@poncho-ai/harness 0.7.0 → 0.7.2

package/test/harness.test.ts

@@ -235,6 +235,11 @@ description: Simple math scripts
       "export async function run() { return { ok: true }; }\n",
       "utf8",
     );
+    await writeFile(
+      join(dir, "skills", "math", "fetch-page.ts"),
+      "export default async function run() { return { ok: true, root: true }; }\n",
+      "utf8",
+    );
     await writeFile(
       join(dir, "skills", "math", "scripts", "README.md"),
       "# not executable\n",
@@ -249,7 +254,7 @@ description: Simple math scripts
     const result = await listScripts!.handler({ skill: "math" });
     expect(result).toEqual({
       skill: "math",
-      scripts: ["scripts/add.ts", "scripts/nested/multiply.js"],
+      scripts: ["./fetch-page.ts", "scripts/add.ts", "scripts/nested/multiply.js"],
     });
   });
 
@@ -287,6 +292,14 @@ description: Simple math scripts
   const b = Number(input?.b ?? 0);
   return { sum: a + b };
 }
+`,
+      "utf8",
+    );
+    await writeFile(
+      join(dir, "skills", "math", "fetch-page.ts"),
+      `export default async function run() {
+  return { kind: "root-script" };
+}
 `,
       "utf8",
     );
@@ -298,14 +311,56 @@ description: Simple math scripts
     expect(runner).toBeDefined();
     const result = await runner!.handler({
       skill: "math",
-      script: "add.ts",
+      script: "scripts/add.ts",
       input: { a: 2, b: 3 },
     });
     expect(result).toEqual({
       skill: "math",
-      script: "add.ts",
+      script: "./scripts/add.ts",
       output: { sum: 5 },
     });
+    const rootResult = await runner!.handler({
+      skill: "math",
+      script: "./fetch-page.ts",
+    });
+    expect(rootResult).toEqual({
+      skill: "math",
+      script: "./fetch-page.ts",
+      output: { kind: "root-script" },
+    });
+  });
+
+  it("runs AGENT-scope scripts from root scripts directory", async () => {
+    const dir = await mkdtemp(join(tmpdir(), "poncho-harness-root-script-run-"));
+    await mkdir(join(dir, "scripts"), { recursive: true });
+    await writeFile(
+      join(dir, "scripts", "ping.ts"),
+      "export default async function run() { return { pong: true }; }\n",
+      "utf8",
+    );
+    await writeFile(
+      join(dir, "AGENT.md"),
+      `---
+name: root-run-agent
+model:
+  provider: anthropic
+  name: claude-opus-4-5
+---
+
+# Root Run Agent
+`,
+      "utf8",
+    );
+    const harness = new AgentHarness({ workingDir: dir });
+    await harness.initialize();
+    const runner = harness.listTools().find((tool) => tool.name === "run_skill_script");
+    expect(runner).toBeDefined();
+    const result = await runner!.handler({ script: "scripts/ping.ts" });
+    expect(result).toEqual({
+      skill: null,
+      script: "./scripts/ping.ts",
+      output: { pong: true },
+    });
   });
 
   it("blocks path traversal in run_skill_script", async () => {
@@ -345,12 +400,12 @@ description: Safe skill
       script: "../outside.ts",
     });
     expect(result).toMatchObject({
-      error: expect.stringContaining("must be relative and within the skill directory"),
+      error: expect.stringContaining("must be relative and within the allowed directory"),
     });
   });
 
-  it("enforces scripts denylist policy from config", async () => {
-    const dir = await mkdtemp(join(tmpdir(), "poncho-harness-script-policy-"));
+  it("requires allowed-tools entries for non-standard script directories", async () => {
+    const dir = await mkdtemp(join(tmpdir(), "poncho-harness-script-allowed-tools-"));
     await writeFile(
       join(dir, "AGENT.md"),
       `---
@@ -361,26 +416,18 @@ model:
 ---
 
 # Script Policy Agent
-`,
-      "utf8",
-    );
-    await writeFile(
-      join(dir, "poncho.config.js"),
-      `export default {
-  scripts: {
-    mode: "denylist",
-    exclude: ["math/scripts/add.ts"]
-  }
-};
 `,
       "utf8",
     );
     await mkdir(join(dir, "skills", "math", "scripts"), { recursive: true });
+    await mkdir(join(dir, "skills", "math", "tools"), { recursive: true });
     await writeFile(
       join(dir, "skills", "math", "SKILL.md"),
       `---
 name: math
 description: Math scripts
+allowed-tools:
+  - ./tools/multiply.ts
 ---
 
 # Math
@@ -392,6 +439,11 @@ description: Math scripts
       "export default async function run() { return { ok: true }; }\n",
       "utf8",
     );
+    await writeFile(
+      join(dir, "skills", "math", "tools", "multiply.ts"),
+      "export default async function run() { return { ok: true, kind: 'tools' }; }\n",
+      "utf8",
+    );
     const harness = new AgentHarness({ workingDir: dir });
     await harness.initialize();
     const listScripts = harness.listTools().find((tool) => tool.name === "list_skill_scripts");
@@ -399,11 +451,17 @@ description: Math scripts
     expect(listScripts).toBeDefined();
     expect(runScript).toBeDefined();
     const listed = await listScripts!.handler({ skill: "math" });
-    expect(listed).toEqual({ skill: "math", scripts: [] });
-    const result = await runScript!.handler({ skill: "math", script: "add.ts" });
-    expect(result).toMatchObject({
-      error: expect.stringContaining("is not allowed by policy"),
+    expect(listed).toEqual({
+      skill: "math",
+      scripts: ["scripts/add.ts", "tools/multiply.ts"],
+    });
+    const result = await runScript!.handler({ skill: "math", script: "scripts/add.ts" });
+    expect(result).toMatchObject({ output: { ok: true } });
+    const toolsResult = await runScript!.handler({
+      skill: "math",
+      script: "./tools/multiply.ts",
     });
+    expect(toolsResult).toMatchObject({ output: { ok: true, kind: "tools" } });
   });
 
 
@@ -431,6 +489,38 @@ allowed-tools:
     expect(metadata[0]?.name).toBe("summarize");
     expect(metadata[0]?.allowedTools.mcp).toEqual(["linear/list_issues", "linear/get_issue"]);
     expect(metadata[0]?.allowedTools.scripts).toEqual([]);
+    expect(metadata[0]?.approvalRequired.mcp).toEqual([]);
+    expect(metadata[0]?.approvalRequired.scripts).toEqual([]);
+  });
+
+  it("parses approval-required patterns from SKILL.md frontmatter", async () => {
+    const dir = await mkdtemp(join(tmpdir(), "poncho-harness-approval-required-"));
+    await mkdir(join(dir, "skills", "triage"), { recursive: true });
+    await writeFile(
+      join(dir, "skills", "triage", "SKILL.md"),
+      `---
+name: triage
+description: Triage
+allowed-tools:
+  - mcp:github/list_issues
+  - mcp:github/create_issue
+  - ./tools/open-pr.ts
+approval-required:
+  - mcp:github/create_issue
+  - ./scripts/review.ts
+  - ./tools/open-pr.ts
+---
+
+# Triage
+`,
+      "utf8",
+    );
+    const metadata = await loadSkillMetadata(dir);
+    expect(metadata[0]?.approvalRequired.mcp).toEqual(["github/create_issue"]);
+    expect(metadata[0]?.approvalRequired.scripts).toEqual([
+      "./scripts/review.ts",
+      "./tools/open-pr.ts",
+    ]);
   });
 
   it("fails when SKILL.md includes invalid non-slash tool patterns", async () => {
@@ -542,8 +632,7 @@ model:
     {
       name: "remote",
       url: "http://127.0.0.1:${address.port}/mcp",
-      auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" },
-      tools: { mode: "allowlist", include: ["remote/*"] }
+      auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" }
     }
   ]
 };
@@ -676,8 +765,7 @@ model:
     {
       name: "remote",
       url: "http://127.0.0.1:${address.port}/mcp",
-      auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" },
-      tools: { mode: "allowlist", include: ["remote/*"] }
+      auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" }
     }
   ]
 };
@@ -712,5 +800,4 @@ allowed-tools:
     await new Promise<void>((resolveClose) => mcpServer.close(() => resolveClose()));
   });
 
-
 });

package/test/mcp.test.ts

@@ -138,7 +138,7 @@ describe("mcp bridge protocol transports", () => {
     ).toThrow(/Duplicate MCP server name/);
   });
 
-  it("applies allowlist and denylist policy filters", async () => {
+  it("selects discovered tools by requested patterns", async () => {
     process.env.LINEAR_TOKEN = "token-123";
     const server = createServer(async (req, res) => {
       if (req.method === "DELETE") {
@@ -195,37 +195,22 @@ describe("mcp bridge protocol transports", () => {
     if (!address || typeof address === "string") {
       throw new Error("Unexpected server address");
     }
-    const allowBridge = new LocalMcpBridge({
-      mcp: [
-        {
-          name: "remote",
-          url: `http://127.0.0.1:${address.port}/mcp`,
-          auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" },
-          tools: { mode: "allowlist", include: ["remote/a"] },
-        },
-      ],
-    });
-    await allowBridge.startLocalServers();
-    await allowBridge.discoverTools();
-    const allowTools = await allowBridge.loadTools(["remote/*"]);
-    expect(allowTools.map((tool) => tool.name)).toEqual(["remote/a"]);
-    await allowBridge.stopLocalServers();
-
-    const denyBridge = new LocalMcpBridge({
+    const bridge = new LocalMcpBridge({
       mcp: [
         {
           name: "remote",
           url: `http://127.0.0.1:${address.port}/mcp`,
           auth: { type: "bearer", tokenEnv: "LINEAR_TOKEN" },
-          tools: { mode: "denylist", exclude: ["remote/b"] },
         },
       ],
     });
-    await denyBridge.startLocalServers();
-    await denyBridge.discoverTools();
-    const denyTools = await denyBridge.loadTools(["remote/*"]);
-    expect(denyTools.map((tool) => tool.name).sort()).toEqual(["remote/a"]);
-    await denyBridge.stopLocalServers();
+    await bridge.startLocalServers();
+    await bridge.discoverTools();
+    const exact = await bridge.loadTools(["remote/a"]);
+    expect(exact.map((tool) => tool.name)).toEqual(["remote/a"]);
+    const wildcard = await bridge.loadTools(["remote/*"]);
+    expect(wildcard.map((tool) => tool.name).sort()).toEqual(["remote/a", "remote/b"]);
+    await bridge.stopLocalServers();
     await new Promise<void>((resolveClose) => server.close(() => resolveClose()));
   });