npm - @pellux/goodvibes-agent - Versions diffs - 0.1.19 → 0.1.21 - Mend

@pellux/goodvibes-agent 0.1.19 → 0.1.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md +8 -0
package/package.json +1 -1
package/src/tools/wrfc-agent-guard.ts +71 -0
package/src/version.ts +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,14 @@
 All notable changes to GoodVibes Agent will be recorded here.
+## 0.1.21 - 2026-05-31
+- d83f325 Keep inspect scaffold dry-run-only in agent runtime
+## 0.1.20 - 2026-05-31
+- c0eca13 Block settings mutation tool in agent runtime
 ## 0.1.19 - 2026-05-31
 - a4255d5 Restrict durable workflow tool mutations in agent runtime

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@pellux/goodvibes-agent",
-  "version": "0.1.19",
+  "version": "0.1.21",
   "private": false,
   "description": "Near-fork GoodVibes operator assistant with the GoodVibes TUI shell, renderer, input, fullscreen workspace, and daemon-connected Agent product brain.",
   "type": "module",

package/src/tools/wrfc-agent-guard.ts CHANGED Viewed

@@ -54,6 +54,12 @@ type StateToolArgs = {
   readonly [key: string]: unknown;
 };
+type InspectToolArgs = {
+  readonly mode?: unknown;
+  readonly dryRun?: unknown;
+  readonly [key: string]: unknown;
+};
 type AgentToolPolicyGuardOptions = {
   readonly getLastUserMessage?: () => string | null;
 };
@@ -153,6 +159,18 @@ const STATE_MUTATION_DENIAL = [
   'Use Agent-owned memory, skills, personas, routines, and explicit CLI/slash commands for intentional local state changes.',
 ].join(' ');
+const SETTINGS_MUTATION_DENIAL = [
+  'GoodVibes Agent does not mutate configuration through model tools in the main conversation.',
+  'Use explicit Agent CLI/slash settings commands for intentional config changes.',
+  'Secrets, tokens, passwords, daemon lifecycle settings, and service exposure settings require explicit user action outside the model tool surface.',
+].join(' ');
+const INSPECT_WRITE_DENIAL = [
+  'GoodVibes Agent only uses inspect scaffold mode for dry-run planning from the main conversation.',
+  'File scaffolding and code creation are disabled in the Agent model tool surface.',
+  'Delegate explicit build/implement/fix/review work to GoodVibes TUI instead.',
+].join(' ');
 const DURABLE_WORKFLOW_MUTATION_DENIAL = [
   'GoodVibes Agent only inspects copied durable workflow tools from the main conversation.',
   'Task, team, worklist, packet, and query creation or lifecycle mutation is disabled here.',
@@ -192,6 +210,10 @@ export function installAgentToolPolicyGuard(registry: ToolRegistry, options: Age
       wrapFetchToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'state') {
       wrapStateToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'goodvibes_settings') {
+      wrapBlockedSettingsToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'inspect') {
+      wrapInspectToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'task') {
       wrapModeRestrictedToolForAgentPolicy(tool, {
         allowedModes: READ_ONLY_TASK_TOOL_MODES,
@@ -297,6 +319,32 @@ export function wrapStateToolForAgentPolicy(tool: Tool): void {
   };
 }
+export function wrapBlockedSettingsToolForAgentPolicy(tool: Tool): void {
+  tool.definition.description = [
+    'Blocked in GoodVibes Agent main conversation: configuration mutation.',
+    'Use explicit Agent CLI/slash settings commands for intentional config changes.',
+    'Daemon lifecycle and service exposure remain externally managed by GoodVibes TUI/daemon.',
+  ].join(' ');
+  tool.definition.sideEffects = [];
+  tool.definition.parameters = {
+    type: 'object',
+    properties: {},
+    additionalProperties: false,
+  };
+  tool.execute = async () => ({ success: false, error: SETTINGS_MUTATION_DENIAL });
+}
+export function wrapInspectToolForAgentPolicy(tool: Tool): void {
+  narrowInspectToolDefinitionForAgentPolicy(tool);
+  const originalExecute = tool.execute.bind(tool);
+  tool.execute = async (args) => {
+    const inspectArgs = args as InspectToolArgs;
+    const denial = validateInspectToolInvocationForAgentPolicy(inspectArgs);
+    if (denial) return { success: false, error: denial };
+    return originalExecute(normalizeInspectToolInvocationForAgentPolicy(inspectArgs) as Parameters<Tool['execute']>[0]);
+  };
+}
 export function validateExecToolInvocationForAgentPolicy(args: ExecToolArgs): string | null {
   if (args.parallel === true) return BACKGROUND_EXEC_DENIAL;
   if (Array.isArray(args.file_ops) && args.file_ops.length > 0) return BACKGROUND_EXEC_DENIAL;
@@ -381,6 +429,16 @@ export function validateStateToolInvocationForAgentPolicy(args: StateToolArgs):
   return null;
 }
+export function validateInspectToolInvocationForAgentPolicy(args: InspectToolArgs): string | null {
+  if (args.mode === 'scaffold' && args.dryRun === false) return INSPECT_WRITE_DENIAL;
+  return null;
+}
+export function normalizeInspectToolInvocationForAgentPolicy(args: InspectToolArgs): InspectToolArgs {
+  if (args.mode !== 'scaffold') return args;
+  return { ...args, dryRun: true };
+}
 type ModeRestrictedToolPolicy = {
   readonly allowedModes: readonly string[];
   readonly modeSet: ReadonlySet<string>;
@@ -452,6 +510,8 @@ export const AGENT_CHANNEL_ACTION_DENIAL_MESSAGE = CHANNEL_ACTION_DENIAL;
 export const AGENT_MCP_SECURITY_MUTATION_DENIAL_MESSAGE = MCP_SECURITY_MUTATION_DENIAL;
 export const AGENT_FETCH_NETWORK_MUTATION_DENIAL_MESSAGE = FETCH_NETWORK_MUTATION_DENIAL;
 export const AGENT_STATE_MUTATION_DENIAL_MESSAGE = STATE_MUTATION_DENIAL;
+export const AGENT_SETTINGS_MUTATION_DENIAL_MESSAGE = SETTINGS_MUTATION_DENIAL;
+export const AGENT_INSPECT_WRITE_DENIAL_MESSAGE = INSPECT_WRITE_DENIAL;
 export const AGENT_DURABLE_WORKFLOW_MUTATION_DENIAL_MESSAGE = DURABLE_WORKFLOW_MUTATION_DENIAL;
 function isRecord(value: unknown): value is Record<string, unknown> {
@@ -586,6 +646,17 @@ function narrowStateToolDefinitionForAgentPolicy(tool: Tool): void {
   narrowStringEnumProperty(properties, 'analyticsAction', READ_ONLY_STATE_ANALYTICS_ACTIONS, 'Read-only analytics actions allowed by GoodVibes Agent.');
 }
+function narrowInspectToolDefinitionForAgentPolicy(tool: Tool): void {
+  tool.definition.description = [
+    'Inspect and analyze project structure for GoodVibes Agent.',
+    'Scaffold mode is dry-run-only in the main conversation; code creation must be delegated to GoodVibes TUI.',
+  ].join(' ');
+  const properties = tool.definition.parameters.properties;
+  if (!isRecord(properties)) return;
+  delete properties.dryRun;
+}
 function narrowModeToolDefinitionForAgentPolicy(tool: Tool, allowedModes: readonly string[], description: string): void {
   tool.definition.description = description;

package/src/version.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import { join } from 'node:path';
 // The prebuild script updates the fallback value before compilation.
 // Uses import.meta.dir (Bun) to locate package.json relative to this file,
 // which is correct regardless of the process working directory.
-let _version = '0.1.19';
+let _version = '0.1.21';
 let _sdkVersion = '0.33.35';
 try {
   const pkg = JSON.parse(readFileSync(join(import.meta.dir, '..', 'package.json'), 'utf-8')) as {