@ridit/lens 0.3.4 → 0.3.6

package/src/tools/git.ts

@@ -27,6 +27,7 @@ function parseArgs(body: string): GitArgs | null {
 export const gitStatusTool: Tool<GitArgs> = {
   name: "git-status",
   description: "show working tree status",
+  tag: "git",
   safe: true,
   permissionLabel: "git status",
   systemPromptEntry: (i) =>
@@ -45,6 +46,7 @@ export const gitStatusTool: Tool<GitArgs> = {
 export const gitLogTool: Tool<GitArgs> = {
   name: "git-log",
   description: "show commit log",
+  tag: "git",
   safe: true,
   permissionLabel: "git log",
   systemPromptEntry: (i) =>
@@ -60,6 +62,7 @@ export const gitLogTool: Tool<GitArgs> = {
 export const gitDiffTool: Tool<GitArgs> = {
   name: "git-diff",
   description: "show changes between commits, working tree, or staged files",
+  tag: "git",
   safe: true,
   permissionLabel: "git diff",
   systemPromptEntry: (i) =>
@@ -75,6 +78,7 @@ export const gitDiffTool: Tool<GitArgs> = {
 export const gitShowTool: Tool<GitArgs> = {
   name: "git-show",
   description: "show a commit's details and stat",
+  tag: "git",
   safe: true,
   permissionLabel: "git show",
   systemPromptEntry: (i) =>
@@ -90,6 +94,7 @@ export const gitShowTool: Tool<GitArgs> = {
 export const gitBranchTool: Tool<GitArgs> = {
   name: "git-branch",
   description: "list branches",
+  tag: "git",
   safe: true,
   permissionLabel: "git branch",
   systemPromptEntry: (i) =>
@@ -105,6 +110,7 @@ export const gitBranchTool: Tool<GitArgs> = {
 export const gitRemoteTool: Tool<GitArgs> = {
   name: "git-remote",
   description: "list or inspect remotes",
+  tag: "git",
   safe: true,
   permissionLabel: "git remote",
   systemPromptEntry: (i) =>
@@ -120,6 +126,7 @@ export const gitRemoteTool: Tool<GitArgs> = {
 export const gitTagTool: Tool<GitArgs> = {
   name: "git-tag",
   description: "list tags",
+  tag: "git",
   safe: true,
   permissionLabel: "git tag",
   systemPromptEntry: (i) =>
@@ -135,6 +142,7 @@ export const gitTagTool: Tool<GitArgs> = {
 export const gitBlameTool: Tool<GitArgs> = {
   name: "git-blame",
   description: "show who last modified each line of a file",
+  tag: "git",
   safe: true,
   permissionLabel: "git blame",
   systemPromptEntry: (i) =>
@@ -168,6 +176,7 @@ export const gitBlameTool: Tool<GitArgs> = {
 export const gitStashListTool: Tool<GitArgs> = {
   name: "git-stash-list",
   description: "list stashed changes",
+  tag: "git",
   safe: true,
   permissionLabel: "git stash list",
   systemPromptEntry: (i) =>
@@ -183,6 +192,7 @@ export const gitStashListTool: Tool<GitArgs> = {
 export const gitAddTool: Tool<GitArgs> = {
   name: "git-add",
   description: "stage files for commit",
+  tag: "git",
   safe: false,
   permissionLabel: "git add",
   systemPromptEntry: (i) =>
@@ -202,6 +212,7 @@ export const gitAddTool: Tool<GitArgs> = {
 export const gitCommitTool: Tool<GitArgs> = {
   name: "git-commit",
   description: "commit staged changes with a message",
+  tag: "git",
   safe: false,
   permissionLabel: "git commit",
   systemPromptEntry: (i) =>
@@ -222,6 +233,7 @@ export const gitCommitTool: Tool<GitArgs> = {
 export const gitCommitAmendTool: Tool<GitArgs> = {
   name: "git-commit-amend",
   description: "amend the last commit message",
+  tag: "git",
   safe: false,
   permissionLabel: "git commit --amend",
   systemPromptEntry: (i) =>
@@ -246,6 +258,7 @@ export const gitRevertTool: Tool<GitArgs> = {
   name: "git-revert",
   description:
     "revert a commit by hash (creates a new revert commit, history preserved)",
+  tag: "git",
   safe: false,
   permissionLabel: "git revert",
   systemPromptEntry: (i) =>
@@ -266,6 +279,7 @@ export const gitRevertTool: Tool<GitArgs> = {
 export const gitResetTool: Tool<GitArgs> = {
   name: "git-reset",
   description: "reset HEAD or unstage files",
+  tag: "git",
   safe: false,
   permissionLabel: "git reset",
   systemPromptEntry: (i) =>
@@ -285,6 +299,7 @@ export const gitResetTool: Tool<GitArgs> = {
 export const gitCheckoutTool: Tool<GitArgs> = {
   name: "git-checkout",
   description: "switch branches or restore files",
+  tag: "git",
   safe: false,
   permissionLabel: "git checkout",
   systemPromptEntry: (i) =>
@@ -305,6 +320,7 @@ export const gitCheckoutTool: Tool<GitArgs> = {
 export const gitSwitchTool: Tool<GitArgs> = {
   name: "git-switch",
   description: "switch or create branches",
+  tag: "git",
   safe: false,
   permissionLabel: "git switch",
   systemPromptEntry: (i) =>
@@ -325,6 +341,7 @@ export const gitSwitchTool: Tool<GitArgs> = {
 export const gitMergeTool: Tool<GitArgs> = {
   name: "git-merge",
   description: "merge a branch into the current branch",
+  tag: "git",
   safe: false,
   permissionLabel: "git merge",
   systemPromptEntry: (i) =>
@@ -345,6 +362,7 @@ export const gitMergeTool: Tool<GitArgs> = {
 export const gitPullTool: Tool<GitArgs> = {
   name: "git-pull",
   description: "pull from remote",
+  tag: "git",
   safe: false,
   permissionLabel: "git pull",
   systemPromptEntry: (i) =>
@@ -363,6 +381,7 @@ export const gitPullTool: Tool<GitArgs> = {
 export const gitPushTool: Tool<GitArgs> = {
   name: "git-push",
   description: "push commits to remote",
+  tag: "git",
   safe: false,
   permissionLabel: "git push",
   systemPromptEntry: (i) =>
@@ -381,6 +400,7 @@ export const gitPushTool: Tool<GitArgs> = {
 export const gitStashTool: Tool<GitArgs> = {
   name: "git-stash",
   description: "stash or apply stashed changes",
+  tag: "git",
   safe: false,
   permissionLabel: "git stash",
   systemPromptEntry: (i) =>
@@ -401,6 +421,7 @@ export const gitStashTool: Tool<GitArgs> = {
 export const gitBranchCreateTool: Tool<GitArgs> = {
   name: "git-branch-create",
   description: "create a new branch without switching to it",
+  tag: "git",
   safe: false,
   permissionLabel: "git branch (create)",
   systemPromptEntry: (i) =>
@@ -421,6 +442,7 @@ export const gitBranchCreateTool: Tool<GitArgs> = {
 export const gitBranchDeleteTool: Tool<GitArgs> = {
   name: "git-branch-delete",
   description: "delete a branch",
+  tag: "git",
   safe: false,
   permissionLabel: "git branch -d",
   systemPromptEntry: (i) =>
@@ -444,6 +466,7 @@ export const gitBranchDeleteTool: Tool<GitArgs> = {
 export const gitCherryPickTool: Tool<GitArgs> = {
   name: "git-cherry-pick",
   description: "apply a specific commit from another branch",
+  tag: "git",
   safe: false,
   permissionLabel: "git cherry-pick",
   systemPromptEntry: (i) =>
@@ -466,6 +489,7 @@ export const gitCherryPickTool: Tool<GitArgs> = {
 export const gitTagCreateTool: Tool<GitArgs> = {
   name: "git-tag-create",
   description: "create a lightweight or annotated tag",
+  tag: "git",
   safe: false,
   permissionLabel: "git tag (create)",
   systemPromptEntry: (i) =>
@@ -486,6 +510,7 @@ export const gitRestoreTool: Tool<GitArgs> = {
   name: "git-restore",
   description:
     "discard working directory changes for a file (cannot be undone)",
+  tag: "git",
   safe: false,
   permissionLabel: "git restore",
   systemPromptEntry: (i) =>
@@ -505,6 +530,7 @@ export const gitRestoreTool: Tool<GitArgs> = {
 export const gitCleanTool: Tool<GitArgs> = {
   name: "git-clean",
   description: "remove untracked files (cannot be undone)",
+  tag: "git",
   safe: false,
   permissionLabel: "git clean",
   systemPromptEntry: (i) =>

package/src/utils/intentClassifier.ts

@@ -0,0 +1,58 @@
+/**
+ * Classifies user message intent to scope which tools the LLM is allowed to use.
+ *
+ * readonly  → only read/search/fetch tools exposed (no write, delete, shell)
+ * mutating  → all tools exposed
+ * any       → all tools exposed (ambiguous / can't tell)
+ */
+export type Intent = "readonly" | "mutating" | "any";
+
+const READONLY_PATTERNS: RegExp[] = [
+  // listing / exploring
+  /\b(list|ls|dir|show|display|print|dump)\b/i,
+  /\bwhat(('?s| is| are| does)\b| files| folder)/i,
+  /\b(folder|directory|file) (structure|tree|layout|contents?)\b/i,
+  /\bexplore\b/i,
+
+  // reading / explaining
+  /\b(read|open|view|look at|check out|inspect|peek)\b/i,
+  /\b(explain|describe|summarize|summarise|tell me about|walk me through)\b/i,
+  /\bhow does\b/i,
+  /\bwhat('?s| is) (in|inside|this|that|the)\b/i,
+
+  // searching
+  /\b(find|search|grep|locate|where is|where are)\b/i,
+  /\b(look for|scan|trace)\b/i,
+
+  // understanding
+  /\bunderstand\b/i,
+  /\bshow me (how|what|where|why)\b/i,
+];
+
+const MUTATING_PATTERNS: RegExp[] = [
+  // writing
+  /\b(write|create|make|generate|add|build|scaffold|init|initialize|setup|set up)\b/i,
+  /\b(new file|new folder|new component|new page|new route)\b/i,
+
+  // editing
+  /\b(edit|modify|update|change|refactor|rename|move|migrate)\b/i,
+  /\b(fix|patch|resolve|correct|debug|repair)\b/i,
+  /\b(implement|add .+ to|insert|inject|append|prepend)\b/i,
+
+  // deleting
+  /\b(delete|remove|drop|clean ?up|purge|wipe)\b/i,
+
+  // running
+  /\b(run|execute|install|deploy|build|test|start|launch|compile|lint|format)\b/i,
+];
+
+export function classifyIntent(userMessage: string): Intent {
+  const text = userMessage.trim();
+
+  const mutatingScore = MUTATING_PATTERNS.filter((p) => p.test(text)).length;
+  const readonlyScore = READONLY_PATTERNS.filter((p) => p.test(text)).length;
+
+  if (mutatingScore === 0 && readonlyScore > 0) return "readonly";
+  if (mutatingScore > 0) return "mutating";
+  return "any";
+}

package/src/utils/tools/builtins.ts

@@ -1,4 +1,5 @@
 import type { Tool, ToolContext } from "@ridit/lens-sdk";
+import { TOOL_TAGS } from "@ridit/lens-sdk";
 import {
   fetchUrl,
   searchWeb,
@@ -23,6 +24,7 @@ export const fetchTool: Tool<string> = {
   name: "fetch",
   description: "load a URL",
   safe: true,
+  tag: TOOL_TAGS.net,
   permissionLabel: "fetch",
   systemPromptEntry: (i) =>
     `### ${i}. fetch — load a URL\n<fetch>https://example.com</fetch>`,
@@ -45,6 +47,7 @@ export const shellTool: Tool<string> = {
   name: "shell",
   description: "run a terminal command",
   safe: false,
+  tag: TOOL_TAGS.shell,
   permissionLabel: "run",
   systemPromptEntry: (i) =>
     `### ${i}. shell — run a terminal command\n<shell>node -v</shell>`,
@@ -60,6 +63,7 @@ export const readFileTool: Tool<string> = {
   name: "read-file",
   description: "read a file from the repo",
   safe: true,
+  tag: TOOL_TAGS.read,
   permissionLabel: "read",
   systemPromptEntry: (i) =>
     `### ${i}. read-file — read a file from the repo\n<read-file>src/foo.ts</read-file>`,
@@ -74,6 +78,7 @@ export const readFileTool: Tool<string> = {
 export const readFolderTool: Tool<string> = {
   name: "read-folder",
   description: "list contents of a folder (files + subfolders, one level deep)",
+  tag: TOOL_TAGS.read,
   safe: true,
   permissionLabel: "folder",
   systemPromptEntry: (i) =>
@@ -94,6 +99,7 @@ interface GrepInput {
 export const grepTool: Tool<GrepInput> = {
   name: "grep",
   description: "search for a pattern across files in the repo",
+  tag: TOOL_TAGS.find,
   safe: true,
   permissionLabel: "grep",
   systemPromptEntry: (i) =>
@@ -124,6 +130,7 @@ interface WriteFileInput {
 export const writeFileTool: Tool<WriteFileInput> = {
   name: "write-file",
   description: "create or overwrite a file",
+  tag: TOOL_TAGS.write,
   safe: false,
   permissionLabel: "write",
   systemPromptEntry: (i) =>
@@ -147,6 +154,7 @@ export const writeFileTool: Tool<WriteFileInput> = {
 export const deleteFileTool: Tool<string> = {
   name: "delete-file",
   description: "permanently delete a single file",
+  tag: TOOL_TAGS.delete,
   safe: false,
   permissionLabel: "delete",
   systemPromptEntry: (i) =>
@@ -162,6 +170,7 @@ export const deleteFileTool: Tool<string> = {
 export const deleteFolderTool: Tool<string> = {
   name: "delete-folder",
   description: "permanently delete a folder and all its contents",
+  tag: TOOL_TAGS.delete,
   safe: false,
   permissionLabel: "delete folder",
   systemPromptEntry: (i) =>
@@ -177,6 +186,7 @@ export const deleteFolderTool: Tool<string> = {
 export const openUrlTool: Tool<string> = {
   name: "open-url",
   description: "open a URL in the user's default browser",
+  tag: TOOL_TAGS.net,
   safe: true,
   permissionLabel: "open",
   systemPromptEntry: (i) =>
@@ -194,6 +204,7 @@ interface GeneratePdfInput {
 export const generatePdfTool: Tool<GeneratePdfInput> = {
   name: "generate-pdf",
   description: "generate a PDF file from markdown-style content",
+  tag: TOOL_TAGS.write,
   safe: false,
   permissionLabel: "pdf",
   systemPromptEntry: (i) =>
@@ -222,6 +233,7 @@ export const generatePdfTool: Tool<GeneratePdfInput> = {
 
 export const searchTool: Tool<string> = {
   name: "search",
+  tag: TOOL_TAGS.net,
   description: "search the internet for anything you are unsure about",
   safe: true,
   permissionLabel: "search",
@@ -245,6 +257,7 @@ export const searchTool: Tool<string> = {
 export const cloneTool: Tool<string> = {
   name: "clone",
   description: "clone a GitHub repo so you can explore and discuss it",
+  tag: TOOL_TAGS.write,
   safe: false,
   permissionLabel: "clone",
   systemPromptEntry: (i) =>
@@ -265,6 +278,7 @@ export interface ChangesInput {
 export const changesTool: Tool<ChangesInput> = {
   name: "changes",
   description: "propose code edits (shown as a diff for user approval)",
+  tag: TOOL_TAGS.write,
   safe: false,
   permissionLabel: "changes",
   systemPromptEntry: (i) =>
@@ -290,6 +304,7 @@ interface ReadFilesInput {
 export const readFilesTool: Tool<ReadFilesInput> = {
   name: "read-files",
   description: "read multiple files from the repo at once",
+  tag: TOOL_TAGS.read,
   safe: true,
   permissionLabel: "read",
   systemPromptEntry: (i) =>

package/src/utils/tools/registry.ts

@@ -1,4 +1,23 @@
-import type { Tool } from "@ridit/lens-sdk";
+import type { Tool, ToolTag } from "@ridit/lens-sdk";
+import type { Intent } from "../intentClassifier";
+
+/**
+ * Broad capability category for a tool.
+ * Used to filter the system prompt based on classified user intent.
+ *
+ * "read"   — safe, purely observational (read-file, read-folder, grep, etc.)
+ * "net"    — outbound network (fetch, search, clone, open-url)
+ * "write"  — creates or overwrites file content (write-file, changes, generate-pdf)
+ * "delete" — destructive removal (delete-file, delete-folder)
+ * "shell"  — arbitrary shell execution
+ */
+
+/** Tools allowed for each intent level */
+const INTENT_ALLOWED: Record<Intent, ToolTag[]> = {
+  readonly: ["read", "net"],
+  mutating: ["read", "net", "write", "delete", "shell"],
+  any: ["read", "net", "write", "delete", "shell"],
+};
 
 class ToolRegistry {
   private tools = new Map<string, Tool<unknown>>();
@@ -27,17 +46,54 @@ class ToolRegistry {
   }
 
   /**
-   * Build the TOOLS section of the system prompt from all registered tools.
+   * Returns tool names that are allowed for the given intent.
+   * Falls back to all names when a tool has no tag (legacy / addons).
+   */
+  namesForIntent(intent: Intent): string[] {
+    const allowed = new Set(INTENT_ALLOWED[intent]);
+    return Array.from(this.tools.values())
+      .filter((t) => {
+        const tag = (t as any).tag as ToolTag | undefined;
+        // No tag = addon / unknown → always allow (conservative)
+        if (!tag) return true;
+        return allowed.has(tag);
+      })
+      .map((t) => t.name);
+  }
+
+  /**
+   * Build the TOOLS section of the system prompt from all registered tools,
+   * optionally scoped to a specific intent.
+   *
+   * When intent is "readonly", write/delete/shell tools are omitted entirely
+   * so the LLM never sees them and can't hallucinate calls to them.
    */
-  buildSystemPromptSection(): string {
+  buildSystemPromptSection(intent: Intent = "any"): string {
+    const allowed = new Set(INTENT_ALLOWED[intent]);
+
+    const visible = Array.from(this.tools.values()).filter((t) => {
+      const tag = (t as any).tag as ToolTag | undefined;
+      if (!tag) return true; // addon without tag → always show
+      return allowed.has(tag);
+    });
+
     const lines: string[] = ["## TOOLS\n"];
-    lines.push(
-      "You have exactly " +
-        this.tools.size +
-        " tools. To use a tool you MUST wrap it in the exact XML tags shown below — no other format will work.\n",
-    );
+
+    if (intent === "readonly") {
+      lines.push(
+        `You have ${visible.length} tools available for this read-only request. ` +
+          `Do NOT attempt to write, delete, or run shell commands — ` +
+          `those tools are not available right now.\n`,
+      );
+    } else {
+      lines.push(
+        `You have exactly ${visible.length} tools. To use a tool you MUST wrap it ` +
+          `in the exact XML tags shown below — no other format will work.\n`,
+      );
+    }
+
     let i = 1;
-    for (const tool of this.tools.values()) {
+    for (const tool of visible) {
       lines.push(tool.systemPromptEntry(i++));
     }
     return lines.join("\n");