@poolzin/pool-bot 2026.2.21 → 2026.2.23

package/dist/config/zod-schema.agent-runtime.js

@@ -1,6 +1,8 @@
 import { z } from "zod";
 import { parseDurationMs } from "../cli/parse-duration.js";
+import { AgentModelSchema } from "./zod-schema.agent-model.js";
 import { GroupChatSchema, HumanDelaySchema, IdentitySchema, ToolsLinksSchema, ToolsMediaSchema, } from "./zod-schema.core.js";
+import { sensitive } from "./zod-schema.sensitive.js";
 export const HeartbeatSchema = z
     .object({
     every: z.string().optional(),
@@ -20,11 +22,13 @@ export const HeartbeatSchema = z
     accountId: z.string().optional(),
     prompt: z.string().optional(),
     ackMaxChars: z.number().int().nonnegative().optional(),
+    suppressToolErrorWarnings: z.boolean().optional(),
 })
     .strict()
     .superRefine((val, ctx) => {
-    if (!val.every)
+    if (!val.every) {
         return;
+    }
     try {
         parseDurationMs(val.every, { defaultUnit: "m" });
     }
@@ -36,12 +40,14 @@ export const HeartbeatSchema = z
         });
     }
     const active = val.activeHours;
-    if (!active)
+    if (!active) {
         return;
+    }
     const timePattern = /^([01]\d|2[0-3]|24):([0-5]\d)$/;
     const validateTime = (raw, opts, path) => {
-        if (!raw)
+        if (!raw) {
             return;
+        }
         if (!timePattern.test(raw)) {
             ctx.addIssue({
                 code: z.ZodIssueCode.custom,
@@ -108,6 +114,54 @@ export const SandboxDockerSchema = z
     binds: z.array(z.string()).optional(),
 })
     .strict()
+    .superRefine((data, ctx) => {
+    if (data.binds) {
+        for (let i = 0; i < data.binds.length; i += 1) {
+            const bind = data.binds[i]?.trim() ?? "";
+            if (!bind) {
+                ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    path: ["binds", i],
+                    message: "Sandbox security: bind mount entry must be a non-empty string.",
+                });
+                continue;
+            }
+            const firstColon = bind.indexOf(":");
+            const source = (firstColon <= 0 ? bind : bind.slice(0, firstColon)).trim();
+            if (!source.startsWith("/")) {
+                ctx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    path: ["binds", i],
+                    message: `Sandbox security: bind mount "${bind}" uses a non-absolute source path "${source}". ` +
+                        "Only absolute POSIX paths are supported for sandbox binds.",
+                });
+            }
+        }
+    }
+    if (data.network?.trim().toLowerCase() === "host") {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ["network"],
+            message: 'Sandbox security: network mode "host" is blocked. Use "bridge" or "none" instead.',
+        });
+    }
+    if (data.seccompProfile?.trim().toLowerCase() === "unconfined") {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ["seccompProfile"],
+            message: 'Sandbox security: seccomp profile "unconfined" is blocked. ' +
+                "Use a custom seccomp profile file or omit this setting.",
+        });
+    }
+    if (data.apparmorProfile?.trim().toLowerCase() === "unconfined") {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ["apparmorProfile"],
+            message: 'Sandbox security: apparmor profile "unconfined" is blocked. ' +
+                "Use a named AppArmor profile or omit this setting.",
+        });
+    }
+})
     .optional();
 export const SandboxBrowserSchema = z
     .object({
@@ -122,6 +176,7 @@ export const SandboxBrowserSchema = z
     allowHostControl: z.boolean().optional(),
     autoStart: z.boolean().optional(),
     autoStartTimeoutMs: z.number().int().positive().optional(),
+    binds: z.array(z.string()).optional(),
 })
     .strict()
     .optional();
@@ -150,19 +205,27 @@ export const ToolPolicySchema = ToolPolicyBaseSchema.superRefine((value, ctx) =>
 export const ToolsWebSearchSchema = z
     .object({
     enabled: z.boolean().optional(),
-    provider: z.union([z.literal("brave"), z.literal("perplexity")]).optional(),
-    apiKey: z.string().optional(),
+    provider: z.union([z.literal("brave"), z.literal("perplexity"), z.literal("grok")]).optional(),
+    apiKey: z.string().optional().register(sensitive),
     maxResults: z.number().int().positive().optional(),
     timeoutSeconds: z.number().int().positive().optional(),
     cacheTtlMinutes: z.number().nonnegative().optional(),
     perplexity: z
         .object({
-        apiKey: z.string().optional(),
+        apiKey: z.string().optional().register(sensitive),
         baseUrl: z.string().optional(),
         model: z.string().optional(),
     })
         .strict()
         .optional(),
+    grok: z
+        .object({
+        apiKey: z.string().optional().register(sensitive),
+        model: z.string().optional(),
+        inlineCitations: z.boolean().optional(),
+    })
+        .strict()
+        .optional(),
 })
     .strict()
     .optional();
@@ -170,6 +233,7 @@ export const ToolsWebFetchSchema = z
     .object({
     enabled: z.boolean().optional(),
     maxChars: z.number().int().positive().optional(),
+    maxCharsCap: z.number().int().positive().optional(),
     timeoutSeconds: z.number().int().positive().optional(),
     cacheTtlMinutes: z.number().nonnegative().optional(),
     maxRedirects: z.number().int().nonnegative().optional(),
@@ -187,6 +251,14 @@ export const ToolsWebSchema = z
 export const ToolProfileSchema = z
     .union([z.literal("minimal"), z.literal("coding"), z.literal("messaging"), z.literal("full")])
     .optional();
+function addAllowAlsoAllowConflictIssue(value, ctx, message) {
+    if (value.allow && value.allow.length > 0 && value.alsoAllow && value.alsoAllow.length > 0) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            message,
+        });
+    }
+}
 export const ToolPolicyWithProfileSchema = z
     .object({
     allow: z.array(z.string()).optional(),
@@ -196,17 +268,87 @@ export const ToolPolicyWithProfileSchema = z
 })
     .strict()
     .superRefine((value, ctx) => {
-    if (value.allow && value.allow.length > 0 && value.alsoAllow && value.alsoAllow.length > 0) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: "tools.byProvider policy cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)",
-        });
-    }
+    addAllowAlsoAllowConflictIssue(value, ctx, "tools.byProvider policy cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)");
 });
 // Provider docking: allowlists keyed by provider id (no schema updates when adding providers).
 export const ElevatedAllowFromSchema = z
     .record(z.string(), z.array(z.union([z.string(), z.number()])))
     .optional();
+const ToolExecApplyPatchSchema = z
+    .object({
+    enabled: z.boolean().optional(),
+    workspaceOnly: z.boolean().optional(),
+    allowModels: z.array(z.string()).optional(),
+})
+    .strict()
+    .optional();
+const ToolExecBaseShape = {
+    host: z.enum(["sandbox", "gateway", "node"]).optional(),
+    security: z.enum(["deny", "allowlist", "full"]).optional(),
+    ask: z.enum(["off", "on-miss", "always"]).optional(),
+    node: z.string().optional(),
+    pathPrepend: z.array(z.string()).optional(),
+    safeBins: z.array(z.string()).optional(),
+    backgroundMs: z.number().int().positive().optional(),
+    timeoutSec: z.number().int().positive().optional(),
+    cleanupMs: z.number().int().positive().optional(),
+    notifyOnExit: z.boolean().optional(),
+    notifyOnExitEmptySuccess: z.boolean().optional(),
+    applyPatch: ToolExecApplyPatchSchema,
+};
+const AgentToolExecSchema = z
+    .object({
+    ...ToolExecBaseShape,
+    approvalRunningNoticeMs: z.number().int().nonnegative().optional(),
+})
+    .strict()
+    .optional();
+const ToolExecSchema = z.object(ToolExecBaseShape).strict().optional();
+const ToolFsSchema = z
+    .object({
+    workspaceOnly: z.boolean().optional(),
+})
+    .strict()
+    .optional();
+const ToolLoopDetectionDetectorSchema = z
+    .object({
+    genericRepeat: z.boolean().optional(),
+    knownPollNoProgress: z.boolean().optional(),
+    pingPong: z.boolean().optional(),
+})
+    .strict()
+    .optional();
+const ToolLoopDetectionSchema = z
+    .object({
+    enabled: z.boolean().optional(),
+    historySize: z.number().int().positive().optional(),
+    warningThreshold: z.number().int().positive().optional(),
+    criticalThreshold: z.number().int().positive().optional(),
+    globalCircuitBreakerThreshold: z.number().int().positive().optional(),
+    detectors: ToolLoopDetectionDetectorSchema,
+})
+    .strict()
+    .superRefine((value, ctx) => {
+    if (value.warningThreshold !== undefined &&
+        value.criticalThreshold !== undefined &&
+        value.warningThreshold >= value.criticalThreshold) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ["criticalThreshold"],
+            message: "tools.loopDetection.warningThreshold must be lower than criticalThreshold.",
+        });
+    }
+    if (value.criticalThreshold !== undefined &&
+        value.globalCircuitBreakerThreshold !== undefined &&
+        value.criticalThreshold >= value.globalCircuitBreakerThreshold) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ["globalCircuitBreakerThreshold"],
+            message: "tools.loopDetection.criticalThreshold must be lower than globalCircuitBreakerThreshold.",
+        });
+    }
+})
+    .optional();
 export const AgentSandboxSchema = z
     .object({
     mode: z.union([z.literal("off"), z.literal("non-main"), z.literal("all")]).optional(),
@@ -235,29 +377,9 @@ export const AgentToolsSchema = z
     })
         .strict()
         .optional(),
-    exec: z
-        .object({
-        host: z.enum(["sandbox", "gateway", "node"]).optional(),
-        security: z.enum(["deny", "allowlist", "full"]).optional(),
-        ask: z.enum(["off", "on-miss", "always"]).optional(),
-        node: z.string().optional(),
-        pathPrepend: z.array(z.string()).optional(),
-        safeBins: z.array(z.string()).optional(),
-        backgroundMs: z.number().int().positive().optional(),
-        timeoutSec: z.number().int().positive().optional(),
-        approvalRunningNoticeMs: z.number().int().nonnegative().optional(),
-        cleanupMs: z.number().int().positive().optional(),
-        notifyOnExit: z.boolean().optional(),
-        applyPatch: z
-            .object({
-            enabled: z.boolean().optional(),
-            allowModels: z.array(z.string()).optional(),
-        })
-            .strict()
-            .optional(),
-    })
-        .strict()
-        .optional(),
+    exec: AgentToolExecSchema,
+    fs: ToolFsSchema,
+    loopDetection: ToolLoopDetectionSchema,
     sandbox: z
         .object({
         tools: ToolPolicySchema,
@@ -267,12 +389,7 @@ export const AgentToolsSchema = z
 })
     .strict()
     .superRefine((value, ctx) => {
-    if (value.allow && value.allow.length > 0 && value.alsoAllow && value.alsoAllow.length > 0) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: "agent tools cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)",
-        });
-    }
+    addAllowAlsoAllowConflictIssue(value, ctx, "agent tools cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)");
 })
     .optional();
 export const MemorySearchSchema = z
@@ -292,7 +409,7 @@ export const MemorySearchSchema = z
     remote: z
         .object({
         baseUrl: z.string().optional(),
-        apiKey: z.string().optional(),
+        apiKey: z.string().optional().register(sensitive),
         headers: z.record(z.string(), z.string()).optional(),
         batch: z
             .object({
@@ -402,15 +519,7 @@ export const MemorySearchSchema = z
 })
     .strict()
     .optional();
-export const AgentModelSchema = z.union([
-    z.string(),
-    z
-        .object({
-        primary: z.string().optional(),
-        fallbacks: z.array(z.string()).optional(),
-    })
-        .strict(),
-]);
+export { AgentModelSchema };
 export const AgentEntrySchema = z
     .object({
     id: z.string(),
@@ -419,6 +528,7 @@ export const AgentEntrySchema = z
     workspace: z.string().optional(),
     agentDir: z.string().optional(),
     model: AgentModelSchema.optional(),
+    skills: z.array(z.string()).optional(),
     memorySearch: MemorySearchSchema,
     humanDelay: HumanDelaySchema.optional(),
     heartbeat: HeartbeatSchema,
@@ -456,6 +566,13 @@ export const ToolsSchema = z
     web: ToolsWebSchema,
     media: ToolsMediaSchema,
     links: ToolsLinksSchema,
+    sessions: z
+        .object({
+        visibility: z.enum(["self", "tree", "agent", "all"]).optional(),
+    })
+        .strict()
+        .optional(),
+    loopDetection: ToolLoopDetectionSchema,
     message: z
         .object({
         allowCrossContextSend: z.boolean().optional(),
@@ -497,28 +614,8 @@ export const ToolsSchema = z
     })
         .strict()
         .optional(),
-    exec: z
-        .object({
-        host: z.enum(["sandbox", "gateway", "node"]).optional(),
-        security: z.enum(["deny", "allowlist", "full"]).optional(),
-        ask: z.enum(["off", "on-miss", "always"]).optional(),
-        node: z.string().optional(),
-        pathPrepend: z.array(z.string()).optional(),
-        safeBins: z.array(z.string()).optional(),
-        backgroundMs: z.number().int().positive().optional(),
-        timeoutSec: z.number().int().positive().optional(),
-        cleanupMs: z.number().int().positive().optional(),
-        notifyOnExit: z.boolean().optional(),
-        applyPatch: z
-            .object({
-            enabled: z.boolean().optional(),
-            allowModels: z.array(z.string()).optional(),
-        })
-            .strict()
-            .optional(),
-    })
-        .strict()
-        .optional(),
+    exec: ToolExecSchema,
+    fs: ToolFsSchema,
     subagents: z
         .object({
         tools: ToolPolicySchema,
@@ -534,11 +631,6 @@ export const ToolsSchema = z
 })
     .strict()
     .superRefine((value, ctx) => {
-    if (value.allow && value.allow.length > 0 && value.alsoAllow && value.alsoAllow.length > 0) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: "tools cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)",
-        });
-    }
+    addAllowAlsoAllowConflictIssue(value, ctx, "tools cannot set both allow and alsoAllow in the same scope (merge alsoAllow into allow, or remove allow and use profile + alsoAllow)");
 })
     .optional();