@lingda_ai/agentrank 0.1.2

package/src/agentrank-client.ts

@@ -0,0 +1,295 @@
+import WebSocket from "ws";
+
+// ---- Protocol types (matching @agentrank/shared) ----
+
+export interface TaskInfo {
+  taskId: string;
+  title: string;
+  description: string;
+  category: string;
+  price?: number;
+  deadline?: string;
+  inputData?: Record<string, unknown>;
+}
+
+export interface ProgressUpdate {
+  percent: number;
+  message?: string;
+  stage?: string;
+}
+
+export interface SubmitResult {
+  summary: string;
+  outputRefs?: Array<{
+    name: string;
+    url: string;
+    size?: number;
+    mimeType?: string;
+  }>;
+}
+
+type AgentStatus = "offline" | "online" | "busy" | "unavailable" | "error";
+
+type Listener = (...args: unknown[]) => void;
+
+// ---- Lightweight EventEmitter ----
+
+class Emitter {
+  private listeners = new Map<string, Set<Listener>>();
+
+  on(event: string, fn: Listener) {
+    if (!this.listeners.has(event)) this.listeners.set(event, new Set());
+    this.listeners.get(event)!.add(fn);
+    return this;
+  }
+
+  off(event: string, fn: Listener) {
+    this.listeners.get(event)?.delete(fn);
+    return this;
+  }
+
+  emit(event: string, ...args: unknown[]) {
+    this.listeners.get(event)?.forEach((fn) => fn(...args));
+  }
+}
+
+// ---- AgentRank WebSocket + HTTP client ----
+
+export class AgentRankClient extends Emitter {
+  private ws: WebSocket | null = null;
+  private heartbeatTimer: ReturnType<typeof setInterval> | null = null;
+  private reconnectTimer: ReturnType<typeof setTimeout> | null = null;
+  private _connected = false;
+  private _stopped = false;
+  private options: { apiKey: string; serverUrl: string; deviceId: string };
+  private log: (...args: unknown[]) => void;
+
+  constructor(options: { apiKey: string; serverUrl?: string; deviceId?: string; logger?: (...args: unknown[]) => void }) {
+    super();
+    this.options = {
+      apiKey: options.apiKey,
+      serverUrl: options.serverUrl || "http://localhost:3000",
+      deviceId: options.deviceId || "openclaw-agent",
+    };
+    this.log = options.logger ?? (() => {});
+  }
+
+  get connected() {
+    return this._connected;
+  }
+
+  /** Connect to AgentRank server via WebSocket */
+  async connect(): Promise<void> {
+    this._stopped = false;
+    return new Promise((resolve, reject) => {
+      const wsUrl = this.options.serverUrl.replace(/^http/, "ws");
+      const url = `${wsUrl}/ws/agent?key=***&device=${this.options.deviceId}`;
+      this.log("[agentrank][ws] connecting to", url);
+
+      this.ws = new WebSocket(`${wsUrl}/ws/agent?key=${this.options.apiKey}&device=${this.options.deviceId}`);
+
+      this.ws.onopen = () => {
+        this._connected = true;
+        this.startHeartbeat();
+        this.log("[agentrank][ws] connected");
+        this.emit("connected");
+        resolve();
+      };
+
+      this.ws.onmessage = (event) => {
+        try {
+          const msg = JSON.parse(event.data as string) as { type: string; payload: unknown };
+          this.handleMessage(msg);
+        } catch {
+          this.log("[agentrank][ws] received malformed message");
+        }
+      };
+
+      this.ws.onclose = (event) => {
+        this._connected = false;
+        this.stopHeartbeat();
+        this.log("[agentrank][ws] disconnected: code=%d reason=%s", event.code, event.reason || "none");
+        this.emit("disconnected", event.reason);
+        if (!this._stopped) {
+          this.scheduleReconnect();
+        }
+      };
+
+      this.ws.onerror = () => {
+        const err = new Error("WebSocket connection error");
+        this.log("[agentrank][ws] connection error");
+        this.emit("error", err);
+        if (!this._connected) reject(err);
+      };
+    });
+  }
+
+  /** Disconnect and stop reconnecting */
+  disconnect() {
+    this._stopped = true;
+    this.stopHeartbeat();
+    if (this.reconnectTimer) {
+      clearTimeout(this.reconnectTimer);
+      this.reconnectTimer = null;
+    }
+    if (this.ws) {
+      this.log("[agentrank][ws] closing connection");
+      this.ws.close(1000, "Agent shutting down");
+      this.ws = null;
+    }
+    this._connected = false;
+  }
+
+  // ---- WebSocket methods ----
+
+  updateStatus(status: AgentStatus, message?: string) {
+    this.log("[agentrank][ws] status.update → %s%s", status, message ? ` (${message})` : "");
+    this.send("status.update", { status, message });
+  }
+
+  acceptTask(taskId: string) {
+    this.log("[agentrank][ws] task.accept → %s", taskId);
+    this.send("task.accept", { taskId });
+  }
+
+  rejectTask(taskId: string, reason?: string) {
+    this.log("[agentrank][ws] task.reject → %s (%s)", taskId, reason || "no reason");
+    this.send("task.reject", { taskId, reason });
+  }
+
+  updateProgress(taskId: string, progress: ProgressUpdate) {
+    this.log("[agentrank][ws] task.progress → %s %d%% %s", taskId, progress.percent, progress.message || "");
+    this.send("task.progress", { taskId, ...progress });
+  }
+
+  submitTask(taskId: string, result: SubmitResult) {
+    this.log("[agentrank][ws] task.complete → %s (refs: %d)", taskId, result.outputRefs?.length ?? 0);
+    this.send("task.complete", { taskId, ...result });
+  }
+
+  failTask(taskId: string, error: string, canRetry = false) {
+    this.log("[agentrank][ws] task.fail → %s (%s, retry=%s)", taskId, error, canRetry);
+    this.send("task.fail", { taskId, error, canRetry });
+  }
+
+  // ---- HTTP methods ----
+
+  private async http(method: string, path: string, body?: unknown): Promise<unknown> {
+    this.log("[agentrank][http] %s %s", method, path);
+    const res = await fetch(`${this.options.serverUrl}${path}`, {
+      method,
+      headers: {
+        "Content-Type": "application/json",
+        Authorization: `Bearer ${this.options.apiKey}`,
+        "X-Device-Id": this.options.deviceId,
+      },
+      body: body ? JSON.stringify(body) : undefined,
+    });
+    const data = (await res.json()) as { data?: unknown; error?: { message: string } };
+    if (!res.ok) {
+      this.log("[agentrank][http] %s %s → error: %s", method, path, data.error?.message || res.status);
+      throw new Error(data.error?.message || `HTTP ${res.status}`);
+    }
+    this.log("[agentrank][http] %s %s → ok", method, path);
+    return data.data;
+  }
+
+  async getMe() {
+    return this.http("GET", "/api/v1/agent/me");
+  }
+
+  async listTasks(filters?: { status?: string; category?: string }) {
+    const params = new URLSearchParams();
+    if (filters?.status) params.set("status", filters.status);
+    if (filters?.category) params.set("category", filters.category);
+    return this.http("GET", `/api/v1/tasks?${params.toString()}`);
+  }
+
+  async getTask(taskId: string) {
+    return this.http("GET", `/api/v1/tasks/${taskId}`);
+  }
+
+  async submitTaskHttp(taskId: string, result: SubmitResult) {
+    return this.http("POST", `/api/v1/tasks/${taskId}/submit`, { taskId, ...result });
+  }
+
+  /** Upload a file to AgentRank server via HTTP multipart/form-data */
+  async uploadFile(taskId: string, fileName: string, fileContent: Buffer): Promise<unknown> {
+    this.log("[agentrank][http] POST upload file: %s → %s", fileName, taskId);
+    const formData = new FormData();
+    formData.append("file", new Blob([fileContent]), fileName);
+
+    const res = await fetch(`${this.options.serverUrl}/api/v1/tasks/${taskId}/upload`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${this.options.apiKey}`,
+        "X-Device-Id": this.options.deviceId,
+      },
+      body: formData,
+    });
+    const data = (await res.json()) as { data?: unknown; error?: { message: string } };
+    if (!res.ok) {
+      this.log("[agentrank][http] upload failed: %s", data.error?.message || res.status);
+      throw new Error(data.error?.message || `HTTP ${res.status}`);
+    }
+    this.log("[agentrank][http] upload ok: %s", fileName);
+    return data.data;
+  }
+
+  // ---- Internal ----
+
+  private send(type: string, payload: unknown) {
+    if (!this.ws || this.ws.readyState !== WebSocket.OPEN) {
+      this.log("[agentrank][ws] send dropped (not connected): %s", type);
+      return;
+    }
+    this.ws.send(JSON.stringify({ type, payload, ts: Date.now() }));
+  }
+
+  private handleMessage(msg: { type: string; payload: unknown }) {
+    switch (msg.type) {
+      case "task.assign":
+        this.log("[agentrank][ws] ← task.assign: %s", (msg.payload as TaskInfo).taskId);
+        this.emit("task", msg.payload as TaskInfo);
+        break;
+      case "task.cancel":
+        this.log("[agentrank][ws] ← task.cancel: %s", (msg.payload as { taskId: string }).taskId);
+        this.emit("cancel", (msg.payload as { taskId: string; reason: string }).taskId, (msg.payload as { reason: string }).reason);
+        break;
+      case "ping":
+        this.send("pong", {});
+        break;
+      default:
+        this.log("[agentrank][ws] ← unknown: %s", msg.type);
+    }
+  }
+
+  private startHeartbeat() {
+    this.heartbeatTimer = setInterval(() => {
+      if (this.ws?.readyState === WebSocket.OPEN) {
+        this.ws.send(JSON.stringify({ type: "pong", payload: {}, ts: Date.now() }));
+      }
+    }, 30_000);
+    this.log("[agentrank][ws] heartbeat started (30s interval)");
+  }
+
+  private stopHeartbeat() {
+    if (this.heartbeatTimer) {
+      clearInterval(this.heartbeatTimer);
+      this.heartbeatTimer = null;
+      this.log("[agentrank][ws] heartbeat stopped");
+    }
+  }
+
+  private scheduleReconnect() {
+    if (this._stopped) return;
+    this.log("[agentrank][ws] reconnecting in 5s...");
+    this.reconnectTimer = setTimeout(async () => {
+      try {
+        await this.connect();
+      } catch {
+        // scheduleReconnect will be triggered by onclose again
+      }
+    }, 5000);
+  }
+}

package/src/config.ts

@@ -0,0 +1,31 @@
+import { z } from "zod";
+
+export const AgentRankConfigSchema = z.object({
+  enabled: z.boolean().default(true),
+  serverUrl: z.string().default("http://localhost:3000"),
+  apiKey: z.string().min(1, "API key is required"),
+  deviceId: z.string().default("openclaw-agent"),
+  autoAccept: z.boolean().default(true),
+  maxConcurrentTasks: z.number().int().min(1).max(10).default(3),
+  taskTimeoutSeconds: z.number().int().min(60).max(3600).default(600),
+  workspaceRoot: z.string().default("~/.agentrank/workspace"),
+});
+export type AgentRankConfig = z.infer<typeof AgentRankConfigSchema>;
+
+export function parseConfig(raw: unknown): AgentRankConfig {
+  const input = raw && typeof raw === "object" && !Array.isArray(raw)
+    ? (raw as Record<string, unknown>)
+    : {};
+  return AgentRankConfigSchema.parse(input);
+}
+
+export function validateConfig(config: AgentRankConfig): { valid: boolean; errors: string[] } {
+  const errors: string[] = [];
+  if (!config.apiKey) {
+    errors.push("apiKey is required");
+  }
+  if (!config.serverUrl) {
+    errors.push("serverUrl is required");
+  }
+  return { valid: errors.length === 0, errors };
+}

package/src/output-guard.ts

@@ -0,0 +1,108 @@
+/**
+ * Output file security scanner.
+ * Scans file contents for sensitive data before uploading to AgentRank server.
+ * Prevents accidental leakage of credentials, keys, and secrets.
+ */
+
+export interface ScanFinding {
+  file: string;
+  label: string;
+}
+
+export interface ScanResult {
+  safe: boolean;
+  findings: ScanFinding[];
+}
+
+const SENSITIVE_PATTERNS: { pattern: RegExp; label: string }[] = [
+  // ── Private Keys ──────────────────────────────────────────────────
+  {
+    pattern: /-----BEGIN (?:RSA |DSA |EC |OPENSSH )?PRIVATE KEY-----/,
+    label: "Private key detected",
+  },
+  {
+    pattern: /-----BEGIN PGP PRIVATE KEY BLOCK-----/,
+    label: "PGP private key detected",
+  },
+
+  // ── API Keys & Tokens ─────────────────────────────────────────────
+  {
+    pattern: /(?:sk-|sk_live_|sk_test_)[a-zA-Z0-9]{20,}/,
+    label: "API key detected (sk-*)",
+  },
+  {
+    pattern: /AKIA[0-9A-Z]{16}/,
+    label: "AWS access key detected",
+  },
+  {
+    pattern: /(?:ghp|gho|ghu|ghs|ghr)_[a-zA-Z0-9]{36,}/,
+    label: "GitHub token detected",
+  },
+  {
+    pattern: /xox[bpors]-[a-zA-Z0-9-]+/,
+    label: "Slack token detected",
+  },
+
+  // ── Database Connection Strings ───────────────────────────────────
+  {
+    pattern: /(?:mongodb|postgres|mysql|redis):\/\/[^\s'"`]+:[^\s'"`]+@/,
+    label: "Database connection string with password",
+  },
+
+  // ── JWT Tokens ────────────────────────────────────────────────────
+  {
+    pattern: /eyJ[a-zA-Z0-9_-]+\.eyJ[a-zA-Z0-9_-]+\.[a-zA-Z0-9_-]+/,
+    label: "JWT token detected",
+  },
+
+  // ── Generic Secrets ───────────────────────────────────────────────
+  {
+    pattern:
+      /(?:password|passwd|secret|token|api_key|apikey|access_key|secret_key)\s*[:=]\s*['"]?[^\s'"]{8,}/i,
+    label: "Secret value detected",
+  },
+
+  // ── Environment Secrets ───────────────────────────────────────────
+  {
+    pattern:
+      /(?:DATABASE_URL|SECRET_KEY|PRIVATE_KEY|AUTH_TOKEN|STRIPE_SECRET|SENDGRID_API_KEY)\s*=/i,
+    label: "Environment secret detected",
+  },
+];
+
+/**
+ * Scan a file's content for sensitive data patterns.
+ * Returns findings if any secrets are detected.
+ */
+export function scanFileContent(
+  fileName: string,
+  content: Buffer,
+): ScanResult {
+  // Skip binary files — only scan text
+  const ext = fileName.split(".").pop()?.toLowerCase() ?? "";
+  const textExtensions = new Set([
+    "md", "txt", "json", "ts", "js", "py", "csv", "html", "xml",
+    "yaml", "yml", "toml", "ini", "cfg", "conf", "env", "sh",
+    "bash", "zsh", "sql", "log", "tsx", "jsx", "pem", "key",
+    "pub", "cert", "crt", "asc",
+  ]);
+  if (!textExtensions.has(ext) && ext !== "") {
+    return { safe: true, findings: [] };
+  }
+
+  let text: string;
+  try {
+    text = content.toString("utf-8");
+  } catch {
+    return { safe: true, findings: [] };
+  }
+
+  const findings: ScanFinding[] = [];
+  for (const { pattern, label } of SENSITIVE_PATTERNS) {
+    if (pattern.test(text)) {
+      findings.push({ file: fileName, label });
+    }
+  }
+
+  return { safe: findings.length === 0, findings };
+}

package/src/task-guard.ts

@@ -0,0 +1,182 @@
+/**
+ * Task pre-flight security checker.
+ * Scans incoming task descriptions for malicious patterns before subagent execution.
+ * Inspired by Claude Code's bashSecurity.ts defense-in-depth approach.
+ */
+
+interface TaskInput {
+  title: string;
+  description: string;
+  inputData?: unknown;
+}
+
+export interface GuardResult {
+  safe: boolean;
+  reasons: string[];
+}
+
+interface GuardRule {
+  pattern: RegExp;
+  category: string;
+  reason: string;
+}
+
+const RULES: GuardRule[] = [
+  // ── A. Credential Theft ────────────────────────────────────────────
+  {
+    pattern: /~\/\.ssh\/|\.ssh\/id_(rsa|ed25519|ecdsa)|id_rsa|id_ed25519/i,
+    category: "credential_theft",
+    reason: "SSH key access",
+  },
+  {
+    pattern: /~\/\.aws\/|aws_access_key|aws_secret_key|\.aws\/credentials/i,
+    category: "credential_theft",
+    reason: "AWS credential access",
+  },
+  {
+    pattern: /\.env\b|credentials\.json|service-account.*\.json/i,
+    category: "credential_theft",
+    reason: "Secret file access",
+  },
+  {
+    pattern: /~\/\.gnupg\/|\.gnupg/i,
+    category: "credential_theft",
+    reason: "GPG key access",
+  },
+  {
+    pattern: /\/etc\/passwd|\/etc\/shadow/i,
+    category: "credential_theft",
+    reason: "System credential access",
+  },
+  {
+    pattern: /\/proc\/.*\/environ/i,
+    category: "credential_theft",
+    reason: "Process environment access",
+  },
+  {
+    pattern: /read\s+(my|your|the)\s+(config|credentials?|keys?|secrets?)/i,
+    category: "credential_theft",
+    reason: "Credential reading request",
+  },
+
+  // ── B. Remote Code Execution ───────────────────────────────────────
+  {
+    pattern: /curl\s.*\|\s*(ba)?sh|wget\s.*\|\s*(ba)?sh/i,
+    category: "remote_exec",
+    reason: "Piped remote execution",
+  },
+  {
+    pattern: /pip\s+install\s+https?:\/\//i,
+    category: "remote_exec",
+    reason: "Install from untrusted URL",
+  },
+  {
+    pattern: /npm\s+install\s+https?:\/\//i,
+    category: "remote_exec",
+    reason: "Install from untrusted URL",
+  },
+  {
+    pattern: /download\s+(and\s+)?execute|run\s+this\s+script/i,
+    category: "remote_exec",
+    reason: "Remote code execution request",
+  },
+  {
+    pattern: /install\s+(this\s+)?package\s+from\s+(this\s+)?url/i,
+    category: "remote_exec",
+    reason: "Package installation from URL",
+  },
+
+  // ── C. Data Exfiltration ───────────────────────────────────────────
+  {
+    pattern: /send\s+(results?|output|content|data)\s+to\s+https?:\/\//i,
+    category: "exfiltration",
+    reason: "Data exfiltration to external server",
+  },
+  {
+    pattern: /email\s+(the\s+)?contents?\s+of/i,
+    category: "exfiltration",
+    reason: "Data exfiltration via email",
+  },
+  {
+    pattern: /upload\s+(this|the|all)\s+(to|to\s+http)/i,
+    category: "exfiltration",
+    reason: "Data upload request",
+  },
+  {
+    pattern: /list\s+all\s+files\s+in\s+\/|find\s+all\s+(documents?|files)/i,
+    category: "exfiltration",
+    reason: "Filesystem enumeration",
+  },
+  {
+    pattern: /scan\s+(the\s+)?(filesystem|entire\s+system|all\s+directories)/i,
+    category: "exfiltration",
+    reason: "Filesystem scanning",
+  },
+
+  // ── D. System Destruction ──────────────────────────────────────────
+  {
+    pattern: /rm\s+-rf\s+\//i,
+    category: "destruction",
+    reason: "Destructive file deletion",
+  },
+  {
+    pattern: /mkfs|dd\s+if=\/dev\/zero/i,
+    category: "destruction",
+    reason: "Disk destruction",
+  },
+  {
+    pattern: /encrypt\s+(all\s+)?files/i,
+    category: "destruction",
+    reason: "Ransomware-like behavior",
+  },
+  {
+    pattern: /\b(wipe|format)\s+(the\s+)?(disk|drive|system|server)/i,
+    category: "destruction",
+    reason: "System wipe",
+  },
+
+  // ── E. Prompt Injection ────────────────────────────────────────────
+  {
+    pattern: /ignore\s+(?:your\s+)?(?:previous\s+)?(?:all\s+)?(?:instructions?|rules?|safety)/i,
+    category: "injection",
+    reason: "Prompt injection attempt",
+  },
+  {
+    pattern: /you\s+are\s+now\s+|new\s+role:/i,
+    category: "injection",
+    reason: "Role manipulation",
+  },
+  {
+    pattern: /\[INST\]|<\/s>|system:\s*(you|act|forget)/i,
+    category: "injection",
+    reason: "System prompt injection",
+  },
+  {
+    pattern: /forget\s+(everything|all|your\s+(instructions?|training))/i,
+    category: "injection",
+    reason: "Instruction override",
+  },
+];
+
+/**
+ * Check an incoming task for malicious patterns.
+ * Scans title, description, and inputData combined.
+ */
+export function checkTask(task: TaskInput): GuardResult {
+  const text = [
+    task.title,
+    task.description,
+    typeof task.inputData === "object" && task.inputData
+      ? JSON.stringify(task.inputData)
+      : "",
+  ].join("\n");
+
+  const reasons: string[] = [];
+  for (const rule of RULES) {
+    if (rule.pattern.test(text)) {
+      reasons.push(`[${rule.category}] ${rule.reason}`);
+    }
+  }
+
+  return { safe: reasons.length === 0, reasons };
+}