@lobu/cli 7.0.0 → 7.2.0

package/dist/connectors/chrome_bookmarks.ts

@@ -0,0 +1,79 @@
+/**
+ * Chrome Bookmarks Connector — Owletto for Chrome only.
+ *
+ * Opt-in ambient feed. The Chrome extension advertises capability
+ * `browser.bookmarks` when the user grants the `bookmarks` Chrome
+ * permission via the sidepanel Permissions panel; the gateway then
+ * auto-wires this connector.
+ *
+ * Emits one event per bookmark (with its folder path). Backfills the
+ * full tree on first sync, then streams `bookmarks.onCreated/onRemoved/
+ * onChanged/onMoved` thereafter.
+ *
+ * Cloud-side `sync()` / `execute()` throw — actual work happens in
+ * apps/chrome/feeds-bookmarks.js in the extension.
+ */
+
+import {
+  type ActionResult,
+  type ConnectorDefinition,
+  ConnectorRuntime,
+  type SyncContext,
+  type SyncResult,
+} from '@lobu/connector-sdk';
+
+const BRIDGE_ONLY =
+  'chrome.bookmarks runs only on a worker advertising capability "browser.bookmarks" (Owletto for Chrome with bookmarks permission granted).';
+
+export default class ChromeBookmarksConnector extends ConnectorRuntime {
+  readonly definition: ConnectorDefinition = {
+    key: 'chrome.bookmarks',
+    name: 'Chrome bookmarks',
+    description:
+      "Bookmarks (and folder structure) from the paired Chrome profile. Opt-in — requires the user to grant the extension's optional `bookmarks` permission.",
+    version: '0.1.0',
+    faviconDomain: 'google.com',
+    requiredCapability: 'browser.bookmarks',
+    runtime: { platforms: ['chrome-extension'] as unknown as ['macos'] },
+    authSchema: { methods: [{ type: 'none' }] },
+    feeds: {
+      bookmarks: {
+        key: 'bookmarks',
+        name: 'Bookmarks',
+        description:
+          'One event per bookmark. Backfills the full tree on first sync via chrome.bookmarks.getTree, then streams onCreated / onRemoved / onChanged / onMoved.',
+        configSchema: { type: 'object', properties: {} },
+        eventKinds: {
+          bookmark: {
+            description: 'One row per bookmark add/remove/edit.',
+            metadataSchema: {
+              type: 'object',
+              required: ['source', 'origin_id', 'event_type'],
+              properties: {
+                source: { type: 'string', const: 'chrome_bookmarks' },
+                origin_id: { type: 'string' },
+                event_type: {
+                  enum: ['created', 'removed', 'changed', 'moved'],
+                },
+                bookmark_id: { type: 'string' },
+                title: { type: 'string' },
+                url: { type: 'string' },
+                parent_folder_id: { type: 'string' },
+                parent_folder_path: { type: 'string' },
+                date_added: { type: 'string', format: 'date-time' },
+              },
+            },
+          },
+        },
+      },
+    },
+  };
+
+  async sync(_ctx: SyncContext): Promise<SyncResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+
+  async execute(): Promise<ActionResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+}

package/dist/connectors/chrome_downloads.ts

@@ -0,0 +1,80 @@
+/**
+ * Chrome Downloads Connector — Owletto for Chrome only.
+ *
+ * Opt-in ambient feed. The Chrome extension advertises capability
+ * `browser.downloads` when the user grants the `downloads` Chrome
+ * permission via the sidepanel Permissions panel; the gateway then
+ * auto-wires this connector.
+ *
+ * Emits one event per download (filename, source URL, mime type, size,
+ * finish time). Backfills recent downloads on first sync via
+ * chrome.downloads.search({}), then streams chrome.downloads.onCreated /
+ * onChanged.
+ *
+ * Cloud-side `sync()` / `execute()` throw — actual work happens in
+ * apps/chrome/feeds-downloads.js in the extension.
+ */
+
+import {
+  type ActionResult,
+  type ConnectorDefinition,
+  ConnectorRuntime,
+  type SyncContext,
+  type SyncResult,
+} from '@lobu/connector-sdk';
+
+const BRIDGE_ONLY =
+  'chrome.downloads runs only on a worker advertising capability "browser.downloads" (Owletto for Chrome with downloads permission granted).';
+
+export default class ChromeDownloadsConnector extends ConnectorRuntime {
+  readonly definition: ConnectorDefinition = {
+    key: 'chrome.downloads',
+    name: 'Chrome downloads',
+    description:
+      "Files downloaded in the paired Chrome profile, with their source URLs. Opt-in — requires the user to grant the extension's optional `downloads` permission.",
+    version: '0.1.0',
+    faviconDomain: 'google.com',
+    requiredCapability: 'browser.downloads',
+    runtime: { platforms: ['chrome-extension'] as unknown as ['macos'] },
+    authSchema: { methods: [{ type: 'none' }] },
+    feeds: {
+      downloads: {
+        key: 'downloads',
+        name: 'Downloads',
+        description:
+          'One event per download. Backfills via chrome.downloads.search({}), then streams onCreated / onChanged (state=complete).',
+        configSchema: { type: 'object', properties: {} },
+        eventKinds: {
+          download: {
+            description: 'One row per file the user downloaded.',
+            metadataSchema: {
+              type: 'object',
+              required: ['source', 'origin_id'],
+              properties: {
+                source: { type: 'string', const: 'chrome_downloads' },
+                origin_id: { type: 'string' },
+                download_id: { type: 'integer' },
+                filename: { type: 'string' },
+                source_url: { type: 'string', format: 'uri' },
+                referrer: { type: 'string' },
+                mime: { type: 'string' },
+                bytes: { type: 'integer' },
+                started_at: { type: 'string', format: 'date-time' },
+                finished_at: { type: 'string', format: 'date-time' },
+                state: { type: 'string' },
+              },
+            },
+          },
+        },
+      },
+    },
+  };
+
+  async sync(_ctx: SyncContext): Promise<SyncResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+
+  async execute(): Promise<ActionResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+}

package/dist/connectors/chrome_history.ts

@@ -0,0 +1,80 @@
+/**
+ * Chrome History Connector — Owletto for Chrome only.
+ *
+ * Opt-in ambient feed. The Chrome extension advertises capability
+ * `browser.history` when the user grants the `history` Chrome permission
+ * via the sidepanel Permissions panel; the gateway then auto-wires this
+ * connector to the paired chrome-extension device.
+ *
+ * Emits one event per page load (URL, title, visit time, transition type).
+ * The backfill feed seeds with up to 90 days of history on first sync; the
+ * live feed streams `history.onVisited` thereafter.
+ *
+ * Cloud-side `sync()` / `execute()` throw — actual work happens in
+ * apps/chrome/feeds-history.js in the extension.
+ */
+
+import {
+  type ActionResult,
+  type ConnectorDefinition,
+  ConnectorRuntime,
+  type SyncContext,
+  type SyncResult,
+} from '@lobu/connector-sdk';
+
+const BRIDGE_ONLY =
+  'chrome.history runs only on a worker advertising capability "browser.history" (Owletto for Chrome with history permission granted).';
+
+export default class ChromeHistoryConnector extends ConnectorRuntime {
+  readonly definition: ConnectorDefinition = {
+    key: 'chrome.history',
+    name: 'Chrome history',
+    description:
+      "Every page the user visits in their paired Chrome profile, with visit time + transition type. Opt-in — requires the user to grant the extension's optional `history` permission.",
+    version: '0.1.0',
+    faviconDomain: 'google.com',
+    requiredCapability: 'browser.history',
+    runtime: { platforms: ['chrome-extension'] as unknown as ['macos'] },
+    authSchema: { methods: [{ type: 'none' }] },
+    feeds: {
+      visits: {
+        key: 'visits',
+        name: 'Visits',
+        description:
+          'One event per page visit. Backfills ~90 days on first sync (chrome.history.search), then streams new visits via the chrome.history.onVisited listener.',
+        configSchema: { type: 'object', properties: {} },
+        eventKinds: {
+          page_visit: {
+            description: 'One row per visit observed.',
+            metadataSchema: {
+              type: 'object',
+              required: ['source', 'origin_id', 'url', 'visit_time'],
+              properties: {
+                source: { type: 'string', const: 'chrome_history' },
+                origin_id: { type: 'string' },
+                url: { type: 'string', format: 'uri' },
+                title: { type: 'string' },
+                visit_time: { type: 'string', format: 'date-time' },
+                transition_type: {
+                  description:
+                    'How the user got to the page: link, typed, auto_bookmark, auto_subframe, manual_subframe, generated, start_page, form_submit, reload, keyword, keyword_generated.',
+                  type: 'string',
+                },
+                visit_id: { type: 'integer' },
+                visit_count: { type: 'integer' },
+              },
+            },
+          },
+        },
+      },
+    },
+  };
+
+  async sync(_ctx: SyncContext): Promise<SyncResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+
+  async execute(): Promise<ActionResult> {
+    throw new Error(BRIDGE_ONLY);
+  }
+}

package/dist/connectors/github.ts

@@ -208,6 +208,7 @@ export default class GitHubConnector extends ConnectorRuntime {
     name: 'GitHub',
     description: 'Collects GitHub issues/discussions and executes repo actions.',
     version: '1.2.0',
+    faviconDomain: 'github.com',
     authSchema: {
       methods: [
         {

package/dist/connectors/google_calendar.ts

@@ -255,7 +255,14 @@ export default class GoogleCalendarConnector extends ConnectorRuntime {
     let pageToken: string | undefined;
     let nextSyncToken: string | undefined;
 
-    while (true) {
+    // Safety bound — at 250 events/page, 200 pages = 50k events, more than
+    // any reasonable calendar window. Stops a runaway loop if the upstream
+    // ever returns a self-referential page token.
+    const MAX_PAGES = 200;
+    let pages = 0;
+
+    while (pages < MAX_PAGES) {
+      pages++;
       // Always request a full page — `maxResults` is a soft cap on *stored*
       // events, not a reason to shrink the request size (shrinking to 1 once the
       // cap is hit would crawl a busy calendar one event per round-trip).
@@ -350,7 +357,12 @@ export default class GoogleCalendarConnector extends ConnectorRuntime {
     let pageToken: string | undefined;
     let nextSyncToken: string | undefined;
 
-    while (true) {
+    // Same hard ceiling as the full-sync path — defensive only.
+    const MAX_PAGES = 200;
+    let pages = 0;
+
+    while (pages < MAX_PAGES) {
+      pages++;
       const params = new URLSearchParams({
         maxResults: String(Math.max(1, Math.min(250, maxResults - events.length))),
         syncToken,

package/dist/connectors/google_play.ts

@@ -136,6 +136,12 @@ async function fetchReviewsPage(
 
   if (!res.ok) {
     if (res.status === 404) throw new Error('App not found (404)');
+    if (res.status === 429) {
+      const retryAfter = res.headers.get('Retry-After');
+      throw new Error(
+        `Google Play rate limit (429). Retry after ${retryAfter ?? 'unknown'} seconds.`
+      );
+    }
     throw new Error(`Google Play request failed: ${res.status} ${res.statusText}`);
   }
 
@@ -143,14 +149,28 @@ async function fetchReviewsPage(
 
   // Response starts with ")]}'" (security prefix), then a newline, then JSON.
   // The library skips the first 5 characters.
-  const outer = JSON.parse(text.substring(5));
+  // Wrap parse in try/catch — Google sometimes returns an HTML interstitial
+  // (captcha / geo-block / maintenance) with status 200, which would bubble up
+  // as an unhelpful SyntaxError otherwise.
+  let outer: any;
+  try {
+    outer = JSON.parse(text.substring(5));
+  } catch {
+    const preview = text.substring(0, 120).replace(/\s+/g, ' ');
+    throw new Error(`Google Play returned non-JSON response: ${preview}`);
+  }
   const innerJson: string | null = outer?.[0]?.[2];
 
   if (innerJson === null || innerJson === undefined) {
     return { reviews: [], nextToken: null };
   }
 
-  const data = JSON.parse(innerJson);
+  let data: any;
+  try {
+    data = JSON.parse(innerJson);
+  } catch {
+    throw new Error('Google Play returned malformed inner JSON payload');
+  }
   return {
     reviews: extractReviews(data, appId),
     nextToken: extractPaginationToken(data),

package/dist/connectors/hackernews.ts

@@ -16,6 +16,7 @@ import {
   type SyncContext,
   type SyncResult,
 } from '@lobu/connector-sdk';
+import { validatePublicUrl } from './browser-scraper-utils.ts';
 
 // ---------------------------------------------------------------------------
 // Algolia HN API types
@@ -261,11 +262,36 @@ export default class HackerNewsConnector extends ConnectorRuntime {
         `&numericFilters=${encodeURIComponent(`created_at_i>${lookbackTimestamp}`)}`;
 
       const response = await fetch(url);
+
+      // Honor Algolia's rate-limit response so we don't hammer them and turn
+      // a transient 429 into "Unexpected token < in JSON" when the next call
+      // returns an HTML error page.
+      if (response.status === 429) {
+        const retryAfter = response.headers.get('Retry-After');
+        const waitMs = retryAfter ? Math.min(60_000, Math.max(1, Number(retryAfter)) * 1000) : 5000;
+        await this.sleep(Number.isFinite(waitMs) ? waitMs : 5000);
+        continue;
+      }
+
       if (!response.ok) {
-        throw new Error(`Algolia API error (${response.status}): ${await response.text()}`);
+        const text = await response.text().catch(() => '');
+        throw new Error(`Algolia API error (${response.status}): ${text}`);
+      }
+
+      // Algolia normally returns JSON, but proxies/captive portals occasionally
+      // return HTML. Surface a useful error instead of a bare SyntaxError that
+      // makes the connector look broken when the upstream is at fault.
+      let data: AlgoliaResponse;
+      try {
+        data = (await response.json()) as AlgoliaResponse;
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        throw new Error(`Algolia API returned non-JSON response: ${message}`);
       }
 
-      const data = (await response.json()) as AlgoliaResponse;
+      if (!data || !Array.isArray(data.hits)) {
+        throw new Error('Algolia API returned an unexpected response shape');
+      }
 
       for (const hit of data.hits) {
         if (contentType === 'comment') {
@@ -404,6 +430,15 @@ export default class HackerNewsConnector extends ConnectorRuntime {
 
   private async fetchExternalContent(url: string): Promise<string | null> {
     try {
+      // SSRF guard — `url` is supplied by whoever submitted the HN story and
+      // is therefore attacker-controllable. Refuse to fetch private/internal
+      // addresses (loopback, 169.254.169.254 cloud metadata, RFC1918, etc.).
+      try {
+        validatePublicUrl(url);
+      } catch {
+        return null;
+      }
+
       const controller = new AbortController();
       const timeoutId = setTimeout(() => controller.abort(), this.CONTENT_FETCH_TIMEOUT);
 

package/dist/connectors/index.ts

@@ -1,15 +1,29 @@
 export * from './apple_health.ts';
+export * from './apple_photos.ts';
 export * from './apple_screen_time.ts';
 export * from './local_directory.ts';
 export * from './browser-scraper-utils.ts';
 export * from './capterra.ts';
+// Chrome — paired Chrome profile via the Owletto for Chrome extension.
+// One connector exposing feeds.open_tabs (auto-wired tab snapshot) +
+// actions.{navigate, get_accessibility_tree, click_ref, type_ref,
+// wait_for_selector, screenshot, evaluate} (one-shot tools the extension
+// dispatcher executes via chrome.debugger + a custom DOM accessibility
+// snapshot). Replaces the four prior standalone connectors
+// (chrome.tabs / browser.evaluate / browser.page_text / browser.fill_form).
+// chrome.history / chrome.bookmarks / chrome.downloads are opt-in
+// ambient feeds that auto-wire when the user grants the corresponding
+// optional permission in the extension's Permissions panel.
+export * from './chrome.ts';
+export * from './chrome_history.ts';
+export * from './chrome_bookmarks.ts';
+export * from './chrome_downloads.ts';
 export * from './g2.ts';
 export * from './github.ts';
 export * from './glassdoor.ts';
 export * from './gmaps.ts';
 export * from './google_calendar.ts';
 export * from './google_gmail.ts';
-export * from './google_photos.ts';
 export * from './google_play.ts';
 export * from './hackernews.ts';
 export * from './ios_appstore.ts';

package/dist/connectors/reddit.ts

@@ -79,6 +79,7 @@ export default class RedditConnector extends ConnectorRuntime {
     name: 'Reddit',
     description: 'Fetches posts and comments from Reddit subreddits or search queries.',
     version: '1.0.0',
+    faviconDomain: 'reddit.com',
     authSchema: {
       methods: [
         {

package/dist/connectors/revolut.ts

@@ -142,12 +142,9 @@ function extractAmountAndCurrency(
 	const amt = record.amount;
 	if (amt && typeof amt === "object") {
 		const obj = amt as Record<string, unknown>;
-		const value =
-			typeof obj.value === "number"
-				? obj.value
-				: typeof obj.amount === "number"
-					? obj.amount
-					: null;
+		let value: number | null = null;
+		if (typeof obj.value === "number") value = obj.value;
+		else if (typeof obj.amount === "number") value = obj.amount;
 		const currency = typeof obj.currency === "string" ? obj.currency : null;
 		if (value !== null && currency) return { amount: value, currency };
 	}
@@ -200,13 +197,13 @@ function extractBalance(
 	record: Record<string, unknown>,
 	currency: string,
 ): number | undefined {
-	const raw =
-		typeof record.balance === "number"
-			? record.balance
-			: record.balance && typeof record.balance === "object"
-				? ((record.balance as Record<string, unknown>).value ??
-					(record.balance as Record<string, unknown>).amount)
-				: undefined;
+	let raw: unknown;
+	if (typeof record.balance === "number") {
+		raw = record.balance;
+	} else if (record.balance && typeof record.balance === "object") {
+		const obj = record.balance as Record<string, unknown>;
+		raw = obj.value ?? obj.amount;
+	}
 	if (typeof raw !== "number" || !Number.isFinite(raw)) return undefined;
 	return Number.isInteger(raw) ? minorUnitsToMajor(raw, currency) : raw;
 }

package/dist/connectors/rss.ts

@@ -15,6 +15,7 @@ import {
   type SyncContext,
   type SyncResult,
 } from '@lobu/connector-sdk';
+import { validatePublicUrl } from './browser-scraper-utils.ts';
 
 // ---------------------------------------------------------------------------
 // Types
@@ -211,6 +212,11 @@ export default class RSSConnector extends ConnectorRuntime {
   // -------------------------------------------------------------------------
 
   private async fetchAndParseFeed(feedUrl: string, maxItems: number): Promise<RSSFeedItem[]> {
+    // SSRF guard at the trust boundary. `feed_urls` is operator/user supplied
+    // via connector config and must not be allowed to target loopback, RFC1918,
+    // or cloud-metadata IPs from the gateway process.
+    validatePublicUrl(feedUrl);
+
     const controller = new AbortController();
     const timeoutId = setTimeout(() => controller.abort(), this.FETCH_TIMEOUT_MS);
 
@@ -222,18 +228,13 @@ export default class RSSConnector extends ConnectorRuntime {
           Accept: 'application/rss+xml, application/atom+xml, application/xml, text/xml, */*',
         },
       });
-
-      clearTimeout(timeoutId);
-
       if (!response.ok) {
         throw new Error(`HTTP ${response.status}: ${response.statusText}`);
       }
-
       const xml = await response.text();
       return this.parseXml(xml, feedUrl, maxItems);
-    } catch (err) {
+    } finally {
       clearTimeout(timeoutId);
-      throw err;
     }
   }
 
@@ -413,8 +414,32 @@ export default class RSSConnector extends ConnectorRuntime {
           case '#39':
             return "'";
           default:
-            if (hex) return String.fromCharCode(parseInt(hex, 16));
-            if (decimal) return String.fromCharCode(parseInt(decimal, 10));
+            // Use fromCodePoint, not fromCharCode — astral-plane characters
+            // (emoji, CJK extension B+, etc.) have code points > 0xFFFF which
+            // fromCharCode silently truncates, producing mojibake in feed
+            // titles. Guard the range so a malformed entity doesn't throw.
+            if (hex) {
+              const cp = parseInt(hex, 16);
+              if (Number.isFinite(cp) && cp >= 0 && cp <= 0x10ffff) {
+                try {
+                  return String.fromCodePoint(cp);
+                } catch {
+                  return _match;
+                }
+              }
+              return _match;
+            }
+            if (decimal) {
+              const cp = parseInt(decimal, 10);
+              if (Number.isFinite(cp) && cp >= 0 && cp <= 0x10ffff) {
+                try {
+                  return String.fromCodePoint(cp);
+                } catch {
+                  return _match;
+                }
+              }
+              return _match;
+            }
             return _match;
         }
       }

package/dist/connectors/trustpilot.ts

@@ -98,7 +98,11 @@ export default class TrustpilotConnector extends ConnectorRuntime {
       throw new Error('Either business_url or business_name is required');
     }
 
-    const baseUrl = businessUrl || `https://www.trustpilot.com/review/${businessName}`;
+    // encodeURIComponent the user-supplied businessName so a value like
+    // "../search?foo=bar" can't escape the /review/ path on trustpilot.com.
+    const baseUrl =
+      businessUrl ||
+      `https://www.trustpilot.com/review/${encodeURIComponent(businessName ?? '')}`;
     validateUrlDomain(baseUrl, 'trustpilot.com');
 
     const userDataDir = getBrowserUserDataDir(ctx.sessionState);
@@ -161,27 +165,34 @@ export default class TrustpilotConnector extends ConnectorRuntime {
       // Filter reviews with meaningful content (more than 10 chars)
       const reviews: TrustpilotReview[] = rawReviews.filter((r) => r.text && r.text.length > 10);
 
-      // Transform to EventEnvelope format
-      const events: EventEnvelope[] = reviews.map((review) => {
+      // Transform to EventEnvelope format. Drop rows whose `date` attribute
+      // was missing/invalid in the DOM — `new Date("")` yields an Invalid
+      // Date, which downstream sorting/checkpointing then can't compare, and
+      // an empty `date` made `origin_id` collide on `-<author>` across rows.
+      const events: EventEnvelope[] = reviews.flatMap((review) => {
         const content = review.title ? `${review.title}\n\n${review.text}` : review.text;
-
-        return {
-          origin_id: `${review.date}-${review.author}`,
-          payload_text: content,
-          author_name: review.author,
-          occurred_at: new Date(review.date),
-          origin_type: 'review',
-          score: calculateEngagementScore('trustpilot', {
-            rating: review.rating,
-            helpful_count: 0,
-          }),
-          source_url: baseUrl,
-          metadata: {
-            rating: review.rating,
-            helpful_count: 0,
-            title: review.title,
+        const parsedDate = review.date ? new Date(review.date) : null;
+        if (!parsedDate || Number.isNaN(parsedDate.getTime())) return [];
+
+        return [
+          {
+            origin_id: `${review.date}-${review.author}`,
+            payload_text: content,
+            author_name: review.author,
+            occurred_at: parsedDate,
+            origin_type: 'review',
+            score: calculateEngagementScore('trustpilot', {
+              rating: review.rating,
+              helpful_count: 0,
+            }),
+            source_url: baseUrl,
+            metadata: {
+              rating: review.rating,
+              helpful_count: 0,
+              title: review.title,
+            },
           },
-        };
+        ];
       });
 
       return {