@octopusdeploy/mcp-server 1.0.1 → 2.1.0

package/dist/helpers/requireConfirmation.js

@@ -0,0 +1,148 @@
+import {} from "@modelcontextprotocol/sdk/server/mcp.js";
+import { env } from "process";
+function renderChange(change) {
+    // Preserve source order first, then append target-only keys, so related
+    // fields stay together rather than getting alphabetised apart.
+    const seen = new Set();
+    const keys = [];
+    for (const k of Object.keys(change.source)) {
+        keys.push(k);
+        seen.add(k);
+    }
+    for (const k of Object.keys(change.target)) {
+        if (!seen.has(k))
+            keys.push(k);
+    }
+    const entries = [];
+    const buildEntry = (marker, key, value) => {
+        const valueLines = JSON.stringify(value, null, 2).split("\n");
+        const lines = [`  ${JSON.stringify(key)}: ${valueLines[0]}`];
+        for (let i = 1; i < valueLines.length; i++) {
+            lines.push(`  ${valueLines[i]}`);
+        }
+        return { marker, lines };
+    };
+    for (const key of keys) {
+        const inSource = key in change.source;
+        const inTarget = key in change.target;
+        const sourceJson = inSource
+            ? JSON.stringify(change.source[key], null, 2)
+            : undefined;
+        const targetJson = inTarget
+            ? JSON.stringify(change.target[key], null, 2)
+            : undefined;
+        if (sourceJson === targetJson)
+            continue;
+        if (inSource)
+            entries.push(buildEntry("-", key, change.source[key]));
+        if (inTarget)
+            entries.push(buildEntry("+", key, change.target[key]));
+    }
+    if (entries.length === 0)
+        return "{}";
+    const out = ["{"];
+    entries.forEach((entry, idx) => {
+        const isLastEntry = idx === entries.length - 1;
+        entry.lines.forEach((line, lineIdx) => {
+            const isLastLineOfEntry = lineIdx === entry.lines.length - 1;
+            const suffix = isLastLineOfEntry && !isLastEntry ? "," : "";
+            out.push(`${entry.marker}${line}${suffix}`);
+        });
+    });
+    out.push("}");
+    return out.join("\n");
+}
+function buildConfirmationMessage(message, change) {
+    return change ? `${message}\n\n${renderChange(change)}` : message;
+}
+/**
+ * Gate a write/destructive tool call on explicit user confirmation.
+ *
+ * Resolution order:
+ *   1. `OCTOPUS_SKIP_ELICITATION=true` env var → bypass (automation/CI).
+ *   2. Client advertises elicitation capability → SDK emits `elicitation/create`
+ *      and we map `result.action` to accepted/declined/cancelled.
+ *   3. Client does not advertise elicitation → fall back to the `confirm` arg
+ *      the tool surfaced in its own input schema. Distinguishes between
+ *      explicit `false` (declined) and missing (confirmationRequired) so the
+ *      caller can surface the latter as a hard error.
+ */
+export async function requireConfirmation(server, opts) {
+    if (env["OCTOPUS_SKIP_ELICITATION"] === "true") {
+        return { confirmed: true, reason: "envSkip" };
+    }
+    const capabilities = server.server.getClientCapabilities();
+    if (capabilities?.elicitation) {
+        const result = await server.server.elicitInput({
+            mode: "form",
+            message: buildConfirmationMessage(opts.message, opts.change),
+            // Empty properties → most clients render as a plain Accept/Decline prompt.
+            requestedSchema: { type: "object", properties: {} },
+        });
+        switch (result.action) {
+            case "accept":
+                return { confirmed: true, reason: "accepted" };
+            case "decline":
+                return { confirmed: false, reason: "declined" };
+            case "cancel":
+            default:
+                return { confirmed: false, reason: "cancelled" };
+        }
+    }
+    if (opts.fallbackConfirm === true) {
+        return { confirmed: true, reason: "fallbackConfirm" };
+    }
+    if (opts.fallbackConfirm === false) {
+        return { confirmed: false, reason: "declined" };
+    }
+    return { confirmed: false, reason: "confirmationRequired" };
+}
+/**
+ * Build the standard tool response for a non-confirmed gate result.
+ *
+ *   - `confirmationRequired` → `isError: true` with directive prose telling the
+ *     LLM to ask the user before retrying with `confirm: true`. This is the
+ *     "user was never asked" branch — distinct from a real cancellation, and
+ *     marked as an error so the LLM doesn't paper over it.
+ *   - `declined` / `cancelled` → soft cancellation shape with the original
+ *     reason preserved for telemetry.
+ *
+ * Centralized here so every gated tool produces identical responses; the only
+ * thing a caller varies is the `action` noun. Return type is inferred so it
+ * stays compatible with the SDK's tool-handler return shape (which carries an
+ * `[key: string]: unknown` index signature we don't want to redeclare).
+ */
+export function unconfirmedResponse(result, opts) {
+    if (result.reason === "confirmationRequired") {
+        return {
+            content: [
+                {
+                    type: "text",
+                    text: JSON.stringify({
+                        success: false,
+                        confirmationRequired: true,
+                        message: `This MCP client does not support elicitation, so the server cannot prompt the user to confirm this ${opts.action} directly. ` +
+                            `The user has NOT been asked. Stop and ask the user explicitly whether to proceed; if they approve, retry the call with confirm: true. ` +
+                            `Do not pass confirm: true without their explicit approval.`,
+                    }, null, 2),
+                },
+            ],
+            isError: true,
+        };
+    }
+    const capitalized = opts.action.charAt(0).toUpperCase() + opts.action.slice(1);
+    return {
+        content: [
+            {
+                type: "text",
+                text: JSON.stringify({
+                    success: false,
+                    cancelled: true,
+                    reason: result.reason,
+                    message: `${capitalized} cancelled by user.`,
+                }, null, 2),
+            },
+        ],
+    };
+}
+//# sourceMappingURL=requireConfirmation.js.map

package/dist/helpers/requireConfirmation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requireConfirmation.js","sourceRoot":"","sources":["../../src/helpers/requireConfirmation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAC;AAwC9B,SAAS,YAAY,CAAC,MAGrB;IACC,wEAAwE;IACxE,+DAA+D;IAC/D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IAOD,MAAM,OAAO,GAAY,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,CAAC,MAAiB,EAAE,GAAW,EAAE,KAAc,EAAS,EAAE;QAC3E,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9D,MAAM,KAAK,GAAa,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3B,CAAC,CAAC;IAEF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC;QACtC,MAAM,QAAQ,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC;QACtC,MAAM,UAAU,GAAG,QAAQ;YACzB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,UAAU,GAAG,QAAQ;YACzB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,IAAI,UAAU,KAAK,UAAU;YAAE,SAAS;QACxC,IAAI,QAAQ;YAAE,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,QAAQ;YAAE,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,GAAG,GAAa,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC7B,MAAM,WAAW,GAAG,GAAG,KAAK,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QAC/C,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACpC,MAAM,iBAAiB,GAAG,OAAO,KAAK,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,iBAAiB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,IAAI,GAAG,MAAM,EAAE,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,wBAAwB,CAC/B,OAAe,EACf,MAA6C;IAE7C,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,OAAO,OAAO,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;AACpE,CAAC;AAgCD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAiB,EACjB,IAAgC;IAEhC,IAAI,GAAG,CAAC,0BAA0B,CAAC,KAAK,MAAM,EAAE,CAAC;QAC/C,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAChD,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;IAC3D,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7C,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,wBAAwB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC;YAC5D,2EAA2E;YAC3E,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;SACpD,CAAC,CAAC;QACH,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,QAAQ;gBACX,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YACjD,KAAK,SAAS;gBACZ,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAClD,KAAK,QAAQ,CAAC;YACd;gBACE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;QACrD,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,eAAe,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;IACxD,CAAC;IACD,IAAI,IAAI,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;QACnC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAClD,CAAC;IACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC;AAC9D,CAAC;AAWD;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAyD,EACzD,IAAgC;IAEhC,IAAI,MAAM,CAAC,MAAM,KAAK,sBAAsB,EAAE,CAAC;QAC7C,OAAO;YACL,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB;wBACE,OAAO,EAAE,KAAK;wBACd,oBAAoB,EAAE,IAAI;wBAC1B,OAAO,EACL,sGAAsG,IAAI,CAAC,MAAM,aAAa;4BAC9H,wIAAwI;4BACxI,4DAA4D;qBAC/D,EACD,IAAI,EACJ,CAAC,CACF;iBACF;aACF;YACD,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GACf,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7D,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB;oBACE,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,IAAI;oBACf,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,OAAO,EAAE,GAAG,WAAW,qBAAqB;iBAC7C,EACD,IAAI,EACJ,CAAC,CACF;aACF;SACF;KACF,CAAC;AACJ,CAAC"}

package/dist/helpers/sensitivePathDenylist.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Hard denylist for `execute` paths that must never be reachable, regardless
+ * of toolsets or mode flags. These are entries the user cannot opt into via
+ * --allow-deletes, and remain blocked even when --read-only is not set.
+ *
+ * Two categories live here:
+ *   1. API-key management — creating or modifying API keys via the MCP server
+ *      is structurally out of scope (the agent uses a key already; minting more
+ *      from inside the agent is a privilege escalation pattern).
+ *   2. Catastrophic deletes — paths whose DELETE removes a top-level container
+ *      (a Space, a User) and is operationally irreversible. Allowing the agent
+ *      to issue these from a single tool call is too sharp an edge.
+ *
+ * Pattern syntax is the shared `compilePathGlob` engine: `*` matches one
+ * segment, `**` matches across segments, and every other character is literal.
+ */
+import { type HttpMethod } from "./methodTier.js";
+export interface DenyEntry {
+    /** Optional method filter; absent = all methods. */
+    method?: HttpMethod;
+    /** Glob pattern. `*` = one segment, `**` = any number of segments. */
+    pattern: string;
+    /** Short reason surfaced in the error response. */
+    reason: string;
+}
+export declare const SENSITIVE_PATHS: readonly DenyEntry[];
+export interface SensitiveCheckResult {
+    blocked: boolean;
+    reason?: string;
+}
+export declare function isSensitive(method: HttpMethod, path: string, entries?: readonly DenyEntry[]): SensitiveCheckResult;
+//# sourceMappingURL=sensitivePathDenylist.d.ts.map

package/dist/helpers/sensitivePathDenylist.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sensitivePathDenylist.d.ts","sourceRoot":"","sources":["../../src/helpers/sensitivePathDenylist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlD,MAAM,WAAW,SAAS;IACxB,oDAAoD;IACpD,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,sEAAsE;IACtE,OAAO,EAAE,MAAM,CAAC;IAChB,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,eAAO,MAAM,eAAe,EAAE,SAAS,SAAS,EAuB/C,CAAC;AAEF,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,WAAW,CACzB,MAAM,EAAE,UAAU,EAClB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,SAAS,SAAS,EAAoB,GAC9C,oBAAoB,CAQtB"}

package/dist/helpers/sensitivePathDenylist.js

@@ -0,0 +1,49 @@
+/**
+ * Hard denylist for `execute` paths that must never be reachable, regardless
+ * of toolsets or mode flags. These are entries the user cannot opt into via
+ * --allow-deletes, and remain blocked even when --read-only is not set.
+ *
+ * Two categories live here:
+ *   1. API-key management — creating or modifying API keys via the MCP server
+ *      is structurally out of scope (the agent uses a key already; minting more
+ *      from inside the agent is a privilege escalation pattern).
+ *   2. Catastrophic deletes — paths whose DELETE removes a top-level container
+ *      (a Space, a User) and is operationally irreversible. Allowing the agent
+ *      to issue these from a single tool call is too sharp an edge.
+ *
+ * Pattern syntax is the shared `compilePathGlob` engine: `*` matches one
+ * segment, `**` matches across segments, and every other character is literal.
+ */
+import {} from "./methodTier.js";
+import { pathMatchesGlob } from "./pathGlob.js";
+export const SENSITIVE_PATHS = [
+    {
+        pattern: "/api/users/*/apikeys",
+        reason: "API key management is out of scope for the MCP server. Use the Octopus web portal.",
+    },
+    {
+        pattern: "/api/users/*/apikeys/**",
+        reason: "API key management is out of scope for the MCP server. Use the Octopus web portal.",
+    },
+    {
+        method: "DELETE",
+        pattern: "/api/users/*",
+        reason: "Deleting a user is irreversible and out of scope for the MCP server.",
+    },
+    {
+        method: "DELETE",
+        pattern: "/api/spaces/*",
+        reason: "Deleting a Space is catastrophic and out of scope for the MCP server.",
+    },
+];
+export function isSensitive(method, path, entries = SENSITIVE_PATHS) {
+    for (const entry of entries) {
+        if (entry.method && entry.method !== method)
+            continue;
+        if (pathMatchesGlob(path, entry.pattern)) {
+            return { blocked: true, reason: entry.reason };
+        }
+    }
+    return { blocked: false };
+}
+//# sourceMappingURL=sensitivePathDenylist.js.map

package/dist/helpers/sensitivePathDenylist.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sensitivePathDenylist.js","sourceRoot":"","sources":["../../src/helpers/sensitivePathDenylist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAmB,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAWhD,MAAM,CAAC,MAAM,eAAe,GAAyB;IACnD;QACE,OAAO,EAAE,sBAAsB;QAC/B,MAAM,EACJ,oFAAoF;KACvF;IACD;QACE,OAAO,EAAE,yBAAyB;QAClC,MAAM,EACJ,oFAAoF;KACvF;IACD;QACE,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,cAAc;QACvB,MAAM,EACJ,sEAAsE;KACzE;IACD;QACE,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,eAAe;QACxB,MAAM,EACJ,uEAAuE;KAC1E;CACF,CAAC;AAOF,MAAM,UAAU,WAAW,CACzB,MAAkB,EAClB,IAAY,EACZ,UAAgC,eAAe;IAE/C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM;YAAE,SAAS;QACtD,IAAI,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC;QACjD,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC"}

package/dist/helpers/spaceResolver.d.ts

@@ -0,0 +1,4 @@
+import { Client } from "@octopusdeploy/api-client";
+export declare function resolveSpaceNameFromId(client: Client, spaceId: string): Promise<string>;
+export declare function clearSpaceCache(): void;
+//# sourceMappingURL=spaceResolver.d.ts.map

package/dist/helpers/spaceResolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"spaceResolver.d.ts","sourceRoot":"","sources":["../../src/helpers/spaceResolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAmB,MAAM,2BAA2B,CAAC;AAKpE,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,CAAC,CAcjB;AAED,wBAAgB,eAAe,IAAI,IAAI,CAEtC"}

package/dist/helpers/spaceResolver.js

@@ -0,0 +1,18 @@
+import { Client, SpaceRepository } from "@octopusdeploy/api-client";
+const spaceCache = new Map();
+const CACHE_TTL = 3600000; // 1 hour in milliseconds
+export async function resolveSpaceNameFromId(client, spaceId) {
+    const cached = spaceCache.get(spaceId);
+    const now = Date.now();
+    if (cached && now - cached.timestamp < CACHE_TTL) {
+        return cached.name;
+    }
+    const spaceRepository = new SpaceRepository(client);
+    const space = await spaceRepository.get(spaceId);
+    spaceCache.set(spaceId, { name: space.Name, timestamp: now });
+    return space.Name;
+}
+export function clearSpaceCache() {
+    spaceCache.clear();
+}
+//# sourceMappingURL=spaceResolver.js.map

package/dist/helpers/spaceResolver.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"spaceResolver.js","sourceRoot":"","sources":["../../src/helpers/spaceResolver.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAEpE,MAAM,UAAU,GAAG,IAAI,GAAG,EAA+C,CAAC;AAC1E,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,yBAAyB;AAEpD,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MAAc,EACd,OAAe;IAEf,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEvB,IAAI,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;QACjD,OAAO,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;IAED,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAEjD,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;IAE9D,OAAO,KAAK,CAAC,IAAI,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,eAAe;IAC7B,UAAU,CAAC,KAAK,EAAE,CAAC;AACrB,CAAC"}

package/dist/helpers/stripLinks.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Strip the HATEOAS `Links` bag from an Octopus API response object.
+ *
+ * Octopus REST responses include a `Links` map of hypermedia URLs (self, related
+ * collections, etc.) that an LLM consumer doesn't need and that bloats the payload.
+ * Every resource handler that returns an api-client object as JSON should pass it
+ * through this helper first.
+ *
+ * The api-client typings often don't include `Links` on their response interfaces
+ * (the runtime payload has it; the typings don't always declare it), which is why
+ * the input is widened to `Record<string, unknown>` rather than typed against a
+ * specific resource interface.
+ */
+export declare function stripLinks(resource: object): Record<string, unknown>;
+//# sourceMappingURL=stripLinks.d.ts.map

package/dist/helpers/stripLinks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripLinks.d.ts","sourceRoot":"","sources":["../../src/helpers/stripLinks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAIpE"}

package/dist/helpers/stripLinks.js

@@ -0,0 +1,19 @@
+/**
+ * Strip the HATEOAS `Links` bag from an Octopus API response object.
+ *
+ * Octopus REST responses include a `Links` map of hypermedia URLs (self, related
+ * collections, etc.) that an LLM consumer doesn't need and that bloats the payload.
+ * Every resource handler that returns an api-client object as JSON should pass it
+ * through this helper first.
+ *
+ * The api-client typings often don't include `Links` on their response interfaces
+ * (the runtime payload has it; the typings don't always declare it), which is why
+ * the input is widened to `Record<string, unknown>` rather than typed against a
+ * specific resource interface.
+ */
+export function stripLinks(resource) {
+    const copy = { ...resource };
+    delete copy.Links;
+    return copy;
+}
+//# sourceMappingURL=stripLinks.js.map

package/dist/helpers/stripLinks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripLinks.js","sourceRoot":"","sources":["../../src/helpers/stripLinks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,MAAM,IAAI,GAA4B,EAAE,GAAG,QAAQ,EAA6B,CAAC;IACjF,OAAO,IAAI,CAAC,KAAK,CAAC;IAClB,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/helpers/urlParser.d.ts

@@ -0,0 +1,16 @@
+export interface OctopusUrlParts {
+    serverUrl: string;
+    spaceId?: string;
+    resourceType?: "deployment" | "release" | "project" | "tenant" | "task" | "unknown";
+    resourceId?: string;
+    projectSlug?: string;
+    releaseVersion?: string;
+}
+export declare function parseOctopusUrl(url: string): OctopusUrlParts;
+export declare function extractDeploymentId(url: string): string | null;
+export declare function extractTaskId(url: string): string | null;
+export declare function extractSpaceId(url: string): string | null;
+export declare function extractProjectSlug(url: string): string | null;
+export declare function extractReleaseVersion(url: string): string | null;
+export declare function extractTenantId(url: string): string | null;
+//# sourceMappingURL=urlParser.d.ts.map

package/dist/helpers/urlParser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"urlParser.d.ts","sourceRoot":"","sources":["../../src/helpers/urlParser.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,YAAY,GAAG,SAAS,GAAG,SAAS,GAAG,QAAQ,GAAG,MAAM,GAAG,SAAS,CAAC;IACpF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAwD5D;AAED,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAG9D;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGxD;AAED,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGzD;AAED,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAG7D;AAED,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGhE;AAED,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAG1D"}

package/dist/helpers/urlParser.js

@@ -0,0 +1,83 @@
+export function parseOctopusUrl(url) {
+    try {
+        const urlObj = new URL(url);
+        const serverUrl = `${urlObj.protocol}//${urlObj.host}`;
+        const hashPath = urlObj.hash.startsWith("#/") ? urlObj.hash.substring(2) : urlObj.hash.substring(1);
+        const pathParts = hashPath.split("/").filter(Boolean);
+        const result = {
+            serverUrl,
+        };
+        const spaceId = extractSpaceId(url);
+        if (spaceId) {
+            result.spaceId = spaceId;
+        }
+        if (pathParts.includes("deployments")) {
+            const deploymentId = extractDeploymentId(url);
+            if (deploymentId) {
+                result.resourceType = "deployment";
+                result.resourceId = deploymentId;
+            }
+            else {
+                const releaseVersion = extractReleaseVersion(url);
+                if (releaseVersion) {
+                    result.resourceType = "release";
+                    result.resourceId = releaseVersion;
+                    result.releaseVersion = releaseVersion;
+                }
+            }
+        }
+        else if (pathParts.includes("tasks")) {
+            const taskId = extractTaskId(url);
+            if (taskId) {
+                result.resourceType = "task";
+                result.resourceId = taskId;
+            }
+        }
+        else if (pathParts.includes("projects")) {
+            result.resourceType = "project";
+            const projectSlug = extractProjectSlug(url);
+            if (projectSlug) {
+                result.projectSlug = projectSlug;
+            }
+        }
+        else if (pathParts.includes("tenants")) {
+            const tenantId = extractTenantId(url);
+            if (tenantId) {
+                result.resourceType = "tenant";
+                result.resourceId = tenantId;
+            }
+        }
+        else {
+            result.resourceType = "unknown";
+        }
+        return result;
+    }
+    catch (error) {
+        throw new Error(`Failed to parse Octopus URL: ${error instanceof Error ? error.message : String(error)}`);
+    }
+}
+export function extractDeploymentId(url) {
+    const match = url.match(/\/deployments\/(Deployments-\d+)/);
+    return match ? match[1] : null;
+}
+export function extractTaskId(url) {
+    const match = url.match(/\/tasks\/(ServerTasks-\d+)/);
+    return match ? match[1] : null;
+}
+export function extractSpaceId(url) {
+    const match = url.match(/\/(Spaces-\d+)/);
+    return match ? match[1] : null;
+}
+export function extractProjectSlug(url) {
+    const match = url.match(/\/projects\/([^/]+)/);
+    return match ? match[1] : null;
+}
+export function extractReleaseVersion(url) {
+    const match = url.match(/\/releases\/([^/]+)/);
+    return match ? match[1] : null;
+}
+export function extractTenantId(url) {
+    const match = url.match(/\/tenants\/(Tenants-\d+)/);
+    return match ? match[1] : null;
+}
+//# sourceMappingURL=urlParser.js.map

package/dist/helpers/urlParser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"urlParser.js","sourceRoot":"","sources":["../../src/helpers/urlParser.ts"],"names":[],"mappings":"AASA,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,SAAS,GAAG,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;QAEvD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACpG,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAoB;YAC9B,SAAS;SACV,CAAC;QAEF,MAAM,OAAO,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;QAC3B,CAAC;QAED,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACtC,MAAM,YAAY,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YAC9C,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,CAAC,YAAY,GAAG,YAAY,CAAC;gBACnC,MAAM,CAAC,UAAU,GAAG,YAAY,CAAC;YACnC,CAAC;iBAAM,CAAC;gBACN,MAAM,cAAc,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;gBAClD,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC;oBAChC,MAAM,CAAC,UAAU,GAAG,cAAc,CAAC;oBACnC,MAAM,CAAC,cAAc,GAAG,cAAc,CAAC;gBACzC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;YAClC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,YAAY,GAAG,MAAM,CAAC;gBAC7B,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC;YAC7B,CAAC;QACH,CAAC;aAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC;YAChC,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,CAAC,WAAW,GAAG,WAAW,CAAC;YACnC,CAAC;QACH,CAAC;aAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;YACtC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,CAAC,YAAY,GAAG,QAAQ,CAAC;gBAC/B,MAAM,CAAC,UAAU,GAAG,QAAQ,CAAC;YAC/B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC;QAClC,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,gCAAgC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC5G,CAAC;AACH,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC5D,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;IACtD,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,GAAW;IACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAC/C,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,GAAW;IAC/C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAC/C,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;IACpD,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC"}

package/dist/helpers/userCache.d.ts

@@ -0,0 +1,14 @@
+import { type Client } from "@octopusdeploy/api-client";
+export interface CurrentUser {
+    Id: string;
+    Username: string;
+    DisplayName: string;
+    IsActive: boolean;
+    IsService: boolean;
+    EmailAddress: string;
+    CanPasswordBeEdited: boolean;
+    IsRequestor: boolean;
+}
+export declare function getCurrentUserCached(client: Client): Promise<CurrentUser>;
+export declare function clearUserCache(): void;
+//# sourceMappingURL=userCache.d.ts.map

package/dist/helpers/userCache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"userCache.d.ts","sourceRoot":"","sources":["../../src/helpers/userCache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAExD,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,WAAW,EAAE,OAAO,CAAC;CACtB;AAMD,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAS/E;AAED,wBAAgB,cAAc,IAAI,IAAI,CAErC"}

package/dist/helpers/userCache.js

@@ -0,0 +1,16 @@
+import {} from "@octopusdeploy/api-client";
+const CACHE_TTL = 3600000;
+let cached;
+export async function getCurrentUserCached(client) {
+    const now = Date.now();
+    if (cached && now - cached.timestamp < CACHE_TTL) {
+        return cached.user;
+    }
+    const user = await client.get("~/api/users/me");
+    cached = { user, timestamp: now };
+    return user;
+}
+export function clearUserCache() {
+    cached = undefined;
+}
+//# sourceMappingURL=userCache.js.map

package/dist/helpers/userCache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userCache.js","sourceRoot":"","sources":["../../src/helpers/userCache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,MAAM,2BAA2B,CAAC;AAaxD,MAAM,SAAS,GAAG,OAAO,CAAC;AAE1B,IAAI,MAA4D,CAAC;AAEjE,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,MAAc;IACvD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;QACjD,OAAO,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,GAAG,CAAc,gBAAgB,CAAC,CAAC;IAC7D,MAAM,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;IAClC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,MAAM,GAAG,SAAS,CAAC;AACrB,CAAC"}

package/dist/helpers/validateExecutePath.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Reject `execute` paths whose canonical form differs from what the allowlist
+ * and denylist would see, so a path like
+ *
+ *     /api/spaces/Spaces-1/../../users/me/apikeys
+ *
+ * cannot pass the `/api/spaces/**` allowlist while resolving to
+ * `/api/users/me/apikeys` on the server.
+ *
+ * The validator is deliberately conservative: anything that introduces
+ * ambiguity between the literal path string and what the HTTP client / Octopus
+ * routing will see — `..` segments, encoded slashes, backslashes, query
+ * strings, fragments, double slashes — is rejected outright. We do NOT try to
+ * normalise the path; rejecting unambiguously is safer than guessing the
+ * caller's intent.
+ *
+ * Query parameters belong in the `query` argument of the execute tool, not
+ * inside the `path` string — surfacing that as a reject prompts the agent to
+ * use the right field.
+ */
+export type PathValidation = {
+    ok: true;
+    path: string;
+} | {
+    ok: false;
+    reason: string;
+};
+export declare function validateExecutePath(raw: string): PathValidation;
+//# sourceMappingURL=validateExecutePath.d.ts.map

package/dist/helpers/validateExecutePath.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateExecutePath.d.ts","sourceRoot":"","sources":["../../src/helpers/validateExecutePath.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,MAAM,cAAc,GACtB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAC1B;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAElC,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,cAAc,CA2C/D"}

package/dist/helpers/validateExecutePath.js

@@ -0,0 +1,62 @@
+/**
+ * Reject `execute` paths whose canonical form differs from what the allowlist
+ * and denylist would see, so a path like
+ *
+ *     /api/spaces/Spaces-1/../../users/me/apikeys
+ *
+ * cannot pass the `/api/spaces/**` allowlist while resolving to
+ * `/api/users/me/apikeys` on the server.
+ *
+ * The validator is deliberately conservative: anything that introduces
+ * ambiguity between the literal path string and what the HTTP client / Octopus
+ * routing will see — `..` segments, encoded slashes, backslashes, query
+ * strings, fragments, double slashes — is rejected outright. We do NOT try to
+ * normalise the path; rejecting unambiguously is safer than guessing the
+ * caller's intent.
+ *
+ * Query parameters belong in the `query` argument of the execute tool, not
+ * inside the `path` string — surfacing that as a reject prompts the agent to
+ * use the right field.
+ */
+export function validateExecutePath(raw) {
+    if (typeof raw !== "string" || raw.length === 0) {
+        return { ok: false, reason: "Path must be a non-empty string." };
+    }
+    if (!raw.startsWith("/")) {
+        return { ok: false, reason: "Path must start with '/'." };
+    }
+    if (raw.includes("\\")) {
+        return { ok: false, reason: "Path must not contain backslashes." };
+    }
+    if (raw.includes("?")) {
+        return {
+            ok: false,
+            reason: "Path must not contain a query string. Pass query parameters via the `query` argument instead.",
+        };
+    }
+    if (raw.includes("#")) {
+        return { ok: false, reason: "Path must not contain a fragment ('#')." };
+    }
+    if (raw.includes("//")) {
+        return { ok: false, reason: "Path must not contain '//'." };
+    }
+    if (/%2f|%5c/i.test(raw)) {
+        return {
+            ok: false,
+            reason: "Path must not contain percent-encoded slashes ('%2F') or backslashes ('%5C').",
+        };
+    }
+    // Reject any `..` segment — exact, leading, trailing, or surrounded by
+    // slashes. We do not attempt to resolve them.
+    const segments = raw.split("/");
+    for (const segment of segments) {
+        if (segment === "..") {
+            return {
+                ok: false,
+                reason: "Path must not contain '..' segments. Provide the canonical path explicitly.",
+            };
+        }
+    }
+    return { ok: true, path: raw };
+}
+//# sourceMappingURL=validateExecutePath.js.map

package/dist/helpers/validateExecutePath.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateExecutePath.js","sourceRoot":"","sources":["../../src/helpers/validateExecutePath.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAMH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,kCAAkC,EAAE,CAAC;IACnE,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;IAC5D,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oCAAoC,EAAE,CAAC;IACrE,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,+FAA+F;SAClG,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,yCAAyC,EAAE,CAAC;IAC1E,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;IAC9D,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,+EAA+E;SAClF,CAAC;IACJ,CAAC;IACD,uEAAuE;IACvE,8CAA8C;IAC9C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EACJ,6EAA6E;aAChF,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;AACjC,CAAC"}

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAgBA,eAAO,MAAM,cAAc,QAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAoBA,eAAO,MAAM,cAAc,QAAsB,CAAC"}