agent-reader 1.0.0 → 1.1.0

package/src/mcp/server.js

@@ -2,12 +2,12 @@ import path from 'node:path';
 import { promises as fs } from 'node:fs';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
 import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
-import * as z from 'zod/v4';
 import { renderMarkdown } from '../core/renderer.js';
-import { exportDOCX, exportPDF } from '../core/exporter.js';
+import { exportDOCX, exportPDF, resolveSandboxMode } from '../core/exporter.js';
 import { createSlideshow } from '../core/slideshow.js';
 import { openTarget } from '../core/opener.js';
 import { createOutputDir } from '../utils/output.js';
+import { MCP_TOOL_SCHEMAS } from './toolSchemas.js';
 import {
   getPreferencesPath,
   loadPreferences,
@@ -16,6 +16,7 @@ import {
 } from '../utils/preferences.js';
 
 const MAX_CONTENT_BYTES = 50 * 1024 * 1024;
+const MCP_SANDBOX_MODE = resolveSandboxMode(process.env.AGENT_READER_SANDBOX, process.env);
 
 function getBaseDirFromSourcePath(sourcePath) {
   if (!sourcePath) {
@@ -71,21 +72,12 @@ async function saveHtmlResult(html, outputDir, name = 'output') {
 
 const server = new McpServer({
   name: 'agent-reader',
-  version: '0.2.0',
+  version: '1.1.0',
 });
 
 server.registerTool(
   'render_markdown',
-  {
-    description: 'Render markdown text into styled HTML',
-    inputSchema: {
-      content: z.string().describe('Markdown source content'),
-      source_path: z.string().optional().describe('Source markdown path for relative images'),
-      theme: z.string().optional().describe('Theme name'),
-      auto_open: z.boolean().optional().describe('Open output automatically (ignored in MCP)'),
-      return_content: z.boolean().optional().describe('Return inline HTML content directly'),
-    },
-  },
+  MCP_TOOL_SCHEMAS.render_markdown,
   async ({ content, source_path, theme, return_content }) => {
     try {
       const baseDir = getBaseDirFromSourcePath(source_path);
@@ -142,15 +134,7 @@ server.registerTool(
 
 server.registerTool(
   'export_document',
-  {
-    description: 'Export markdown text into PDF or DOCX',
-    inputSchema: {
-      content: z.string().describe('Markdown source content'),
-      source_path: z.string().optional().describe('Source markdown path for relative images'),
-      format: z.enum(['pdf', 'docx']).describe('Export format'),
-      return_content: z.boolean().optional().describe('Return file bytes as base64'),
-    },
-  },
+  MCP_TOOL_SCHEMAS.export_document,
   async ({ content, source_path, format, return_content }) => {
     try {
       const baseDir = getBaseDirFromSourcePath(source_path);
@@ -174,6 +158,7 @@ server.registerTool(
           outDir: outputDir,
           fileName: 'export.pdf',
           htmlPath,
+          sandbox: MCP_SANDBOX_MODE,
         });
         filePath = pdf.pdfPath;
         warnings = [...warnings, ...rendered.warnings, ...pdf.warnings];
@@ -223,15 +208,7 @@ server.registerTool(
 
 server.registerTool(
   'create_slideshow',
-  {
-    description: 'Create slideshow HTML from an image directory',
-    inputSchema: {
-      image_dir: z.string().describe('Absolute or relative image directory path'),
-      auto_play: z.number().optional().describe('Autoplay interval in seconds'),
-      auto_open: z.boolean().optional().describe('Open output automatically (ignored in MCP)'),
-      return_content: z.boolean().optional().describe('Return inline HTML content directly'),
-    },
-  },
+  MCP_TOOL_SCHEMAS.create_slideshow,
   async ({ image_dir, auto_play, return_content }) => {
     try {
       const outputDir = await createOutputDir('create-slideshow');
@@ -278,16 +255,7 @@ server.registerTool(
 
 server.registerTool(
   'open_file',
-  {
-    description: 'Open a local file/path using user preference or explicit mode: web/word/pdf/ppt',
-    inputSchema: {
-      file_path: z.string().describe('File path or image directory path'),
-      open_as: z.string().optional().describe('auto|web|word|pdf|ppt'),
-      theme: z.string().optional().describe('theme for web rendering'),
-      auto_play: z.number().optional().describe('auto play seconds for ppt mode'),
-      return_content: z.boolean().optional().describe('return generated content directly'),
-    },
-  },
+  MCP_TOOL_SCHEMAS.open_file,
   async ({ file_path, open_as, theme, auto_play, return_content }) => {
     try {
       const preferences = await loadPreferences();
@@ -299,6 +267,7 @@ server.registerTool(
         autoPlay: auto_play,
         returnContent: Boolean(return_content),
         maxContentBytes: MAX_CONTENT_BYTES,
+        sandbox: MCP_SANDBOX_MODE,
       });
 
       const payload = {
@@ -319,13 +288,7 @@ server.registerTool(
 
 server.registerTool(
   'configure_user_preferences',
-  {
-    description: 'Set default open behavior for novice users',
-    inputSchema: {
-      default_open_mode: z.string().optional().describe('web|word|pdf|ppt'),
-      default_theme: z.string().optional().describe('default web theme'),
-    },
-  },
+  MCP_TOOL_SCHEMAS.configure_user_preferences,
   async ({ default_open_mode, default_theme }) => {
     try {
       const updates = {};
@@ -352,10 +315,7 @@ server.registerTool(
 
 server.registerTool(
   'get_user_preferences',
-  {
-    description: 'Read current user preferences for open behavior',
-    inputSchema: {},
-  },
+  MCP_TOOL_SCHEMAS.get_user_preferences,
   async () => {
     try {
       const preferences = await loadPreferences();

package/src/mcp/toolSchemas.js

@@ -0,0 +1,53 @@
+import * as z from 'zod/v4';
+
+export const MCP_TOOL_SCHEMAS = {
+  render_markdown: {
+    description: 'Render markdown text into styled HTML',
+    inputSchema: {
+      content: z.string().describe('Markdown source content'),
+      source_path: z.string().optional().describe('Source markdown path for relative images'),
+      theme: z.string().optional().describe('Theme name'),
+      auto_open: z.boolean().optional().describe('Open output automatically (ignored in MCP)'),
+      return_content: z.boolean().optional().describe('Return inline HTML content directly'),
+    },
+  },
+  export_document: {
+    description: 'Export markdown text into PDF or DOCX',
+    inputSchema: {
+      content: z.string().describe('Markdown source content'),
+      source_path: z.string().optional().describe('Source markdown path for relative images'),
+      format: z.enum(['pdf', 'docx']).describe('Export format'),
+      return_content: z.boolean().optional().describe('Return file bytes as base64'),
+    },
+  },
+  create_slideshow: {
+    description: 'Create slideshow HTML from an image directory',
+    inputSchema: {
+      image_dir: z.string().describe('Absolute or relative image directory path'),
+      auto_play: z.number().optional().describe('Autoplay interval in seconds'),
+      auto_open: z.boolean().optional().describe('Open output automatically (ignored in MCP)'),
+      return_content: z.boolean().optional().describe('Return inline HTML content directly'),
+    },
+  },
+  open_file: {
+    description: 'Open a local file/path using user preference or explicit mode: web/word/pdf/ppt',
+    inputSchema: {
+      file_path: z.string().describe('File path or image directory path'),
+      open_as: z.string().optional().describe('auto|web|word|pdf|ppt'),
+      theme: z.string().optional().describe('theme for web rendering'),
+      auto_play: z.number().optional().describe('auto play seconds for ppt mode'),
+      return_content: z.boolean().optional().describe('return generated content directly'),
+    },
+  },
+  configure_user_preferences: {
+    description: 'Set default open behavior for novice users',
+    inputSchema: {
+      default_open_mode: z.string().optional().describe('web|word|pdf|ppt'),
+      default_theme: z.string().optional().describe('default web theme'),
+    },
+  },
+  get_user_preferences: {
+    description: 'Read current user preferences for open behavior',
+    inputSchema: {},
+  },
+};

package/src/utils/pathGuard.js

@@ -0,0 +1,62 @@
+import { promises as fs } from 'node:fs';
+import path from 'node:path';
+
+async function resolveWithNearestParent(targetPath) {
+  const absoluteTarget = path.resolve(targetPath);
+  try {
+    const realTarget = await fs.realpath(absoluteTarget);
+    return { ok: true, realTarget };
+  } catch (error) {
+    if (error?.code !== 'ENOENT') {
+      return { ok: false };
+    }
+  }
+
+  const missingSegments = [];
+  let cursor = absoluteTarget;
+
+  while (true) {
+    const parent = path.dirname(cursor);
+    if (parent === cursor) {
+      return { ok: false };
+    }
+    missingSegments.push(path.basename(cursor));
+    cursor = parent;
+
+    try {
+      const realParent = await fs.realpath(cursor);
+      return {
+        ok: true,
+        realTarget: path.join(realParent, ...missingSegments.reverse()),
+      };
+    } catch (error) {
+      if (error?.code !== 'ENOENT') {
+        return { ok: false };
+      }
+    }
+  }
+}
+
+export async function assertWithinBase(targetPath, baseDir) {
+  if (!baseDir) {
+    return false;
+  }
+
+  let realBase;
+  try {
+    realBase = await fs.realpath(path.resolve(baseDir));
+  } catch {
+    return false;
+  }
+
+  const resolved = await resolveWithNearestParent(targetPath);
+  if (!resolved.ok) {
+    return false;
+  }
+
+  const relative = path.relative(realBase, resolved.realTarget);
+  if (!relative) {
+    return true;
+  }
+  return !relative.startsWith('..') && !path.isAbsolute(relative);
+}

package/src/utils/server.js

@@ -2,7 +2,7 @@ import http from 'node:http';
 import net from 'node:net';
 import { promises as fs } from 'node:fs';
 import path from 'node:path';
-import { exportDOCXFromHTML, exportPDF } from '../core/exporter.js';
+import { exportDOCXFromHTML, exportPDF, resolveSandboxMode } from '../core/exporter.js';
 
 const MIME_TYPES = {
   '.html': 'text/html; charset=utf-8',
@@ -94,7 +94,7 @@ async function resolveExportSourcePath(req, rootDir, sourceParam) {
   throw createHttpError(400, 'missing source path');
 }
 
-async function handleExportRequest(req, res, rootDir, urlObject) {
+async function handleExportRequest(req, res, rootDir, urlObject, sandbox) {
   if (req.method !== 'GET') {
     sendJson(res, 405, { error: 'method not allowed' });
     return;
@@ -131,6 +131,7 @@ async function handleExportRequest(req, res, rootDir, urlObject) {
         fileName: `${sourceName}.pdf`,
         htmlPath: sourcePath,
         landscape: isLandscape,
+        sandbox,
       });
       outputPath = result.pdfPath;
       warnings = result.warnings || [];
@@ -140,6 +141,7 @@ async function handleExportRequest(req, res, rootDir, urlObject) {
         baseDir: sourceDir,
         outDir: sourceDir,
         fileName: `${sourceName}.docx`,
+        sandbox,
       });
       outputPath = result.docxPath;
       warnings = result.warnings || [];
@@ -190,14 +192,18 @@ async function isPortInUse(host, port) {
   });
 }
 
-export async function startStaticServer(rootDir, { host = '127.0.0.1', port = 3000 } = {}) {
+export async function startStaticServer(
+  rootDir,
+  { host = '127.0.0.1', port = 3000, sandbox } = {},
+) {
   const absoluteRoot = path.resolve(rootDir);
+  const resolvedSandbox = resolveSandboxMode(sandbox, process.env);
 
   const server = http.createServer(async (req, res) => {
     const urlObject = new URL(req.url || '/', `http://${host}:${port}`);
     try {
       if (urlObject.pathname === '/api/export') {
-        await handleExportRequest(req, res, absoluteRoot, urlObject);
+        await handleExportRequest(req, res, absoluteRoot, urlObject, resolvedSandbox);
         return;
       }
 

package/src/core/themes/print.css

@@ -1,54 +0,0 @@
-:root {
-  color-scheme: light;
-}
-
-html,
-body {
-  margin: 0;
-  padding: 0;
-  color: #111;
-  background: #fff;
-  font-family: "Noto Serif SC", "Songti SC", "SimSun", Georgia, serif;
-}
-
-.page {
-  max-width: 100%;
-  margin: 0;
-  padding: 0;
-}
-
-.markdown-body {
-  border: none;
-  border-radius: 0;
-  padding: 0;
-  box-shadow: none;
-}
-
-.markdown-body pre,
-.markdown-body code {
-  background: #f5f5f5;
-  color: #1f2937;
-}
-
-@media print {
-  #sidebar,
-  .doc-toolbar {
-    display: none !important;
-  }
-
-  body {
-    display: block !important;
-    height: auto !important;
-    overflow: visible !important;
-  }
-
-  #content-wrapper {
-    padding: 0 !important;
-    overflow: visible !important;
-  }
-
-  .doc-inner {
-    max-width: none !important;
-    padding: 0 !important;
-  }
-}