@swarmclawai/swarmclaw 1.2.6 → 1.2.9

package/src/lib/server/sandbox/session-runtime.ts

@@ -236,15 +236,37 @@ export function resolveSandboxWorkdir(params: {
   }
 }
 
-export async function ensureSessionSandbox(params: {
+export function resolveSandboxSessionContext(params: {
   config: AgentSandboxConfig | null | undefined
   session?: Session | null
   agentId?: string | null
   sessionId?: string | null
   workspaceDir: string
-}): Promise<SandboxSessionContext | null> {
+}): SandboxSessionContext | null {
   const status = resolveSandboxRuntimeStatus(params)
   if (!status.sandboxed || !status.config || !status.scopeKey) return null
+
+  return {
+    containerName: `${status.config.containerPrefix}${slugifyScopeKey(status.scopeKey)}`.slice(0, 63),
+    containerWorkdir: status.config.workdir,
+    workspaceDir: params.workspaceDir,
+    workspaceAccess: status.config.workspaceAccess,
+    mode: status.mode,
+    scope: status.scope,
+    scopeKey: status.scopeKey,
+    config: status.config,
+  }
+}
+
+export async function ensureSessionSandbox(params: {
+  config: AgentSandboxConfig | null | undefined
+  session?: Session | null
+  agentId?: string | null
+  sessionId?: string | null
+  workspaceDir: string
+}): Promise<SandboxSessionContext | null> {
+  const context = resolveSandboxSessionContext(params)
+  if (!context) return null
   await maybePruneSandboxes(params.config)
 
   const docker = detectDocker()
@@ -252,17 +274,16 @@ export async function ensureSessionSandbox(params: {
     throw new Error('Sandbox is enabled but Docker is not available. Install Docker Desktop or disable the sandbox in agent settings.')
   }
 
-  const containerName = `${status.config.containerPrefix}${slugifyScopeKey(status.scopeKey)}`.slice(0, 63)
   const configHash = computeSandboxConfigHash({
-    config: status.config,
+    config: context.config,
     workspaceDir: params.workspaceDir,
-    scopeKey: status.scopeKey,
+    scopeKey: context.scopeKey,
   })
 
-  const current = await inspectDockerContainer(containerName)
-  const currentHash = current.exists ? await readDockerLabel(containerName, 'swarmclaw.configHash') : null
+  const current = await inspectDockerContainer(context.containerName)
+  const currentHash = current.exists ? await readDockerLabel(context.containerName, 'swarmclaw.configHash') : null
   if (current.exists && currentHash && currentHash !== configHash) {
-    await execDocker(['rm', '-f', containerName], true)
+    await execDocker(['rm', '-f', context.containerName], true)
   }
 
   const next = current.exists && currentHash === configHash
@@ -271,37 +292,28 @@ export async function ensureSessionSandbox(params: {
 
   if (!next.exists) {
     await execDocker(buildSandboxCreateArgs({
-      containerName,
-      scopeKey: status.scopeKey,
+      containerName: context.containerName,
+      scopeKey: context.scopeKey,
       configHash,
-      config: status.config,
+      config: context.config,
       workspaceDir: params.workspaceDir,
     }))
-    await execDocker(['start', containerName])
-    if (status.config.setupCommand) {
-      await execDocker(['exec', '-i', containerName, '/bin/sh', '-lc', status.config.setupCommand])
+    await execDocker(['start', context.containerName])
+    if (context.config.setupCommand) {
+      await execDocker(['exec', '-i', context.containerName, '/bin/sh', '-lc', context.config.setupCommand])
     }
   } else if (!next.running) {
-    await execDocker(['start', containerName])
+    await execDocker(['start', context.containerName])
   }
 
   await upsertSandboxRegistryEntry({
-    containerName,
-    scopeKey: status.scopeKey,
+    containerName: context.containerName,
+    scopeKey: context.scopeKey,
     createdAtMs: Date.now(),
     lastUsedAtMs: Date.now(),
-    image: status.config.image,
+    image: context.config.image,
     configHash,
   })
 
-  return {
-    containerName,
-    containerWorkdir: status.config.workdir,
-    workspaceDir: params.workspaceDir,
-    workspaceAccess: status.config.workspaceAccess,
-    mode: status.mode,
-    scope: status.scope,
-    scopeKey: status.scopeKey,
-    config: status.config,
-  }
+  return context
 }

package/src/lib/server/session-tools/autonomy-tools.test.ts

@@ -52,14 +52,12 @@ describe('durable wait surface', () => {
   })
 })
 
-describe('sandbox surface', () => {
-  it('sandbox execution functions remain for shell integration', () => {
-    const src = readToolSource('sandbox')
-    assert.equal(src.includes('executeSandboxExec'), true)
-    assert.equal(src.includes('executeListRuntimes'), true)
-    assert.equal(src.includes('executeHostNode'), true)
-    // Extension registration removed — sandbox_exec is now provided by shell
-    assert.equal(src.includes('registerBuiltin'), false)
+describe('execute surface', () => {
+  it('keeps just-bash as the sandboxed execution path with explicit host opt-in', () => {
+    const src = readToolSource('execute')
+    assert.equal(src.includes('just-bash'), true)
+    assert.equal(src.includes('normalizeAgentExecuteConfig'), true)
+    assert.equal(src.includes('persistent=true'), true)
   })
 })
 
@@ -81,7 +79,7 @@ describe('delegation job handles', () => {
 
   it('scheduler and daemon recover the durable autonomy jobs', () => {
     const schedulerSrc = fs.readFileSync(path.join(serverDir, 'runtime', 'scheduler.ts'), 'utf-8')
-    const daemonSrc = fs.readFileSync(path.join(serverDir, 'runtime', 'daemon-state.ts'), 'utf-8')
+    const daemonSrc = fs.readFileSync(path.join(serverDir, 'runtime', 'daemon-state', 'core.ts'), 'utf-8')
     assert.equal(schedulerSrc.includes('processDueWatchJobs'), true)
     assert.equal(daemonSrc.includes('recoverStaleDelegationJobs'), true)
   })

package/src/lib/server/session-tools/context.ts

@@ -190,7 +190,7 @@ export function findBinaryOnPath(binaryName: string): string | null {
   const { spawnSync } = require('child_process')
   const probe = isWindows
     ? spawnSync('where', [binaryName], { encoding: 'utf-8', timeout: 2000, stdio: 'pipe' })
-    : spawnSync('/bin/zsh', ['-lc', `command -v ${binaryName} 2>/dev/null`], { encoding: 'utf-8', timeout: 2000 })
+    : spawnSync(process.env.SHELL || '/bin/bash', ['-lc', `command -v ${binaryName} 2>/dev/null`], { encoding: 'utf-8', timeout: 2000 })
   const resolved = (probe.stdout || '').trim() || null
   binaryLookupCache.set(binaryName, { checkedAt: now, path: resolved })
   return resolved

package/src/lib/server/session-tools/credential-env.ts

@@ -0,0 +1,109 @@
+/**
+ * Credential injection and secret redaction for agent code execution.
+ *
+ * Resolves an agent's configured credentials from the credential store,
+ * returns them as env vars for injection, and provides a redaction function
+ * to scrub secrets from execution output.
+ */
+
+import { loadCredentials, decryptKey } from '../storage'
+import { log } from '../logger'
+import type { Credential } from '@/types'
+
+const TAG = 'credential-env'
+
+export interface CredentialEnv {
+  /** Environment variables to inject (name → decrypted value) */
+  env: Record<string, string>
+  /** Raw secret values for redaction */
+  secrets: string[]
+}
+
+/**
+ * Build credential environment variables for an agent execution.
+ *
+ * Each credential ID in the list is resolved from the credential store,
+ * decrypted, and mapped to an env var name derived from the credential's
+ * provider and name fields.
+ *
+ * Env var naming: `<PROVIDER>_API_KEY` for the primary key, or
+ * `<PROVIDER>_<NAME>` if a name is explicitly set. All uppercased,
+ * non-alphanumeric chars replaced with underscores.
+ */
+export function buildCredentialEnv(credentialIds: string[]): CredentialEnv {
+  if (!credentialIds.length) return { env: {}, secrets: [] }
+
+  const env: Record<string, string> = {}
+  const secrets: string[] = []
+
+  const allCredentials = loadCredentials() as Record<string, Credential & { encrypted?: string }>
+
+  for (const credId of credentialIds) {
+    const cred = allCredentials[credId]
+    if (!cred) {
+      log.warn(TAG, `Credential not found: ${credId}`)
+      continue
+    }
+
+    // Decrypt the stored key
+    const encrypted = cred.encrypted
+    if (!encrypted || typeof encrypted !== 'string') {
+      log.warn(TAG, `Credential has no encrypted value: ${credId}`)
+      continue
+    }
+
+    let value: string
+    try {
+      value = decryptKey(encrypted)
+    } catch (err: unknown) {
+      log.warn(TAG, `Failed to decrypt credential ${credId}`, { error: String(err) })
+      continue
+    }
+
+    // Derive env var name
+    const envVarName = deriveEnvVarName(cred.provider, cred.name)
+    env[envVarName] = value
+    secrets.push(value)
+  }
+
+  return { env, secrets }
+}
+
+/**
+ * Derive an environment variable name from provider and credential name.
+ * e.g., provider="openai", name="default" → "OPENAI_API_KEY"
+ * e.g., provider="custom", name="my-service-token" → "CUSTOM_MY_SERVICE_TOKEN"
+ */
+function deriveEnvVarName(provider: string, name: string): string {
+  const sanitize = (s: string) => s.toUpperCase().replace(/[^A-Z0-9]+/g, '_').replace(/^_|_$/g, '')
+
+  const providerKey = sanitize(provider)
+  const nameKey = sanitize(name)
+
+  // If name is generic (default, primary, key, api-key, etc.), use PROVIDER_API_KEY
+  const genericNames = new Set(['DEFAULT', 'PRIMARY', 'KEY', 'API_KEY', 'APIKEY', ''])
+  if (genericNames.has(nameKey)) {
+    return `${providerKey}_API_KEY`
+  }
+
+  return `${providerKey}_${nameKey}`
+}
+
+/**
+ * Redact secret values from execution output.
+ *
+ * Scans the text for any injected secret values and replaces them
+ * with [REDACTED]. Only redacts secrets longer than 4 characters
+ * to avoid false positives on short strings.
+ */
+export function redactSecrets(text: string, secrets: string[]): string {
+  if (!secrets.length || !text) return text
+
+  let result = text
+  for (const secret of secrets) {
+    if (secret.length > 4) {
+      result = result.replaceAll(secret, '[REDACTED]')
+    }
+  }
+  return result
+}

package/src/lib/server/session-tools/crud.ts

@@ -38,7 +38,6 @@ import {
   deriveTaskTitle,
   prepareTaskCreation,
 } from '@/lib/server/tasks/task-service'
-import { ensureMissionForTask, enrichTaskWithMissionSummary } from '@/lib/server/missions/mission-service'
 import { classifyMessage } from '@/lib/server/chat-execution/message-classifier'
 import {
   buildDelegationTaskProfile,
@@ -48,7 +47,7 @@ import {
 import type { ToolBuildContext } from './context'
 import { normalizeToolInputArgs } from './normalize-tool-args'
 import type { BoardTask } from '@/types'
-import { dedup } from '@/lib/shared-utils'
+import { dedup, errorMessage } from '@/lib/shared-utils'
 import { isDirectConnectorSession } from '../connectors/session-kind'
 import { buildManageSkillsDescription, executeManageSkillsAction } from './skills'
 import { isMainSession } from '@/lib/server/agents/main-agent-loop'
@@ -742,19 +741,6 @@ export function buildCrudTools(bctx: ToolBuildContext): StructuredToolInterface[
 
               res.save(all)
               if (toolKey === 'manage_tasks') {
-                const mission = ensureMissionForTask(entry as BoardTask, {
-                  source: entry.sourceType === 'schedule'
-                    ? 'schedule'
-                    : entry.sourceType === 'delegation'
-                      ? 'delegation'
-                      : 'manual',
-                })
-                if (mission) {
-                  responseEntry = enrichTaskWithMissionSummary({
-                    ...(responseEntry as BoardTask),
-                    missionId: mission.id,
-                  })
-                }
                 if (taskDelegationAdvisory && responseEntry && typeof responseEntry === 'object') {
                   responseEntry = {
                     ...(responseEntry as Record<string, unknown>),
@@ -1149,8 +1135,8 @@ export function buildCrudTools(bctx: ToolBuildContext): StructuredToolInterface[
               return JSON.stringify({ ok: true, taskId: id, claimedByAgentId: ctx?.agentId })
             }
             return `Unknown action "${action}". Valid: list, get, create, update, delete, claim_task`
-          } catch (err: any) {
-            return `Error: ${err.message}`
+          } catch (err: unknown) {
+            return `Error: ${errorMessage(err)}`
           }
         },
         {

package/src/lib/server/session-tools/delegate.ts

@@ -21,7 +21,6 @@ import {
   registerDelegationRuntime,
   startDelegationJob,
 } from '@/lib/server/agents/delegation-jobs'
-import { loadSession } from '@/lib/server/sessions/session-repository'
 import { markProviderFailure, markProviderSuccess } from '../provider-health'
 import { loadRuntimeSettings } from '../runtime/runtime-settings'
 import { getSessionDepth } from '../agents/subagent-runtime'
@@ -463,8 +462,6 @@ async function executeDelegateAction(args: Record<string, unknown>, bctx: Delega
   const jobId = typeof normalized.jobId === 'string' ? normalized.jobId.trim() : ''
   const waitForCompletion = normalized.waitForCompletion !== false && normalized.background !== true
   const parentSessionId = resolveDelegateSessionId(bctx)
-  const parentMissionId = parentSessionId ? loadSession(parentSessionId)?.missionId || null : null
-
   recoverStaleDelegationJobs()
 
   if (action === 'status') {
@@ -505,7 +502,6 @@ async function executeDelegateAction(args: Record<string, unknown>, bctx: Delega
   const job = createDelegationJob({
     kind: 'delegate',
     parentSessionId,
-    parentMissionId,
     backend: requestedBackend,
     task,
     cwd: bctx.cwd || null,

package/src/lib/server/session-tools/edit_file.ts

@@ -1,3 +1,4 @@
+import { errorMessage } from '@/lib/shared-utils'
 import { z } from 'zod'
 import { tool, type StructuredToolInterface } from '@langchain/core/tools'
 import fs from 'fs'
@@ -32,8 +33,8 @@ async function executeEditFile(args: { filePath: string; oldString: string; newS
     const updated = content.replace(oldString, newString)
     fs.writeFileSync(resolved, updated, 'utf-8')
     return `Successfully updated ${filePath} (1 replacement made).`
-  } catch (err: any) {
-    return `Error: ${err.message}`
+  } catch (err: unknown) {
+    return `Error: ${errorMessage(err)}`
   }
 }
 

package/src/lib/server/session-tools/execute.test.ts

@@ -0,0 +1,58 @@
+import { describe, it } from 'node:test'
+import assert from 'node:assert/strict'
+import { redactSecrets, buildCredentialEnv } from './credential-env'
+
+describe('credential-env', () => {
+  describe('redactSecrets', () => {
+    it('redacts secret values from text', () => {
+      const secrets = ['sk-abc123456789']
+      const text = 'Response: Bearer sk-abc123456789 was used'
+      const result = redactSecrets(text, secrets)
+      assert.equal(result, 'Response: Bearer [REDACTED] was used')
+    })
+
+    it('skips secrets shorter than 5 characters', () => {
+      const secrets = ['abc']
+      const text = 'Contains abc value'
+      const result = redactSecrets(text, secrets)
+      assert.equal(result, 'Contains abc value')
+    })
+
+    it('handles empty secrets list', () => {
+      const text = 'No secrets here'
+      const result = redactSecrets(text, [])
+      assert.equal(result, 'No secrets here')
+    })
+
+    it('handles empty text', () => {
+      const result = redactSecrets('', ['secret123'])
+      assert.equal(result, '')
+    })
+
+    it('redacts multiple occurrences', () => {
+      const secrets = ['mytoken12345']
+      const text = 'First: mytoken12345, Second: mytoken12345'
+      const result = redactSecrets(text, secrets)
+      assert.equal(result, 'First: [REDACTED], Second: [REDACTED]')
+    })
+
+    it('redacts multiple different secrets', () => {
+      const secrets = ['secret_one_value', 'secret_two_value']
+      const text = 'Key1=secret_one_value Key2=secret_two_value'
+      const result = redactSecrets(text, secrets)
+      assert.equal(result, 'Key1=[REDACTED] Key2=[REDACTED]')
+    })
+  })
+
+  describe('buildCredentialEnv', () => {
+    it('returns empty env for empty credential list', () => {
+      const result = buildCredentialEnv([])
+      assert.deepEqual(result, { env: {}, secrets: [] })
+    })
+
+    it('handles non-existent credential IDs gracefully', () => {
+      const result = buildCredentialEnv(['nonexistent-id'])
+      assert.deepEqual(result, { env: {}, secrets: [] })
+    })
+  })
+})