@js-eyes/protocol 2.8.1 → 2.8.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/extra-integrity.js +199 -199
- package/fs-io.js +37 -37
- package/index.js +269 -269
- package/openclaw-paths.js +33 -33
- package/package.json +38 -38
- package/registry-client.js +50 -50
- package/safe-npm.js +158 -158
- package/skill-registry.js +745 -745
- package/skill-runner.js +48 -48
- package/skills.js +758 -758
- package/zip-extract.js +208 -208
package/skill-runner.js
CHANGED
|
@@ -1,48 +1,48 @@
|
|
|
1
|
-
'use strict';
|
|
2
|
-
|
|
3
|
-
// skill-runner: launches a sub-skill's own Node CLI entry.
|
|
4
|
-
//
|
|
5
|
-
// Kept out of skills.js so the only `child_process` call in @js-eyes/protocol
|
|
6
|
-
// that lives on skills.js's transitive imports is safe-npm.js (which has its
|
|
7
|
-
// own hardening). This module MUST NOT import `ws`, `http`, `https`, `net`,
|
|
8
|
-
// or any network helper — the invariant is enforced by
|
|
9
|
-
// test/import-boundaries.test.js.
|
|
10
|
-
//
|
|
11
|
-
// Contract:
|
|
12
|
-
// * `process.execPath` is the argv[0] — we never invoke a shell;
|
|
13
|
-
// * argv entries are forwarded verbatim from the caller; spawnSync is
|
|
14
|
-
// always called with `shell: false` and `windowsHide: true`;
|
|
15
|
-
// * the caller's env is inherited (extended with `JS_EYES_SKILL_DIR`).
|
|
16
|
-
// Unlike safe-npm we do not filter env here because the skill CLI
|
|
17
|
-
// legitimately needs the full environment — sub-skills are on-disk code
|
|
18
|
-
// the operator has already linked/approved via the integrity workflow.
|
|
19
|
-
//
|
|
20
|
-
// See SECURITY_SCAN_NOTES.md ("Shell command execution").
|
|
21
|
-
|
|
22
|
-
const fs = require('fs');
|
|
23
|
-
const path = require('path');
|
|
24
|
-
const { spawnSync } = require('child_process');
|
|
25
|
-
|
|
26
|
-
function runSkillCli(options) {
|
|
27
|
-
const { skillDir, argv = [], stdio = 'inherit', env = process.env } = options;
|
|
28
|
-
if (!skillDir || typeof skillDir !== 'string') {
|
|
29
|
-
throw new TypeError('runSkillCli: skillDir is required');
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
const { normalizeSkillMetadata } = require('./skills');
|
|
33
|
-
const skill = normalizeSkillMetadata(skillDir);
|
|
34
|
-
if (!fs.existsSync(skill.cliEntry)) {
|
|
35
|
-
throw new Error(`技能 ${skill.id} 缺少 CLI 入口: ${skill.cliEntry}`);
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
return spawnSync(process.execPath, [skill.cliEntry, ...argv], {
|
|
39
|
-
cwd: skillDir,
|
|
40
|
-
env: { ...env, JS_EYES_SKILL_DIR: skillDir },
|
|
41
|
-
stdio,
|
|
42
|
-
shell: false,
|
|
43
|
-
windowsHide: true,
|
|
44
|
-
encoding: stdio === 'pipe' ? 'utf8' : undefined,
|
|
45
|
-
});
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
module.exports = { runSkillCli };
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
// skill-runner: launches a sub-skill's own Node CLI entry.
|
|
4
|
+
//
|
|
5
|
+
// Kept out of skills.js so the only `child_process` call in @js-eyes/protocol
|
|
6
|
+
// that lives on skills.js's transitive imports is safe-npm.js (which has its
|
|
7
|
+
// own hardening). This module MUST NOT import `ws`, `http`, `https`, `net`,
|
|
8
|
+
// or any network helper — the invariant is enforced by
|
|
9
|
+
// test/import-boundaries.test.js.
|
|
10
|
+
//
|
|
11
|
+
// Contract:
|
|
12
|
+
// * `process.execPath` is the argv[0] — we never invoke a shell;
|
|
13
|
+
// * argv entries are forwarded verbatim from the caller; spawnSync is
|
|
14
|
+
// always called with `shell: false` and `windowsHide: true`;
|
|
15
|
+
// * the caller's env is inherited (extended with `JS_EYES_SKILL_DIR`).
|
|
16
|
+
// Unlike safe-npm we do not filter env here because the skill CLI
|
|
17
|
+
// legitimately needs the full environment — sub-skills are on-disk code
|
|
18
|
+
// the operator has already linked/approved via the integrity workflow.
|
|
19
|
+
//
|
|
20
|
+
// See SECURITY_SCAN_NOTES.md ("Shell command execution").
|
|
21
|
+
|
|
22
|
+
const fs = require('fs');
|
|
23
|
+
const path = require('path');
|
|
24
|
+
const { spawnSync } = require('child_process');
|
|
25
|
+
|
|
26
|
+
function runSkillCli(options) {
|
|
27
|
+
const { skillDir, argv = [], stdio = 'inherit', env = process.env } = options;
|
|
28
|
+
if (!skillDir || typeof skillDir !== 'string') {
|
|
29
|
+
throw new TypeError('runSkillCli: skillDir is required');
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
const { normalizeSkillMetadata } = require('./skills');
|
|
33
|
+
const skill = normalizeSkillMetadata(skillDir);
|
|
34
|
+
if (!fs.existsSync(skill.cliEntry)) {
|
|
35
|
+
throw new Error(`技能 ${skill.id} 缺少 CLI 入口: ${skill.cliEntry}`);
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
return spawnSync(process.execPath, [skill.cliEntry, ...argv], {
|
|
39
|
+
cwd: skillDir,
|
|
40
|
+
env: { ...env, JS_EYES_SKILL_DIR: skillDir },
|
|
41
|
+
stdio,
|
|
42
|
+
shell: false,
|
|
43
|
+
windowsHide: true,
|
|
44
|
+
encoding: stdio === 'pipe' ? 'utf8' : undefined,
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
module.exports = { runSkillCli };
|