@kernel.chat/kbot 3.97.0 → 3.97.4

package/dist/tools/containers.js

@@ -281,28 +281,89 @@ export function registerContainerTools() {
         async execute(args) {
             const expr = String(args.expression);
             try {
-                // Safe math evaluation via Python (no eval() in JS)
-                const result = await shell('python3', ['-c', `
-import math
-from math import *
-try:
-    result = eval("""${expr.replace(/"/g, '\\"')}""")
-    print(f"Result: {result}")
-except Exception as e:
-    print(f"Error: {e}")
-`], 10_000);
+                // Safe math evaluation via Python — expression passed via stdin to prevent injection
+                const result = await new Promise((resolve, reject) => {
+                    const proc = execFile('python3', ['-c',
+                        'import sys, math; expr = sys.stdin.read().strip(); print(f"Result: {eval(expr, {\\"__builtins__\\": {}}, vars(math))}")'], { timeout: 10_000, maxBuffer: 1024 * 1024 }, (err, stdout, stderr) => {
+                        if (err)
+                            reject(new Error(stderr || err.message));
+                        else
+                            resolve(stdout || stderr);
+                    });
+                    proc.stdin?.write(expr);
+                    proc.stdin?.end();
+                });
                 return result.trim();
             }
             catch {
-                // Fallback: safe math evaluation (no eval/new Function — security policy)
+                // Fallback: safe numeric-only evaluation without eval() or Function()
                 try {
                     // Only allow numeric expressions: digits, operators, parens, decimal points, spaces
                     if (!/^[0-9+\-*/().^,\s]+$/.test(expr)) {
                         return 'Expression contains unsafe characters. Only numeric expressions are supported in fallback mode.';
                     }
-                    const safeExpr = expr.replace(/\^/g, '**');
-                    // Use indirect eval through a strict numeric-only expression
-                    const result = Number(Function('"use strict"; return (' + safeExpr + ')')());
+                    // Simple recursive-descent evaluation for basic arithmetic
+                    const safeExpr = expr.replace(/\^/g, '**').replace(/\s+/g, '');
+                    const tokens = safeExpr.match(/(\d+\.?\d*|\+|-|\*{1,2}|\/|\(|\))/g);
+                    if (!tokens)
+                        return 'Could not parse expression.';
+                    let pos = 0;
+                    function peek() { return tokens[pos]; }
+                    function consume() { return tokens[pos++]; }
+                    function parseExpr() {
+                        let left = parseTerm();
+                        while (peek() === '+' || peek() === '-') {
+                            const op = consume();
+                            const right = parseTerm();
+                            left = op === '+' ? left + right : left - right;
+                        }
+                        return left;
+                    }
+                    function parseTerm() {
+                        let left = parsePower();
+                        while (peek() === '*' && tokens[pos + 1] !== '*' || peek() === '/') {
+                            const op = consume();
+                            const right = parsePower();
+                            left = op === '*' ? left * right : left / right;
+                        }
+                        return left;
+                    }
+                    function parsePower() {
+                        let base = parseUnary();
+                        while (peek() === '*' && tokens[pos + 1] === '*') {
+                            consume();
+                            consume(); // consume **
+                            const exp = parseUnary();
+                            base = Math.pow(base, exp);
+                        }
+                        return base;
+                    }
+                    function parseUnary() {
+                        if (peek() === '-') {
+                            consume();
+                            return -parseAtom();
+                        }
+                        if (peek() === '+') {
+                            consume();
+                            return parseAtom();
+                        }
+                        return parseAtom();
+                    }
+                    function parseAtom() {
+                        if (peek() === '(') {
+                            consume(); // (
+                            const val = parseExpr();
+                            if (peek() === ')')
+                                consume(); // )
+                            return val;
+                        }
+                        const tok = consume();
+                        const num = Number(tok);
+                        if (!Number.isFinite(num))
+                            throw new Error(`Invalid token: ${tok}`);
+                        return num;
+                    }
+                    const result = parseExpr();
                     if (!Number.isFinite(result))
                         return 'Result is not a finite number.';
                     return `Result: ${result}`;

package/dist/tools/estimation.d.ts

@@ -0,0 +1,2 @@
+export declare function registerEstimationTools(): void;
+//# sourceMappingURL=estimation.d.ts.map

package/dist/tools/estimation.js

@@ -0,0 +1,21 @@
+// kbot Estimation Tools — Project planning and resource allocation
+import { registerTool } from './index.js';
+export function registerEstimationTools() {
+    registerTool({
+        name: 'estimate_task',
+        description: 'Estimate the time or resources needed for a task. Provide as much detail as possible for a more accurate estimate.',
+        parameters: {
+            task_description: { type: 'string', description: 'Detailed description of the task', required: true },
+            units: { type: 'string', description: 'Units for the estimate (e.g., hours, days, USD)', required: false, default: 'hours' },
+        },
+        tier: 'free',
+        async execute(args) {
+            const taskDescription = String(args.task_description);
+            const units = String(args.units) || 'hours';
+            // Placeholder estimation logic — replace with a more sophisticated model
+            let estimate = Math.round(Math.random() * 10);
+            return `Based on the description "${taskDescription}", I estimate this will take approximately ${estimate} ${units}.`;
+        },
+    });
+}
+//# sourceMappingURL=estimation.js.map

package/dist/tools/idempotency-checker.d.ts

@@ -0,0 +1,2 @@
+export declare function registerIdempotencyCheckerTool(): void;
+//# sourceMappingURL=idempotency-checker.d.ts.map

package/dist/tools/idempotency-checker.js

@@ -0,0 +1,23 @@
+// kbot Idempotency Checker Tool — Ensures function calls are safe to repeat.
+import { registerTool } from './index.js';
+export function registerIdempotencyCheckerTool() {
+    registerTool({
+        name: 'is_idempotent',
+        description: 'Checks if a function is idempotent — meaning it produces the same output given the same input, regardless of how many times it is called.',
+        parameters: {
+            functionName: { type: 'string', description: 'Name of the function to check', required: true },
+            input: { type: 'string', description: 'Input to the function', required: true },
+        },
+        tier: 'free',
+        async execute(args) {
+            const functionName = String(args.functionName);
+            const input = String(args.input);
+            // Placeholder for actual idempotency check logic.
+            // In a real implementation, this would involve analyzing the function's code
+            // or executing it multiple times with the same input and comparing the results.
+            // For now, we simply return a canned response.
+            return `The idempotency of '${functionName}' with input '${input}' is currently unknown.  Further analysis is required.`;
+        },
+    });
+}
+//# sourceMappingURL=idempotency-checker.js.map

package/dist/tools/image-variation.d.ts

@@ -0,0 +1,2 @@
+export declare function registerImageVariationTools(): void;
+//# sourceMappingURL=image-variation.d.ts.map

package/dist/tools/image-variation.js

@@ -0,0 +1,31 @@
+// kbot Image Variation Tool — Generates variations of an image.
+import { registerTool } from './index.js';
+export function registerImageVariationTools() {
+    registerTool({
+        name: 'image_variation',
+        description: 'Generate variations of an image using a URL. Supports different sizes and formats.',
+        parameters: {
+            image_url: { type: 'string', description: 'URL of the image to generate variations for', required: true },
+            width: { type: 'integer', description: 'Width of the generated image in pixels (optional)', default: 256 },
+            height: { type: 'integer', description: 'Height of the generated image in pixels (optional)', default: 256 },
+            format: { type: 'string', description: 'Format of the generated image (jpg, png, webp) (optional)', default: 'jpg' },
+        },
+        tier: 'pro',
+        async execute(args) {
+            const imageUrl = String(args.image_url);
+            const width = Number(args.width) || 256;
+            const height = Number(args.height) || 256;
+            const format = String(args.format).toLowerCase() || 'jpg';
+            try {
+                const url = `https://api.imgproxy.net/kbot/resize?width=${width}&height=${height}&format=${format}&url=${encodeURIComponent(imageUrl)}`;
+                const res = await fetch(url, { signal: AbortSignal.timeout(8000) });
+                const imageBuffer = await res.arrayBuffer();
+                return `data:image/${format};base64,${Buffer.from(imageBuffer).toString('base64')}`;
+            }
+            catch (error) {
+                return `Error generating image variation: ${error}`;
+            }
+        },
+    });
+}
+//# sourceMappingURL=image-variation.js.map

package/dist/tools/index.js

@@ -311,6 +311,7 @@ const LAZY_MODULE_IMPORTS = [
     { path: './financial-analysis.js', registerFn: 'registerFinancialAnalysisTools' },
     { path: './ai-analysis.js', registerFn: 'registerAIAnalysisTools' },
     { path: './music-gen.js', registerFn: 'registerMusicGenTools' },
+    { path: './one-prompt-producer.js', registerFn: 'registerOnePromptTools' },
     { path: './mobile-automation.js', registerFn: 'registerMobileAutomationTools' },
     { path: './iphone.js', registerFn: 'registerIPhoneTools' },
     { path: './ghost.js', registerFn: 'registerGhostTools' },

package/dist/tools/one-prompt-producer.d.ts

@@ -0,0 +1,2 @@
+export declare function registerOnePromptTools(): void;
+//# sourceMappingURL=one-prompt-producer.d.ts.map