@newsails/veil-cli 1.0.1

package/api/middleware.js

@@ -0,0 +1,60 @@
+'use strict';
+
+const context = require('../utils/context');
+
+/**
+ * Auth middleware — validates X-Veil-Secret header if a secret is configured.
+ */
+function authMiddleware(req, res, next) {
+  // /health is always unprotected (liveness probe for load balancers / orchestrators)
+  if (req.path === '/health') return next();
+
+  // Secret is read from settings at request time via context
+  const secret = req.app.locals.settings?.secret;
+  if (!secret) return next(); // No secret configured — open access
+
+  const provided = req.headers['x-veil-secret'];
+  if (!provided || provided !== secret) {
+    return res.status(401).json({ error: { code: 'UNAUTHORIZED', message: 'Invalid or missing X-Veil-Secret header' } });
+  }
+  next();
+}
+
+/**
+ * Standard error response formatter.
+ * @param {Response} res
+ * @param {number} status
+ * @param {string} code
+ * @param {string} message
+ */
+function sendError(res, status, code, message) {
+  return res.status(status).json({ error: { code, message } });
+}
+
+/**
+ * Global error handler middleware.
+ */
+function errorHandler(err, req, res, next) {
+  const codeMap = {
+    'AGENT_NOT_FOUND': 404,
+    'MODE_NOT_SUPPORTED': 400,
+    'TASK_NOT_FOUND': 404,
+    'SESSION_NOT_FOUND': 404,
+    'SESSION_CLOSED': 400,
+    'TASK_NOT_WAITING': 400,
+    'PERMISSION_DENIED': 403,
+    'VALIDATION_ERROR': 400,
+  };
+
+  const code = err.code || 'INTERNAL_ERROR';
+  const status = codeMap[code] || 500;
+  const message = err.message || 'An unexpected error occurred';
+
+  if (status === 500) {
+    console.error('[ERROR]', err);
+  }
+
+  return sendError(res, status, code, message);
+}
+
+module.exports = { authMiddleware, sendError, errorHandler };

package/api/routes/agents.js

@@ -0,0 +1,193 @@
+'use strict';
+
+const express = require('express');
+const fs = require('fs');
+const path = require('path');
+const router = express.Router();
+const { listAgents, loadAgent, getEffectiveModeConfig, createAgent, updateAgent, deleteAgent } = require('../../core/agent');
+const { listCustomToolSummaries } = require('../../core/registry');
+const { sendError } = require('../middleware');
+const context = require('../../utils/context');
+const db = require('../../infrastructure/database');
+const paths = require('../../utils/paths');
+
+// POST /agents — create a new agent
+router.post('/', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const { name, level = 'project', config, agentMd } = req.body;
+
+    if (!name) return sendError(res, 400, 'VALIDATION_ERROR', '"name" is required');
+    if (!config || typeof config !== 'object') return sendError(res, 400, 'VALIDATION_ERROR', '"config" object is required');
+    if (level !== 'project' && level !== 'global') return sendError(res, 400, 'VALIDATION_ERROR', '"level" must be "project" or "global"');
+
+    const result = createAgent({ name, level, cwd, config, agentMd });
+    res.status(201).json({ agent: result });
+  } catch (err) {
+    if (err.code === 'AGENT_EXISTS') return sendError(res, 409, 'AGENT_EXISTS', err.message);
+    if (err.code === 'INVALID_NAME') return sendError(res, 400, 'INVALID_NAME', err.message);
+    if (err.code === 'INVALID_CONFIG') return sendError(res, 400, 'INVALID_CONFIG', err.message);
+    next(err);
+  }
+});
+
+// GET /agents
+router.get('/', (req, res, next) => {
+  try {
+    const agents = listAgents({ cwd: context.getCwd() });
+    res.json({ agents });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// GET /agents/:name
+router.get('/:name', (req, res, next) => {
+  try {
+    const agent = loadAgent({ cwd: context.getCwd(), name: req.params.name });
+    res.json({ agent: {
+      name: agent.name,
+      description: agent.description || '',
+      model: agent.model,
+      temperature: agent.temperature,
+      reasoning: agent.reasoning,
+      modes: agent.modes,
+      skillDiscovery: agent.skillDiscovery,
+      memory: agent.memory,
+      agentFolder: agent.agentFolder,
+      source: agent.source,
+      agentMd: agent.agentMd || '',
+    }});
+  } catch (err) {
+    if (err.message && err.message.startsWith('Agent "')) {
+      err.code = 'AGENT_NOT_FOUND';
+    }
+    next(err);
+  }
+});
+
+// POST /agents/:name/reload — hot-reload agent config from disk
+router.post('/:name/reload', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const agent = loadAgent({ cwd, name: req.params.name });
+    res.json({ reloaded: true, agent });
+  } catch (err) {
+    if (err.message && err.message.includes('not found')) {
+      return sendError(res, 404, 'AGENT_NOT_FOUND', err.message);
+    }
+    next(err);
+  }
+});
+
+// PUT /agents/:name — update agent config and/or AGENT.md
+router.put('/:name', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const { config, agentMd } = req.body;
+
+    if (config === undefined && agentMd === undefined) {
+      return sendError(res, 400, 'VALIDATION_ERROR', 'At least one of "config" or "agentMd" is required');
+    }
+
+    const result = updateAgent({ name: req.params.name, cwd, config, agentMd });
+    res.json({ agent: result });
+  } catch (err) {
+    if (err.code === 'AGENT_NOT_FOUND') return sendError(res, 404, 'AGENT_NOT_FOUND', err.message);
+    if (err.code === 'AGENT_READ_ONLY') return sendError(res, 403, 'AGENT_READ_ONLY', err.message);
+    if (err.code === 'INVALID_CONFIG') return sendError(res, 400, 'INVALID_CONFIG', err.message);
+    next(err);
+  }
+});
+
+// DELETE /agents/:name — delete an agent folder
+router.delete('/:name', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const result = deleteAgent({ name: req.params.name, cwd });
+    res.json({ deleted: true, agent: result });
+  } catch (err) {
+    if (err.code === 'AGENT_NOT_FOUND') return sendError(res, 404, 'AGENT_NOT_FOUND', err.message);
+    if (err.code === 'AGENT_READ_ONLY') return sendError(res, 403, 'AGENT_READ_ONLY', err.message);
+    next(err);
+  }
+});
+
+// GET /agents/:name/sessions
+router.get('/:name/sessions', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const { limit, cursor, status } = req.query;
+    const sessions = db.listSessions({
+      instanceFolder: cwd,
+      agentName: req.params.name,
+      status,
+      limit: limit ? parseInt(limit, 10) : 20,
+      cursor,
+    });
+    res.json({ agentName: req.params.name, sessions });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// GET /agents/:name/tasks
+router.get('/:name/tasks', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    const { limit, cursor, status, priority } = req.query;
+    const tasks = db.listTasks({
+      instanceFolder: cwd,
+      agentName: req.params.name,
+      status,
+      priority,
+      limit: limit ? parseInt(limit, 10) : 20,
+      cursor,
+    });
+    res.json({ agentName: req.params.name, tasks });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// GET /agents/:name/skills
+router.get('/:name/skills', (req, res, next) => {
+  try {
+    const cwd = context.getCwd();
+    let agent;
+    try {
+      agent = loadAgent({ cwd, name: req.params.name });
+    } catch {
+      return sendError(res, 404, 'AGENT_NOT_FOUND', `Agent "${req.params.name}" not found`);
+    }
+
+    const modeConfig = agent.modes?.task || agent.modes?.subagent || {};
+    const skillNames = modeConfig.skills || [];
+    const projectSkillsDir = paths.getProjectSkillsDir(cwd);
+
+    const skills = skillNames.map(skillName => {
+      const projectSkillPath = path.join(projectSkillsDir, skillName + '.md');
+      const agentSkillPath = agent.agentFolder
+        ? path.join(agent.agentFolder, 'skills', skillName + '.md')
+        : null;
+      const agentLoaded = agentSkillPath && fs.existsSync(agentSkillPath);
+      const projectLoaded = fs.existsSync(projectSkillPath);
+      const loaded = agentLoaded || projectLoaded;
+      return {
+        name: skillName,
+        loaded,
+        source: agentLoaded ? 'agent' : projectLoaded ? 'project' : null,
+        path: agentLoaded ? agentSkillPath : projectLoaded ? projectSkillPath : null,
+        error: loaded ? null : 'File not found',
+      };
+    });
+
+    const customTools = listCustomToolSummaries({ agentConfig: agent, cwd });
+
+    res.json({ agentName: req.params.name, skills, customTools });
+  } catch (err) {
+    next(err);
+  }
+});
+
+module.exports = router;

package/api/routes/chat.js

@@ -0,0 +1,93 @@
+'use strict';
+
+const express = require('express');
+const router = express.Router({ mergeParams: true });
+const { runChat } = require('../../core/router');
+const { loadAgent } = require('../../core/agent');
+const { sendError } = require('../middleware');
+const context = require('../../utils/context');
+const eventBus = require('../../core/events');
+
+// POST /agents/:name/chat
+router.post('/', async (req, res, next) => {
+  try {
+    const { name } = req.params;
+    const { message, sessionId, sse = false } = req.body;
+    const cwd = context.getCwd();
+    const settings = req.app.locals.settings;
+
+    if (!message || typeof message !== 'string') {
+      return sendError(res, 400, 'VALIDATION_ERROR', 'message is required and must be a string');
+    }
+
+    // Verify agent exists and supports chat mode
+    let agent;
+    try {
+      agent = loadAgent({ cwd, name });
+    } catch (err) {
+      return sendError(res, 404, 'AGENT_NOT_FOUND', err.message);
+    }
+
+    if (!agent.modes?.chat?.enabled) {
+      return sendError(res, 400, 'MODE_NOT_SUPPORTED', `Agent "${name}" does not support chat mode`);
+    }
+
+    // ── SSE streaming mode ────────────────────────────────────────────────────
+    if (sse) {
+      res.setHeader('Content-Type', 'text/event-stream');
+      res.setHeader('Cache-Control', 'no-cache');
+      res.setHeader('Connection', 'keep-alive');
+      res.setHeader('X-Accel-Buffering', 'no');
+      res.flushHeaders();
+
+      let currentSessionId = sessionId || null;
+
+      function sendEvent(event, data) {
+        try { res.write(`event: ${event}\ndata: ${JSON.stringify(data)}\n\n`); } catch {}
+        eventBus.emit('event', { type: 'session.stream', sessionId: currentSessionId, agentName: name, eventType: event, data });
+      }
+
+      try {
+        const result = await runChat({
+          agentName: name, message, sessionId, cwd, settings,
+          onSessionStart: (sid) => { currentSessionId = sid; },
+          onStreamChunk: (text) => sendEvent('inference.chunk', { content: text }),
+          onInferenceToolStart: (toolName) => sendEvent('inference.tool', { name: toolName }),
+          onEvent: (event) => {
+            if (event.type === 'message')
+              sendEvent('message', {
+                ...event.message,
+                ...(event.finishReason  !== undefined && { finishReason: event.finishReason }),
+                ...(event.iteration     !== undefined && { iteration: event.iteration }),
+                ...(event.tokenUsage    !== undefined && { tokenUsage: event.tokenUsage }),
+              });
+          },
+        });
+        sendEvent('done', {
+          session: result.session,
+          agentName: result.agentName, model: result.model,
+          iterations: result.iterations, durationMs: result.durationMs,
+          tokenUsage: result.tokenUsage, toolCalls: result.toolCalls || [],
+        });
+      } catch (err) {
+        sendEvent('error', { error: err.message, code: err.code || 'INTERNAL_ERROR' });
+      }
+      res.end();
+      return;
+    }
+
+    // ── Standard JSON mode ────────────────────────────────────────────────────
+    const result = await runChat({ agentName: name, message, sessionId, cwd, settings });
+
+    res.json({
+      sessionId: result.sessionId,
+      message: { role: 'assistant', content: result.content },
+      tokenUsage: result.tokenUsage,
+      toolCalls: result.toolCalls || [],
+    });
+  } catch (err) {
+    next(err);
+  }
+});
+
+module.exports = router;

package/api/routes/completions.js

@@ -0,0 +1,122 @@
+'use strict';
+
+const express = require('express');
+const router = express.Router();
+const { callLLM, extractMessage, extractUsage } = require('../../llm/client');
+const { getModelConfig } = require('../../utils/settings');
+const { calculateCost } = require('../../utils/models');
+const { sendError } = require('../middleware');
+const F = require('../../settings/fields');
+
+/**
+ * POST /completions
+ *
+ * Standalone chat completion endpoint — no agent, no session, no tool loop.
+ * Useful for independent LLM calls from apps built on Veil.
+ *
+ * Body:
+ *   model?       {string}   Override the default model from settings
+ *   messages     {array}    OpenAI-compatible messages array (required)
+ *   temperature? {number}
+ *   max_tokens?  {number}
+ *   tools?       {array}    OpenAI-compatible tool definitions
+ *   reasoning?   {string}   Reasoning effort (e.g. "high")
+ *   thinking?    {object}   Extended thinking config (e.g. { type: "enabled", budget_tokens: 10000 })
+ *   sse?         {boolean}  Stream response via Server-Sent Events
+ */
+router.post('/', async (req, res, next) => {
+  try {
+    const settings = req.app.locals.settings;
+    const {
+      model,
+      messages,
+      temperature,
+      max_tokens,
+      tools,
+      reasoning,
+      thinking,
+      modalities,
+      audio,
+      sse = false,
+    } = req.body;
+
+    if (!Array.isArray(messages) || messages.length === 0) {
+      return sendError(res, 400, 'VALIDATION_ERROR', 'messages is required and must be a non-empty array');
+    }
+
+    const modelConfig = getModelConfig(settings, F.MODEL_MAIN);
+    const resolvedModel = model || modelConfig[F.MODEL_NAME];
+
+    if (!resolvedModel) {
+      return sendError(res, 400, 'VALIDATION_ERROR', 'model is required (or configure a default model in settings)');
+    }
+
+    const llmParams = {
+      baseUrl:    modelConfig[F.MODEL_BASE_URL],
+      apiKey:     modelConfig[F.MODEL_API_KEY],
+      model:      resolvedModel,
+      messages,
+      tools:       Array.isArray(tools) ? tools : [],
+      temperature: temperature !== undefined ? temperature : undefined,
+      maxTokens:   max_tokens  !== undefined ? max_tokens  : undefined,
+      reasoning:   reasoning   !== undefined ? reasoning   : undefined,
+      thinking:    thinking    !== undefined ? thinking    : undefined,
+      modalities:  modalities  !== undefined ? modalities  : undefined,
+      audio:       audio       !== undefined ? audio       : undefined,
+    };
+
+    // ── SSE streaming mode ──────────────────────────────────────────────────
+    if (sse) {
+      res.setHeader('Content-Type', 'text/event-stream');
+      res.setHeader('Cache-Control', 'no-cache');
+      res.setHeader('Connection', 'keep-alive');
+      res.setHeader('X-Accel-Buffering', 'no');
+      res.flushHeaders();
+
+      function sendEvent(event, data) {
+        try { res.write(`event: ${event}\ndata: ${JSON.stringify(data)}\n\n`); } catch {}
+      }
+
+      try {
+        const response = await callLLM({
+          ...llmParams,
+          onChunk: (text) => sendEvent('chunk', { content: text }),
+        });
+
+        const { content, audio: audioOut, toolCalls, finishReason } = extractMessage(response);
+        const usage = extractUsage(response);
+        const cost = usage.cost || calculateCost(resolvedModel, { input: usage.input, output: usage.output, cache: usage.cache });
+
+        sendEvent('done', {
+          message: { role: 'assistant', content, audio: audioOut, tool_calls: toolCalls || [] },
+          usage:   { input: usage.input, output: usage.output, cache: usage.cache },
+          cost,
+          finish_reason: finishReason,
+        });
+      } catch (err) {
+        sendEvent('error', { error: err.message, code: err.code || 'INTERNAL_ERROR' });
+      }
+
+      res.end();
+      return;
+    }
+
+    // ── Standard JSON mode ──────────────────────────────────────────────────
+    const response = await callLLM(llmParams);
+
+    const { content, audio: audioOut, toolCalls, finishReason } = extractMessage(response);
+    const usage = extractUsage(response);
+    const cost = usage.cost || calculateCost(resolvedModel, { input: usage.input, output: usage.output, cache: usage.cache });
+
+    res.json({
+      message: { role: 'assistant', content, audio: audioOut, tool_calls: toolCalls || [] },
+      usage:   { input: usage.input, output: usage.output, cache: usage.cache },
+      cost,
+      finish_reason: finishReason,
+    });
+  } catch (err) {
+    next(err);
+  }
+});
+
+module.exports = router;

package/api/routes/daemons.js

@@ -0,0 +1,80 @@
+'use strict';
+
+const express = require('express');
+const router = express.Router();
+const { loadAgent } = require('../../core/agent');
+const { sendError } = require('../middleware');
+const context = require('../../utils/context');
+
+// GET /daemons
+router.get('/', (req, res, next) => {
+  try {
+    const scheduler = req.app.locals.scheduler;
+    if (!scheduler) return res.json({ daemons: [] });
+    res.json({ daemons: scheduler.listDaemons() });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// POST /agents/:name/daemon/start
+router.post('/:name/daemon/start', (req, res, next) => {
+  try {
+    const { name } = req.params;
+    const cwd = context.getCwd();
+    let agent;
+    try {
+      agent = loadAgent({ cwd, name });
+    } catch {
+      return sendError(res, 404, 'AGENT_NOT_FOUND', `Agent "${name}" not found`);
+    }
+    if (!agent.modes?.daemon?.enabled) {
+      return sendError(res, 400, 'MODE_NOT_SUPPORTED', `Agent "${name}" does not support daemon mode`);
+    }
+    const scheduler = req.app.locals.scheduler;
+    scheduler.startDaemon({ agentName: name, agent, cwd, settings: req.app.locals.settings });
+    res.json({ agentName: name, status: 'started' });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// POST /agents/:name/daemon/stop
+router.post('/:name/daemon/stop', (req, res, next) => {
+  try {
+    const { name } = req.params;
+    const scheduler = req.app.locals.scheduler;
+    scheduler.stopDaemon(name);
+    res.json({ agentName: name, status: 'stopped' });
+  } catch (err) {
+    next(err);
+  }
+});
+
+// POST /agents/:name/daemon/trigger
+router.post('/:name/daemon/trigger', async (req, res, next) => {
+  try {
+    const { name } = req.params;
+    const cwd = context.getCwd();
+    const settings = req.app.locals.settings;
+    let agent;
+    try {
+      agent = loadAgent({ cwd, name });
+    } catch {
+      return sendError(res, 404, 'AGENT_NOT_FOUND', `Agent "${name}" not found`);
+    }
+    if (!agent.modes?.daemon?.enabled) {
+      return sendError(res, 400, 'MODE_NOT_SUPPORTED', `Agent "${name}" does not support daemon mode`);
+    }
+    const { runDaemonTick } = require('../../core/router');
+    // Fire async
+    setImmediate(() => runDaemonTick({ agentName: name, cwd, settings }).catch(err => {
+      console.error(`Daemon tick error for ${name}:`, err.message);
+    }));
+    res.json({ agentName: name, status: 'triggered' });
+  } catch (err) {
+    next(err);
+  }
+});
+
+module.exports = router;