@tpmjs/registry-execute 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +65 -0
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -90,10 +90,75 @@ export TPMJS_API_URL=https://registry.mycompany.com
|
|
|
90
90
|
export TPMJS_EXECUTOR_URL=https://executor.mycompany.com
|
|
91
91
|
```
|
|
92
92
|
|
|
93
|
+
## Passing API Keys to Tools
|
|
94
|
+
|
|
95
|
+
Many tools require API keys to function (e.g., web scraping tools need a Firecrawl key, search tools need an Exa key). The recommended approach is to wrap `registryExecuteTool` with your pre-configured keys.
|
|
96
|
+
|
|
97
|
+
### Recommended: Create a Wrapper
|
|
98
|
+
|
|
99
|
+
```typescript
|
|
100
|
+
import { tool } from 'ai';
|
|
101
|
+
import { registryExecuteTool } from '@tpmjs/registry-execute';
|
|
102
|
+
|
|
103
|
+
// Pre-configure your API keys
|
|
104
|
+
const API_KEYS: Record<string, string> = {
|
|
105
|
+
FIRECRAWL_API_KEY: process.env.FIRECRAWL_API_KEY!,
|
|
106
|
+
EXA_API_KEY: process.env.EXA_API_KEY!,
|
|
107
|
+
};
|
|
108
|
+
|
|
109
|
+
// Create a wrapped version that auto-injects keys
|
|
110
|
+
export const registryExecute = tool({
|
|
111
|
+
description: registryExecuteTool.description,
|
|
112
|
+
parameters: registryExecuteTool.parameters,
|
|
113
|
+
execute: async ({ toolId, params }) => {
|
|
114
|
+
return registryExecuteTool.execute({ toolId, params, env: API_KEYS });
|
|
115
|
+
},
|
|
116
|
+
});
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
Now use the wrapped tool in your agent:
|
|
120
|
+
|
|
121
|
+
```typescript
|
|
122
|
+
import { streamText } from 'ai';
|
|
123
|
+
import { anthropic } from '@ai-sdk/anthropic';
|
|
124
|
+
import { registrySearchTool } from '@tpmjs/registry-search';
|
|
125
|
+
import { registryExecute } from './tools'; // Your wrapped version
|
|
126
|
+
|
|
127
|
+
const result = streamText({
|
|
128
|
+
model: anthropic('claude-sonnet-4-20250514'),
|
|
129
|
+
tools: {
|
|
130
|
+
registrySearch: registrySearchTool,
|
|
131
|
+
registryExecute, // Keys are auto-injected
|
|
132
|
+
},
|
|
133
|
+
system: `You have access to the TPMJS tool registry.
|
|
134
|
+
Use registrySearch to find tools, then registryExecute to run them.`,
|
|
135
|
+
prompt: 'Scrape https://example.com and summarize the content',
|
|
136
|
+
});
|
|
137
|
+
```
|
|
138
|
+
|
|
139
|
+
### How It Works
|
|
140
|
+
|
|
141
|
+
1. **Search returns required keys**: When you search for a tool, the response includes `requiredEnvVars`:
|
|
142
|
+
```json
|
|
143
|
+
{
|
|
144
|
+
"toolId": "@firecrawl/ai-sdk::scrapeTool",
|
|
145
|
+
"requiredEnvVars": ["FIRECRAWL_API_KEY"]
|
|
146
|
+
}
|
|
147
|
+
```
|
|
148
|
+
|
|
149
|
+
2. **Your wrapper injects keys**: The wrapped tool automatically passes your configured keys to the executor.
|
|
150
|
+
|
|
151
|
+
3. **Keys are injected into sandbox**: The executor injects these as environment variables in the isolated Deno runtime where the tool runs.
|
|
152
|
+
|
|
153
|
+
### Tools Without Required Keys
|
|
154
|
+
|
|
155
|
+
Some tools don't require any API keys (like `@tpmjs/createblogpost`). They work with or without the wrapper.
|
|
156
|
+
|
|
93
157
|
## Security
|
|
94
158
|
|
|
95
159
|
- All tools run in a sandboxed Deno environment on Railway
|
|
96
160
|
- API keys are passed per-request, never stored
|
|
161
|
+
- Keys are isolated to the specific tool execution
|
|
97
162
|
- Only registered tools can be executed (no arbitrary code)
|
|
98
163
|
|
|
99
164
|
## Related
|