@ordis_co_th/execute-powershell 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 OpenCode
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,85 @@
+# Execute PowerShell Plugin
+
+An OpenCode plugin that provides PowerShell script execution capabilities with built-in safety controls and permission management.
+
+## Installation
+
+```bash
+bun install @ordis_co_th/execute-powershell
+```
+
+## Usage
+
+### Register in `opencode.json`
+
+Add the plugin to your OpenCode configuration:
+
+```json
+{
+  "plugins": [
+    "@ordis_co_th/execute-powershell"
+  ]
+}
+```
+
+Or with explicit import path:
+
+```json
+{
+  "plugins": [
+    {
+      "import": "@ordis_co_th/execute-powershell",
+      "config": {}
+    }
+  ]
+}
+```
+
+### Available Tools
+
+Once registered, the plugin provides the `execute_powershell` tool with the following features:
+
+- **Command Execution**: Execute PowerShell scripts with proper output capture
+- **Permission Controls**: Built-in safety mechanisms for command validation
+- **Working Directory**: Configurable working directory for script execution
+- **Timeout Support**: Configurable execution timeouts
+- **Output Streaming**: Real-time stdout/stderr capture
+
+### Example Tool Call
+
+```json
+{
+  "tool": "execute_powershell",
+  "params": {
+    "command": "Get-Process",
+    "workdir": "/path/to/workdir",
+    "timeout_ms": 30000
+  }
+}
+```
+
+## Development
+
+```bash
+# Install dependencies
+bun install
+
+# Build the project
+bun run build
+
+# Run tests
+bun test
+
+# Check package contents
+bun run package:check
+```
+
+## Package Structure
+
+- **Entry Point**: `./dist/index.js`
+- **Type Definitions**: `./dist/index.d.ts`
+- **Export**: `ExecutePowerShellPlugin` - Main plugin function
+
+## License
+
+MIT

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+import type { Plugin } from "@opencode-ai/plugin";
+export declare const ExecutePowerShellPlugin: Plugin;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAGlD,eAAO,MAAM,uBAAuB,EAAE,MAMrC,CAAC"}

package/dist/index.js

@@ -0,0 +1,9 @@
+import { execute_powershell } from "./tools/execute_powershell.js";
+export const ExecutePowerShellPlugin = async () => {
+    return {
+        tool: {
+            execute_powershell,
+        },
+    };
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAEnE,MAAM,CAAC,MAAM,uBAAuB,GAAW,KAAK,IAAI,EAAE;IACxD,OAAO;QACL,IAAI,EAAE;YACJ,kBAAkB;SACnB;KACF,CAAC;AACJ,CAAC,CAAC"}

package/dist/tools/execute_powershell.d.ts

@@ -0,0 +1,11 @@
+import { type ToolDefinition } from "@opencode-ai/plugin/tool";
+import { z } from "zod";
+declare const argsSchema: {
+    readonly command: z.ZodString;
+    readonly description: z.ZodString;
+    readonly timeout_ms: z.ZodDefault<z.ZodNumber>;
+    readonly workdir: z.ZodOptional<z.ZodString>;
+};
+export declare const execute_powershell: ToolDefinition;
+export { argsSchema };
+//# sourceMappingURL=execute_powershell.d.ts.map

package/dist/tools/execute_powershell.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"execute_powershell.d.ts","sourceRoot":"","sources":["../../src/tools/execute_powershell.ts"],"names":[],"mappings":"AAAA,OAAO,EAA0B,KAAK,cAAc,EAAE,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAQxB,QAAA,MAAM,UAAU;;;;;CAKN,CAAC;AASX,eAAO,MAAM,kBAAkB,EAAE,cAiE/B,CAAC;AAEH,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/tools/execute_powershell.js

@@ -0,0 +1,75 @@
+import { tool } from "@opencode-ai/plugin/tool";
+import { z } from "zod";
+import { askExecutePowerShellPermission } from "./permissions.js";
+import { askExternalDirectoryIfRequired, resolveWorkdir } from "./workdir.js";
+import { formatMetadataFooter } from "./metadata.js";
+import { resolvePowerShellExecutable } from "./powershell_exe.js";
+import { spawnPowerShell, createTerminationSignal, terminateProcessTree } from "./process.js";
+import { collectCombinedOutput } from "./output.js";
+const argsSchema = {
+    command: z.string(),
+    description: z.string(),
+    timeout_ms: z.number().int().min(0).default(120000),
+    workdir: z.string().optional(),
+};
+export const execute_powershell = tool({
+    description: "Execute PowerShell commands on Windows",
+    args: argsSchema,
+    async execute(args, context) {
+        await askExecutePowerShellPermission(context, args.command);
+        const resolvedWorkdir = resolveWorkdir(context.directory, args.workdir);
+        await askExternalDirectoryIfRequired(context, resolvedWorkdir);
+        const timeoutMs = args.timeout_ms ?? 120000;
+        const { signal, getEndedBy } = createTerminationSignal(context.abort, timeoutMs);
+        const startTime = Date.now();
+        let exitCode = 0;
+        let shell = "unknown";
+        let proc;
+        try {
+            const exe = resolvePowerShellExecutable();
+            shell = exe.kind;
+            proc = spawnPowerShell({
+                exePath: exe.path,
+                command: args.command,
+                cwd: resolvedWorkdir,
+                signal,
+            });
+            const output = await collectCombinedOutput(proc);
+            exitCode = await proc.exited;
+            const durationMs = Date.now() - startTime;
+            const endedBy = getEndedBy();
+            const metadata = {
+                exitCode,
+                endedBy,
+                shell,
+                resolvedWorkdir,
+                timeoutMs,
+                durationMs,
+            };
+            return output + formatMetadataFooter(metadata);
+        }
+        catch (error) {
+            const durationMs = Date.now() - startTime;
+            const endedBy = getEndedBy();
+            exitCode = endedBy === "timeout" ? 1 : -1;
+            const metadata = {
+                exitCode,
+                endedBy,
+                shell,
+                resolvedWorkdir,
+                timeoutMs,
+                durationMs,
+            };
+            const errorOutput = error instanceof Error ? error.message : String(error);
+            return errorOutput + formatMetadataFooter(metadata);
+        }
+        finally {
+            const endedBy = getEndedBy();
+            if ((endedBy === "timeout" || endedBy === "abort") && proc?.pid) {
+                await terminateProcessTree(proc.pid);
+            }
+        }
+    },
+});
+export { argsSchema };
+//# sourceMappingURL=execute_powershell.js.map

package/dist/tools/execute_powershell.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"execute_powershell.js","sourceRoot":"","sources":["../../src/tools/execute_powershell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyC,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,8BAA8B,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,8BAA8B,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9E,OAAO,EAAE,oBAAoB,EAA2B,MAAM,eAAe,CAAC;AAC9E,OAAO,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,eAAe,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAC9F,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAEpD,MAAM,UAAU,GAAG;IACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACnD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACtB,CAAC;AASX,MAAM,CAAC,MAAM,kBAAkB,GAAmB,IAAI,CAAC;IACrD,WAAW,EAAE,wCAAwC;IACrD,IAAI,EAAE,UAAiB;IACvB,KAAK,CAAC,OAAO,CAAC,IAAc,EAAE,OAAoB;QAChD,MAAM,8BAA8B,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5D,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACxE,MAAM,8BAA8B,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,IAAI,MAAM,CAAC;QAC5C,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,uBAAuB,CACpD,OAAO,CAAC,KAAK,EACb,SAAS,CACV,CAAC;QACF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,IAAI,KAAK,GAAG,SAAS,CAAC;QACtB,IAAI,IAAoD,CAAC;QAEzD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,2BAA2B,EAAE,CAAC;YAC1C,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC;YAEjB,IAAI,GAAG,eAAe,CAAC;gBACrB,OAAO,EAAE,GAAG,CAAC,IAAI;gBACjB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,GAAG,EAAE,eAAe;gBACpB,MAAM;aACP,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,IAAI,CAAC,CAAC;YACjD,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC;YAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAC1C,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;YAE7B,MAAM,QAAQ,GAAuB;gBACnC,QAAQ;gBACR,OAAO;gBACP,KAAK;gBACL,eAAe;gBACf,SAAS;gBACT,UAAU;aACX,CAAC;YAEF,OAAO,MAAM,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAC1C,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;YAC7B,QAAQ,GAAG,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAE1C,MAAM,QAAQ,GAAuB;gBACnC,QAAQ;gBACR,OAAO;gBACP,KAAK;gBACL,eAAe;gBACf,SAAS;gBACT,UAAU;aACX,CAAC;YAEF,MAAM,WAAW,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC3E,OAAO,WAAW,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QACtD,CAAC;gBAAS,CAAC;YACT,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;YAC7B,IAAI,CAAC,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,OAAO,CAAC,IAAI,IAAI,EAAE,GAAG,EAAE,CAAC;gBAChE,MAAM,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC;CACF,CAAC,CAAC;AAEH,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/tools/metadata.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Metadata footer for PowerShell execution outcomes.
+ *
+ * This module provides functions to format and parse metadata footers
+ * that are appended to PowerShell command output. The footer uses a
+ * tagged JSON format that can be easily extracted and parsed.
+ */
+/**
+ * Metadata about a PowerShell execution outcome.
+ */
+export interface PowerShellMetadata {
+    /** Exit code from the PowerShell process */
+    exitCode: number;
+    /** How the execution ended: "exit" (normal), "timeout", or "abort" */
+    endedBy: "exit" | "timeout" | "abort";
+    /** Shell identifier (e.g., "powershell", "pwsh") */
+    shell: string;
+    /** Resolved absolute path of the working directory */
+    resolvedWorkdir: string;
+    /** Timeout in milliseconds */
+    timeoutMs: number;
+    /** Duration of execution in milliseconds */
+    durationMs: number;
+}
+/**
+ * Format metadata as a tagged JSON footer.
+ *
+ * The footer format is: <powershell_metadata>{"exitCode": ..., ...}</powershell_metadata>
+ *
+ * @param meta - The metadata to format
+ * @returns The formatted metadata footer string
+ */
+export declare function formatMetadataFooter(meta: PowerShellMetadata): string;
+/**
+ * Parse a metadata footer from text.
+ *
+ * Extracts and parses the tagged JSON metadata from the end of text.
+ * Returns null if no valid metadata footer is found.
+ *
+ * @param text - The text to parse
+ * @returns The parsed metadata, or null if not found
+ */
+export declare function parseMetadataFooter(text: string): PowerShellMetadata | null;
+//# sourceMappingURL=metadata.d.ts.map

package/dist/tools/metadata.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metadata.d.ts","sourceRoot":"","sources":["../../src/tools/metadata.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,4CAA4C;IAC5C,QAAQ,EAAE,MAAM,CAAC;IACjB,sEAAsE;IACtE,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC;IACtC,oDAAoD;IACpD,KAAK,EAAE,MAAM,CAAC;IACd,sDAAsD;IACtD,eAAe,EAAE,MAAM,CAAC;IACxB,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,4CAA4C;IAC5C,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,kBAAkB,GAAG,MAAM,CAErE;AAED;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,GAAG,IAAI,CAwB3E"}

package/dist/tools/metadata.js

@@ -0,0 +1,52 @@
+/**
+ * Metadata footer for PowerShell execution outcomes.
+ *
+ * This module provides functions to format and parse metadata footers
+ * that are appended to PowerShell command output. The footer uses a
+ * tagged JSON format that can be easily extracted and parsed.
+ */
+/**
+ * Format metadata as a tagged JSON footer.
+ *
+ * The footer format is: <powershell_metadata>{"exitCode": ..., ...}</powershell_metadata>
+ *
+ * @param meta - The metadata to format
+ * @returns The formatted metadata footer string
+ */
+export function formatMetadataFooter(meta) {
+    return `<powershell_metadata>${JSON.stringify(meta)}</powershell_metadata>`;
+}
+/**
+ * Parse a metadata footer from text.
+ *
+ * Extracts and parses the tagged JSON metadata from the end of text.
+ * Returns null if no valid metadata footer is found.
+ *
+ * @param text - The text to parse
+ * @returns The parsed metadata, or null if not found
+ */
+export function parseMetadataFooter(text) {
+    // Find ALL matches and take the LAST one (the actual footer, not any
+    // metadata-like text that might appear in command output)
+    const matches = [...text.matchAll(/<powershell_metadata>(.+?)<\/powershell_metadata>/gs)];
+    if (matches.length === 0)
+        return null;
+    const lastMatch = matches[matches.length - 1];
+    try {
+        const parsed = JSON.parse(lastMatch[1]);
+        // Validate all required fields
+        if (typeof parsed.exitCode !== "number" ||
+            !["exit", "timeout", "abort"].includes(parsed.endedBy) ||
+            typeof parsed.shell !== "string" ||
+            typeof parsed.resolvedWorkdir !== "string" ||
+            typeof parsed.timeoutMs !== "number" ||
+            typeof parsed.durationMs !== "number") {
+            return null;
+        }
+        return parsed;
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=metadata.js.map

package/dist/tools/metadata.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"metadata.js","sourceRoot":"","sources":["../../src/tools/metadata.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAoBH;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAAC,IAAwB;IAC3D,OAAO,wBAAwB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,wBAAwB,CAAC;AAC9E,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,qEAAqE;IACrE,0DAA0D;IAC1D,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,qDAAqD,CAAC,CAAC,CAAC;IAC1F,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC9C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,+BAA+B;QAC/B,IACE,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ;YACnC,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC;YACtD,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ;YAChC,OAAO,MAAM,CAAC,eAAe,KAAK,QAAQ;YAC1C,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ;YACpC,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,EACrC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,MAA4B,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/tools/output.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Collect combined stdout and stderr output from a process.
+ *
+ * Reads both streams concurrently and appends chunks in observed arrival order,
+ * preserving the interleaving of output as it occurred. Uses separate TextDecoder
+ * instances per stream to prevent UTF-8 corruption when chunks interleave.
+ *
+ * @param proc - Object with stdout and stderr ReadableStreams
+ * @returns Promise resolving to combined output string
+ */
+export declare function collectCombinedOutput(proc: {
+    stdout: ReadableStream<Uint8Array>;
+    stderr: ReadableStream<Uint8Array>;
+}): Promise<string>;
+//# sourceMappingURL=output.d.ts.map

package/dist/tools/output.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"output.d.ts","sourceRoot":"","sources":["../../src/tools/output.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,wBAAsB,qBAAqB,CACzC,IAAI,EAAE;IAAE,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;IAAC,MAAM,EAAE,cAAc,CAAC,UAAU,CAAC,CAAA;CAAE,GAC/E,OAAO,CAAC,MAAM,CAAC,CAwCjB"}

package/dist/tools/output.js

@@ -0,0 +1,44 @@
+/**
+ * Collect combined stdout and stderr output from a process.
+ *
+ * Reads both streams concurrently and appends chunks in observed arrival order,
+ * preserving the interleaving of output as it occurred. Uses separate TextDecoder
+ * instances per stream to prevent UTF-8 corruption when chunks interleave.
+ *
+ * @param proc - Object with stdout and stderr ReadableStreams
+ * @returns Promise resolving to combined output string
+ */
+export async function collectCombinedOutput(proc) {
+    const chunks = [];
+    let order = 0;
+    const readStream = async (stream, decoder) => {
+        const reader = stream.getReader();
+        try {
+            while (true) {
+                const { done, value } = await reader.read();
+                if (done)
+                    break;
+                const text = decoder.decode(value, { stream: true });
+                chunks.push({ text, order: order++ });
+            }
+        }
+        finally {
+            reader.releaseLock();
+        }
+    };
+    // Use separate decoders for each stream to prevent UTF-8 corruption
+    const stdoutDecoder = new TextDecoder("utf-8");
+    const stderrDecoder = new TextDecoder("utf-8");
+    // Read both streams concurrently
+    await Promise.all([
+        readStream(proc.stdout, stdoutDecoder),
+        readStream(proc.stderr, stderrDecoder),
+    ]);
+    // Sort by arrival order
+    chunks.sort((a, b) => a.order - b.order);
+    // Join chunks and flush any remaining bytes from both decoders
+    return (chunks.map((c) => c.text).join("") +
+        stdoutDecoder.decode() +
+        stderrDecoder.decode());
+}
+//# sourceMappingURL=output.js.map

package/dist/tools/output.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"output.js","sourceRoot":"","sources":["../../src/tools/output.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,IAAgF;IAEhF,MAAM,MAAM,GAA2C,EAAE,CAAC;IAC1D,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,MAAM,UAAU,GAAG,KAAK,EACtB,MAAkC,EAClC,OAAoB,EACpB,EAAE;QACF,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;QAClC,IAAI,CAAC;YACH,OAAO,IAAI,EAAE,CAAC;gBACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;gBAC5C,IAAI,IAAI;oBAAE,MAAM;gBAChB,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBACrD,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,CAAC;IACH,CAAC,CAAC;IAEF,oEAAoE;IACpE,MAAM,aAAa,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IAE/C,iCAAiC;IACjC,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC;QACtC,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC;KACvC,CAAC,CAAC;IAEH,wBAAwB;IACxB,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAEzC,+DAA+D;IAC/D,OAAO,CACL,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,aAAa,CAAC,MAAM,EAAE;QACtB,aAAa,CAAC,MAAM,EAAE,CACvB,CAAC;AACJ,CAAC"}

package/dist/tools/permissions.d.ts

@@ -0,0 +1,18 @@
+import type { ToolContext } from "@opencode-ai/plugin/tool";
+/**
+ * Asks for permission to execute a PowerShell command.
+ *
+ * @param context - The tool execution context
+ * @param command - The PowerShell command to execute
+ */
+export declare function askExecutePowerShellPermission(context: ToolContext, command: string): Promise<void>;
+/**
+ * Derives the always permission pattern from a PowerShell command.
+ *
+ * Rules:
+ * 1. Tokenize by whitespace
+ * 2. Skip leading tokens that equal '&' or '.'
+ * 3. Return '<prefix> *' from the first remaining token
+ */
+export declare function deriveAlwaysPattern(command: string): string;
+//# sourceMappingURL=permissions.d.ts.map

package/dist/tools/permissions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/tools/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D;;;;;GAKG;AACH,wBAAsB,8BAA8B,CAClD,OAAO,EAAE,WAAW,EACpB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,IAAI,CAAC,CAOf;AAED;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAiB3D"}

package/dist/tools/permissions.js

@@ -0,0 +1,39 @@
+/**
+ * Asks for permission to execute a PowerShell command.
+ *
+ * @param context - The tool execution context
+ * @param command - The PowerShell command to execute
+ */
+export async function askExecutePowerShellPermission(context, command) {
+    await context.ask({
+        permission: "execute_powershell",
+        patterns: [command],
+        always: [deriveAlwaysPattern(command)],
+        metadata: {},
+    });
+}
+/**
+ * Derives the always permission pattern from a PowerShell command.
+ *
+ * Rules:
+ * 1. Tokenize by whitespace
+ * 2. Skip leading tokens that equal '&' or '.'
+ * 3. Return '<prefix> *' from the first remaining token
+ */
+export function deriveAlwaysPattern(command) {
+    // Trim whitespace and split by whitespace
+    const tokens = command.trim().split(/\s+/).filter(token => token.length > 0);
+    // Find the first non-skippable token
+    for (const token of tokens) {
+        // Skip leading tokens that equal '&' or '.'
+        if (token === '&' || token === '.') {
+            continue;
+        }
+        // Return pattern with wildcard
+        return `${token} *`;
+    }
+    // Fallback: if no valid token found, throw error (fail-closed security)
+    // This prevents over-broad permission patterns from being generated
+    throw new Error("Cannot derive permission pattern: no valid command token found");
+}
+//# sourceMappingURL=permissions.js.map

package/dist/tools/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/tools/permissions.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,OAAoB,EACpB,OAAe;IAEf,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,UAAU,EAAE,oBAAoB;QAChC,QAAQ,EAAE,CAAC,OAAO,CAAC;QACnB,MAAM,EAAE,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;QACtC,QAAQ,EAAE,EAAE;KACb,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,0CAA0C;IAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE7E,qCAAqC;IACrC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,4CAA4C;QAC5C,IAAI,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,GAAG,EAAE,CAAC;YACnC,SAAS;QACX,CAAC;QACD,+BAA+B;QAC/B,OAAO,GAAG,KAAK,IAAI,CAAC;IACtB,CAAC;IAED,wEAAwE;IACxE,oEAAoE;IACpE,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;AACpF,CAAC"}

package/dist/tools/powershell_exe.d.ts

@@ -0,0 +1,6 @@
+export interface PowerShellExecutable {
+    kind: "pwsh" | "powershell";
+    path: string;
+}
+export declare function resolvePowerShellExecutable(): PowerShellExecutable;
+//# sourceMappingURL=powershell_exe.d.ts.map

package/dist/tools/powershell_exe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"powershell_exe.d.ts","sourceRoot":"","sources":["../../src/tools/powershell_exe.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,GAAG,YAAY,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;CACd;AAED,wBAAgB,2BAA2B,IAAI,oBAAoB,CAclE"}

package/dist/tools/powershell_exe.js

@@ -0,0 +1,12 @@
+export function resolvePowerShellExecutable() {
+    const pwshPath = Bun.which("pwsh");
+    if (pwshPath) {
+        return { kind: "pwsh", path: pwshPath };
+    }
+    const winPwshPath = Bun.which("powershell.exe");
+    if (winPwshPath) {
+        return { kind: "powershell", path: winPwshPath };
+    }
+    throw new Error("PowerShell not found. Please install PowerShell (pwsh) or Windows PowerShell (powershell.exe).");
+}
+//# sourceMappingURL=powershell_exe.js.map

package/dist/tools/powershell_exe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"powershell_exe.js","sourceRoot":"","sources":["../../src/tools/powershell_exe.ts"],"names":[],"mappings":"AAKA,MAAM,UAAU,2BAA2B;IACzC,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAChD,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;IACnD,CAAC;IAED,MAAM,IAAI,KAAK,CACb,gGAAgG,CACjG,CAAC;AACJ,CAAC"}

package/dist/tools/process.d.ts

@@ -0,0 +1,71 @@
+/**
+ * Build PowerShell command argv array with security invariants.
+ *
+ * SECURITY: This function must NEVER accept or include user-supplied script text
+ * in the returned argv array. Script text must be passed via stdin to prevent
+ * command-line injection attacks.
+ *
+ * @param exePath - Path to the PowerShell executable
+ * @returns Array of command-line arguments for spawning PowerShell
+ */
+export declare function buildPowerShellCommand(exePath: string): string[];
+/**
+ * Termination signal interface for coordinating timeout and abort.
+ */
+export interface TerminationSignal {
+    /** AbortSignal that is triggered on timeout or abort */
+    signal: AbortSignal;
+    /** Returns how the execution ended: "exit", "timeout", or "abort" */
+    getEndedBy: () => "exit" | "timeout" | "abort";
+}
+/**
+ * Creates a termination signal coordinator that merges context abort and timeout.
+ *
+ * This function creates an AbortController and wires up:
+ * - Context abort listener: triggers abort when the parent context is cancelled
+ * - Timeout logic: triggers abort after timeoutMs milliseconds (disabled if 0)
+ *
+ * The `getEndedBy()` function reports how the execution ended:
+ * - "exit": Process completed normally (signal not triggered by timeout/abort)
+ * - "timeout": Timeout duration was exceeded
+ * - "abort": Explicitly cancelled via context.abort
+ *
+ * @param contextAbort - Optional AbortSignal from parent context
+ * @param timeoutMs - Timeout in milliseconds (0 disables timeout)
+ * @returns TerminationSignal with signal and endedBy tracker
+ */
+export declare function createTerminationSignal(contextAbort: AbortSignal | undefined, timeoutMs: number): TerminationSignal;
+/**
+ * Options for spawning a PowerShell process with stdin transport.
+ */
+export interface SpawnPowerShellOptions {
+    /** Path to the PowerShell executable */
+    exePath: string;
+    /** PowerShell script text (goes to stdin, NOT argv) */
+    command: string;
+    /** Working directory for the spawned process */
+    cwd: string;
+    /** Optional AbortSignal for cancellation */
+    signal?: AbortSignal;
+}
+/**
+ * Spawn a PowerShell process with script text passed via stdin.
+ *
+ * SECURITY: The command text is NEVER included in argv - it is always
+ * passed via stdin to prevent command-line injection attacks.
+ *
+ * @param options - Spawn options including exePath, command, cwd, and signal
+ * @returns Subprocess handle with piped stdout/stderr
+ */
+export declare function spawnPowerShell(options: SpawnPowerShellOptions): Bun.Subprocess<NodeJS.NonSharedUint8Array, "pipe", "pipe">;
+/**
+ * Terminate a process and its entire process tree.
+ *
+ * On Windows, uses `taskkill /T` to terminate the process tree.
+ * On Unix-like systems, uses `kill -9 -pid` (negative PID kills process group).
+ *
+ * @param pid - Process ID to terminate
+ * @returns Promise that resolves when the termination command completes
+ */
+export declare function terminateProcessTree(pid: number): Promise<void>;
+//# sourceMappingURL=process.d.ts.map

package/dist/tools/process.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"process.d.ts","sourceRoot":"","sources":["../../src/tools/process.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAEhE;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,wDAAwD;IACxD,MAAM,EAAE,WAAW,CAAC;IACpB,qEAAqE;IACrE,UAAU,EAAE,MAAM,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC;CAChD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,uBAAuB,CACrC,YAAY,EAAE,WAAW,GAAG,SAAS,EACrC,SAAS,EAAE,MAAM,GAChB,iBAAiB,CA4CnB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,uDAAuD;IACvD,OAAO,EAAE,MAAM,CAAC;IAChB,gDAAgD;IAChD,GAAG,EAAE,MAAM,CAAC;IACZ,4CAA4C;IAC5C,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB;AAED;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,sBAAsB,8DAa9D;AAED;;;;;;;;GAQG;AACH,wBAAsB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAmBrE"}

package/dist/tools/process.js

@@ -0,0 +1,124 @@
+/**
+ * Build PowerShell command argv array with security invariants.
+ *
+ * SECURITY: This function must NEVER accept or include user-supplied script text
+ * in the returned argv array. Script text must be passed via stdin to prevent
+ * command-line injection attacks.
+ *
+ * @param exePath - Path to the PowerShell executable
+ * @returns Array of command-line arguments for spawning PowerShell
+ */
+export function buildPowerShellCommand(exePath) {
+    return [exePath, "-NoProfile", "-NonInteractive", "-Command", "-"];
+}
+/**
+ * Creates a termination signal coordinator that merges context abort and timeout.
+ *
+ * This function creates an AbortController and wires up:
+ * - Context abort listener: triggers abort when the parent context is cancelled
+ * - Timeout logic: triggers abort after timeoutMs milliseconds (disabled if 0)
+ *
+ * The `getEndedBy()` function reports how the execution ended:
+ * - "exit": Process completed normally (signal not triggered by timeout/abort)
+ * - "timeout": Timeout duration was exceeded
+ * - "abort": Explicitly cancelled via context.abort
+ *
+ * @param contextAbort - Optional AbortSignal from parent context
+ * @param timeoutMs - Timeout in milliseconds (0 disables timeout)
+ * @returns TerminationSignal with signal and endedBy tracker
+ */
+export function createTerminationSignal(contextAbort, timeoutMs) {
+    // Check if already aborted - if so, return immediately with abort status
+    if (contextAbort?.aborted) {
+        return {
+            signal: contextAbort,
+            getEndedBy: () => "abort",
+        };
+    }
+    const controller = new AbortController();
+    let endedBy = "exit";
+    // Handle context abort - triggered immediately when parent context cancels
+    if (contextAbort) {
+        contextAbort.addEventListener("abort", () => {
+            // Only set if not already decided (first-cause wins)
+            if (endedBy === "exit") {
+                endedBy = "abort";
+                controller.abort();
+            }
+        });
+    }
+    // Handle timeout - only set up if timeoutMs > 0
+    let timeoutId;
+    if (timeoutMs > 0) {
+        timeoutId = setTimeout(() => {
+            // Only set if not already decided (first-cause wins)
+            if (endedBy === "exit") {
+                endedBy = "timeout";
+                controller.abort();
+            }
+        }, timeoutMs);
+    }
+    // Clean up timeout when signal is aborted (prevents memory leaks)
+    controller.signal.addEventListener("abort", () => {
+        if (timeoutId)
+            clearTimeout(timeoutId);
+    });
+    return {
+        signal: controller.signal,
+        getEndedBy: () => endedBy,
+    };
+}
+/**
+ * Spawn a PowerShell process with script text passed via stdin.
+ *
+ * SECURITY: The command text is NEVER included in argv - it is always
+ * passed via stdin to prevent command-line injection attacks.
+ *
+ * @param options - Spawn options including exePath, command, cwd, and signal
+ * @returns Subprocess handle with piped stdout/stderr
+ */
+export function spawnPowerShell(options) {
+    const cmd = buildPowerShellCommand(options.exePath);
+    const stdin = new TextEncoder().encode(options.command);
+    return Bun.spawn({
+        cmd,
+        stdin,
+        cwd: options.cwd,
+        stdout: "pipe",
+        stderr: "pipe",
+        signal: options.signal,
+        windowsHide: true,
+    });
+}
+/**
+ * Terminate a process and its entire process tree.
+ *
+ * On Windows, uses `taskkill /T` to terminate the process tree.
+ * On Unix-like systems, uses `kill -9 -pid` (negative PID kills process group).
+ *
+ * @param pid - Process ID to terminate
+ * @returns Promise that resolves when the termination command completes
+ */
+export async function terminateProcessTree(pid) {
+    if (process.platform === "win32") {
+        // Windows: taskkill /T kills the process tree
+        const proc = Bun.spawn([
+            "taskkill",
+            "/PID",
+            String(pid),
+            "/T", // Terminate process tree
+            "/F", // Force
+        ]);
+        await proc.exited;
+    }
+    else {
+        // Unix: kill negative PID kills process group
+        try {
+            process.kill(-pid, "SIGKILL");
+        }
+        catch {
+            // Process may already be dead
+        }
+    }
+}
+//# sourceMappingURL=process.js.map

package/dist/tools/process.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"process.js","sourceRoot":"","sources":["../../src/tools/process.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,OAAO,CAAC,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;AACrE,CAAC;AAYD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,uBAAuB,CACrC,YAAqC,EACrC,SAAiB;IAEjB,yEAAyE;IACzE,IAAI,YAAY,EAAE,OAAO,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO;SAC1B,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,IAAI,OAAO,GAAiC,MAAM,CAAC;IAEnD,2EAA2E;IAC3E,IAAI,YAAY,EAAE,CAAC;QACjB,YAAY,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;YAC1C,qDAAqD;YACrD,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;gBACvB,OAAO,GAAG,OAAO,CAAC;gBAClB,UAAU,CAAC,KAAK,EAAE,CAAC;YACrB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,IAAI,SAA4B,CAAC;IACjC,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;YAC1B,qDAAqD;YACrD,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;gBACvB,OAAO,GAAG,SAAS,CAAC;gBACpB,UAAU,CAAC,KAAK,EAAE,CAAC;YACrB,CAAC;QACH,CAAC,EAAE,SAAS,CAAC,CAAC;IAChB,CAAC;IAED,kEAAkE;IAClE,UAAU,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;QAC/C,IAAI,SAAS;YAAE,YAAY,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,UAAU,EAAE,GAAG,EAAE,CAAC,OAAO;KAC1B,CAAC;AACJ,CAAC;AAgBD;;;;;;;;GAQG;AACH,MAAM,UAAU,eAAe,CAAC,OAA+B;IAC7D,MAAM,GAAG,GAAG,sBAAsB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAExD,OAAO,GAAG,CAAC,KAAK,CAAC;QACf,GAAG;QACH,KAAK;QACL,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,MAAM,EAAE,MAAM;QACd,MAAM,EAAE,MAAM;QACd,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAW;IACpD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,8CAA8C;QAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC;YACrB,UAAU;YACV,MAAM;YACN,MAAM,CAAC,GAAG,CAAC;YACX,IAAI,EAAG,yBAAyB;YAChC,IAAI,EAAG,QAAQ;SAChB,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,MAAM,CAAC;IACpB,CAAC;SAAM,CAAC;QACN,8CAA8C;QAC9C,IAAI,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,8BAA8B;QAChC,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/tools/workdir.d.ts

@@ -0,0 +1,52 @@
+import type { ToolContext } from "@opencode-ai/plugin/tool";
+/**
+ * Asks for external_directory permission if the resolved workdir is outside the allowed boundary.
+ *
+ * Rules:
+ * 1. Build allowed roots from context
+ * 2. Check if resolvedWorkdir is within boundary
+ * 3. If outside: call context.ask() with permission "external_directory" and glob pattern
+ * 4. If inside: return without asking (no-op)
+ *
+ * @param context - The tool execution context
+ * @param resolvedWorkdir - The absolute, normalized workdir path
+ */
+export declare function askExternalDirectoryIfRequired(context: ToolContext, resolvedWorkdir: string): Promise<void>;
+/**
+ * Resolves a workdir argument to an absolute path.
+ *
+ * Rules:
+ * 1. If workdirArg is omitted, uses '.' semantics (resolves to contextDirectory)
+ * 2. If workdirArg is absolute, returns it normalized
+ * 3. If workdirArg is relative, resolves it against contextDirectory
+ *
+ * @param contextDirectory - The base directory from context
+ * @param workdirArg - Optional workdir argument (can be relative, absolute, or omitted)
+ * @returns The absolute, normalized path
+ */
+export declare function resolveWorkdir(contextDirectory: string, workdirArg?: string): string;
+/**
+ * Checks if a resolved path is within the allowed boundary roots.
+ *
+ * A path is considered "within boundary" if:
+ * - It exactly matches an allowed root
+ * - It starts with an allowed root path + path separator
+ * - The root is "/" (Unix root allows all paths)
+ *
+ * @param resolvedPath - The absolute, normalized path to check
+ * @param allowedRoots - Array of allowed root paths (should be absolute and normalized)
+ * @returns true if the path is within any of the allowed roots
+ */
+export declare function isWithinBoundary(resolvedPath: string, allowedRoots: string[]): boolean;
+/**
+ * Builds the list of allowed boundary roots from the tool context.
+ *
+ * Rules:
+ * 1. Always include context.directory
+ * 2. Include context.worktree only if it's not "/"
+ *
+ * @param context - The tool context containing directory and worktree information
+ * @returns Array of allowed root paths
+ */
+export declare function buildAllowedRoots(context: ToolContext): string[];
+//# sourceMappingURL=workdir.d.ts.map

package/dist/tools/workdir.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"workdir.d.ts","sourceRoot":"","sources":["../../src/tools/workdir.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAE5D;;;;;;;;;;;GAWG;AACH,wBAAsB,8BAA8B,CAClD,OAAO,EAAE,WAAW,EACpB,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC,CAkBf;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,cAAc,CAC5B,gBAAgB,EAAE,MAAM,EACxB,UAAU,CAAC,EAAE,MAAM,GAClB,MAAM,CAMR;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAC9B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EAAE,GACrB,OAAO,CAsBT;AAED;;;;;;;;;GASG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,WAAW,GAAG,MAAM,EAAE,CAMhE"}

package/dist/tools/workdir.js

@@ -0,0 +1,97 @@
+import path from "path";
+/**
+ * Asks for external_directory permission if the resolved workdir is outside the allowed boundary.
+ *
+ * Rules:
+ * 1. Build allowed roots from context
+ * 2. Check if resolvedWorkdir is within boundary
+ * 3. If outside: call context.ask() with permission "external_directory" and glob pattern
+ * 4. If inside: return without asking (no-op)
+ *
+ * @param context - The tool execution context
+ * @param resolvedWorkdir - The absolute, normalized workdir path
+ */
+export async function askExternalDirectoryIfRequired(context, resolvedWorkdir) {
+    const allowedRoots = buildAllowedRoots(context);
+    if (isWithinBoundary(resolvedWorkdir, allowedRoots)) {
+        // Path is within boundary, no permission needed
+        return;
+    }
+    // Path is outside boundary, ask for external_directory permission
+    // Convert Windows backslashes to forward slashes for glob pattern
+    const globPattern = resolvedWorkdir.replace(/\\/g, "/") + "/**";
+    await context.ask({
+        permission: "external_directory",
+        patterns: [globPattern],
+        always: [globPattern],
+        metadata: {},
+    });
+}
+/**
+ * Resolves a workdir argument to an absolute path.
+ *
+ * Rules:
+ * 1. If workdirArg is omitted, uses '.' semantics (resolves to contextDirectory)
+ * 2. If workdirArg is absolute, returns it normalized
+ * 3. If workdirArg is relative, resolves it against contextDirectory
+ *
+ * @param contextDirectory - The base directory from context
+ * @param workdirArg - Optional workdir argument (can be relative, absolute, or omitted)
+ * @returns The absolute, normalized path
+ */
+export function resolveWorkdir(contextDirectory, workdirArg) {
+    const rawWorkdir = workdirArg ?? ".";
+    if (path.isAbsolute(rawWorkdir)) {
+        return path.normalize(rawWorkdir);
+    }
+    return path.resolve(contextDirectory, rawWorkdir);
+}
+/**
+ * Checks if a resolved path is within the allowed boundary roots.
+ *
+ * A path is considered "within boundary" if:
+ * - It exactly matches an allowed root
+ * - It starts with an allowed root path + path separator
+ * - The root is "/" (Unix root allows all paths)
+ *
+ * @param resolvedPath - The absolute, normalized path to check
+ * @param allowedRoots - Array of allowed root paths (should be absolute and normalized)
+ * @returns true if the path is within any of the allowed roots
+ */
+export function isWithinBoundary(resolvedPath, allowedRoots) {
+    const normalizedPath = path.normalize(resolvedPath);
+    return allowedRoots.some((root) => {
+        const normalizedRoot = path.normalize(root);
+        // Exact match
+        if (normalizedPath === normalizedRoot) {
+            return true;
+        }
+        // Root "/" allows everything on Unix
+        if (normalizedRoot === "/") {
+            return true;
+        }
+        // Ensure root has trailing separator for proper prefix check
+        const rootWithSep = normalizedRoot.endsWith(path.sep)
+            ? normalizedRoot
+            : normalizedRoot + path.sep;
+        return normalizedPath.startsWith(rootWithSep);
+    });
+}
+/**
+ * Builds the list of allowed boundary roots from the tool context.
+ *
+ * Rules:
+ * 1. Always include context.directory
+ * 2. Include context.worktree only if it's not "/"
+ *
+ * @param context - The tool context containing directory and worktree information
+ * @returns Array of allowed root paths
+ */
+export function buildAllowedRoots(context) {
+    const roots = [context.directory];
+    if (context.worktree && context.worktree !== "/") {
+        roots.push(context.worktree);
+    }
+    return roots;
+}
+//# sourceMappingURL=workdir.js.map

package/dist/tools/workdir.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"workdir.js","sourceRoot":"","sources":["../../src/tools/workdir.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,OAAoB,EACpB,eAAuB;IAEvB,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAEhD,IAAI,gBAAgB,CAAC,eAAe,EAAE,YAAY,CAAC,EAAE,CAAC;QACpD,gDAAgD;QAChD,OAAO;IACT,CAAC;IAED,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAEhE,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,UAAU,EAAE,oBAAoB;QAChC,QAAQ,EAAE,CAAC,WAAW,CAAC;QACvB,MAAM,EAAE,CAAC,WAAW,CAAC;QACrB,QAAQ,EAAE,EAAE;KACb,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,cAAc,CAC5B,gBAAwB,EACxB,UAAmB;IAEnB,MAAM,UAAU,GAAG,UAAU,IAAI,GAAG,CAAC;IACrC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,gBAAgB,CAC9B,YAAoB,EACpB,YAAsB;IAEtB,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACpD,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;QAChC,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAE5C,cAAc;QACd,IAAI,cAAc,KAAK,cAAc,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,qCAAqC;QACrC,IAAI,cAAc,KAAK,GAAG,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,6DAA6D;QAC7D,MAAM,WAAW,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC;YACnD,CAAC,CAAC,cAAc;YAChB,CAAC,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC;QAE9B,OAAO,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAoB;IACpD,MAAM,KAAK,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAClC,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@ordis_co_th/execute-powershell",
+  "version": "1.0.0",
+  "type": "module",
+  "packageManager": "bun@1.3.9",
+  "files": [
+    "dist/",
+    "README.md",
+    "LICENSE"
+  ],
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "dependencies": {
+    "@opencode-ai/plugin": "1.2.10",
+    "zod": "4.3.6"
+  },
+  "overrides": {
+    "zod": "4.3.6"
+  },
+  "devDependencies": {
+    "@types/bun": "1.3.9",
+    "js-yaml": "^4.1.0",
+    "typescript": "5.9.3"
+  },
+  "scripts": {
+    "test": "bun test",
+    "build": "tsc",
+    "package:check": "bun run bin/package-check.ts"
+  }
+}