@wavexzore/sandbox 0.1.0

package/dist/sandbox/core/read/format.js

@@ -0,0 +1,85 @@
+import { formatBytes } from './binary.js';
+export const DEFAULT_READ_LIMIT = 2000;
+export const MAX_READ_LINES = 2000;
+export const MAX_LINE_LENGTH = 2000;
+export const MAX_TEXT_BYTES = 50 * 1024;
+function clampOffset(offset) {
+    if (!Number.isFinite(offset))
+        return 1;
+    return Math.max(1, Math.floor(offset ?? 1));
+}
+function clampLimit(limit) {
+    if (!Number.isFinite(limit))
+        return DEFAULT_READ_LIMIT;
+    return Math.max(1, Math.min(MAX_READ_LINES, Math.floor(limit ?? DEFAULT_READ_LIMIT)));
+}
+function truncateLine(line) {
+    if (line.length <= MAX_LINE_LENGTH)
+        return line;
+    return `${line.slice(0, MAX_LINE_LENGTH)}… <line truncated>`;
+}
+function numberedLine(lineNumber, line) {
+    return `${String(lineNumber).padStart(6, ' ')} | ${truncateLine(line)}`;
+}
+export function formatTextRead(input) {
+    const normalized = input.content.replace(/\r\n/g, '\n').replace(/\r/g, '\n');
+    const lines = normalized.split('\n');
+    const offset = clampOffset(input.offset);
+    const limit = clampLimit(input.limit);
+    const start = offset - 1;
+    const selected = [];
+    let byteCount = 0;
+    let truncatedByBytes = false;
+    for (let idx = start; idx < Math.min(lines.length, start + limit); idx++) {
+        const rendered = numberedLine(idx + 1, lines[idx]);
+        const nextBytes = Buffer.byteLength(rendered + '\n');
+        if (byteCount + nextBytes > MAX_TEXT_BYTES) {
+            truncatedByBytes = true;
+            break;
+        }
+        selected.push(rendered);
+        byteCount += nextBytes;
+    }
+    const endLine = selected.length ? start + selected.length : start;
+    const hasMore = endLine < lines.length || truncatedByBytes;
+    const suffix = hasMore ? `\n\n<notice>Output truncated. Read with offset ${endLine + 1} to continue.</notice>` : '';
+    return {
+        output: `<path>${input.displayPath}</path>\n<type>file</type>\n<content>\n${selected.join('\n')}\n</content>${suffix}`,
+        metadata: {
+            type: 'file',
+            offset,
+            limit,
+            lineCount: lines.length,
+            returnedLines: selected.length,
+            hasMore,
+            truncatedByBytes,
+        },
+    };
+}
+export function formatDirectoryRead(input) {
+    const offset = clampOffset(input.offset);
+    const limit = clampLimit(input.limit);
+    const entries = input.entries
+        .filter((entry) => entry.name !== '.' && entry.name !== '..')
+        .sort((a, b) => {
+        if (a.isDirectory !== b.isDirectory)
+            return a.isDirectory ? -1 : 1;
+        return a.name.localeCompare(b.name);
+    });
+    const selected = entries.slice(offset - 1, offset - 1 + limit);
+    const lines = selected.map((entry) => `${entry.isDirectory ? entry.name + '/' : entry.name}${entry.isDirectory ? '' : ` (${formatBytes(entry.size)})`}`);
+    const endEntry = offset - 1 + selected.length;
+    const hasMore = endEntry < entries.length;
+    const suffix = hasMore ? `\n\n<notice>Directory output truncated. Read with offset ${endEntry + 1} to continue.</notice>` : '';
+    return {
+        output: `<path>${input.displayPath}</path>\n<type>directory</type>\n<content>\n${lines.join('\n')}\n</content>${suffix}`,
+        metadata: {
+            type: 'directory',
+            offset,
+            limit,
+            entryCount: entries.length,
+            returnedEntries: selected.length,
+            hasMore,
+        },
+    };
+}

package/dist/sandbox/core/read/index.d.ts

@@ -0,0 +1,3 @@
+export * from './binary.js';
+export * from './format.js';
+export * from './permissions.js';

package/dist/sandbox/core/read/index.js

@@ -0,0 +1,3 @@
+export * from './binary.js';
+export * from './format.js';
+export * from './permissions.js';

package/dist/sandbox/core/read/permissions.d.ts

@@ -0,0 +1,7 @@
+import type { ToolContext } from '@opencode-ai/plugin/tool';
+export declare function requestReadPermission(input: {
+    ctx: ToolContext;
+    relativePath: string;
+    hostPath: string;
+    containerPath: string;
+}): Promise<void>;

package/dist/sandbox/core/read/permissions.js

@@ -0,0 +1,13 @@
+export async function requestReadPermission(input) {
+    if (typeof input.ctx.ask !== 'function')
+        return;
+    await input.ctx.ask({
+        permission: 'read',
+        patterns: [input.relativePath],
+        always: ['*'],
+        metadata: {
+            filepath: input.hostPath,
+            containerPath: input.containerPath,
+        },
+    });
+}

package/dist/sandbox/core/session-manager.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Copyright Daytona Platforms Inc.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import type { Sandbox } from './types.js';
+import type { PluginInput } from '@opencode-ai/plugin';
+export declare class SandboxSessionManager {
+    private readonly dataStorage;
+    private sessionSandboxes;
+    private currentProjectId?;
+    readonly repoPath: string;
+    private docker;
+    private _image?;
+    constructor(_apiKey: string, storageDir: string, repoPath: string);
+    setImage(image: string): void;
+    private getImage;
+    private isFullyInitialized;
+    private isPartiallyInitialized;
+    private loadProjectSessions;
+    setProjectContext(projectId: string): void;
+    getBranchNumberForSandbox(projectId: string, sandboxId: string): number | undefined;
+    getSandbox(sessionId: string, projectId: string, worktree: string, pluginCtx?: PluginInput): Promise<Sandbox>;
+    deleteSandbox(sessionId: string, projectId: string): Promise<void>;
+    deleteSandboxSync(sessionId: string, projectId: string): void;
+    private deleteContainerSync;
+    private reconnectSandbox;
+    private createDockerSandbox;
+    private doCreateContainer;
+}

package/dist/sandbox/core/session-manager.js

@@ -0,0 +1,338 @@
+/**
+ * Copyright Daytona Platforms Inc.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+/**
+ * Manages Docker sandbox sessions and persists session-sandbox mappings
+ * Stores data per-project in ~/.local/share/opencode/storage/sandbox/{projectId}.json
+ */
+import Dockerode from 'dockerode';
+import { execSync } from 'child_process';
+import { logger } from './logger.js';
+import { SessionGitManager } from '../git/session-git-manager.js';
+import { LocalSandboxGitManager } from '../git/sandbox-git-manager.js';
+import { ProjectDataStorage } from './project-data-storage.js';
+import { toast } from './toast.js';
+import { DockerSandbox } from './docker-sandbox.js';
+export class SandboxSessionManager {
+    dataStorage;
+    sessionSandboxes;
+    currentProjectId;
+    repoPath;
+    docker;
+    _image;
+    constructor(_apiKey, storageDir, repoPath) {
+        this.dataStorage = new ProjectDataStorage(storageDir);
+        this.repoPath = repoPath;
+        this.sessionSandboxes = new Map();
+        this.docker = new Dockerode({
+            socketPath: process.env.DOCKER_SOCKET || '/var/run/docker.sock',
+        });
+    }
+    setImage(image) {
+        this._image = image;
+    }
+    getImage() {
+        return this._image || process.env.SANDBOX_IMAGE || 'opencode-sandbox:latest';
+    }
+    isFullyInitialized(sandbox) {
+        return sandbox !== undefined && 'process' in sandbox;
+    }
+    isPartiallyInitialized(sandbox) {
+        return sandbox !== undefined && 'id' in sandbox && !('process' in sandbox);
+    }
+    loadProjectSessions(projectId) {
+        const projectData = this.dataStorage.load(projectId);
+        if (projectData) {
+            for (const [sessionId, sessionInfo] of Object.entries(projectData.sessions)) {
+                this.sessionSandboxes.set(sessionId, { id: sessionInfo.sandboxId });
+            }
+            logger.info(`Loaded ${Object.keys(projectData.sessions).length} sessions for project ${projectId}`);
+        }
+    }
+    setProjectContext(projectId) {
+        if (this.currentProjectId !== projectId) {
+            this.currentProjectId = projectId;
+            this.sessionSandboxes.clear();
+            this.loadProjectSessions(projectId);
+        }
+    }
+    getBranchNumberForSandbox(projectId, sandboxId) {
+        return this.dataStorage.getBranchNumberForSandbox(projectId, sandboxId);
+    }
+    async getSandbox(sessionId, projectId, worktree, pluginCtx) {
+        if (pluginCtx?.client?.tui) {
+            toast.initialize(pluginCtx.client.tui);
+        }
+        this.setProjectContext(projectId);
+        const existing = this.sessionSandboxes.get(sessionId);
+        if (this.isFullyInitialized(existing)) {
+            await existing.refreshData();
+            if (existing.state !== 'started') {
+                logger.info(`Starting sandbox ${existing.id} (current state: ${existing.state})`);
+                await existing.start();
+            }
+            this.dataStorage.updateSession(projectId, worktree, sessionId, existing.id);
+            return existing;
+        }
+        if (this.isPartiallyInitialized(existing)) {
+            logger.info(`Reconnecting to existing sandbox: ${existing.id}`);
+            const sandbox = await this.reconnectSandbox(existing.id);
+            if (!sandbox) {
+                logger.warn(`Container ${existing.id} not found, clearing stale record and creating new sandbox`);
+                this.sessionSandboxes.delete(sessionId);
+                this.dataStorage.removeSession(projectId, this.dataStorage.load(projectId)?.worktree || worktree, sessionId);
+                return this.getSandbox(sessionId, projectId, worktree, pluginCtx);
+            }
+            await sandbox.start();
+            this.sessionSandboxes.set(sessionId, sandbox);
+            let branchNumber = this.dataStorage.getBranchNumberForSandbox(projectId, sandbox.id);
+            if (!branchNumber) {
+                try {
+                    branchNumber = SessionGitManager.allocateAndReserveBranchNumber(worktree);
+                }
+                catch {
+                    branchNumber = undefined;
+                }
+            }
+            this.dataStorage.updateSession(projectId, worktree, sessionId, sandbox.id, branchNumber);
+            toast.show({ title: 'Sandbox connected', message: 'Connected to existing sandbox.', variant: 'info' });
+            if (!branchNumber) {
+                try {
+                    await new LocalSandboxGitManager(sandbox, this.repoPath).ensureDirectory();
+                }
+                catch (err) {
+                    logger.warn(`Failed to ensure sandbox project directory exists: ${err}`);
+                }
+            }
+            return sandbox;
+        }
+        if (!existing) {
+            const migrated = this.dataStorage.getSession(projectId, worktree, sessionId);
+            if (migrated?.sandboxId) {
+                logger.info(`Recovered session ${sessionId} for project ${projectId}`);
+                this.sessionSandboxes.set(sessionId, { id: migrated.sandboxId });
+                return this.getSandbox(sessionId, projectId, worktree, pluginCtx);
+            }
+        }
+        logger.info(`Creating new sandbox for session: ${sessionId} in project: ${projectId}`);
+        const createStart = Date.now();
+        const waitingLog = setTimeout(() => {
+            logger.warn(`Docker create still waiting after ${Date.now() - createStart}ms (sessionId=${sessionId})`);
+        }, 15_000);
+        const sandbox = await this.createDockerSandbox(sessionId, worktree).finally(() => clearTimeout(waitingLog));
+        logger.info(`Docker create done sessionId=${sessionId} sandboxId=${sandbox.id} in ${Date.now() - createStart}ms`);
+        this.sessionSandboxes.set(sessionId, sandbox);
+        let branchNumber = this.dataStorage.getBranchNumberForSandbox(projectId, sandbox.id);
+        if (!branchNumber) {
+            try {
+                branchNumber = SessionGitManager.allocateAndReserveBranchNumber(worktree);
+            }
+            catch (err) {
+                logger.warn(`allocateAndReserveBranchNumber failed sessionId=${sessionId}: ${err}`);
+                branchNumber = undefined;
+            }
+        }
+        this.dataStorage.updateSession(projectId, worktree, sessionId, sandbox.id, branchNumber);
+        logger.info(`Sandbox created successfully: ${sandbox.id}${branchNumber ? ` with branch number ${branchNumber}` : ''}`);
+        try {
+            if (branchNumber) {
+                const sessionGit = new SessionGitManager(sandbox, this.repoPath, worktree, branchNumber);
+                await sessionGit.initializeAndSync(pluginCtx);
+            }
+            else {
+                await new LocalSandboxGitManager(sandbox, this.repoPath).ensureDirectory();
+            }
+        }
+        catch (err) {
+            logger.error(`Failed to initialize git repo in sandbox: ${err}`);
+            toast.show({
+                title: 'Git error',
+                message: err?.message || 'Failed to initialize git repo in sandbox.',
+                variant: 'error',
+            });
+        }
+        toast.show({ title: 'Sandbox created', message: 'Created new sandbox for session.', variant: 'success' });
+        return sandbox;
+    }
+    async deleteSandbox(sessionId, projectId) {
+        let sandbox = this.sessionSandboxes.get(sessionId);
+        let sandboxId;
+        if (!sandbox || this.isPartiallyInitialized(sandbox)) {
+            const storedWorktree = this.dataStorage.load(projectId)?.worktree ?? '';
+            const sessionInfo = this.dataStorage.getSession(projectId, storedWorktree, sessionId);
+            if (sessionInfo?.sandboxId) {
+                sandboxId = sessionInfo.sandboxId;
+                try {
+                    const reconnected = await this.reconnectSandbox(sessionInfo.sandboxId);
+                    if (reconnected) {
+                        sandbox = reconnected;
+                        this.sessionSandboxes.set(sessionId, sandbox);
+                    }
+                    else {
+                        logger.warn(`Container ${sessionInfo.sandboxId} no longer exists during delete, clearing stale record`);
+                        const projectData = this.dataStorage.load(projectId);
+                        if (projectData) {
+                            this.dataStorage.removeSession(projectId, projectData.worktree, sessionId);
+                        }
+                        return;
+                    }
+                }
+                catch (err) {
+                    logger.error(`Failed to reconnect to sandbox ${sessionInfo.sandboxId}: ${err}`);
+                    sandboxId = sessionInfo.sandboxId;
+                }
+            }
+        }
+        if (this.isFullyInitialized(sandbox)) {
+            logger.info(`Removing sandbox for session: ${sessionId}`);
+            try {
+                await sandbox.delete();
+            }
+            catch (err) {
+                if (sandbox.id) {
+                    logger.warn(`Async delete failed, falling back to sync: ${err}`);
+                    this.deleteContainerSync(sandbox.id);
+                }
+            }
+            this.sessionSandboxes.delete(sessionId);
+            const projectData = this.dataStorage.load(projectId);
+            if (projectData) {
+                this.dataStorage.removeSession(projectId, projectData.worktree, sessionId);
+            }
+            logger.info('Sandbox deleted successfully.');
+        }
+        else if (sandboxId) {
+            logger.info(`Removing sandbox by ID for session: ${sessionId} (container: ${sandboxId})`);
+            this.deleteContainerSync(sandboxId);
+            const projectData = this.dataStorage.load(projectId);
+            if (projectData) {
+                this.dataStorage.removeSession(projectId, projectData.worktree, sessionId);
+            }
+        }
+        else {
+            logger.warn(`No sandbox found for session: ${sessionId}`);
+        }
+    }
+    deleteSandboxSync(sessionId, projectId) {
+        logger.info(`deleteSandboxSync called for session=${sessionId} project=${projectId}`);
+        const sandbox = this.sessionSandboxes.get(sessionId);
+        if (this.isFullyInitialized(sandbox)) {
+            this.deleteContainerSync(sandbox.id);
+            this.sessionSandboxes.delete(sessionId);
+            const projectData = this.dataStorage.load(projectId);
+            if (projectData) {
+                this.dataStorage.removeSession(projectId, projectData.worktree, sessionId);
+            }
+            logger.info(`deleteSandboxSync done: removed sandbox ${sandbox.id} for session ${sessionId}`);
+            return;
+        }
+        const storedWorktree = this.dataStorage.load(projectId)?.worktree ?? '';
+        const sessionInfo = this.dataStorage.getSession(projectId, storedWorktree, sessionId);
+        if (sessionInfo?.sandboxId) {
+            this.deleteContainerSync(sessionInfo.sandboxId);
+            this.sessionSandboxes.delete(sessionId);
+            this.dataStorage.removeSession(projectId, storedWorktree, sessionId);
+            logger.info(`deleteSandboxSync done: removed container ${sessionInfo.sandboxId} for session ${sessionId}`);
+            return;
+        }
+        logger.warn(`deleteSandboxSync: no sandbox found for session=${sessionId}`);
+    }
+    deleteContainerSync(containerId) {
+        try {
+            execSync(`docker rm -f ${containerId}`, { stdio: 'pipe', timeout: 10000 });
+            logger.info(`Sync deleted container: ${containerId}`);
+        }
+        catch (err) {
+            logger.warn(`Sync delete failed for ${containerId}: ${err}`);
+        }
+    }
+    async reconnectSandbox(sandboxId) {
+        const container = this.docker.getContainer(sandboxId);
+        try {
+            await container.inspect();
+            return new DockerSandbox(this.docker, container, this.repoPath);
+        }
+        catch (err) {
+            if (err?.statusCode === 404) {
+                logger.warn(`Container ${sandboxId} no longer exists, will create a new one`);
+                return null;
+            }
+            throw err;
+        }
+    }
+    async createDockerSandbox(sessionId, worktree) {
+        const image = this.getImage();
+        const memory = parseInt(process.env.SANDBOX_MEMORY || '2147483648', 10);
+        const cpuQuota = parseInt(process.env.SANDBOX_CPU_QUOTA || '100000', 10);
+        let container;
+        try {
+            container = await this.doCreateContainer(sessionId, image, worktree, memory, cpuQuota);
+        }
+        catch (err) {
+            if (err?.statusCode === 404 || err?.json?.message?.includes('No such image')) {
+                logger.info(`Image "${image}" not found locally, pulling...`);
+                toast.show({ title: 'Pulling image', message: `Downloading ${image}...`, variant: 'info' });
+                await new Promise((resolve, reject) => {
+                    this.docker.pull(image, (pullErr, stream) => {
+                        if (pullErr)
+                            return reject(pullErr);
+                        this.docker.modem.followProgress(stream, (followErr) => {
+                            if (followErr)
+                                return reject(followErr);
+                            resolve();
+                        });
+                    });
+                });
+                logger.info(`Image "${image}" pulled successfully`);
+                container = await this.doCreateContainer(sessionId, image, worktree, memory, cpuQuota);
+            }
+            else {
+                throw err;
+            }
+        }
+        await container.start();
+        return new DockerSandbox(this.docker, container, this.repoPath);
+    }
+    async doCreateContainer(sessionId, image, worktree, memory, cpuQuota) {
+        const platform = process.platform;
+        const mountOpts = platform === 'darwin' ? ':cached' : '';
+        const binds = [`${worktree}:${this.repoPath}${mountOpts}`];
+        const defaultUser = typeof process.getuid === 'function'
+            ? `${process.getuid()}:${process.getgid()}`
+            : '1000:1000';
+        const hostConfig = {
+            Binds: binds,
+            Memory: memory,
+            CpuQuota: cpuQuota,
+            NetworkMode: process.env.SANDBOX_NETWORK || 'bridge',
+            AutoRemove: false,
+            PortBindings: parsePortBindings(process.env.SANDBOX_PORTS || ''),
+            CapDrop: ['ALL'],
+            SecurityOpt: ['no-new-privileges'],
+            Init: true,
+            PidsLimit: 256,
+        };
+        return this.docker.createContainer({
+            Image: image,
+            User: process.env.SANDBOX_USER || defaultUser,
+            HostConfig: hostConfig,
+            WorkingDir: this.repoPath,
+            Tty: true,
+            OpenStdin: true,
+            Labels: { 'opencode.session': sessionId },
+        });
+    }
+}
+function parsePortBindings(portsStr) {
+    if (!portsStr)
+        return {};
+    const result = {};
+    for (const pair of portsStr.split(',')) {
+        const [host, container] = pair.split(':');
+        if (host && container) {
+            result[`${container}/tcp`] = [{ HostPort: host }];
+        }
+    }
+    return result;
+}

package/dist/sandbox/core/shell/config.d.ts

@@ -0,0 +1,7 @@
+export type ShellToolConfig = {
+    defaultTimeoutMs: number;
+    maxOutputBytes: number;
+    maxOutputLines: number;
+    allowWorkdirOutsideProject: boolean;
+};
+export declare function loadShellToolConfig(worktree: string): ShellToolConfig;

package/dist/sandbox/core/shell/config.js

@@ -0,0 +1,82 @@
+import { existsSync, readFileSync } from 'fs';
+import path from 'path';
+import { DEFAULT_SHELL_MAX_OUTPUT_BYTES, DEFAULT_SHELL_MAX_OUTPUT_LINES, DEFAULT_SHELL_TIMEOUT_MS } from './output.js';
+const DEFAULT_CONFIG = {
+    defaultTimeoutMs: DEFAULT_SHELL_TIMEOUT_MS,
+    maxOutputBytes: DEFAULT_SHELL_MAX_OUTPUT_BYTES,
+    maxOutputLines: DEFAULT_SHELL_MAX_OUTPUT_LINES,
+    allowWorkdirOutsideProject: false,
+};
+export function loadShellToolConfig(worktree) {
+    const raw = readJsonFile(path.join(worktree, '.opencode', 'sandbox.json'));
+    if (!raw || !isRecord(raw.shell))
+        return { ...DEFAULT_CONFIG };
+    return {
+        defaultTimeoutMs: parsePositiveInteger(raw.shell.defaultTimeoutMs, DEFAULT_CONFIG.defaultTimeoutMs),
+        maxOutputBytes: parsePositiveInteger(raw.shell.maxOutputBytes, DEFAULT_CONFIG.maxOutputBytes),
+        maxOutputLines: parsePositiveInteger(raw.shell.maxOutputLines, DEFAULT_CONFIG.maxOutputLines),
+        allowWorkdirOutsideProject: parseBoolean(raw.shell.allowWorkdirOutsideProject, DEFAULT_CONFIG.allowWorkdirOutsideProject),
+    };
+}
+function parsePositiveInteger(value, fallback) {
+    if (typeof value !== 'number' || !Number.isInteger(value) || value <= 0)
+        return fallback;
+    return value;
+}
+function parseBoolean(value, fallback) {
+    return typeof value === 'boolean' ? value : fallback;
+}
+function isRecord(value) {
+    return Boolean(value) && typeof value === 'object' && !Array.isArray(value);
+}
+function readJsonFile(filePath) {
+    if (!existsSync(filePath))
+        return undefined;
+    try {
+        return JSON.parse(stripJsonComments(readFileSync(filePath, 'utf8')));
+    }
+    catch {
+        return undefined;
+    }
+}
+function stripJsonComments(input) {
+    let output = '';
+    let inString = false;
+    let stringQuote = '';
+    let escaped = false;
+    for (let i = 0; i < input.length; i++) {
+        const char = input[i];
+        const next = input[i + 1];
+        if (inString) {
+            output += char;
+            if (escaped)
+                escaped = false;
+            else if (char === '\\')
+                escaped = true;
+            else if (char === stringQuote)
+                inString = false;
+            continue;
+        }
+        if (char === '"' || char === "'") {
+            inString = true;
+            stringQuote = char;
+            output += char;
+            continue;
+        }
+        if (char === '/' && next === '/') {
+            while (i < input.length && input[i] !== '\n')
+                i++;
+            output += '\n';
+            continue;
+        }
+        if (char === '/' && next === '*') {
+            i += 2;
+            while (i < input.length && !(input[i] === '*' && input[i + 1] === '/'))
+                i++;
+            i++;
+            continue;
+        }
+        output += char;
+    }
+    return output.replace(/,\s*([}\]])/g, '$1');
+}

package/dist/sandbox/core/shell/output.d.ts

@@ -0,0 +1,35 @@
+export declare const DEFAULT_SHELL_TIMEOUT_MS = 120000;
+export declare const DEFAULT_SHELL_MAX_OUTPUT_BYTES = 200000;
+export declare const DEFAULT_SHELL_MAX_OUTPUT_LINES = 2000;
+export declare const DEFAULT_SHELL_METADATA_BYTES = 30000;
+export declare function previewOutput(output: string, maxBytes?: number): string;
+export declare function tailBytes(value: string, maxBytes: number): string;
+export declare function truncateShellOutput(value: string, limits: {
+    maxBytes: number;
+    maxLines: number;
+}): {
+    output: string;
+    truncated: boolean;
+    bytes: number;
+    lines: number;
+};
+export declare function formatShellOutput(input: {
+    stdout: string;
+    stderr: string;
+    exitCode: number | null;
+    durationMs: number;
+    timedOut?: boolean;
+    aborted?: boolean;
+    truncated?: boolean;
+    outputPath?: string;
+    stdoutBytes?: number;
+    stderrBytes?: number;
+    stdoutLines?: number;
+    stderrLines?: number;
+}): string;
+export declare function writeHostShellOutput(input: {
+    sessionId: string;
+    cmdId: string;
+    stdout: string;
+    stderr: string;
+}): string;