npm - @rnbsolucoes/axion-code - Versions diffs - 0.1.21 → 0.1.23 - Mend

@rnbsolucoes/axion-code 0.1.21 → 0.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md +22 -15
package/npm/releases/linux-x64/axion-code +0 -0
package/npm/releases/win32-x64/axion-code.exe +0 -0
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -292,14 +292,16 @@ provider as a follow-up `tool_result` continuation turn, so the agent can use
 the evidence before answering. Unsupported tools remain explicitly pending until
 a dedicated adapter exists.
-`axion tool run` exposes the first guarded dispatcher surface. The CLI and TUI
-currently support `Read`, `Glob`, `Grep`, `Write` and `Edit` inside the active
-workspace. Provider tool aliases such as `read_file` and `write_file` are
-normalized to the native tool names before approval/execution. When the active
-permission mode requires approval, execution is allowed only if the supplied
-approval is already approved and matches the exact redacted tool request.
-Shell, MCP, browser, process and unknown tools remain unsupported even when an
-approval exists.
+`axion tool run` exposes the guarded dispatcher surface. The CLI and TUI
+currently support workspace-local `Read`, `Glob`, `Grep`, `Write` and `Edit`,
+governed `Shell`/`Bash`/`PowerShell` commands that run from a workspace
+directory with timeout and bounded output, and enabled stdio MCP tools named as
+`mcp__<server-id>__<tool-name>`. Provider tool aliases such as `read_file`,
+`write_file` and `run_command` are normalized to native tool names before
+approval/execution. When the active permission mode requires approval, execution
+is allowed only if the supplied approval is already approved and matches the
+exact redacted tool request. Remote MCP transports, browser, process and
+unknown tools remain unsupported even when an approval exists.
 Examples:
@@ -312,19 +314,23 @@ axion permission approvals --session smoke --decision pending --json
 axion permission resolve <approval-id> --deny --reason "not needed" --json
 axion tool run Read "{\"path\":\"README.md\"}" --mode full_permission --json
 axion tool run Write "{\"path\":\"notes/out.txt\",\"content\":\"approved\"}" --session smoke --turn turn-1 --approval <approval-id> --mode request_permission --json
+axion tool run Shell "{\"command\":\"echo axion-shell\"}" --session smoke --turn turn-1 --approval <approval-id> --mode request_permission --json
+axion tool run mcp__dotcontext__list_context "{\"query\":\"PREVC\"}" --mode full_permission --json
 ```
 Security invariants:
 - `Full permission` skips only read and non-destructive write tiers.
 - package install, network download/egress, destructive commands, process
-  control, paid generation, browser actions, mutating MCP tools and unknown
-  tools still require approval under `Full permission`.
+  control, shell commands, paid generation, browser actions, mutating MCP tools
+  and unknown tools still require approval under `Full permission`.
 - `YOLO` is the only mode that bypasses every class, and remains explicit user
   opt-in.
 - unknown native tools are default-deny until they are classified.
 - MCP tools are mutating by default; only read-shaped names such as `find_*`,
   `get_*`, `list_*`, `search_*` and `*_overview` are downgraded to read-only.
+  The dispatcher validates that enabled stdio MCP servers advertise the target
+  tool through `tools/list` before calling `tools/call`.
 Provider menu actions:
@@ -362,10 +368,11 @@ This is a functional direction MVP, not the full harness:
 - terminal logo uses Sixel when available and falls back to width-bounded ANSI/block rendering;
 - initial chat splash shows the Axion logo and system name until the first interaction;
 - guarded dispatcher execution is limited to workspace-local `Read`, `Glob`,
-  `Grep`, `Write` and `Edit`; the TUI executes these after approval and shows
-  the result, then feeds successful supported results back into the provider as
-  an iterative `tool_result` continuation turn;
-- shell, MCP, browser, process and unknown tools remain blocked;
+  `Grep`, `Write` and `Edit`, governed workspace-scoped shell commands and
+  enabled stdio MCP tools;
+  the TUI executes these after approval and shows the result, then feeds
+  successful supported results back into the provider as an iterative
+  `tool_result` continuation turn;
+- remote MCP transports, browser, process and unknown tools remain blocked;
 - no executable Pi RPC bridge yet;
-- no MCP transport execution yet;
 - native subagent execution is prompt-isolated and provider/model-inherited; richer multi-subagent orchestration, streaming and budget telemetry remain next-cycle items.

package/npm/releases/linux-x64/axion-code CHANGED Viewed

Binary file

package/npm/releases/win32-x64/axion-code.exe CHANGED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@rnbsolucoes/axion-code",
-  "version": "0.1.21",
+  "version": "0.1.23",
   "description": "Axion Code CLI harness for the Axion ecosystem.",
   "type": "module",
   "repository": {