@matimo/core 0.1.0-alpha.12.1 → 0.1.0-alpha.14

package/tools/matimo_list_skills/matimo_list_skills.ts

@@ -0,0 +1,138 @@
+import path from 'path';
+import fs from 'fs';
+import { getGlobalMatimoLogger, getGlobalMatimoInstance, extractSkillMetadata, ToolLoader } from '@matimo/core';
+
+interface ListSkillsParams {
+  skills_dir?: string;
+}
+
+interface SkillSummary {
+  name: string;
+  description: string;
+  version?: string;
+  license?: string;
+  metadata?: Record<string, string>;
+  source: 'builtin' | 'user' | 'catalog';
+}
+
+interface ListSkillsResult {
+  skills: SkillSummary[];
+  total: number;
+}
+
+/**
+ * Helper: Load SKILL.md files from a directory and extract metadata.
+ */
+function loadSkillsFromPath(
+  skillsPath: string,
+  source: 'builtin' | 'user',
+  logger: ReturnType<typeof getGlobalMatimoLogger>,
+): SkillSummary[] {
+  const skills: SkillSummary[] = [];
+
+  if (!fs.existsSync(skillsPath)) return skills;
+
+  try {
+    const entries = fs.readdirSync(skillsPath, { withFileTypes: true });
+    for (const entry of entries) {
+      if (!entry.isDirectory()) continue;
+      const skillFilePath = path.join(skillsPath, entry.name, 'SKILL.md');
+      if (!fs.existsSync(skillFilePath)) continue;
+
+      try {
+        const content = fs.readFileSync(skillFilePath, 'utf-8');
+        const result = extractSkillMetadata(content, source);
+        if (result.success && result.metadata) {
+          skills.push(result.metadata);
+        }
+      } catch (err) {
+        logger.debug('matimo_list_skills: failed to extract metadata', {
+          skill: entry.name,
+          error: (err as Error).message,
+        });
+      }
+    }
+  } catch (err) {
+    logger.debug('matimo_list_skills: failed to read directory', {
+      path: skillsPath,
+      error: (err as Error).message,
+    });
+  }
+
+  return skills;
+}
+
+
+
+/**
+ * List all skills available in the current Matimo instance.
+ *
+ * Skills are discovered in this order (priority):
+ * 1. Global MatimoInstance (if initialized) — includes auto-discovered @matimo/* skills
+ * 2. Auto-discover from @matimo/* packages in node_modules (like tools do)
+ * 3. Explicit skills_dir if provided
+ *
+ * Returns METADATA ONLY: name, description, license, version, metadata, source.
+ * Full body content is available via matimo_get_skill when explicitly requested.
+ *
+ * Uses lightweight YAML-only extraction (no body/sections parsing) for efficiency.
+ * This avoids the overhead of parsing skill markdown sections and keeps responses small.
+ */
+export default async function matimoListSkills(
+  params: ListSkillsParams,
+): Promise<ListSkillsResult> {
+  const logger = getGlobalMatimoLogger();
+  const allSkills = new Map<string, SkillSummary>();
+
+  try {
+    // Try global MatimoInstance first
+    try {
+      const matimo = getGlobalMatimoInstance();
+      if (matimo) {
+        const matimoSkills = matimo.listSkills();
+        if (matimoSkills?.length > 0) {
+          logger.debug('matimo_list_skills: from MatimoInstance', { count: matimoSkills.length });
+          matimoSkills.forEach((s) => allSkills.set(s.name, s));
+          return { skills: Array.from(allSkills.values()), total: allSkills.size };
+        }
+      }
+    } catch (err) {
+      logger.debug('matimo_list_skills: MatimoInstance unavailable', {
+        error: (err as Error).message,
+      });
+    }
+
+    // Auto-discover from @matimo/* packages
+    try {
+      const toolLoader = new ToolLoader();
+      const discoveredPaths = toolLoader.autoDiscoverPackages();
+
+      for (const toolPath of discoveredPaths) {
+        const pkgDir = path.dirname(toolPath);
+        const skillsPath = path.join(pkgDir, 'skills');
+        const discovered = loadSkillsFromPath(skillsPath, 'builtin', logger);
+        discovered.forEach((s) => allSkills.set(s.name, s));
+      }
+    } catch (err) {
+      logger.debug('matimo_list_skills: auto-discovery failed', {
+        error: (err as Error).message,
+      });
+    }
+
+    // Load from explicit skills_dir if provided
+    if (params.skills_dir) {
+      const skillsDir = path.resolve(params.skills_dir);
+      const discovered = loadSkillsFromPath(skillsDir, 'user', logger);
+      discovered.forEach((s) => allSkills.set(s.name, s));
+    }
+
+    const results = Array.from(allSkills.values());
+    logger.debug('matimo_list_skills: complete', { total: results.length });
+    return { skills: results, total: results.length };
+  } catch (err) {
+    logger.error('matimo_list_skills: failed', {
+      error: (err as Error).message,
+    });
+    return { skills: [], total: 0 };
+  }
+}

package/tools/matimo_list_user_tools/definition.yaml

@@ -0,0 +1,32 @@
+name: matimo_list_user_tools
+version: '1.0.0'
+description: List all user-created tools in a directory with risk classification, approval status, and metadata.
+requires_approval: false
+tags:
+  - matimo
+  - meta
+  - discovery
+
+parameters:
+  tool_dir:
+    type: string
+    required: false
+    description: Directory to scan for tools (default ./matimo-tools)
+  include_drafts:
+    type: boolean
+    required: false
+    description: Whether to include draft tools in the listing (default true)
+
+execution:
+  type: function
+  code: './matimo_list_user_tools.ts'
+
+output_schema:
+  type: object
+  properties:
+    tools:
+      type: array
+      description: List of discovered tools
+    total:
+      type: number
+      description: Total number of tools found

package/tools/matimo_list_user_tools/matimo_list_user_tools.ts

@@ -0,0 +1,74 @@
+import fs from 'fs';
+import path from 'path';
+import yaml from 'js-yaml';
+import {
+  validateToolDefinition,
+  classifyRisk,
+  getGlobalMatimoLogger,
+} from '@matimo/core';
+
+interface ListParams {
+  tool_dir?: string;
+  include_drafts?: boolean;
+}
+
+interface ToolSummary {
+  name: string;
+  description: string;
+  version: string;
+  status: string;
+  riskLevel: string;
+  tags: string[];
+}
+
+interface ListResult {
+  tools: ToolSummary[];
+  total: number;
+}
+
+export default async function matimoListUserTools(
+  params: ListParams,
+): Promise<ListResult> {
+  const logger = getGlobalMatimoLogger();
+  const toolDir = params.tool_dir || './matimo-tools';
+  const includeDrafts = params.include_drafts !== false;
+
+  const tools: ToolSummary[] = [];
+
+  if (!fs.existsSync(toolDir)) {
+    return { tools: [], total: 0 };
+  }
+
+  const entries = fs.readdirSync(toolDir, { withFileTypes: true });
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+
+    const defPath = path.join(toolDir, entry.name, 'definition.yaml');
+    if (!fs.existsSync(defPath)) continue;
+
+    try {
+      const content = fs.readFileSync(defPath, 'utf-8');
+      const parsed = yaml.load(content);
+      const tool = validateToolDefinition(parsed);
+
+      const status = tool.status || 'approved';
+      if (!includeDrafts && status === 'draft') continue;
+
+      tools.push({
+        name: tool.name,
+        description: tool.description,
+        version: tool.version,
+        status,
+        riskLevel: classifyRisk(tool),
+        tags: tool.tags || [],
+      });
+    } catch (err) {
+      logger.warn('matimo_list_user_tools: failed to parse tool', {
+        dir: entry.name,
+        error: (err as Error).message,
+      });
+    }
+  }
+
+  return { tools, total: tools.length };
+}

package/tools/matimo_reload_tools/definition.yaml

@@ -0,0 +1,35 @@
+name: matimo_reload_tools
+version: '1.0.0'
+description: >-
+  Hot-reload all tools from configured toolPaths. Clears the registry, re-reads
+  YAML definitions from disk, re-validates untrusted tools against the active
+  policy, and returns a summary of loaded, removed, revalidated, and rejected
+  tools. Use after matimo_create_tool + matimo_approve_tool to bring new tools
+  into the live registry without restarting the process.
+requires_approval: true
+tags:
+  - matimo
+  - meta
+  - lifecycle
+
+parameters: {}
+
+execution:
+  type: function
+  code: './matimo_reload_tools.ts'
+
+output_schema:
+  type: object
+  properties:
+    success:
+      type: boolean
+    loaded:
+      type: number
+    removed:
+      type: number
+    revalidated:
+      type: number
+    rejected:
+      type: array
+    message:
+      type: string

package/tools/matimo_reload_tools/matimo_reload_tools.ts

@@ -0,0 +1,29 @@
+import { getGlobalMatimoLogger } from '@matimo/core';
+
+/**
+ * matimo_reload_tools — Hot-reload all tools from configured toolPaths.
+ *
+ * NOTE: This function is a placeholder. The actual reload logic is intercepted
+ * and handled directly by MatimoInstance.execute() because reloadTools() is a
+ * method on the instance itself (it clears the registry, re-reads YAML from
+ * disk, re-validates untrusted tools, etc.). The function executor cannot do
+ * this because it doesn't have a reference to the MatimoInstance.
+ *
+ * If this file is ever reached (e.g., in tests without the interception),
+ * it returns an error instructing the caller to use matimo.reloadTools() directly.
+ */
+export default async function matimoReloadTools(): Promise<{
+  success: boolean;
+  message: string;
+}> {
+  const logger = getGlobalMatimoLogger();
+  logger.warn(
+    'matimo_reload_tools: reached fallback implementation — this should be intercepted by MatimoInstance.execute()',
+  );
+
+  return {
+    success: false,
+    message:
+      'Reload must be handled by MatimoInstance. If you see this, the interception in execute() is not active.',
+  };
+}

package/tools/matimo_validate_skill/definition.yaml

@@ -0,0 +1,43 @@
+name: matimo_validate_skill
+version: '1.0.0'
+description: >-
+  Validate an existing skill against the Agent Skills specification
+  (https://agentskills.io/specification). Checks SKILL.md frontmatter, naming
+  rules, directory structure, and best practices.
+requires_approval: false
+tags:
+  - matimo
+  - meta
+  - skill
+  - validation
+
+parameters:
+  name:
+    type: string
+    required: true
+    description: Name of the skill directory to validate
+  skills_dir:
+    type: string
+    required: false
+    description: Directory containing skills (default ./matimo-tools/skills)
+
+execution:
+  type: function
+  code: './matimo_validate_skill.ts'
+
+output_schema:
+  type: object
+  properties:
+    valid:
+      type: boolean
+      description: Whether the skill passes all validation checks
+    name:
+      type: string
+    issues:
+      type: array
+      description: List of validation issues (errors and warnings)
+    structure:
+      type: object
+      description: Skill directory structure analysis
+    message:
+      type: string

package/tools/matimo_validate_skill/matimo_validate_skill.ts

@@ -0,0 +1,137 @@
+import fs from 'fs';
+import path from 'path';
+import { getGlobalMatimoLogger } from '@matimo/core';
+import {
+  parseSkillContent,
+  validateFrontmatter,
+  listBundledResources,
+  type ValidationIssue,
+  type BundledResources,
+} from '../shared/skill-validation';
+
+interface ValidateSkillParams {
+  /** Name of the skill directory to validate. */
+  name: string;
+  /** Directory containing skills (default ./matimo-tools/skills). */
+  skills_dir?: string;
+}
+
+interface ValidateSkillResult {
+  valid: boolean;
+  name: string;
+  issues: ValidationIssue[];
+  structure: {
+    has_skill_md: boolean;
+    resources: BundledResources;
+  };
+  message: string;
+}
+
+/**
+ * Validate an existing skill against the Agent Skills specification.
+ *
+ * Checks:
+ * - SKILL.md exists
+ * - YAML frontmatter is present and valid
+ * - Name follows spec rules (lowercase, hyphens, max 64 chars)
+ * - Name matches directory name
+ * - Description is present and within limits
+ * - Optional fields follow constraints
+ * - Lists bundled resources for review
+ *
+ * @see https://agentskills.io/specification
+ */
+export default async function matimoValidateSkill(
+  params: ValidateSkillParams,
+): Promise<ValidateSkillResult> {
+  const logger = getGlobalMatimoLogger();
+  const skillsDir = params.skills_dir || './matimo-tools/skills';
+
+  const failResult = (message: string, issues: ValidationIssue[] = []): ValidateSkillResult => ({
+    valid: false,
+    name: params.name || '',
+    issues,
+    structure: { has_skill_md: false, resources: { scripts: [], references: [], assets: [], other: [] } },
+    message,
+  });
+
+  if (!params.name || params.name.trim().length === 0) {
+    return failResult('Skill name is required');
+  }
+
+  const skillDir = path.join(skillsDir, params.name);
+  const skillPath = path.join(skillDir, 'SKILL.md');
+
+  // Check directory exists
+  if (!fs.existsSync(skillDir)) {
+    return failResult(`Skill directory not found: ${skillDir}`);
+  }
+
+  // Check SKILL.md exists
+  if (!fs.existsSync(skillPath)) {
+    return failResult(`SKILL.md not found in ${skillDir}`, [
+      { field: 'SKILL.md', message: 'Required SKILL.md file is missing', severity: 'error' },
+    ]);
+  }
+
+  // Parse content
+  const content = fs.readFileSync(skillPath, 'utf-8');
+  const parseResult = parseSkillContent(content);
+
+  if (!parseResult.success) {
+    return failResult(parseResult.error!, [
+      { field: 'frontmatter', message: parseResult.error!, severity: 'error' },
+    ]);
+  }
+
+  const { frontmatter, body } = parseResult.parsed!;
+
+  // Validate frontmatter (with directory name matching)
+  const fmResult = validateFrontmatter(frontmatter, params.name);
+
+  // Add warnings for best practices
+  const allIssues = [...fmResult.issues];
+
+  // Warn if body is empty
+  if (!body || body.trim().length === 0) {
+    allIssues.push({
+      field: 'body',
+      message: 'SKILL.md has no instructions body — add content after the frontmatter',
+      severity: 'warning',
+    });
+  }
+
+  // Warn if body is too long (spec recommends < 5000 tokens ≈ < 500 lines)
+  const lineCount = body.split('\n').length;
+  if (lineCount > 500) {
+    allIssues.push({
+      field: 'body',
+      message: `SKILL.md body has ${lineCount} lines — spec recommends < 500 lines. Consider splitting into referenced files.`,
+      severity: 'warning',
+    });
+  }
+
+  // List bundled resources
+  const resources = listBundledResources(skillDir);
+
+  const valid = allIssues.filter(i => i.severity === 'error').length === 0;
+
+  logger.info('matimo_validate_skill: validation complete', {
+    name: params.name,
+    valid,
+    issueCount: allIssues.length,
+  });
+
+  return {
+    valid,
+    name: params.name,
+    issues: allIssues,
+    structure: {
+      has_skill_md: true,
+      resources,
+    },
+    message: valid
+      ? `Skill "${params.name}" is valid per the Agent Skills specification.`
+      : `Skill "${params.name}" has ${allIssues.filter(i => i.severity === 'error').length} error(s).`,
+  };
+}

package/tools/matimo_validate_tool/definition.yaml

@@ -0,0 +1,34 @@
+name: matimo_validate_tool
+version: '1.0.0'
+description: Validate a tool definition YAML string against the Matimo schema and policy rules. Returns schema errors, policy violations, and risk classification.
+requires_approval: false
+tags:
+  - matimo
+  - meta
+  - validation
+
+parameters:
+  yaml_content:
+    type: string
+    required: true
+    description: The YAML content of the tool definition to validate
+
+execution:
+  type: function
+  code: './matimo_validate_tool.ts'
+
+output_schema:
+  type: object
+  properties:
+    valid:
+      type: boolean
+      description: Whether the tool definition is valid
+    schemaErrors:
+      type: array
+      description: Schema validation errors (if any)
+    policyViolations:
+      type: array
+      description: Policy violations found by content validator
+    riskLevel:
+      type: string
+      description: Risk classification (low, medium, high, critical)

package/tools/matimo_validate_tool/matimo_validate_tool.ts

@@ -0,0 +1,168 @@
+import yaml from 'js-yaml';
+import {
+  validateToolDefinition,
+  validateToolContent,
+  classifyRisk,
+  getGlobalMatimoLogger,
+} from '@matimo/core';
+import type { Violation } from '@matimo/core';
+
+interface ValidateParams {
+  yaml_content: string;
+}
+
+/** Structured schema error with field path and optional valid values. */
+interface SchemaError {
+  field: string;
+  message: string;
+  validOptions?: string[];
+}
+
+interface ValidateResult {
+  valid: boolean;
+  schemaErrors: SchemaError[];
+  policyViolations: Array<{ rule: string; severity: string; message: string }>;
+  riskLevel: string;
+}
+
+const EXECUTION_TYPE_OPTIONS = ['command', 'http', 'function'];
+const PARAMETER_TYPE_OPTIONS = ['string', 'number', 'boolean', 'array', 'object'];
+const HTTP_METHOD_OPTIONS = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH'];
+const AUTH_TYPE_OPTIONS = ['api_key', 'basic', 'bearer', 'oauth2', 'custom'];
+const STATUS_OPTIONS = ['draft', 'approved', 'deprecated'];
+
+/**
+ * Map known field paths to valid option sets so agents get actionable errors.
+ */
+const VALID_OPTIONS_BY_PATH: Record<string, string[]> = {
+  'execution.type': EXECUTION_TYPE_OPTIONS,
+  'execution.method': HTTP_METHOD_OPTIONS,
+  'authentication.type': AUTH_TYPE_OPTIONS,
+  status: STATUS_OPTIONS,
+};
+
+const PARAMETER_TYPE_PATTERN = /^parameters\.[^.]+\.type$/;
+const PARAMETER_ENCODING_BACKOFF = /^error_handling\.backoff_type$/;
+
+function getValidOptions(fieldPath: string): string[] | undefined {
+  if (VALID_OPTIONS_BY_PATH[fieldPath]) return VALID_OPTIONS_BY_PATH[fieldPath];
+  if (PARAMETER_TYPE_PATTERN.test(fieldPath)) return PARAMETER_TYPE_OPTIONS;
+  if (PARAMETER_ENCODING_BACKOFF.test(fieldPath)) return ['linear', 'exponential'];
+  return undefined;
+}
+
+/**
+ * Convert a raw Zod issue into a human-readable SchemaError.
+ * Handles the most common patterns: missing fields, invalid enums,
+ * invalid discriminated union (execution.type).
+ */
+function formatZodIssue(issue: { path: (string | number)[]; message: string; code: string; expected?: string; received?: string }): SchemaError {
+  const fieldPath = issue.path.length > 0 ? issue.path.join('.') : 'root';
+  const validOptions = getValidOptions(fieldPath);
+
+  let message: string;
+
+  switch (issue.code) {
+    case 'invalid_type':
+      if (issue.received === 'undefined') {
+        message = `Missing required field: \`${fieldPath}\``;
+        if (validOptions) {
+          message += ` — must be one of: ${validOptions.map((v) => `'${v}'`).join(', ')}`;
+        }
+      } else {
+        message = `Invalid type for \`${fieldPath}\`: expected ${issue.expected ?? 'unknown'}, got ${issue.received ?? 'unknown'}`;
+      }
+      break;
+
+    case 'invalid_literal':
+    case 'invalid_enum_value':
+      message = `Invalid value for \`${fieldPath}\``;
+      if (validOptions) {
+        message += ` — must be one of: ${validOptions.map((v) => `'${v}'`).join(', ')}`;
+      } else {
+        message += ` (${issue.message})`;
+      }
+      break;
+
+    case 'invalid_union':
+      // Discriminated union failure — most commonly execution.type
+      message = `Invalid value for \`${fieldPath}\``;
+      if (fieldPath === 'execution' || fieldPath === 'root') {
+        message = `Missing or invalid \`execution.type\` — must be one of: ${EXECUTION_TYPE_OPTIONS.map((v) => `'${v}'`).join(', ')}`;
+        return { field: 'execution.type', message, validOptions: EXECUTION_TYPE_OPTIONS };
+      }
+      if (validOptions) {
+        message += ` — must be one of: ${validOptions.map((v) => `'${v}'`).join(', ')}`;
+      } else {
+        message += ` (${issue.message})`;
+      }
+      break;
+
+    default:
+      message = `\`${fieldPath}\`: ${issue.message}`;
+  }
+
+  return { field: fieldPath, message, ...(validOptions ? { validOptions } : {}) };
+}
+
+export default async function matimoValidateTool(
+  params: ValidateParams,
+): Promise<ValidateResult> {
+  const logger = getGlobalMatimoLogger();
+  const result: ValidateResult = {
+    valid: true,
+    schemaErrors: [],
+    policyViolations: [],
+    riskLevel: 'low',
+  };
+
+  // Step 1: Parse YAML
+  let parsed: unknown;
+  try {
+    parsed = yaml.load(params.yaml_content);
+  } catch (err) {
+    result.valid = false;
+    result.schemaErrors.push({
+      field: 'root',
+      message: `YAML parse error: ${(err as Error).message}`,
+    });
+    logger.warn('matimo_validate_tool: YAML parse failed', { error: (err as Error).message });
+    return result;
+  }
+
+  // Step 2: Validate against ToolDefinition schema
+  let tool: ReturnType<typeof validateToolDefinition>;
+  try {
+    tool = validateToolDefinition(parsed);
+  } catch (err) {
+    result.valid = false;
+    // MatimoError carries raw Zod issues in details.issues — use them for structured output
+    const matimoErr = err as { details?: { issues?: unknown[] }; message?: string };
+    const rawIssues = matimoErr.details?.issues;
+    if (Array.isArray(rawIssues) && rawIssues.length > 0) {
+      result.schemaErrors = (rawIssues as { path: (string | number)[]; message: string; code: string; expected?: string; received?: string }[]).map(formatZodIssue);
+    } else {
+      result.schemaErrors.push({ field: 'root', message: (err as Error).message });
+    }
+    logger.warn('matimo_validate_tool: schema validation failed', {
+      errorCount: result.schemaErrors.length,
+    });
+    return result;
+  }
+
+  // Step 3: Run content validator (as untrusted source)
+  const validation = validateToolContent(tool, { source: 'untrusted' });
+  if (!validation.valid) {
+    result.valid = false;
+    result.policyViolations = validation.violations.map((v: Violation) => ({
+      rule: v.rule,
+      severity: v.severity,
+      message: v.message,
+    }));
+  }
+
+  // Step 4: Classify risk
+  result.riskLevel = classifyRisk(tool);
+
+  return result;
+}