@vm0/cli 9.59.3 → 9.59.5

package/index.js

@@ -45,7 +45,7 @@ if (DSN) {
   Sentry.init({
     dsn: DSN,
     environment: process.env.SENTRY_ENVIRONMENT ?? "production",
-    release: "9.59.3",
+    release: "9.59.5",
     sendDefaultPii: false,
     tracesSampleRate: 0,
     shutdownTimeout: 500,
@@ -64,7 +64,7 @@ if (DSN) {
     }
   });
   Sentry.setContext("cli", {
-    version: "9.59.3",
+    version: "9.59.5",
     command: process.argv.slice(2).join(" ")
   });
   Sentry.setContext("runtime", {
@@ -673,7 +673,7 @@ function getConfigPath() {
   return join2(homedir2(), ".vm0", "config.json");
 }
 var infoCommand = new Command6().name("info").description("Display environment and debug information").action(async () => {
-  console.log(chalk4.bold(`VM0 CLI v${"9.59.3"}`));
+  console.log(chalk4.bold(`VM0 CLI v${"9.59.5"}`));
   console.log();
   const config = await loadConfig();
   const hasEnvToken = !!process.env.VM0_TOKEN;
@@ -785,18 +785,6 @@ import { z as z4 } from "zod";
 // ../../packages/core/src/contracts/runners.ts
 import { z as z3 } from "zod";
 var c = initContract();
-var firewallRuleSchema = z3.object({
-  domain: z3.string().optional(),
-  ip: z3.string().optional(),
-  /** Terminal rule - value is the action (ALLOW or DENY) */
-  final: z3.enum(["ALLOW", "DENY"]).optional(),
-  /** Action for domain/ip rules */
-  action: z3.enum(["ALLOW", "DENY"]).optional()
-});
-var experimentalFirewallSchema = z3.object({
-  enabled: z3.boolean(),
-  rules: z3.array(firewallRuleSchema).optional()
-});
 var runnerGroupSchema = z3.string().regex(
   /^[a-z0-9-]+\/[a-z0-9-]+$/,
   "Runner group must be in org/name format (e.g., acme/production)"
@@ -874,7 +862,6 @@ var storedExecutionContextSchema = z3.object({
   // Maps secret names to OAuth connector types for runtime token refresh (e.g. { "GMAIL_ACCESS_TOKEN": "gmail" })
   secretConnectorMap: z3.record(z3.string(), z3.string()).nullable().optional(),
   cliAgentType: z3.string(),
-  experimentalFirewall: experimentalFirewallSchema.optional(),
   // Debug flag to force real Claude in mock environments (internal use only)
   debugNoMockClaude: z3.boolean().optional(),
   // Dispatch timestamp for E2E timing metrics
@@ -907,8 +894,6 @@ var executionContextSchema = z3.object({
   // Maps secret names to OAuth connector types for runtime token refresh
   secretConnectorMap: z3.record(z3.string(), z3.string()).nullable().optional(),
   cliAgentType: z3.string(),
-  // Experimental firewall configuration
-  experimentalFirewall: experimentalFirewallSchema.optional(),
   // Debug flag to force real Claude in mock environments (internal use only)
   debugNoMockClaude: z3.boolean().optional(),
   // Dispatch timestamp for E2E timing metrics
@@ -954,6 +939,20 @@ var composeVersionQuerySchema = z4.string().min(1, "Missing version query parame
   "Version must be 8-64 hex characters or 'latest'"
 );
 var AGENT_NAME_REGEX = /^[a-zA-Z0-9][a-zA-Z0-9-]{1,62}[a-zA-Z0-9]$/;
+var VALID_CAPABILITIES = [
+  "volume:read",
+  "volume:write",
+  "artifact:read",
+  "artifact:write",
+  "memory:read",
+  "memory:write",
+  "agent:read",
+  "agent:write",
+  "agent-run:read",
+  "agent-run:write",
+  "schedule:read",
+  "schedule:write"
+];
 var agentNameSchema = z4.string().min(3, "Agent name must be at least 3 characters").max(64, "Agent name must be 64 characters or less").regex(
   AGENT_NAME_REGEX,
   "Agent name must start and end with letter or number, and contain only letters, numbers, and hyphens"
@@ -992,12 +991,6 @@ var agentDefinitionSchema = z4.object({
       "Runner group must be in org/name format (e.g., acme/production)"
     )
   }).optional(),
-  /**
-   * Experimental firewall configuration for network egress control.
-   * Requires experimental_runner to be configured.
-   * When enabled, filters outbound traffic by domain/IP rules.
-   */
-  experimental_firewall: experimentalFirewallSchema.optional(),
   /**
    * External services for proxy-side token replacement.
    * CLI input: map format { slack: { permissions: [...] | "all" } }
@@ -1009,6 +1002,13 @@ var agentDefinitionSchema = z4.object({
       permissions: z4.union([z4.literal("all"), z4.array(z4.string()).min(1)])
     })
   ).optional(),
+  /**
+   * Capabilities that the agent is allowed to use.
+   * Validated against VALID_CAPABILITIES at compose time.
+   */
+  experimental_capabilities: z4.array(z4.enum(VALID_CAPABILITIES)).refine((arr) => new Set(arr).size === arr.length, {
+    message: "Duplicate capabilities are not allowed"
+  }).optional(),
   /**
    * Agent metadata for display and personalization.
    * - displayName: Human-readable name shown in the UI (preserves original casing).
@@ -6451,7 +6451,7 @@ var computerConnectorContract = c18.router({
 
 // ../../packages/core/src/contracts/services.ts
 function bearerAuth(secretName) {
-  return { headers: { Authorization: `Bearer \${secrets.${secretName}}` } };
+  return { headers: { Authorization: `Bearer \${{ secrets.${secretName} }}` } };
 }
 var FULL_ACCESS_PERMISSION = {
   name: "full-access",
@@ -6620,7 +6620,7 @@ var SERVICE_CONFIGS = {
     apis: [
       api("https://api.notion.com/v1", {
         headers: {
-          Authorization: "Bearer ${secrets.NOTION_TOKEN}",
+          Authorization: "Bearer ${{ secrets.NOTION_TOKEN }}",
           "Notion-Version": "2022-06-28"
         }
       })
@@ -6672,14 +6672,14 @@ var SERVICE_CONFIGS = {
   hume: {
     apis: [
       api("https://api.hume.ai", {
-        headers: { "X-Hume-Api-Key": "${secrets.HUME_TOKEN}" }
+        headers: { "X-Hume-Api-Key": "${{ secrets.HUME_TOKEN }}" }
       })
     ]
   },
   heygen: {
     apis: [
       api("https://api.heygen.com", {
-        headers: { "x-api-key": "${secrets.HEYGEN_TOKEN}" }
+        headers: { "x-api-key": "${{ secrets.HEYGEN_TOKEN }}" }
       })
     ]
   },
@@ -6724,12 +6724,12 @@ var SERVICE_CONFIGS = {
     apis: [
       api("https://api.jotform.com", {
         headers: {
-          APIKEY: "${secrets.JOTFORM_TOKEN}"
+          APIKEY: "${{ secrets.JOTFORM_TOKEN }}"
         }
       }),
       api("https://eu-api.jotform.com", {
         headers: {
-          APIKEY: "${secrets.JOTFORM_TOKEN}"
+          APIKEY: "${{ secrets.JOTFORM_TOKEN }}"
         }
       })
     ]
@@ -6741,22 +6741,22 @@ var SERVICE_CONFIGS = {
     apis: [
       api("https://eu1.make.com/api/v2", {
         headers: {
-          Authorization: "Token ${secrets.MAKE_TOKEN}"
+          Authorization: "Token ${{ secrets.MAKE_TOKEN }}"
         }
       }),
       api("https://eu2.make.com/api/v2", {
         headers: {
-          Authorization: "Token ${secrets.MAKE_TOKEN}"
+          Authorization: "Token ${{ secrets.MAKE_TOKEN }}"
         }
       }),
       api("https://us1.make.com/api/v2", {
         headers: {
-          Authorization: "Token ${secrets.MAKE_TOKEN}"
+          Authorization: "Token ${{ secrets.MAKE_TOKEN }}"
         }
       }),
       api("https://us2.make.com/api/v2", {
         headers: {
-          Authorization: "Token ${secrets.MAKE_TOKEN}"
+          Authorization: "Token ${{ secrets.MAKE_TOKEN }}"
         }
       })
     ]
@@ -6765,7 +6765,7 @@ var SERVICE_CONFIGS = {
     apis: [
       api("https://api.metabase.com", {
         headers: {
-          "x-api-key": "${secrets.METABASE_TOKEN}"
+          "x-api-key": "${{ secrets.METABASE_TOKEN }}"
         }
       })
     ]
@@ -6861,7 +6861,7 @@ var SERVICE_CONFIGS = {
   similarweb: {
     apis: [
       api("https://api.similarweb.com", {
-        headers: { "api-key": "${secrets.SIMILARWEB_API_KEY}" }
+        headers: { "api-key": "${{ secrets.SIMILARWEB_API_KEY }}" }
       })
     ]
   },
@@ -6892,14 +6892,14 @@ var SERVICE_CONFIGS = {
   pdf4me: {
     apis: [
       api("https://api.pdf4me.com", {
-        headers: { Authorization: "${secrets.PDF4ME_TOKEN}" }
+        headers: { Authorization: "${{ secrets.PDF4ME_TOKEN }}" }
       })
     ]
   },
   pdfco: {
     apis: [
       api("https://api.pdf.co/v1", {
-        headers: { "x-api-key": "${secrets.PDFCO_TOKEN}" }
+        headers: { "x-api-key": "${{ secrets.PDFCO_TOKEN }}" }
       })
     ]
   },
@@ -6912,7 +6912,7 @@ var SERVICE_CONFIGS = {
   browserbase: {
     apis: [
       api("https://api.browserbase.com/v1", {
-        headers: { "X-BB-API-Key": "${secrets.BROWSERBASE_TOKEN}" }
+        headers: { "X-BB-API-Key": "${{ secrets.BROWSERBASE_TOKEN }}" }
       })
     ]
   },
@@ -6924,7 +6924,7 @@ var SERVICE_CONFIGS = {
   explorium: {
     apis: [
       api("https://api.explorium.ai", {
-        headers: { api_key: "${secrets.EXPLORIUM_TOKEN}" }
+        headers: { api_key: "${{ secrets.EXPLORIUM_TOKEN }}" }
       })
     ]
   },
@@ -6934,21 +6934,21 @@ var SERVICE_CONFIGS = {
   scrapeninja: {
     apis: [
       api("https://scrapeninja.p.rapidapi.com", {
-        headers: { "X-RapidAPI-Key": "${secrets.SCRAPENINJA_TOKEN}" }
+        headers: { "X-RapidAPI-Key": "${{ secrets.SCRAPENINJA_TOKEN }}" }
       })
     ]
   },
   elevenlabs: {
     apis: [
       api("https://api.elevenlabs.io", {
-        headers: { "xi-api-key": "${secrets.ELEVENLABS_TOKEN}" }
+        headers: { "xi-api-key": "${{ secrets.ELEVENLABS_TOKEN }}" }
       })
     ]
   },
   devto: {
     apis: [
       api("https://dev.to/api", {
-        headers: { "api-key": "${secrets.DEVTO_TOKEN}" }
+        headers: { "api-key": "${{ secrets.DEVTO_TOKEN }}" }
       })
     ]
   },
@@ -6964,7 +6964,7 @@ var SERVICE_CONFIGS = {
   qdrant: {
     apis: [
       api("https://cloud.qdrant.io", {
-        headers: { "api-key": "${secrets.QDRANT_TOKEN}" }
+        headers: { "api-key": "${{ secrets.QDRANT_TOKEN }}" }
       })
     ]
   },
@@ -6980,7 +6980,7 @@ var SERVICE_CONFIGS = {
     apis: [
       api("https://api.zeptomail.com/v1.1", {
         headers: {
-          Authorization: "Zoho-enczapikey ${secrets.ZEPTOMAIL_TOKEN}"
+          Authorization: "Zoho-enczapikey ${{ secrets.ZEPTOMAIL_TOKEN }}"
         }
       })
     ]
@@ -6991,14 +6991,14 @@ var SERVICE_CONFIGS = {
   shortio: {
     apis: [
       api("https://api.short.io", {
-        headers: { Authorization: "${secrets.SHORTIO_TOKEN}" }
+        headers: { Authorization: "${{ secrets.SHORTIO_TOKEN }}" }
       })
     ]
   },
   supadata: {
     apis: [
       api("https://api.supadata.ai/v1", {
-        headers: { "x-api-key": "${secrets.SUPADATA_TOKEN}" }
+        headers: { "x-api-key": "${{ secrets.SUPADATA_TOKEN }}" }
       })
     ]
   },
@@ -7008,7 +7008,7 @@ var SERVICE_CONFIGS = {
   tldv: {
     apis: [
       api("https://pasta.tldv.io", {
-        headers: { "x-api-key": "${secrets.TLDV_TOKEN}" }
+        headers: { "x-api-key": "${{ secrets.TLDV_TOKEN }}" }
       })
     ]
   },
@@ -8901,24 +8901,42 @@ import * as path2 from "path";
 import * as fs from "fs/promises";
 import * as path from "path";
 import * as os2 from "os";
-import { exec } from "child_process";
+import { execFile } from "child_process";
 import { promisify } from "util";
-var execAsync = promisify(exec);
+var execFileAsync = promisify(execFile);
+function sanitizeGitArg(value, label) {
+  if (!/^[a-zA-Z0-9._/\-@]+$/.test(value)) {
+    throw new Error(
+      `Invalid ${label}: contains disallowed characters. Only alphanumeric, dash, underscore, dot, slash, and @ are permitted.`
+    );
+  }
+  if (value.startsWith("-")) {
+    throw new Error(`Invalid ${label}: must not start with a dash`);
+  }
+  return value;
+}
 async function downloadGitHubSkill(parsed, destDir) {
-  const repoUrl = `https://github.com/${parsed.owner}/${parsed.repo}.git`;
+  const owner = sanitizeGitArg(parsed.owner, "repository owner");
+  const repo = sanitizeGitArg(parsed.repo, "repository name");
+  const branch = sanitizeGitArg(parsed.branch, "branch name");
+  const repoUrl = `https://github.com/${owner}/${repo}.git`;
   const skillDir = path.join(destDir, parsed.skillName);
   const tempDir = await fs.mkdtemp(path.join(os2.tmpdir(), "vm0-skill-"));
   try {
-    await execAsync(`git init`, { cwd: tempDir });
-    await execAsync(`git remote add origin "${repoUrl}"`, { cwd: tempDir });
-    await execAsync(`git config core.sparseCheckout true`, { cwd: tempDir });
+    await execFileAsync("git", ["init"], { cwd: tempDir });
+    await execFileAsync("git", ["remote", "add", "origin", repoUrl], {
+      cwd: tempDir
+    });
+    await execFileAsync("git", ["config", "core.sparseCheckout", "true"], {
+      cwd: tempDir
+    });
     const sparsePattern = parsed.path || "/*";
     const sparseFile = path.join(tempDir, ".git", "info", "sparse-checkout");
     await fs.writeFile(sparseFile, sparsePattern + "\n");
-    await execAsync(`git fetch --depth 1 origin "${parsed.branch}"`, {
+    await execFileAsync("git", ["fetch", "--depth", "1", "origin", branch], {
       cwd: tempDir
     });
-    await execAsync(`git checkout "${parsed.branch}"`, { cwd: tempDir });
+    await execFileAsync("git", ["checkout", branch], { cwd: tempDir });
     await fs.mkdir(path.dirname(skillDir), { recursive: true });
     if (parsed.path) {
       const fetchedPath = path.join(tempDir, parsed.path);
@@ -8937,11 +8955,16 @@ async function downloadGitHubSkill(parsed, destDir) {
   }
 }
 async function getDefaultBranch(owner, repo) {
-  const repoUrl = `https://github.com/${owner}/${repo}.git`;
+  const safeOwner = sanitizeGitArg(owner, "repository owner");
+  const safeRepo = sanitizeGitArg(repo, "repository name");
+  const repoUrl = `https://github.com/${safeOwner}/${safeRepo}.git`;
   try {
-    const { stdout } = await execAsync(
-      `git ls-remote --symref "${repoUrl}" HEAD`
-    );
+    const { stdout } = await execFileAsync("git", [
+      "ls-remote",
+      "--symref",
+      repoUrl,
+      "HEAD"
+    ]);
     const match = stdout.match(/ref: refs\/heads\/([^\s]+)/);
     if (!match) {
       throw new Error(
@@ -8969,25 +8992,34 @@ async function downloadGitHubDirectory(url) {
       `Invalid GitHub URL: ${url}. Expected format: https://github.com/{owner}/{repo}[/tree/{branch}[/path]]`
     );
   }
-  const repoUrl = `https://github.com/${parsed.owner}/${parsed.repo}.git`;
+  const safeOwner = sanitizeGitArg(parsed.owner, "repository owner");
+  const safeRepo = sanitizeGitArg(parsed.repo, "repository name");
+  const repoUrl = `https://github.com/${safeOwner}/${safeRepo}.git`;
   const tempDir = await fs.mkdtemp(path.join(os2.tmpdir(), "vm0-github-"));
   try {
     try {
-      await execAsync("git --version");
+      await execFileAsync("git", ["--version"]);
     } catch {
       throw new Error(
         "git command not found. Please install git to use GitHub URLs."
       );
     }
-    const branch = parsed.branch ?? await getDefaultBranch(parsed.owner, parsed.repo);
-    await execAsync(`git init`, { cwd: tempDir });
-    await execAsync(`git remote add origin "${repoUrl}"`, { cwd: tempDir });
-    await execAsync(`git config core.sparseCheckout true`, { cwd: tempDir });
+    const branch = sanitizeGitArg(
+      parsed.branch ?? await getDefaultBranch(safeOwner, safeRepo),
+      "branch name"
+    );
+    await execFileAsync("git", ["init"], { cwd: tempDir });
+    await execFileAsync("git", ["remote", "add", "origin", repoUrl], {
+      cwd: tempDir
+    });
+    await execFileAsync("git", ["config", "core.sparseCheckout", "true"], {
+      cwd: tempDir
+    });
     const sparsePattern = parsed.path ?? "/*";
     const sparseFile = path.join(tempDir, ".git", "info", "sparse-checkout");
     await fs.writeFile(sparseFile, sparsePattern + "\n");
     try {
-      await execAsync(`git fetch --depth 1 origin "${branch}"`, {
+      await execFileAsync("git", ["fetch", "--depth", "1", "origin", branch], {
         cwd: tempDir
       });
     } catch (error) {
@@ -9000,7 +9032,7 @@ async function downloadGitHubDirectory(url) {
       }
       throw error;
     }
-    await execAsync(`git checkout "${branch}"`, { cwd: tempDir });
+    await execFileAsync("git", ["checkout", branch], { cwd: tempDir });
     const downloadedDir = parsed.path ? path.join(tempDir, parsed.path) : tempDir;
     return {
       dir: downloadedDir,
@@ -9913,7 +9945,7 @@ var composeCommand = new Command7().name("compose").description("Create or updat
         options.autoUpdate = false;
       }
       if (options.autoUpdate !== false) {
-        await startSilentUpgrade("9.59.3");
+        await startSilentUpgrade("9.59.5");
       }
       try {
         let result;
@@ -11087,7 +11119,7 @@ var mainRunCommand = new Command8().name("run").description("Run an agent").argu
   withErrorHandler(
     async (identifier, prompt, options) => {
       if (options.autoUpdate !== false) {
-        await startSilentUpgrade("9.59.3");
+        await startSilentUpgrade("9.59.5");
       }
       const { org, name, version } = parseIdentifier(identifier);
       if (org && !options.experimentalSharedAgent) {
@@ -12774,7 +12806,7 @@ var cookAction = new Command34().name("cook").description("Quick start: prepare,
   withErrorHandler(
     async (prompt, options) => {
       if (options.autoUpdate !== false) {
-        const shouldExit = await checkAndUpgrade("9.59.3", prompt);
+        const shouldExit = await checkAndUpgrade("9.59.5", prompt);
         if (shouldExit) {
           process.exit(0);
         }
@@ -18125,13 +18157,13 @@ var upgradeCommand = new Command90().name("upgrade").description("Upgrade vm0 CL
     if (latestVersion === null) {
       throw new Error("Could not check for updates. Please try again later.");
     }
-    if (latestVersion === "9.59.3") {
-      console.log(chalk84.green(`\u2713 Already up to date (${"9.59.3"})`));
+    if (latestVersion === "9.59.5") {
+      console.log(chalk84.green(`\u2713 Already up to date (${"9.59.5"})`));
       return;
     }
     console.log(
       chalk84.yellow(
-        `Current version: ${"9.59.3"} -> Latest version: ${latestVersion}`
+        `Current version: ${"9.59.5"} -> Latest version: ${latestVersion}`
       )
     );
     console.log();
@@ -18158,7 +18190,7 @@ var upgradeCommand = new Command90().name("upgrade").description("Upgrade vm0 CL
     const success = await performUpgrade(packageManager);
     if (success) {
       console.log(
-        chalk84.green(`\u2713 Upgraded from ${"9.59.3"} to ${latestVersion}`)
+        chalk84.green(`\u2713 Upgraded from ${"9.59.5"} to ${latestVersion}`)
       );
       return;
     }
@@ -18172,7 +18204,7 @@ var upgradeCommand = new Command90().name("upgrade").description("Upgrade vm0 CL
 
 // src/index.ts
 var program = new Command91();
-program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.59.3");
+program.name("vm0").description("VM0 CLI - Build and run agents with natural language").version("9.59.5");
 program.addCommand(authCommand);
 program.addCommand(infoCommand);
 program.addCommand(composeCommand);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vm0/cli",
-  "version": "9.59.3",
+  "version": "9.59.5",
   "description": "CLI application",
   "repository": {
     "type": "git",