\n\n  private workingDir: string;\n  private defaultTimeout: number;\n  private restrictToWorkspace: boolean;\n\n  constructor(params?: {\n    workingDir?: string;\n    timeout?: number;\n    restrictToWorkspace?: boolean;\n  }) {\n    super();\n    this.workingDir = params?.workingDir ?? process.cwd();\n    this.defaultTimeout = params?.timeout ?? 60;\n    this.restrictToWorkspace = params?.restrictToWorkspace ?? false;\n  }\n\n  async execute(args: Record<string, unknown>): Promise<string> {\n    const command = String(args.command);\n    const timeout = args.timeout ? Number(args.timeout) : this.defaultTimeout;\n\n    if (!command.trim()) {\n      return \"Error: Empty command\";\n    }\n\n    // Safety checks when restricted to workspace\n    if (this.restrictToWorkspace) {\n      const dangerous = [\"rm -rf /\", \"mkfs\", \"dd if=\", \"> /dev/\"];\n      for (const pattern of dangerous) {\n        if (command.includes(pattern)) {\n          return `Error: Command blocked for safety: ${pattern}`;\n        }\n      }\n    }\n\n    // Build env: scrub secrets when restricted, pass through when unrestricted\n    const env = this.restrictToWorkspace\n      ? buildSafeEnv()\n      : { ...process.env, HOME: process.env.HOME ?? \"\" };\n\n    return new Promise<string>((resolve) => {\n      exec(\n        command,\n        {\n          cwd: this.workingDir,\n          timeout: timeout * 1000,\n          maxBuffer: 1024 * 1024, // 1MB\n          env,\n        },\n        (error, stdout, stderr) => {\n          const parts: string[] = [];\n\n          if (stdout) parts.push(stdout);\n          if (stderr) parts.push(`[stderr]\\n${stderr}`);\n\n          if (error) {\n            if (error.killed) {\n              parts.push(`\\n[Timed out after ${timeout}s]`);\n            } else if (error.code !== undefined) {\n              parts.push(`\\n[Exit code: ${error.code}]`);\n            }\n          }\n\n          const output = parts.join(\"\\n\").trim();\n          // Truncate large output\n          if (output.length > 50000) {\n            resolve(\n              output.slice(0, 50000) + \"\\n... (truncated, output too large)\",\n            );\n          } else {\n            resolve(output || \"(no output)\");\n          }\n        },\n      );\n\n    });\n  }\n}\n"],"mappings":";;;;;AAIA,MAAM,yBAAyB;CAC7B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;;AAGD,SAAS,eAAuC;CAC9C,MAAM,OAA+B,EAAE;AACvC,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,IAAI,EAAE;AACtD,MAAI,CAAC,MAAO;AACZ,MAAI,uBAAuB,MAAM,OAAO,GAAG,KAAK,IAAI,CAAC,CAAE;AACvD,OAAK,OAAO;;AAEd,QAAO;;AAGT,IAAa,WAAb,cAA8B,KAAK;CACjC,AAAS,OAAO;CAChB,AAAS,cACP;CACF,AAAS,aAAa;EACpB,MAAM;EACN,YAAY;GACV,SAAS;IAAE,MAAM;IAAU,aAAa;IAA4B;GACpE,SAAS;IACP,MAAM;IACN,aAAa;IACd;GACF;EACD,UAAU,CAAC,UAAU;EACtB;CAED,AAAQ;CACR,AAAQ;CACR,AAAQ;CAER,YAAY,QAIT;AACD,SAAO;AACP,OAAK,aAAa,QAAQ,cAAc,QAAQ,KAAK;AACrD,OAAK,iBAAiB,QAAQ,WAAW;AACzC,OAAK,sBAAsB,QAAQ,uBAAuB;;CAG5D,MAAM,QAAQ,MAAgD;EAC5D,MAAM,UAAU,OAAO,KAAK,QAAQ;EACpC,MAAM,UAAU,KAAK,UAAU,OAAO,KAAK,QAAQ,GAAG,KAAK;AAE3D,MAAI,CAAC,QAAQ,MAAM,CACjB,QAAO;AAIT,MAAI,KAAK,qBAEP;QAAK,MAAM,WADO;IAAC;IAAY;IAAQ;IAAU;IAAU,CAEzD,KAAI,QAAQ,SAAS,QAAQ,CAC3B,QAAO,sCAAsC;;EAMnD,MAAM,MAAM,KAAK,sBACb,cAAc,GACd;GAAE,GAAG,QAAQ;GAAK,MAAM,QAAQ,IAAI,QAAQ;GAAI;AAEpD,SAAO,IAAI,SAAiB,YAAY;AACtC,QACE,SACA;IACE,KAAK,KAAK;IACV,SAAS,UAAU;IACnB,WAAW,OAAO;IAClB;IACD,GACA,OAAO,QAAQ,WAAW;IACzB,MAAM,QAAkB,EAAE;AAE1B,QAAI,OAAQ,OAAM,KAAK,OAAO;AAC9B,QAAI,OAAQ,OAAM,KAAK,aAAa,SAAS;AAE7C,QAAI,OACF;SAAI,MAAM,OACR,OAAM,KAAK,sBAAsB,QAAQ,IAAI;cACpC,MAAM,SAAS,OACxB,OAAM,KAAK,iBAAiB,MAAM,KAAK,GAAG;;IAI9C,MAAM,SAAS,MAAM,KAAK,KAAK,CAAC,MAAM;AAEtC,QAAI,OAAO,SAAS,IAClB,SACE,OAAO,MAAM,GAAG,IAAM,GAAG,sCAC1B;QAED,SAAQ,UAAU,cAAc;KAGrC;IAED"}
+{"version":3,"file":"shell.mjs","names":[],"sources":["../../../src/agent/tools/shell.ts"],"sourcesContent":["import { exec, spawn } from \"node:child_process\";\nimport { Tool } from \"./base.js\";\n\n/** Env var patterns that should never leak to user-invoked commands. */\nconst SENSITIVE_ENV_PATTERNS = [\n  /api[_-]?key/i,\n  /api[_-]?token/i,\n  /api[_-]?secret/i,\n  /secret/i,\n  /token/i,\n  /password/i,\n  /credential/i,\n  /^LLM_/i,\n  /^OPENROUTER_/i,\n  /^OPENAI_/i,\n  /^ANTHROPIC_/i,\n  /^STRIPE_/i,\n  /^LINE_CHANNEL/i,\n  /^APIFY_/i,\n  /^Z_AI_/i,\n  /^BRAVE_/i,\n  /^AWS_/i,\n  /^GOOGLE_/i,\n  /^AZURE_/i,\n  /^NANOBOT_/i,\n];\n\n/**\n * Trusted commands that receive skill-specific env vars.\n * Only the first word (binary name) of the command is matched.\n * These commands still do NOT get the core LLM/channel secrets.\n */\nconst TRUSTED_COMMANDS = [\"summarize\"];\n\n/** Env vars injected for trusted commands only. */\nconst SKILL_ENV_KEYS = [\n  \"Z_AI_API_KEY\",\n  \"Z_AI_BASE_URL\",\n  \"APIFY_API_TOKEN\",\n  \"BRAVE_API_KEY\",\n];\n\n/** Build a sanitized env for child processes — strips all secrets. */\nfunction buildSafeEnv(): Record<string, string> {\n  const safe: Record<string, string> = {};\n  for (const [key, value] of Object.entries(process.env)) {\n    if (!value) continue;\n    if (SENSITIVE_ENV_PATTERNS.some((re) => re.test(key))) continue;\n    safe[key] = value;\n  }\n  return safe;\n}\n\n/** Build env for trusted skill commands — safe env + skill-specific keys. */\nfunction buildSkillEnv(): Record<string, string> {\n  const env = buildSafeEnv();\n  for (const key of SKILL_ENV_KEYS) {\n    const value = process.env[key];\n    if (value) env[key] = value;\n  }\n  return env;\n}\n\n/** Check if a command starts with a trusted binary. */\nfunction isTrustedCommand(command: string): boolean {\n  // Extract the first word, stripping common prefixes like timeout, env, etc.\n  const stripped = command.replace(/^\\s*(timeout\\s+\\d+\\s+|env\\s+\\S+=\\S+\\s+)*/, \"\");\n  const firstWord = stripped.trim().split(/\\s+/)[0];\n  return TRUSTED_COMMANDS.includes(firstWord);\n}\n\nexport class ExecTool extends Tool {\n  readonly name = \"exec\";\n  readonly description =\n    \"Execute a shell command and return its output. Use for running programs, scripts, git, etc.\";\n  readonly parameters = {\n    type: \"object\",\n    properties: {\n      command: { type: \"string\", description: \"Shell command to execute\" },\n      timeout: {\n        type: \"integer\",\n        description: \"Timeout in seconds (default: 60)\",\n      },\n    },\n    required: [\"command\"],\n  };\n\n  private workingDir: string;\n  private defaultTimeout: number;\n  private restrictToWorkspace: boolean;\n\n  constructor(params?: {\n    workingDir?: string;\n    timeout?: number;\n    restrictToWorkspace?: boolean;\n  }) {\n    super();\n    this.workingDir = params?.workingDir ?? process.cwd();\n    this.defaultTimeout = params?.timeout ?? 60;\n    this.restrictToWorkspace = params?.restrictToWorkspace ?? false;\n  }\n\n  async execute(args: Record<string, unknown>): Promise<string> {\n    const command = String(args.command);\n    const timeout = args.timeout ? Number(args.timeout) : this.defaultTimeout;\n\n    if (!command.trim()) {\n      return \"Error: Empty command\";\n    }\n\n    // Safety checks when restricted to workspace\n    if (this.restrictToWorkspace) {\n      const dangerous = [\"rm -rf /\", \"mkfs\", \"dd if=\", \"> /dev/\"];\n      for (const pattern of dangerous) {\n        if (command.includes(pattern)) {\n          return `Error: Command blocked for safety: ${pattern}`;\n        }\n      }\n    }\n\n    // Build env: scrub secrets when restricted, pass through when unrestricted\n    let env: Record<string, string>;\n    if (!this.restrictToWorkspace) {\n      env = { ...process.env, HOME: process.env.HOME ?? \"\" } as Record<string, string>;\n    } else if (isTrustedCommand(command)) {\n      env = buildSkillEnv();\n      console.log(`Exec: trusted command detected, injecting skill env keys`, env);\n    } else {\n      env = buildSafeEnv();\n    }\n\n    return new Promise<string>((resolve) => {\n      exec(\n        command,\n        {\n          cwd: this.workingDir,\n          timeout: timeout * 1000,\n          maxBuffer: 1024 * 1024, // 1MB\n          env,\n        },\n        (error, stdout, stderr) => {\n          const parts: string[] = [];\n\n          if (stdout) parts.push(stdout);\n          if (stderr) parts.push(`[stderr]\\n${stderr}`);\n\n          if (error) {\n            if (error.killed) {\n              parts.push(`\\n[Timed out after ${timeout}s]`);\n            } else if (error.code !== undefined) {\n              parts.push(`\\n[Exit code: ${error.code}]`);\n            }\n          }\n\n          const output = parts.join(\"\\n\").trim();\n          // Truncate large output\n          if (output.length > 50000) {\n            resolve(\n              output.slice(0, 50000) + \"\\n... (truncated, output too large)\",\n            );\n          } else {\n            resolve(output || \"(no output)\");\n          }\n        },\n      );\n\n    });\n  }\n}\n"],"mappings":";;;;;AAIA,MAAM,yBAAyB;CAC7B;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD;;;;;;AAOD,MAAM,mBAAmB,CAAC,YAAY;;AAGtC,MAAM,iBAAiB;CACrB;CACA;CACA;CACA;CACD;;AAGD,SAAS,eAAuC;CAC9C,MAAM,OAA+B,EAAE;AACvC,MAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,QAAQ,IAAI,EAAE;AACtD,MAAI,CAAC,MAAO;AACZ,MAAI,uBAAuB,MAAM,OAAO,GAAG,KAAK,IAAI,CAAC,CAAE;AACvD,OAAK,OAAO;;AAEd,QAAO;;;AAIT,SAAS,gBAAwC;CAC/C,MAAM,MAAM,cAAc;AAC1B,MAAK,MAAM,OAAO,gBAAgB;EAChC,MAAM,QAAQ,QAAQ,IAAI;AAC1B,MAAI,MAAO,KAAI,OAAO;;AAExB,QAAO;;;AAIT,SAAS,iBAAiB,SAA0B;CAGlD,MAAM,YADW,QAAQ,QAAQ,4CAA4C,GAAG,CACrD,MAAM,CAAC,MAAM,MAAM,CAAC;AAC/C,QAAO,iBAAiB,SAAS,UAAU;;AAG7C,IAAa,WAAb,cAA8B,KAAK;CACjC,AAAS,OAAO;CAChB,AAAS,cACP;CACF,AAAS,aAAa;EACpB,MAAM;EACN,YAAY;GACV,SAAS;IAAE,MAAM;IAAU,aAAa;IAA4B;GACpE,SAAS;IACP,MAAM;IACN,aAAa;IACd;GACF;EACD,UAAU,CAAC,UAAU;EACtB;CAED,AAAQ;CACR,AAAQ;CACR,AAAQ;CAER,YAAY,QAIT;AACD,SAAO;AACP,OAAK,aAAa,QAAQ,cAAc,QAAQ,KAAK;AACrD,OAAK,iBAAiB,QAAQ,WAAW;AACzC,OAAK,sBAAsB,QAAQ,uBAAuB;;CAG5D,MAAM,QAAQ,MAAgD;EAC5D,MAAM,UAAU,OAAO,KAAK,QAAQ;EACpC,MAAM,UAAU,KAAK,UAAU,OAAO,KAAK,QAAQ,GAAG,KAAK;AAE3D,MAAI,CAAC,QAAQ,MAAM,CACjB,QAAO;AAIT,MAAI,KAAK,qBAEP;QAAK,MAAM,WADO;IAAC;IAAY;IAAQ;IAAU;IAAU,CAEzD,KAAI,QAAQ,SAAS,QAAQ,CAC3B,QAAO,sCAAsC;;EAMnD,IAAI;AACJ,MAAI,CAAC,KAAK,oBACR,OAAM;GAAE,GAAG,QAAQ;GAAK,MAAM,QAAQ,IAAI,QAAQ;GAAI;WAC7C,iBAAiB,QAAQ,EAAE;AACpC,SAAM,eAAe;AACrB,WAAQ,IAAI,4DAA4D,IAAI;QAE5E,OAAM,cAAc;AAGtB,SAAO,IAAI,SAAiB,YAAY;AACtC,QACE,SACA;IACE,KAAK,KAAK;IACV,SAAS,UAAU;IACnB,WAAW,OAAO;IAClB;IACD,GACA,OAAO,QAAQ,WAAW;IACzB,MAAM,QAAkB,EAAE;AAE1B,QAAI,OAAQ,OAAM,KAAK,OAAO;AAC9B,QAAI,OAAQ,OAAM,KAAK,aAAa,SAAS;AAE7C,QAAI,OACF;SAAI,MAAM,OACR,OAAM,KAAK,sBAAsB,QAAQ,IAAI;cACpC,MAAM,SAAS,OACxB,OAAM,KAAK,iBAAiB,MAAM,KAAK,GAAG;;IAI9C,MAAM,SAAS,MAAM,KAAK,KAAK,CAAC,MAAM;AAEtC,QAAI,OAAO,SAAS,IAClB,SACE,OAAO,MAAM,GAAG,IAAM,GAAG,sCAC1B;QAED,SAAQ,UAAU,cAAc;KAGrC;IAED"}

package/dist/config/schema.d.mts

@@ -539,15 +539,15 @@ declare const ToolsConfigSchema: z.ZodObject<{
     export?: string | undefined;
   }>, "many">>;
 }, "strip", z.ZodTypeAny, {
+  exec: {
+    timeout: number;
+  };
   web: {
     search: {
       apiKey: string;
       maxResults: number;
     };
   };
-  exec: {
-    timeout: number;
-  };
   restrictToWorkspace: boolean;
   enabled?: string[] | undefined;
   disabled?: string[] | undefined;
@@ -557,6 +557,9 @@ declare const ToolsConfigSchema: z.ZodObject<{
     export?: string | undefined;
   }[] | undefined;
 }, {
+  exec?: {
+    timeout?: number | undefined;
+  } | undefined;
   enabled?: string[] | undefined;
   web?: {
     search?: {
@@ -564,9 +567,6 @@ declare const ToolsConfigSchema: z.ZodObject<{
       maxResults?: number | undefined;
     } | undefined;
   } | undefined;
-  exec?: {
-    timeout?: number | undefined;
-  } | undefined;
   restrictToWorkspace?: boolean | undefined;
   disabled?: string[] | undefined;
   custom?: {
@@ -988,15 +988,15 @@ declare const ConfigSchema: z.ZodObject<{
       export?: string | undefined;
     }>, "many">>;
   }, "strip", z.ZodTypeAny, {
+    exec: {
+      timeout: number;
+    };
     web: {
       search: {
         apiKey: string;
         maxResults: number;
       };
     };
-    exec: {
-      timeout: number;
-    };
     restrictToWorkspace: boolean;
     enabled?: string[] | undefined;
     disabled?: string[] | undefined;
@@ -1006,6 +1006,9 @@ declare const ConfigSchema: z.ZodObject<{
       export?: string | undefined;
     }[] | undefined;
   }, {
+    exec?: {
+      timeout?: number | undefined;
+    } | undefined;
     enabled?: string[] | undefined;
     web?: {
       search?: {
@@ -1013,9 +1016,6 @@ declare const ConfigSchema: z.ZodObject<{
         maxResults?: number | undefined;
       } | undefined;
     } | undefined;
-    exec?: {
-      timeout?: number | undefined;
-    } | undefined;
     restrictToWorkspace?: boolean | undefined;
     disabled?: string[] | undefined;
     custom?: {
@@ -1110,15 +1110,15 @@ declare const ConfigSchema: z.ZodObject<{
     port: number;
   };
   tools: {
+    exec: {
+      timeout: number;
+    };
     web: {
       search: {
         apiKey: string;
         maxResults: number;
       };
     };
-    exec: {
-      timeout: number;
-    };
     restrictToWorkspace: boolean;
     enabled?: string[] | undefined;
     disabled?: string[] | undefined;
@@ -1214,6 +1214,9 @@ declare const ConfigSchema: z.ZodObject<{
     port?: number | undefined;
   } | undefined;
   tools?: {
+    exec?: {
+      timeout?: number | undefined;
+    } | undefined;
     enabled?: string[] | undefined;
     web?: {
       search?: {
@@ -1221,9 +1224,6 @@ declare const ConfigSchema: z.ZodObject<{
         maxResults?: number | undefined;
       } | undefined;
     } | undefined;
-    exec?: {
-      timeout?: number | undefined;
-    } | undefined;
     restrictToWorkspace?: boolean | undefined;
     disabled?: string[] | undefined;
     custom?: {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jcheesepkg/nanobot",
-  "version": "0.6.96",
+  "version": "0.6.98",
   "description": "Lightweight AI assistant - TypeScript port",
   "type": "module",
   "main": "dist/index.mjs",