@nuvlore/extension-bds 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +4 -16
- package/vendor/extension-read-only-toolkit/LICENSE +0 -202
- package/vendor/extension-read-only-toolkit/README.md +0 -29
- package/vendor/extension-read-only-toolkit/package.json +0 -46
- package/vendor/extension-read-only-toolkit/src/devops-data-paths.mjs +0 -222
- package/vendor/extension-read-only-toolkit/src/devops-diagnostics.mjs +0 -440
- package/vendor/extension-read-only-toolkit/src/enterprise-api-read.mjs +0 -180
- package/vendor/extension-read-only-toolkit/src/read-only-command-pack.mjs +0 -1
- package/vendor/extension-read-only-toolkit/src/read-only-plan.mjs +0 -45
- package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.d.mts +0 -26
- package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.mjs +0 -170
- package/vendor/extension-workday-infra-access/LICENSE +0 -202
- package/vendor/extension-workday-infra-access/README.md +0 -3
- package/vendor/extension-workday-infra-access/agents/workday-infra-access-readonly.yaml +0 -183
- package/vendor/extension-workday-infra-access/package.json +0 -49
- package/vendor/extension-workday-infra-access/skills/workday-infra-access/SKILL.md +0 -102
- package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-boundary-runbook.md +0 -43
- package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-runbook.md +0 -15
- package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-scylla-cloud-runbook.md +0 -39
- package/vendor/extension-workday-infra-access/skills/workday-infra-access/references/access-spc-argo-runbook.md +0 -99
- package/vendor/extension-workday-infra-access/src/workday-access-profiles.mjs +0 -194
- package/vendor/extension-workday-infra-access/tools/aws_cust_federated_readonly_command_pack.mjs +0 -234
- package/vendor/extension-workday-infra-access/tools/gcp_readonly_command_pack.mjs +0 -167
- package/vendor/extension-workday-infra-access/tools/public_cloud_access_status.mjs +0 -48
- package/vendor/extension-workday-infra-access/tools/workday_boundary_login.mjs +0 -460
- package/vendor/extension-workday-infra-access/tools/workday_private_cloud_sudo_readonly_command.mjs +0 -386
- package/vendor/extension-workday-infra-access/tools/workday_public_cloud_environment_map.mjs +0 -189
- package/vendor/extension-workday-infra-access/tools/workday_public_cloud_kubernetes_read.mjs +0 -297
- package/vendor/extension-workday-infra-access/tools/workday_public_cloud_spc_login.mjs +0 -505
- package/vendor/extension-workday-infra-access/tools/workday_spc_argo_readonly_command_pack.mjs +0 -215
- package/vendor/extension-workday-infra-access/workflows/public-cloud-readonly-investigation.js +0 -99
package/vendor/extension-workday-infra-access/tools/workday_spc_argo_readonly_command_pack.mjs
DELETED
|
@@ -1,215 +0,0 @@
|
|
|
1
|
-
export const description = "Create a local-only, read-only Workday SPC + Argo UI access command pack using saved Keychain LDAP credentials; does not authenticate, port-forward, or mutate Argo/Kubernetes.";
|
|
2
|
-
|
|
3
|
-
import { z } from "zod";
|
|
4
|
-
import { defineReadOnlyTool, fail, ok } from "@nuvlore/extension-read-only-toolkit/devops-diagnostics";
|
|
5
|
-
|
|
6
|
-
const DEFAULT_TIER = "dev";
|
|
7
|
-
const DEFAULT_KEYCHAIN_SERVICE = "eldwin";
|
|
8
|
-
const DEFAULT_KEYCHAIN_ACCOUNT = "eldwin.workday_prod_ldap";
|
|
9
|
-
const DEFAULT_KUBECONFIG = "$HOME/.kube/spc-config";
|
|
10
|
-
const DEFAULT_ARGO_NAMESPACE = "argocdapp";
|
|
11
|
-
const DEFAULT_ARGO_SERVICE = "argocdapp-server";
|
|
12
|
-
const DEFAULT_LOCAL_PORT = 8080;
|
|
13
|
-
|
|
14
|
-
function normalizeText(value) {
|
|
15
|
-
return typeof value === "string" ? value.trim() : "";
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
function shellQuote(value) {
|
|
19
|
-
return `'${String(value).replaceAll("'", "'\\''")}'`;
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
function spcCommand(input) {
|
|
23
|
-
const developerFlag = input.developerAccess ? " -d" : "";
|
|
24
|
-
return `spc${developerFlag} connect ${shellQuote(input.tier)} ${shellQuote(input.cluster)}`;
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
function spcTtyCommand(input) {
|
|
28
|
-
return `/usr/bin/script -q /tmp/spc-${input.cluster}.out ${spcCommand(input)}`;
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
function portForwardCommand(input) {
|
|
32
|
-
return [
|
|
33
|
-
"kubectl",
|
|
34
|
-
`--kubeconfig=${input.kubeconfig}`,
|
|
35
|
-
"-n",
|
|
36
|
-
shellQuote(input.argoNamespace),
|
|
37
|
-
"port-forward",
|
|
38
|
-
`svc/${shellQuote(input.argoService)}`,
|
|
39
|
-
`${input.localPort}:443`
|
|
40
|
-
].join(" ");
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
function argocdStatusCommands(input) {
|
|
44
|
-
const appNames = input.appNames.length ? input.appNames.map(shellQuote).join(" ") : "";
|
|
45
|
-
const appSelector = appNames || "-A";
|
|
46
|
-
const kubeconfig = `--kubeconfig=${input.kubeconfig}`;
|
|
47
|
-
return [
|
|
48
|
-
`kubectl ${kubeconfig} get app -n ${shellQuote(input.argoNamespace)} ${appSelector}`,
|
|
49
|
-
`kubectl ${kubeconfig} get app -n ${shellQuote(input.argoNamespace)} ${appSelector} -o json | jq '.items[]? // .'`,
|
|
50
|
-
`kubectl ${kubeconfig} get componentrelease -n ${shellQuote(input.workloadNamespace)} ${appNames || ""} -o wide`,
|
|
51
|
-
`kubectl ${kubeconfig} get componentrelease -n ${shellQuote(input.workloadNamespace)} ${appNames || ""} -o json | jq '.items[]? // . | {name:.metadata.name, chartVersion:.spec.chartVersion, replicas:.spec.chartValues.component.replicas, conditions:.status.conditions}'`,
|
|
52
|
-
`kubectl ${kubeconfig} get helmrelease -n ${shellQuote(input.workloadNamespace)} ${appNames || ""} -o json | jq '.items[]? // . | {name:.metadata.name, ownerReferences:.metadata.ownerReferences, driftDetection:.spec.driftDetection, replicas:.spec.values.component.replicas, conditions:.status.conditions}'`,
|
|
53
|
-
`kubectl ${kubeconfig} get deploy,statefulset -n ${shellQuote(input.workloadNamespace)} -o wide`,
|
|
54
|
-
`kubectl ${kubeconfig} get pods -n ${shellQuote(input.workloadNamespace)} -o wide`,
|
|
55
|
-
`kubectl ${kubeconfig} get svc,endpoints -n ${shellQuote(input.workloadNamespace)} -o wide`,
|
|
56
|
-
`kubectl ${kubeconfig} get pods -n ${shellQuote(input.workloadNamespace)} --show-labels`,
|
|
57
|
-
`kubectl ${kubeconfig} get hpa,vpa,scaledobject -n ${shellQuote(input.workloadNamespace)} 2>/dev/null || true`,
|
|
58
|
-
`kubectl ${kubeconfig} get events -n ${shellQuote(input.workloadNamespace)} --sort-by=.lastTimestamp`
|
|
59
|
-
].filter((command) => !command.endsWith(" -o wide"));
|
|
60
|
-
}
|
|
61
|
-
|
|
62
|
-
function rbacProbeCommands(input) {
|
|
63
|
-
const kubeconfig = `--kubeconfig=${input.kubeconfig}`;
|
|
64
|
-
const namespace = shellQuote(input.workloadNamespace);
|
|
65
|
-
return [
|
|
66
|
-
`kubectl ${kubeconfig} auth whoami 2>&1 || true`,
|
|
67
|
-
`kubectl ${kubeconfig} auth can-i patch deployments/scale -n ${namespace}`,
|
|
68
|
-
`kubectl ${kubeconfig} auth can-i patch deployments -n ${namespace}`,
|
|
69
|
-
`kubectl ${kubeconfig} auth can-i patch componentreleases.component.workday.com -n ${namespace}`,
|
|
70
|
-
`kubectl ${kubeconfig} auth can-i patch helmreleases.helm.toolkit.fluxcd.io -n ${namespace}`
|
|
71
|
-
];
|
|
72
|
-
}
|
|
73
|
-
|
|
74
|
-
function smokeDependencyCommands(input) {
|
|
75
|
-
const kubeconfig = `--kubeconfig=${input.kubeconfig}`;
|
|
76
|
-
const namespace = shellQuote(input.workloadNamespace);
|
|
77
|
-
return [
|
|
78
|
-
`kubectl ${kubeconfig} get pods -n ${namespace} -l name=prism -o wide`,
|
|
79
|
-
`kubectl ${kubeconfig} get deploy -n ${namespace} -l name=prism -o wide`,
|
|
80
|
-
`kubectl ${kubeconfig} get svc,endpoints -n ${namespace} | grep -E 'prism|NAME' || true`
|
|
81
|
-
];
|
|
82
|
-
}
|
|
83
|
-
|
|
84
|
-
function componentControllerCommands(input) {
|
|
85
|
-
const kubeconfig = `--kubeconfig=${input.kubeconfig}`;
|
|
86
|
-
return [
|
|
87
|
-
`kubectl ${kubeconfig} get crd componentreleases.component.workday.com -o json | jq '.spec.versions[]? | select(.served==true) | .schema.openAPIV3Schema.properties.spec.properties | keys'`,
|
|
88
|
-
`kubectl ${kubeconfig} -n isd-component-controller get deploy isd-component-controller-controller-manager -o json | jq '{image:.spec.template.spec.containers[0].image,args:.spec.template.spec.containers[0].args,labels:.metadata.labels}'`,
|
|
89
|
-
`kubectl ${kubeconfig} -n isd-component-controller get configmap isd-component-controller-component-controller-config -o json | jq -r '.data | to_entries[] | .value'`
|
|
90
|
-
];
|
|
91
|
-
}
|
|
92
|
-
|
|
93
|
-
function normalizeInput(input = {}) {
|
|
94
|
-
const appNames = Array.isArray(input.appNames)
|
|
95
|
-
? input.appNames.map(normalizeText).filter(Boolean)
|
|
96
|
-
: [];
|
|
97
|
-
const tier = normalizeText(input.tier ?? input.domain) || DEFAULT_TIER;
|
|
98
|
-
const developerAccess = typeof input.developerAccess === "boolean"
|
|
99
|
-
? input.developerAccess
|
|
100
|
-
: ["dev", "eng"].includes(tier);
|
|
101
|
-
return {
|
|
102
|
-
cluster: normalizeText(input.cluster),
|
|
103
|
-
tier,
|
|
104
|
-
developerAccess,
|
|
105
|
-
workloadNamespace: normalizeText(input.workloadNamespace) || "bds",
|
|
106
|
-
argoNamespace: normalizeText(input.argoNamespace) || DEFAULT_ARGO_NAMESPACE,
|
|
107
|
-
argoService: normalizeText(input.argoService) || DEFAULT_ARGO_SERVICE,
|
|
108
|
-
keychainService: DEFAULT_KEYCHAIN_SERVICE,
|
|
109
|
-
keychainAccount: DEFAULT_KEYCHAIN_ACCOUNT,
|
|
110
|
-
kubeconfig: normalizeText(input.kubeconfig) || DEFAULT_KUBECONFIG,
|
|
111
|
-
localPort: Number.isInteger(input.localPort) ? input.localPort : DEFAULT_LOCAL_PORT,
|
|
112
|
-
appNames
|
|
113
|
-
};
|
|
114
|
-
}
|
|
115
|
-
|
|
116
|
-
export class WorkdaySpcArgoReadonlyPlanService {
|
|
117
|
-
invoke(input) {
|
|
118
|
-
const normalized = normalizeInput(input);
|
|
119
|
-
if (!normalized.cluster) {
|
|
120
|
-
throw new Error("cluster is required, for example proteusaws00020.");
|
|
121
|
-
}
|
|
122
|
-
|
|
123
|
-
return JSON.stringify({
|
|
124
|
-
mode: "atomic-helper",
|
|
125
|
-
target: {
|
|
126
|
-
cluster: normalized.cluster,
|
|
127
|
-
tier: normalized.tier,
|
|
128
|
-
developerAccess: normalized.developerAccess,
|
|
129
|
-
workloadNamespace: normalized.workloadNamespace,
|
|
130
|
-
argoNamespace: normalized.argoNamespace,
|
|
131
|
-
argoService: normalized.argoService,
|
|
132
|
-
appNames: normalized.appNames
|
|
133
|
-
},
|
|
134
|
-
credentialSource: {
|
|
135
|
-
keychainService: normalized.keychainService,
|
|
136
|
-
keychainAccount: normalized.keychainAccount,
|
|
137
|
-
secretHandling: "do not read PROD password in this command pack; use workday_public_cloud_spc_login for SPC login"
|
|
138
|
-
},
|
|
139
|
-
localStateChanges: [
|
|
140
|
-
"spc may open a local session and update local kubeconfig/context state",
|
|
141
|
-
"spc connectivity does not grant Kubernetes RBAC; verify the resulting identity with kubectl auth whoami and can-i",
|
|
142
|
-
"kubectl port-forward opens a localhost listener only"
|
|
143
|
-
],
|
|
144
|
-
commands: {
|
|
145
|
-
publicCloudLoginTool: `mcp__devops-tool__workday_public_cloud_spc_login ${JSON.stringify({ action: "login", tier: normalized.tier, cluster: normalized.cluster, namespace: normalized.workloadNamespace, humanApprovedLocalWrite: true })}`,
|
|
146
|
-
spcConnect: spcCommand(normalized),
|
|
147
|
-
spcConnectTty: spcTtyCommand(normalized),
|
|
148
|
-
argoPortForward: portForwardCommand(normalized),
|
|
149
|
-
argoUiUrl: `https://localhost:${normalized.localPort}/`,
|
|
150
|
-
readOnlyStatus: argocdStatusCommands(normalized),
|
|
151
|
-
smokeDependencies: smokeDependencyCommands(normalized),
|
|
152
|
-
rbacProbes: rbacProbeCommands(normalized),
|
|
153
|
-
componentControllerStatus: componentControllerCommands(normalized)
|
|
154
|
-
},
|
|
155
|
-
forbiddenActions: [
|
|
156
|
-
"Argo Sync",
|
|
157
|
-
"Argo Hard Refresh",
|
|
158
|
-
"Argo Delete",
|
|
159
|
-
"Argo Rollback",
|
|
160
|
-
"Kubernetes Scale",
|
|
161
|
-
"Kubernetes Patch",
|
|
162
|
-
"Kubernetes Restart"
|
|
163
|
-
],
|
|
164
|
-
remoteWrite: "not_executed"
|
|
165
|
-
}, null, 2);
|
|
166
|
-
}
|
|
167
|
-
}
|
|
168
|
-
|
|
169
|
-
const defaultService = new WorkdaySpcArgoReadonlyPlanService();
|
|
170
|
-
|
|
171
|
-
function workdaySpcArgoReadonlyPlan(input) {
|
|
172
|
-
return defaultService.invoke(input);
|
|
173
|
-
}
|
|
174
|
-
|
|
175
|
-
export default defineReadOnlyTool({
|
|
176
|
-
name: "workday_spc_argo_readonly_command_pack",
|
|
177
|
-
description: "Create a local-only, read-only Workday SPC + Argo UI access command pack using saved Keychain LDAP credentials; does not authenticate, port-forward, or mutate Argo/Kubernetes.",
|
|
178
|
-
meta: {
|
|
179
|
-
permissions: { rule: "ask" },
|
|
180
|
-
secret_provider: "keychain"
|
|
181
|
-
},
|
|
182
|
-
inputSchema: {
|
|
183
|
-
cluster: z.string().trim().min(1).max(253),
|
|
184
|
-
domain: z.string().trim().min(1).max(64).optional().describe("Deprecated alias for tier. Use tier for the current SPC CLI shape."),
|
|
185
|
-
tier: z.string().trim().min(1).max(64).default(DEFAULT_TIER),
|
|
186
|
-
developerAccess: z.boolean().optional(),
|
|
187
|
-
workloadNamespace: z.string().trim().min(1).max(253).default("bds"),
|
|
188
|
-
argoNamespace: z.string().trim().min(1).max(253).default(DEFAULT_ARGO_NAMESPACE),
|
|
189
|
-
argoService: z.string().trim().min(1).max(253).default(DEFAULT_ARGO_SERVICE),
|
|
190
|
-
appNames: z.array(z.string().trim().min(1).max(253)).max(32).default([]),
|
|
191
|
-
kubeconfig: z.string().trim().min(1).max(2048).default(DEFAULT_KUBECONFIG),
|
|
192
|
-
localPort: z.number().int().min(1024).max(65535).default(DEFAULT_LOCAL_PORT)
|
|
193
|
-
},
|
|
194
|
-
async handler(input) {
|
|
195
|
-
try {
|
|
196
|
-
return ok(workdaySpcArgoReadonlyPlan(input));
|
|
197
|
-
} catch (error) {
|
|
198
|
-
return fail(error);
|
|
199
|
-
}
|
|
200
|
-
}
|
|
201
|
-
});
|
|
202
|
-
|
|
203
|
-
export const __test = {
|
|
204
|
-
WorkdaySpcArgoReadonlyPlanService,
|
|
205
|
-
normalizeInput,
|
|
206
|
-
shellQuote,
|
|
207
|
-
spcCommand,
|
|
208
|
-
spcTtyCommand,
|
|
209
|
-
portForwardCommand,
|
|
210
|
-
argocdStatusCommands,
|
|
211
|
-
smokeDependencyCommands,
|
|
212
|
-
rbacProbeCommands,
|
|
213
|
-
componentControllerCommands,
|
|
214
|
-
workdaySpcArgoReadonlyPlan
|
|
215
|
-
};
|
package/vendor/extension-workday-infra-access/workflows/public-cloud-readonly-investigation.js
DELETED
|
@@ -1,99 +0,0 @@
|
|
|
1
|
-
export const meta = {
|
|
2
|
-
name: "public-cloud-readonly-investigation",
|
|
3
|
-
description: "Investigate AWS CUST or GCP cloud state through approved federation/local identity and read-only evidence commands only.",
|
|
4
|
-
whenToUse: "Use when an incident, Bamboo result, Slack thread, or operator request requires AWS CUST or GCP resource inspection without cloud mutation.",
|
|
5
|
-
phases: ["Plan", "Identity", "Evidence", "Reply"],
|
|
6
|
-
};
|
|
7
|
-
|
|
8
|
-
phase("Plan");
|
|
9
|
-
const plan = await agent(
|
|
10
|
-
[
|
|
11
|
-
"Extract platform, account/account alias or GCP project, region/zone, service, resource, and incident evidence.",
|
|
12
|
-
"For AWS CUST federated access, call only mcp__devops_tool__aws_cust_federated_readonly_command_pack.",
|
|
13
|
-
"For GCP, call only mcp__devops_tool__gcp_readonly_command_pack.",
|
|
14
|
-
"If the platform is ambiguous, report that blocker and do not guess.",
|
|
15
|
-
"Do not authenticate, open browser federation, read credential files, use Bash, or call cloud APIs in this phase.",
|
|
16
|
-
].join("\n"),
|
|
17
|
-
{
|
|
18
|
-
label: "public-cloud-plan",
|
|
19
|
-
phase: "Plan",
|
|
20
|
-
tools: "mcp__devops_tool__aws_cust_federated_readonly_command_pack,mcp__devops_tool__gcp_readonly_command_pack",
|
|
21
|
-
disallowedTools: "Agent,Task,TaskCreate,Bash,Read,Glob,Grep,WebFetch,WebSearch,Write,Edit,NotebookEdit,AskUserQuestion",
|
|
22
|
-
},
|
|
23
|
-
);
|
|
24
|
-
|
|
25
|
-
phase("Identity");
|
|
26
|
-
const identity = await agent(
|
|
27
|
-
[
|
|
28
|
-
"Verify identity only after approved local federation/login outside this workflow.",
|
|
29
|
-
"For AWS, run the plan's aws sts get-caller-identity via permitted local read-only execution.",
|
|
30
|
-
"For GCP, run the plan's gcloud auth list and gcloud config list via permitted local read-only execution.",
|
|
31
|
-
"If local execution is unavailable or denied, return the exact identity command that must be run manually and mark identity as unverified.",
|
|
32
|
-
"Never run aws configure, gcloud auth login, gcloud config set, or read ~/.aws, ADC, or credential files.",
|
|
33
|
-
"",
|
|
34
|
-
"Plan:",
|
|
35
|
-
plan,
|
|
36
|
-
].join("\n"),
|
|
37
|
-
{
|
|
38
|
-
label: "public-cloud-identity",
|
|
39
|
-
phase: "Identity",
|
|
40
|
-
tools: "",
|
|
41
|
-
disallowedTools: "Agent,Task,TaskCreate,WebFetch,WebSearch,Write,Edit,NotebookEdit,AskUserQuestion",
|
|
42
|
-
},
|
|
43
|
-
);
|
|
44
|
-
|
|
45
|
-
phase("Evidence");
|
|
46
|
-
const evidence = await agent(
|
|
47
|
-
[
|
|
48
|
-
"Collect read-only cloud evidence using commands emitted by the plan.",
|
|
49
|
-
"Allowed action families are describe, list, get metadata, head, read logs, and get-iam-policy.",
|
|
50
|
-
"For AWS S3, never run cp, mv, rm, sync, put-object, delete-object, or get-object for secrets/private material.",
|
|
51
|
-
"For GCP Storage, never run cp, mv, rm, update, compose, or rewrite.",
|
|
52
|
-
"For IAM/KMS/Secrets Manager, read metadata only; never request secret values, private keys, or key material.",
|
|
53
|
-
"If a command is denied by the read-only runtime or cloud IAM, preserve the denied action as an evidence gap.",
|
|
54
|
-
"",
|
|
55
|
-
"Plan:",
|
|
56
|
-
plan,
|
|
57
|
-
"",
|
|
58
|
-
"Identity:",
|
|
59
|
-
identity,
|
|
60
|
-
].join("\n"),
|
|
61
|
-
{
|
|
62
|
-
label: "public-cloud-evidence",
|
|
63
|
-
phase: "Evidence",
|
|
64
|
-
tools: "",
|
|
65
|
-
disallowedTools: "Agent,Task,TaskCreate,WebFetch,WebSearch,Write,Edit,NotebookEdit,AskUserQuestion",
|
|
66
|
-
},
|
|
67
|
-
);
|
|
68
|
-
|
|
69
|
-
phase("Reply");
|
|
70
|
-
const reply = await agent(
|
|
71
|
-
[
|
|
72
|
-
"Draft a concise answer from collected cloud evidence only.",
|
|
73
|
-
"State platform, account/project, identity state, commands run/blocked, observations, and evidence gaps.",
|
|
74
|
-
"Distinguish IAM/access denial from resource absence.",
|
|
75
|
-
"State remediation only as a human-reviewed manual recommendation; do not execute writes.",
|
|
76
|
-
"",
|
|
77
|
-
"Plan:",
|
|
78
|
-
plan,
|
|
79
|
-
"",
|
|
80
|
-
"Identity:",
|
|
81
|
-
identity,
|
|
82
|
-
"",
|
|
83
|
-
"Evidence:",
|
|
84
|
-
evidence,
|
|
85
|
-
].join("\n"),
|
|
86
|
-
{
|
|
87
|
-
label: "public-cloud-reply",
|
|
88
|
-
phase: "Reply",
|
|
89
|
-
tools: "",
|
|
90
|
-
disallowedTools: "Agent,Task,TaskCreate,Bash,Read,Glob,Grep,WebFetch,WebSearch,Write,Edit,NotebookEdit,AskUserQuestion",
|
|
91
|
-
},
|
|
92
|
-
);
|
|
93
|
-
|
|
94
|
-
return {
|
|
95
|
-
plan,
|
|
96
|
-
identity,
|
|
97
|
-
evidence,
|
|
98
|
-
reply,
|
|
99
|
-
};
|