airlock-bot 0.2.18 → 0.2.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +162 -24
- package/dist/allowlist/engine.d.ts.map +1 -1
- package/dist/allowlist/engine.js +13 -7
- package/dist/allowlist/engine.js.map +1 -1
- package/dist/allowlist/pattern.d.ts +14 -0
- package/dist/allowlist/pattern.d.ts.map +1 -1
- package/dist/allowlist/pattern.js +33 -5
- package/dist/allowlist/pattern.js.map +1 -1
- package/dist/backend/cli/adapter.d.ts.map +1 -1
- package/dist/backend/cli/adapter.js +7 -1
- package/dist/backend/cli/adapter.js.map +1 -1
- package/dist/backend/exec-adapter.d.ts.map +1 -1
- package/dist/backend/exec-adapter.js +2 -1
- package/dist/backend/exec-adapter.js.map +1 -1
- package/dist/backend/factory.d.ts.map +1 -1
- package/dist/backend/factory.js +3 -2
- package/dist/backend/factory.js.map +1 -1
- package/dist/backend/mcp-adapter.d.ts +7 -1
- package/dist/backend/mcp-adapter.d.ts.map +1 -1
- package/dist/backend/mcp-adapter.js +49 -1
- package/dist/backend/mcp-adapter.js.map +1 -1
- package/dist/config/loader.d.ts.map +1 -1
- package/dist/config/loader.js +23 -0
- package/dist/config/loader.js.map +1 -1
- package/dist/config/schema.d.ts +1518 -16
- package/dist/config/schema.d.ts.map +1 -1
- package/dist/config/schema.js +151 -3
- package/dist/config/schema.js.map +1 -1
- package/dist/gateway.d.ts.map +1 -1
- package/dist/gateway.js +8 -0
- package/dist/gateway.js.map +1 -1
- package/dist/hitl/engine.d.ts +2 -0
- package/dist/hitl/engine.d.ts.map +1 -1
- package/dist/hitl/engine.js +2 -0
- package/dist/hitl/engine.js.map +1 -1
- package/dist/hitl/formatter.d.ts.map +1 -1
- package/dist/hitl/formatter.js +17 -1
- package/dist/hitl/formatter.js.map +1 -1
- package/dist/hitl/providers/tui.d.ts.map +1 -1
- package/dist/hitl/providers/tui.js +4 -0
- package/dist/hitl/providers/tui.js.map +1 -1
- package/dist/hitl/providers/types.d.ts +2 -0
- package/dist/hitl/providers/types.d.ts.map +1 -1
- package/dist/hook/api.d.ts +14 -0
- package/dist/hook/api.d.ts.map +1 -0
- package/dist/hook/api.js +74 -0
- package/dist/hook/api.js.map +1 -0
- package/dist/hook/normalizer.d.ts +26 -0
- package/dist/hook/normalizer.d.ts.map +1 -0
- package/dist/hook/normalizer.js +84 -0
- package/dist/hook/normalizer.js.map +1 -0
- package/dist/middleware/chain-builder.d.ts.map +1 -1
- package/dist/middleware/chain-builder.js +3 -1
- package/dist/middleware/chain-builder.js.map +1 -1
- package/dist/middleware/core/execute.d.ts.map +1 -1
- package/dist/middleware/core/execute.js +9 -3
- package/dist/middleware/core/execute.js.map +1 -1
- package/dist/middleware/core/hitl-gate.d.ts.map +1 -1
- package/dist/middleware/core/hitl-gate.js +16 -3
- package/dist/middleware/core/hitl-gate.js.map +1 -1
- package/dist/middleware/core/sandbox.d.ts +3 -0
- package/dist/middleware/core/sandbox.d.ts.map +1 -0
- package/dist/middleware/core/sandbox.js +15 -0
- package/dist/middleware/core/sandbox.js.map +1 -0
- package/dist/registry/registry.d.ts +1 -1
- package/dist/registry/registry.d.ts.map +1 -1
- package/dist/registry/registry.js +36 -18
- package/dist/registry/registry.js.map +1 -1
- package/dist/sandbox/index.d.ts +39 -0
- package/dist/sandbox/index.d.ts.map +1 -0
- package/dist/sandbox/index.js +147 -0
- package/dist/sandbox/index.js.map +1 -0
- package/dist/tools/exec.d.ts +2 -1
- package/dist/tools/exec.d.ts.map +1 -1
- package/dist/tools/exec.js +5 -2
- package/dist/tools/exec.js.map +1 -1
- package/dist/types.d.ts +1 -0
- package/dist/types.d.ts.map +1 -1
- package/examples/gateway.yaml +30 -0
- package/examples/sandbox-presets.yaml +142 -0
- package/package.json +7 -1
- package/schema.json +293 -3
package/dist/config/schema.d.ts
CHANGED
|
@@ -97,15 +97,304 @@ export type ProviderConfig = z.infer<typeof ProviderConfig>;
|
|
|
97
97
|
export declare function getMcpConfigs(providers: Record<string, ProviderConfig>): Record<string, McpServerConfig>;
|
|
98
98
|
/** Extract the set of builtin provider names (e.g. "exec", "http") */
|
|
99
99
|
export declare function getBuiltinProviders(providers: Record<string, ProviderConfig>): Set<string>;
|
|
100
|
+
export declare const SandboxFilesystemConfig: z.ZodObject<{
|
|
101
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
102
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
103
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
104
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
105
|
+
}, "strip", z.ZodTypeAny, {
|
|
106
|
+
allow_write: string[];
|
|
107
|
+
deny_read: string[];
|
|
108
|
+
deny_write: string[];
|
|
109
|
+
allow_read?: string[] | undefined;
|
|
110
|
+
}, {
|
|
111
|
+
allow_write?: string[] | undefined;
|
|
112
|
+
deny_read?: string[] | undefined;
|
|
113
|
+
deny_write?: string[] | undefined;
|
|
114
|
+
allow_read?: string[] | undefined;
|
|
115
|
+
}>;
|
|
116
|
+
export type SandboxFilesystemConfig = z.infer<typeof SandboxFilesystemConfig>;
|
|
117
|
+
export declare const SandboxNetworkConfig: z.ZodObject<{
|
|
118
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
119
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
120
|
+
}, "strip", z.ZodTypeAny, {
|
|
121
|
+
allowed_domains: string[];
|
|
122
|
+
denied_domains: string[];
|
|
123
|
+
}, {
|
|
124
|
+
allowed_domains?: string[] | undefined;
|
|
125
|
+
denied_domains?: string[] | undefined;
|
|
126
|
+
}>;
|
|
127
|
+
export type SandboxNetworkConfig = z.infer<typeof SandboxNetworkConfig>;
|
|
128
|
+
export declare const SandboxOverrideConfig: z.ZodObject<{
|
|
129
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
130
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
131
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
132
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
133
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
134
|
+
}, "strip", z.ZodTypeAny, {
|
|
135
|
+
allow_write: string[];
|
|
136
|
+
deny_read: string[];
|
|
137
|
+
deny_write: string[];
|
|
138
|
+
allow_read?: string[] | undefined;
|
|
139
|
+
}, {
|
|
140
|
+
allow_write?: string[] | undefined;
|
|
141
|
+
deny_read?: string[] | undefined;
|
|
142
|
+
deny_write?: string[] | undefined;
|
|
143
|
+
allow_read?: string[] | undefined;
|
|
144
|
+
}>>;
|
|
145
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
146
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
147
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
148
|
+
}, "strip", z.ZodTypeAny, {
|
|
149
|
+
allowed_domains: string[];
|
|
150
|
+
denied_domains: string[];
|
|
151
|
+
}, {
|
|
152
|
+
allowed_domains?: string[] | undefined;
|
|
153
|
+
denied_domains?: string[] | undefined;
|
|
154
|
+
}>>;
|
|
155
|
+
}, "strip", z.ZodTypeAny, {
|
|
156
|
+
filesystem?: {
|
|
157
|
+
allow_write: string[];
|
|
158
|
+
deny_read: string[];
|
|
159
|
+
deny_write: string[];
|
|
160
|
+
allow_read?: string[] | undefined;
|
|
161
|
+
} | undefined;
|
|
162
|
+
network?: {
|
|
163
|
+
allowed_domains: string[];
|
|
164
|
+
denied_domains: string[];
|
|
165
|
+
} | undefined;
|
|
166
|
+
}, {
|
|
167
|
+
filesystem?: {
|
|
168
|
+
allow_write?: string[] | undefined;
|
|
169
|
+
deny_read?: string[] | undefined;
|
|
170
|
+
deny_write?: string[] | undefined;
|
|
171
|
+
allow_read?: string[] | undefined;
|
|
172
|
+
} | undefined;
|
|
173
|
+
network?: {
|
|
174
|
+
allowed_domains?: string[] | undefined;
|
|
175
|
+
denied_domains?: string[] | undefined;
|
|
176
|
+
} | undefined;
|
|
177
|
+
}>;
|
|
178
|
+
export type SandboxOverrideConfig = z.infer<typeof SandboxOverrideConfig>;
|
|
179
|
+
export declare const SandboxPresetRef: z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>;
|
|
180
|
+
export type SandboxPresetRef = z.infer<typeof SandboxPresetRef>;
|
|
181
|
+
export declare const SandboxConfig: z.ZodObject<{
|
|
182
|
+
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
183
|
+
presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
184
|
+
filesystem: z.ZodDefault<z.ZodObject<{
|
|
185
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
186
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
187
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
188
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
189
|
+
}, "strip", z.ZodTypeAny, {
|
|
190
|
+
allow_write: string[];
|
|
191
|
+
deny_read: string[];
|
|
192
|
+
deny_write: string[];
|
|
193
|
+
allow_read?: string[] | undefined;
|
|
194
|
+
}, {
|
|
195
|
+
allow_write?: string[] | undefined;
|
|
196
|
+
deny_read?: string[] | undefined;
|
|
197
|
+
deny_write?: string[] | undefined;
|
|
198
|
+
allow_read?: string[] | undefined;
|
|
199
|
+
}>>;
|
|
200
|
+
network: z.ZodDefault<z.ZodObject<{
|
|
201
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
202
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
203
|
+
}, "strip", z.ZodTypeAny, {
|
|
204
|
+
allowed_domains: string[];
|
|
205
|
+
denied_domains: string[];
|
|
206
|
+
}, {
|
|
207
|
+
allowed_domains?: string[] | undefined;
|
|
208
|
+
denied_domains?: string[] | undefined;
|
|
209
|
+
}>>;
|
|
210
|
+
overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
211
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
212
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
213
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
214
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
215
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
216
|
+
}, "strip", z.ZodTypeAny, {
|
|
217
|
+
allow_write: string[];
|
|
218
|
+
deny_read: string[];
|
|
219
|
+
deny_write: string[];
|
|
220
|
+
allow_read?: string[] | undefined;
|
|
221
|
+
}, {
|
|
222
|
+
allow_write?: string[] | undefined;
|
|
223
|
+
deny_read?: string[] | undefined;
|
|
224
|
+
deny_write?: string[] | undefined;
|
|
225
|
+
allow_read?: string[] | undefined;
|
|
226
|
+
}>>;
|
|
227
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
228
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
229
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
230
|
+
}, "strip", z.ZodTypeAny, {
|
|
231
|
+
allowed_domains: string[];
|
|
232
|
+
denied_domains: string[];
|
|
233
|
+
}, {
|
|
234
|
+
allowed_domains?: string[] | undefined;
|
|
235
|
+
denied_domains?: string[] | undefined;
|
|
236
|
+
}>>;
|
|
237
|
+
}, "strip", z.ZodTypeAny, {
|
|
238
|
+
filesystem?: {
|
|
239
|
+
allow_write: string[];
|
|
240
|
+
deny_read: string[];
|
|
241
|
+
deny_write: string[];
|
|
242
|
+
allow_read?: string[] | undefined;
|
|
243
|
+
} | undefined;
|
|
244
|
+
network?: {
|
|
245
|
+
allowed_domains: string[];
|
|
246
|
+
denied_domains: string[];
|
|
247
|
+
} | undefined;
|
|
248
|
+
}, {
|
|
249
|
+
filesystem?: {
|
|
250
|
+
allow_write?: string[] | undefined;
|
|
251
|
+
deny_read?: string[] | undefined;
|
|
252
|
+
deny_write?: string[] | undefined;
|
|
253
|
+
allow_read?: string[] | undefined;
|
|
254
|
+
} | undefined;
|
|
255
|
+
network?: {
|
|
256
|
+
allowed_domains?: string[] | undefined;
|
|
257
|
+
denied_domains?: string[] | undefined;
|
|
258
|
+
} | undefined;
|
|
259
|
+
}>>>;
|
|
260
|
+
}, "strip", z.ZodTypeAny, {
|
|
261
|
+
filesystem: {
|
|
262
|
+
allow_write: string[];
|
|
263
|
+
deny_read: string[];
|
|
264
|
+
deny_write: string[];
|
|
265
|
+
allow_read?: string[] | undefined;
|
|
266
|
+
};
|
|
267
|
+
network: {
|
|
268
|
+
allowed_domains: string[];
|
|
269
|
+
denied_domains: string[];
|
|
270
|
+
};
|
|
271
|
+
enabled: boolean;
|
|
272
|
+
presets: string[];
|
|
273
|
+
overrides: Record<string, {
|
|
274
|
+
filesystem?: {
|
|
275
|
+
allow_write: string[];
|
|
276
|
+
deny_read: string[];
|
|
277
|
+
deny_write: string[];
|
|
278
|
+
allow_read?: string[] | undefined;
|
|
279
|
+
} | undefined;
|
|
280
|
+
network?: {
|
|
281
|
+
allowed_domains: string[];
|
|
282
|
+
denied_domains: string[];
|
|
283
|
+
} | undefined;
|
|
284
|
+
}>;
|
|
285
|
+
}, {
|
|
286
|
+
filesystem?: {
|
|
287
|
+
allow_write?: string[] | undefined;
|
|
288
|
+
deny_read?: string[] | undefined;
|
|
289
|
+
deny_write?: string[] | undefined;
|
|
290
|
+
allow_read?: string[] | undefined;
|
|
291
|
+
} | undefined;
|
|
292
|
+
network?: {
|
|
293
|
+
allowed_domains?: string[] | undefined;
|
|
294
|
+
denied_domains?: string[] | undefined;
|
|
295
|
+
} | undefined;
|
|
296
|
+
enabled?: boolean | undefined;
|
|
297
|
+
presets?: string | string[] | undefined;
|
|
298
|
+
overrides?: Record<string, {
|
|
299
|
+
filesystem?: {
|
|
300
|
+
allow_write?: string[] | undefined;
|
|
301
|
+
deny_read?: string[] | undefined;
|
|
302
|
+
deny_write?: string[] | undefined;
|
|
303
|
+
allow_read?: string[] | undefined;
|
|
304
|
+
} | undefined;
|
|
305
|
+
network?: {
|
|
306
|
+
allowed_domains?: string[] | undefined;
|
|
307
|
+
denied_domains?: string[] | undefined;
|
|
308
|
+
} | undefined;
|
|
309
|
+
}> | undefined;
|
|
310
|
+
}>;
|
|
311
|
+
export type SandboxConfig = z.infer<typeof SandboxConfig>;
|
|
100
312
|
export declare const ToolOverride: z.ZodObject<{
|
|
101
313
|
description: z.ZodOptional<z.ZodString>;
|
|
102
|
-
|
|
314
|
+
alias_of: z.ZodOptional<z.ZodString>;
|
|
315
|
+
sandbox_presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
316
|
+
sandbox: z.ZodOptional<z.ZodObject<{
|
|
317
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
318
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
319
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
320
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
321
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
322
|
+
}, "strip", z.ZodTypeAny, {
|
|
323
|
+
allow_write: string[];
|
|
324
|
+
deny_read: string[];
|
|
325
|
+
deny_write: string[];
|
|
326
|
+
allow_read?: string[] | undefined;
|
|
327
|
+
}, {
|
|
328
|
+
allow_write?: string[] | undefined;
|
|
329
|
+
deny_read?: string[] | undefined;
|
|
330
|
+
deny_write?: string[] | undefined;
|
|
331
|
+
allow_read?: string[] | undefined;
|
|
332
|
+
}>>;
|
|
333
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
334
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
335
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
336
|
+
}, "strip", z.ZodTypeAny, {
|
|
337
|
+
allowed_domains: string[];
|
|
338
|
+
denied_domains: string[];
|
|
339
|
+
}, {
|
|
340
|
+
allowed_domains?: string[] | undefined;
|
|
341
|
+
denied_domains?: string[] | undefined;
|
|
342
|
+
}>>;
|
|
343
|
+
}, "strip", z.ZodTypeAny, {
|
|
344
|
+
filesystem?: {
|
|
345
|
+
allow_write: string[];
|
|
346
|
+
deny_read: string[];
|
|
347
|
+
deny_write: string[];
|
|
348
|
+
allow_read?: string[] | undefined;
|
|
349
|
+
} | undefined;
|
|
350
|
+
network?: {
|
|
351
|
+
allowed_domains: string[];
|
|
352
|
+
denied_domains: string[];
|
|
353
|
+
} | undefined;
|
|
354
|
+
}, {
|
|
355
|
+
filesystem?: {
|
|
356
|
+
allow_write?: string[] | undefined;
|
|
357
|
+
deny_read?: string[] | undefined;
|
|
358
|
+
deny_write?: string[] | undefined;
|
|
359
|
+
allow_read?: string[] | undefined;
|
|
360
|
+
} | undefined;
|
|
361
|
+
network?: {
|
|
362
|
+
allowed_domains?: string[] | undefined;
|
|
363
|
+
denied_domains?: string[] | undefined;
|
|
364
|
+
} | undefined;
|
|
365
|
+
}>>;
|
|
103
366
|
}, "strip", z.ZodTypeAny, {
|
|
104
|
-
|
|
367
|
+
sandbox_presets: string[];
|
|
105
368
|
description?: string | undefined;
|
|
369
|
+
alias_of?: string | undefined;
|
|
370
|
+
sandbox?: {
|
|
371
|
+
filesystem?: {
|
|
372
|
+
allow_write: string[];
|
|
373
|
+
deny_read: string[];
|
|
374
|
+
deny_write: string[];
|
|
375
|
+
allow_read?: string[] | undefined;
|
|
376
|
+
} | undefined;
|
|
377
|
+
network?: {
|
|
378
|
+
allowed_domains: string[];
|
|
379
|
+
denied_domains: string[];
|
|
380
|
+
} | undefined;
|
|
381
|
+
} | undefined;
|
|
106
382
|
}, {
|
|
107
383
|
description?: string | undefined;
|
|
108
|
-
|
|
384
|
+
alias_of?: string | undefined;
|
|
385
|
+
sandbox_presets?: string | string[] | undefined;
|
|
386
|
+
sandbox?: {
|
|
387
|
+
filesystem?: {
|
|
388
|
+
allow_write?: string[] | undefined;
|
|
389
|
+
deny_read?: string[] | undefined;
|
|
390
|
+
deny_write?: string[] | undefined;
|
|
391
|
+
allow_read?: string[] | undefined;
|
|
392
|
+
} | undefined;
|
|
393
|
+
network?: {
|
|
394
|
+
allowed_domains?: string[] | undefined;
|
|
395
|
+
denied_domains?: string[] | undefined;
|
|
396
|
+
} | undefined;
|
|
397
|
+
} | undefined;
|
|
109
398
|
}>;
|
|
110
399
|
export declare const AgentExecConfig: z.ZodObject<{
|
|
111
400
|
allow: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -199,13 +488,90 @@ export declare const AgentConfig: z.ZodObject<{
|
|
|
199
488
|
deny: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
200
489
|
tool_overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
201
490
|
description: z.ZodOptional<z.ZodString>;
|
|
202
|
-
|
|
491
|
+
alias_of: z.ZodOptional<z.ZodString>;
|
|
492
|
+
sandbox_presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
493
|
+
sandbox: z.ZodOptional<z.ZodObject<{
|
|
494
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
495
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
496
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
497
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
498
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
499
|
+
}, "strip", z.ZodTypeAny, {
|
|
500
|
+
allow_write: string[];
|
|
501
|
+
deny_read: string[];
|
|
502
|
+
deny_write: string[];
|
|
503
|
+
allow_read?: string[] | undefined;
|
|
504
|
+
}, {
|
|
505
|
+
allow_write?: string[] | undefined;
|
|
506
|
+
deny_read?: string[] | undefined;
|
|
507
|
+
deny_write?: string[] | undefined;
|
|
508
|
+
allow_read?: string[] | undefined;
|
|
509
|
+
}>>;
|
|
510
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
511
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
512
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
513
|
+
}, "strip", z.ZodTypeAny, {
|
|
514
|
+
allowed_domains: string[];
|
|
515
|
+
denied_domains: string[];
|
|
516
|
+
}, {
|
|
517
|
+
allowed_domains?: string[] | undefined;
|
|
518
|
+
denied_domains?: string[] | undefined;
|
|
519
|
+
}>>;
|
|
520
|
+
}, "strip", z.ZodTypeAny, {
|
|
521
|
+
filesystem?: {
|
|
522
|
+
allow_write: string[];
|
|
523
|
+
deny_read: string[];
|
|
524
|
+
deny_write: string[];
|
|
525
|
+
allow_read?: string[] | undefined;
|
|
526
|
+
} | undefined;
|
|
527
|
+
network?: {
|
|
528
|
+
allowed_domains: string[];
|
|
529
|
+
denied_domains: string[];
|
|
530
|
+
} | undefined;
|
|
531
|
+
}, {
|
|
532
|
+
filesystem?: {
|
|
533
|
+
allow_write?: string[] | undefined;
|
|
534
|
+
deny_read?: string[] | undefined;
|
|
535
|
+
deny_write?: string[] | undefined;
|
|
536
|
+
allow_read?: string[] | undefined;
|
|
537
|
+
} | undefined;
|
|
538
|
+
network?: {
|
|
539
|
+
allowed_domains?: string[] | undefined;
|
|
540
|
+
denied_domains?: string[] | undefined;
|
|
541
|
+
} | undefined;
|
|
542
|
+
}>>;
|
|
203
543
|
}, "strip", z.ZodTypeAny, {
|
|
204
|
-
|
|
544
|
+
sandbox_presets: string[];
|
|
205
545
|
description?: string | undefined;
|
|
546
|
+
alias_of?: string | undefined;
|
|
547
|
+
sandbox?: {
|
|
548
|
+
filesystem?: {
|
|
549
|
+
allow_write: string[];
|
|
550
|
+
deny_read: string[];
|
|
551
|
+
deny_write: string[];
|
|
552
|
+
allow_read?: string[] | undefined;
|
|
553
|
+
} | undefined;
|
|
554
|
+
network?: {
|
|
555
|
+
allowed_domains: string[];
|
|
556
|
+
denied_domains: string[];
|
|
557
|
+
} | undefined;
|
|
558
|
+
} | undefined;
|
|
206
559
|
}, {
|
|
207
560
|
description?: string | undefined;
|
|
208
|
-
|
|
561
|
+
alias_of?: string | undefined;
|
|
562
|
+
sandbox_presets?: string | string[] | undefined;
|
|
563
|
+
sandbox?: {
|
|
564
|
+
filesystem?: {
|
|
565
|
+
allow_write?: string[] | undefined;
|
|
566
|
+
deny_read?: string[] | undefined;
|
|
567
|
+
deny_write?: string[] | undefined;
|
|
568
|
+
allow_read?: string[] | undefined;
|
|
569
|
+
} | undefined;
|
|
570
|
+
network?: {
|
|
571
|
+
allowed_domains?: string[] | undefined;
|
|
572
|
+
denied_domains?: string[] | undefined;
|
|
573
|
+
} | undefined;
|
|
574
|
+
} | undefined;
|
|
209
575
|
}>>>;
|
|
210
576
|
exec: z.ZodDefault<z.ZodObject<{
|
|
211
577
|
allow: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -239,6 +605,136 @@ export declare const AgentConfig: z.ZodObject<{
|
|
|
239
605
|
max_response_bytes?: number | undefined;
|
|
240
606
|
timeout_ms?: number | undefined;
|
|
241
607
|
}>>;
|
|
608
|
+
sandbox: z.ZodDefault<z.ZodObject<{
|
|
609
|
+
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
610
|
+
presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
611
|
+
filesystem: z.ZodDefault<z.ZodObject<{
|
|
612
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
613
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
614
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
615
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
616
|
+
}, "strip", z.ZodTypeAny, {
|
|
617
|
+
allow_write: string[];
|
|
618
|
+
deny_read: string[];
|
|
619
|
+
deny_write: string[];
|
|
620
|
+
allow_read?: string[] | undefined;
|
|
621
|
+
}, {
|
|
622
|
+
allow_write?: string[] | undefined;
|
|
623
|
+
deny_read?: string[] | undefined;
|
|
624
|
+
deny_write?: string[] | undefined;
|
|
625
|
+
allow_read?: string[] | undefined;
|
|
626
|
+
}>>;
|
|
627
|
+
network: z.ZodDefault<z.ZodObject<{
|
|
628
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
629
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
630
|
+
}, "strip", z.ZodTypeAny, {
|
|
631
|
+
allowed_domains: string[];
|
|
632
|
+
denied_domains: string[];
|
|
633
|
+
}, {
|
|
634
|
+
allowed_domains?: string[] | undefined;
|
|
635
|
+
denied_domains?: string[] | undefined;
|
|
636
|
+
}>>;
|
|
637
|
+
overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
638
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
639
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
640
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
641
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
642
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
643
|
+
}, "strip", z.ZodTypeAny, {
|
|
644
|
+
allow_write: string[];
|
|
645
|
+
deny_read: string[];
|
|
646
|
+
deny_write: string[];
|
|
647
|
+
allow_read?: string[] | undefined;
|
|
648
|
+
}, {
|
|
649
|
+
allow_write?: string[] | undefined;
|
|
650
|
+
deny_read?: string[] | undefined;
|
|
651
|
+
deny_write?: string[] | undefined;
|
|
652
|
+
allow_read?: string[] | undefined;
|
|
653
|
+
}>>;
|
|
654
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
655
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
656
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
657
|
+
}, "strip", z.ZodTypeAny, {
|
|
658
|
+
allowed_domains: string[];
|
|
659
|
+
denied_domains: string[];
|
|
660
|
+
}, {
|
|
661
|
+
allowed_domains?: string[] | undefined;
|
|
662
|
+
denied_domains?: string[] | undefined;
|
|
663
|
+
}>>;
|
|
664
|
+
}, "strip", z.ZodTypeAny, {
|
|
665
|
+
filesystem?: {
|
|
666
|
+
allow_write: string[];
|
|
667
|
+
deny_read: string[];
|
|
668
|
+
deny_write: string[];
|
|
669
|
+
allow_read?: string[] | undefined;
|
|
670
|
+
} | undefined;
|
|
671
|
+
network?: {
|
|
672
|
+
allowed_domains: string[];
|
|
673
|
+
denied_domains: string[];
|
|
674
|
+
} | undefined;
|
|
675
|
+
}, {
|
|
676
|
+
filesystem?: {
|
|
677
|
+
allow_write?: string[] | undefined;
|
|
678
|
+
deny_read?: string[] | undefined;
|
|
679
|
+
deny_write?: string[] | undefined;
|
|
680
|
+
allow_read?: string[] | undefined;
|
|
681
|
+
} | undefined;
|
|
682
|
+
network?: {
|
|
683
|
+
allowed_domains?: string[] | undefined;
|
|
684
|
+
denied_domains?: string[] | undefined;
|
|
685
|
+
} | undefined;
|
|
686
|
+
}>>>;
|
|
687
|
+
}, "strip", z.ZodTypeAny, {
|
|
688
|
+
filesystem: {
|
|
689
|
+
allow_write: string[];
|
|
690
|
+
deny_read: string[];
|
|
691
|
+
deny_write: string[];
|
|
692
|
+
allow_read?: string[] | undefined;
|
|
693
|
+
};
|
|
694
|
+
network: {
|
|
695
|
+
allowed_domains: string[];
|
|
696
|
+
denied_domains: string[];
|
|
697
|
+
};
|
|
698
|
+
enabled: boolean;
|
|
699
|
+
presets: string[];
|
|
700
|
+
overrides: Record<string, {
|
|
701
|
+
filesystem?: {
|
|
702
|
+
allow_write: string[];
|
|
703
|
+
deny_read: string[];
|
|
704
|
+
deny_write: string[];
|
|
705
|
+
allow_read?: string[] | undefined;
|
|
706
|
+
} | undefined;
|
|
707
|
+
network?: {
|
|
708
|
+
allowed_domains: string[];
|
|
709
|
+
denied_domains: string[];
|
|
710
|
+
} | undefined;
|
|
711
|
+
}>;
|
|
712
|
+
}, {
|
|
713
|
+
filesystem?: {
|
|
714
|
+
allow_write?: string[] | undefined;
|
|
715
|
+
deny_read?: string[] | undefined;
|
|
716
|
+
deny_write?: string[] | undefined;
|
|
717
|
+
allow_read?: string[] | undefined;
|
|
718
|
+
} | undefined;
|
|
719
|
+
network?: {
|
|
720
|
+
allowed_domains?: string[] | undefined;
|
|
721
|
+
denied_domains?: string[] | undefined;
|
|
722
|
+
} | undefined;
|
|
723
|
+
enabled?: boolean | undefined;
|
|
724
|
+
presets?: string | string[] | undefined;
|
|
725
|
+
overrides?: Record<string, {
|
|
726
|
+
filesystem?: {
|
|
727
|
+
allow_write?: string[] | undefined;
|
|
728
|
+
deny_read?: string[] | undefined;
|
|
729
|
+
deny_write?: string[] | undefined;
|
|
730
|
+
allow_read?: string[] | undefined;
|
|
731
|
+
} | undefined;
|
|
732
|
+
network?: {
|
|
733
|
+
allowed_domains?: string[] | undefined;
|
|
734
|
+
denied_domains?: string[] | undefined;
|
|
735
|
+
} | undefined;
|
|
736
|
+
}> | undefined;
|
|
737
|
+
}>>;
|
|
242
738
|
middleware: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
243
739
|
name: z.ZodEnum<["schema-validator", "rate-limiter", "untrusted-envelope", "strip-query-params", "output-injection-detector", "canary-token-injector", "output-size-limiter", "output-summarizer", "injection-detector", "sensitivity-classifier"]>;
|
|
244
740
|
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
@@ -294,13 +790,52 @@ export declare const AgentConfig: z.ZodObject<{
|
|
|
294
790
|
max_response_bytes: number;
|
|
295
791
|
timeout_ms: number;
|
|
296
792
|
};
|
|
793
|
+
sandbox: {
|
|
794
|
+
filesystem: {
|
|
795
|
+
allow_write: string[];
|
|
796
|
+
deny_read: string[];
|
|
797
|
+
deny_write: string[];
|
|
798
|
+
allow_read?: string[] | undefined;
|
|
799
|
+
};
|
|
800
|
+
network: {
|
|
801
|
+
allowed_domains: string[];
|
|
802
|
+
denied_domains: string[];
|
|
803
|
+
};
|
|
804
|
+
enabled: boolean;
|
|
805
|
+
presets: string[];
|
|
806
|
+
overrides: Record<string, {
|
|
807
|
+
filesystem?: {
|
|
808
|
+
allow_write: string[];
|
|
809
|
+
deny_read: string[];
|
|
810
|
+
deny_write: string[];
|
|
811
|
+
allow_read?: string[] | undefined;
|
|
812
|
+
} | undefined;
|
|
813
|
+
network?: {
|
|
814
|
+
allowed_domains: string[];
|
|
815
|
+
denied_domains: string[];
|
|
816
|
+
} | undefined;
|
|
817
|
+
}>;
|
|
818
|
+
};
|
|
297
819
|
allow: string[];
|
|
298
820
|
ask: string[];
|
|
299
821
|
deny: string[];
|
|
300
822
|
extends: string[];
|
|
301
823
|
tool_overrides: Record<string, {
|
|
302
|
-
|
|
824
|
+
sandbox_presets: string[];
|
|
303
825
|
description?: string | undefined;
|
|
826
|
+
alias_of?: string | undefined;
|
|
827
|
+
sandbox?: {
|
|
828
|
+
filesystem?: {
|
|
829
|
+
allow_write: string[];
|
|
830
|
+
deny_read: string[];
|
|
831
|
+
deny_write: string[];
|
|
832
|
+
allow_read?: string[] | undefined;
|
|
833
|
+
} | undefined;
|
|
834
|
+
network?: {
|
|
835
|
+
allowed_domains: string[];
|
|
836
|
+
denied_domains: string[];
|
|
837
|
+
} | undefined;
|
|
838
|
+
} | undefined;
|
|
304
839
|
}>;
|
|
305
840
|
exec: {
|
|
306
841
|
env: Record<string, string>;
|
|
@@ -333,6 +868,32 @@ export declare const AgentConfig: z.ZodObject<{
|
|
|
333
868
|
max_response_bytes?: number | undefined;
|
|
334
869
|
timeout_ms?: number | undefined;
|
|
335
870
|
} | undefined;
|
|
871
|
+
sandbox?: {
|
|
872
|
+
filesystem?: {
|
|
873
|
+
allow_write?: string[] | undefined;
|
|
874
|
+
deny_read?: string[] | undefined;
|
|
875
|
+
deny_write?: string[] | undefined;
|
|
876
|
+
allow_read?: string[] | undefined;
|
|
877
|
+
} | undefined;
|
|
878
|
+
network?: {
|
|
879
|
+
allowed_domains?: string[] | undefined;
|
|
880
|
+
denied_domains?: string[] | undefined;
|
|
881
|
+
} | undefined;
|
|
882
|
+
enabled?: boolean | undefined;
|
|
883
|
+
presets?: string | string[] | undefined;
|
|
884
|
+
overrides?: Record<string, {
|
|
885
|
+
filesystem?: {
|
|
886
|
+
allow_write?: string[] | undefined;
|
|
887
|
+
deny_read?: string[] | undefined;
|
|
888
|
+
deny_write?: string[] | undefined;
|
|
889
|
+
allow_read?: string[] | undefined;
|
|
890
|
+
} | undefined;
|
|
891
|
+
network?: {
|
|
892
|
+
allowed_domains?: string[] | undefined;
|
|
893
|
+
denied_domains?: string[] | undefined;
|
|
894
|
+
} | undefined;
|
|
895
|
+
}> | undefined;
|
|
896
|
+
} | undefined;
|
|
336
897
|
allow?: string[] | undefined;
|
|
337
898
|
ask?: string[] | undefined;
|
|
338
899
|
deny?: string[] | undefined;
|
|
@@ -340,7 +901,20 @@ export declare const AgentConfig: z.ZodObject<{
|
|
|
340
901
|
extends?: string[] | undefined;
|
|
341
902
|
tool_overrides?: Record<string, {
|
|
342
903
|
description?: string | undefined;
|
|
343
|
-
|
|
904
|
+
alias_of?: string | undefined;
|
|
905
|
+
sandbox_presets?: string | string[] | undefined;
|
|
906
|
+
sandbox?: {
|
|
907
|
+
filesystem?: {
|
|
908
|
+
allow_write?: string[] | undefined;
|
|
909
|
+
deny_read?: string[] | undefined;
|
|
910
|
+
deny_write?: string[] | undefined;
|
|
911
|
+
allow_read?: string[] | undefined;
|
|
912
|
+
} | undefined;
|
|
913
|
+
network?: {
|
|
914
|
+
allowed_domains?: string[] | undefined;
|
|
915
|
+
denied_domains?: string[] | undefined;
|
|
916
|
+
} | undefined;
|
|
917
|
+
} | undefined;
|
|
344
918
|
}> | undefined;
|
|
345
919
|
exec?: {
|
|
346
920
|
env?: Record<string, string> | undefined;
|
|
@@ -1035,7 +1609,58 @@ export declare const ApiConfig: z.ZodObject<{
|
|
|
1035
1609
|
include?: string[] | undefined;
|
|
1036
1610
|
}>;
|
|
1037
1611
|
export type ApiConfig = z.infer<typeof ApiConfig>;
|
|
1038
|
-
export declare const
|
|
1612
|
+
export declare const SandboxPresetConfig: z.ZodObject<{
|
|
1613
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
1614
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1615
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1616
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1617
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1618
|
+
}, "strip", z.ZodTypeAny, {
|
|
1619
|
+
allow_write: string[];
|
|
1620
|
+
deny_read: string[];
|
|
1621
|
+
deny_write: string[];
|
|
1622
|
+
allow_read?: string[] | undefined;
|
|
1623
|
+
}, {
|
|
1624
|
+
allow_write?: string[] | undefined;
|
|
1625
|
+
deny_read?: string[] | undefined;
|
|
1626
|
+
deny_write?: string[] | undefined;
|
|
1627
|
+
allow_read?: string[] | undefined;
|
|
1628
|
+
}>>;
|
|
1629
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
1630
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1631
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1632
|
+
}, "strip", z.ZodTypeAny, {
|
|
1633
|
+
allowed_domains: string[];
|
|
1634
|
+
denied_domains: string[];
|
|
1635
|
+
}, {
|
|
1636
|
+
allowed_domains?: string[] | undefined;
|
|
1637
|
+
denied_domains?: string[] | undefined;
|
|
1638
|
+
}>>;
|
|
1639
|
+
}, "strip", z.ZodTypeAny, {
|
|
1640
|
+
filesystem?: {
|
|
1641
|
+
allow_write: string[];
|
|
1642
|
+
deny_read: string[];
|
|
1643
|
+
deny_write: string[];
|
|
1644
|
+
allow_read?: string[] | undefined;
|
|
1645
|
+
} | undefined;
|
|
1646
|
+
network?: {
|
|
1647
|
+
allowed_domains: string[];
|
|
1648
|
+
denied_domains: string[];
|
|
1649
|
+
} | undefined;
|
|
1650
|
+
}, {
|
|
1651
|
+
filesystem?: {
|
|
1652
|
+
allow_write?: string[] | undefined;
|
|
1653
|
+
deny_read?: string[] | undefined;
|
|
1654
|
+
deny_write?: string[] | undefined;
|
|
1655
|
+
allow_read?: string[] | undefined;
|
|
1656
|
+
} | undefined;
|
|
1657
|
+
network?: {
|
|
1658
|
+
allowed_domains?: string[] | undefined;
|
|
1659
|
+
denied_domains?: string[] | undefined;
|
|
1660
|
+
} | undefined;
|
|
1661
|
+
}>;
|
|
1662
|
+
export type SandboxPresetConfig = z.infer<typeof SandboxPresetConfig>;
|
|
1663
|
+
export declare const GatewayConfig: z.ZodEffects<z.ZodObject<{
|
|
1039
1664
|
providers: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodLiteral<"builtin">, z.ZodDiscriminatedUnion<"type", [z.ZodObject<{
|
|
1040
1665
|
type: z.ZodLiteral<"stdio">;
|
|
1041
1666
|
command: z.ZodString;
|
|
@@ -1092,6 +1717,56 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1092
1717
|
allow?: string[] | undefined;
|
|
1093
1718
|
ask?: string[] | undefined;
|
|
1094
1719
|
}>>>;
|
|
1720
|
+
sandbox_presets: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1721
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
1722
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1723
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1724
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1725
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1726
|
+
}, "strip", z.ZodTypeAny, {
|
|
1727
|
+
allow_write: string[];
|
|
1728
|
+
deny_read: string[];
|
|
1729
|
+
deny_write: string[];
|
|
1730
|
+
allow_read?: string[] | undefined;
|
|
1731
|
+
}, {
|
|
1732
|
+
allow_write?: string[] | undefined;
|
|
1733
|
+
deny_read?: string[] | undefined;
|
|
1734
|
+
deny_write?: string[] | undefined;
|
|
1735
|
+
allow_read?: string[] | undefined;
|
|
1736
|
+
}>>;
|
|
1737
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
1738
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1739
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1740
|
+
}, "strip", z.ZodTypeAny, {
|
|
1741
|
+
allowed_domains: string[];
|
|
1742
|
+
denied_domains: string[];
|
|
1743
|
+
}, {
|
|
1744
|
+
allowed_domains?: string[] | undefined;
|
|
1745
|
+
denied_domains?: string[] | undefined;
|
|
1746
|
+
}>>;
|
|
1747
|
+
}, "strip", z.ZodTypeAny, {
|
|
1748
|
+
filesystem?: {
|
|
1749
|
+
allow_write: string[];
|
|
1750
|
+
deny_read: string[];
|
|
1751
|
+
deny_write: string[];
|
|
1752
|
+
allow_read?: string[] | undefined;
|
|
1753
|
+
} | undefined;
|
|
1754
|
+
network?: {
|
|
1755
|
+
allowed_domains: string[];
|
|
1756
|
+
denied_domains: string[];
|
|
1757
|
+
} | undefined;
|
|
1758
|
+
}, {
|
|
1759
|
+
filesystem?: {
|
|
1760
|
+
allow_write?: string[] | undefined;
|
|
1761
|
+
deny_read?: string[] | undefined;
|
|
1762
|
+
deny_write?: string[] | undefined;
|
|
1763
|
+
allow_read?: string[] | undefined;
|
|
1764
|
+
} | undefined;
|
|
1765
|
+
network?: {
|
|
1766
|
+
allowed_domains?: string[] | undefined;
|
|
1767
|
+
denied_domains?: string[] | undefined;
|
|
1768
|
+
} | undefined;
|
|
1769
|
+
}>>>;
|
|
1095
1770
|
clis: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1096
1771
|
discovered: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
1097
1772
|
shell: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
|
|
@@ -1258,13 +1933,90 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1258
1933
|
deny: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1259
1934
|
tool_overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
1260
1935
|
description: z.ZodOptional<z.ZodString>;
|
|
1261
|
-
|
|
1936
|
+
alias_of: z.ZodOptional<z.ZodString>;
|
|
1937
|
+
sandbox_presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
1938
|
+
sandbox: z.ZodOptional<z.ZodObject<{
|
|
1939
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
1940
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1941
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1942
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1943
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
1944
|
+
}, "strip", z.ZodTypeAny, {
|
|
1945
|
+
allow_write: string[];
|
|
1946
|
+
deny_read: string[];
|
|
1947
|
+
deny_write: string[];
|
|
1948
|
+
allow_read?: string[] | undefined;
|
|
1949
|
+
}, {
|
|
1950
|
+
allow_write?: string[] | undefined;
|
|
1951
|
+
deny_read?: string[] | undefined;
|
|
1952
|
+
deny_write?: string[] | undefined;
|
|
1953
|
+
allow_read?: string[] | undefined;
|
|
1954
|
+
}>>;
|
|
1955
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
1956
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1957
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
1958
|
+
}, "strip", z.ZodTypeAny, {
|
|
1959
|
+
allowed_domains: string[];
|
|
1960
|
+
denied_domains: string[];
|
|
1961
|
+
}, {
|
|
1962
|
+
allowed_domains?: string[] | undefined;
|
|
1963
|
+
denied_domains?: string[] | undefined;
|
|
1964
|
+
}>>;
|
|
1965
|
+
}, "strip", z.ZodTypeAny, {
|
|
1966
|
+
filesystem?: {
|
|
1967
|
+
allow_write: string[];
|
|
1968
|
+
deny_read: string[];
|
|
1969
|
+
deny_write: string[];
|
|
1970
|
+
allow_read?: string[] | undefined;
|
|
1971
|
+
} | undefined;
|
|
1972
|
+
network?: {
|
|
1973
|
+
allowed_domains: string[];
|
|
1974
|
+
denied_domains: string[];
|
|
1975
|
+
} | undefined;
|
|
1976
|
+
}, {
|
|
1977
|
+
filesystem?: {
|
|
1978
|
+
allow_write?: string[] | undefined;
|
|
1979
|
+
deny_read?: string[] | undefined;
|
|
1980
|
+
deny_write?: string[] | undefined;
|
|
1981
|
+
allow_read?: string[] | undefined;
|
|
1982
|
+
} | undefined;
|
|
1983
|
+
network?: {
|
|
1984
|
+
allowed_domains?: string[] | undefined;
|
|
1985
|
+
denied_domains?: string[] | undefined;
|
|
1986
|
+
} | undefined;
|
|
1987
|
+
}>>;
|
|
1262
1988
|
}, "strip", z.ZodTypeAny, {
|
|
1263
|
-
|
|
1989
|
+
sandbox_presets: string[];
|
|
1264
1990
|
description?: string | undefined;
|
|
1991
|
+
alias_of?: string | undefined;
|
|
1992
|
+
sandbox?: {
|
|
1993
|
+
filesystem?: {
|
|
1994
|
+
allow_write: string[];
|
|
1995
|
+
deny_read: string[];
|
|
1996
|
+
deny_write: string[];
|
|
1997
|
+
allow_read?: string[] | undefined;
|
|
1998
|
+
} | undefined;
|
|
1999
|
+
network?: {
|
|
2000
|
+
allowed_domains: string[];
|
|
2001
|
+
denied_domains: string[];
|
|
2002
|
+
} | undefined;
|
|
2003
|
+
} | undefined;
|
|
1265
2004
|
}, {
|
|
1266
2005
|
description?: string | undefined;
|
|
1267
|
-
|
|
2006
|
+
alias_of?: string | undefined;
|
|
2007
|
+
sandbox_presets?: string | string[] | undefined;
|
|
2008
|
+
sandbox?: {
|
|
2009
|
+
filesystem?: {
|
|
2010
|
+
allow_write?: string[] | undefined;
|
|
2011
|
+
deny_read?: string[] | undefined;
|
|
2012
|
+
deny_write?: string[] | undefined;
|
|
2013
|
+
allow_read?: string[] | undefined;
|
|
2014
|
+
} | undefined;
|
|
2015
|
+
network?: {
|
|
2016
|
+
allowed_domains?: string[] | undefined;
|
|
2017
|
+
denied_domains?: string[] | undefined;
|
|
2018
|
+
} | undefined;
|
|
2019
|
+
} | undefined;
|
|
1268
2020
|
}>>>;
|
|
1269
2021
|
exec: z.ZodDefault<z.ZodObject<{
|
|
1270
2022
|
allow: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
@@ -1298,6 +2050,136 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1298
2050
|
max_response_bytes?: number | undefined;
|
|
1299
2051
|
timeout_ms?: number | undefined;
|
|
1300
2052
|
}>>;
|
|
2053
|
+
sandbox: z.ZodDefault<z.ZodObject<{
|
|
2054
|
+
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
2055
|
+
presets: z.ZodDefault<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>, string[], string | string[]>>;
|
|
2056
|
+
filesystem: z.ZodDefault<z.ZodObject<{
|
|
2057
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2058
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2059
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2060
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2061
|
+
}, "strip", z.ZodTypeAny, {
|
|
2062
|
+
allow_write: string[];
|
|
2063
|
+
deny_read: string[];
|
|
2064
|
+
deny_write: string[];
|
|
2065
|
+
allow_read?: string[] | undefined;
|
|
2066
|
+
}, {
|
|
2067
|
+
allow_write?: string[] | undefined;
|
|
2068
|
+
deny_read?: string[] | undefined;
|
|
2069
|
+
deny_write?: string[] | undefined;
|
|
2070
|
+
allow_read?: string[] | undefined;
|
|
2071
|
+
}>>;
|
|
2072
|
+
network: z.ZodDefault<z.ZodObject<{
|
|
2073
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2074
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2075
|
+
}, "strip", z.ZodTypeAny, {
|
|
2076
|
+
allowed_domains: string[];
|
|
2077
|
+
denied_domains: string[];
|
|
2078
|
+
}, {
|
|
2079
|
+
allowed_domains?: string[] | undefined;
|
|
2080
|
+
denied_domains?: string[] | undefined;
|
|
2081
|
+
}>>;
|
|
2082
|
+
overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
2083
|
+
filesystem: z.ZodOptional<z.ZodObject<{
|
|
2084
|
+
allow_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2085
|
+
deny_read: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2086
|
+
deny_write: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2087
|
+
allow_read: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
|
|
2088
|
+
}, "strip", z.ZodTypeAny, {
|
|
2089
|
+
allow_write: string[];
|
|
2090
|
+
deny_read: string[];
|
|
2091
|
+
deny_write: string[];
|
|
2092
|
+
allow_read?: string[] | undefined;
|
|
2093
|
+
}, {
|
|
2094
|
+
allow_write?: string[] | undefined;
|
|
2095
|
+
deny_read?: string[] | undefined;
|
|
2096
|
+
deny_write?: string[] | undefined;
|
|
2097
|
+
allow_read?: string[] | undefined;
|
|
2098
|
+
}>>;
|
|
2099
|
+
network: z.ZodOptional<z.ZodObject<{
|
|
2100
|
+
allowed_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2101
|
+
denied_domains: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
2102
|
+
}, "strip", z.ZodTypeAny, {
|
|
2103
|
+
allowed_domains: string[];
|
|
2104
|
+
denied_domains: string[];
|
|
2105
|
+
}, {
|
|
2106
|
+
allowed_domains?: string[] | undefined;
|
|
2107
|
+
denied_domains?: string[] | undefined;
|
|
2108
|
+
}>>;
|
|
2109
|
+
}, "strip", z.ZodTypeAny, {
|
|
2110
|
+
filesystem?: {
|
|
2111
|
+
allow_write: string[];
|
|
2112
|
+
deny_read: string[];
|
|
2113
|
+
deny_write: string[];
|
|
2114
|
+
allow_read?: string[] | undefined;
|
|
2115
|
+
} | undefined;
|
|
2116
|
+
network?: {
|
|
2117
|
+
allowed_domains: string[];
|
|
2118
|
+
denied_domains: string[];
|
|
2119
|
+
} | undefined;
|
|
2120
|
+
}, {
|
|
2121
|
+
filesystem?: {
|
|
2122
|
+
allow_write?: string[] | undefined;
|
|
2123
|
+
deny_read?: string[] | undefined;
|
|
2124
|
+
deny_write?: string[] | undefined;
|
|
2125
|
+
allow_read?: string[] | undefined;
|
|
2126
|
+
} | undefined;
|
|
2127
|
+
network?: {
|
|
2128
|
+
allowed_domains?: string[] | undefined;
|
|
2129
|
+
denied_domains?: string[] | undefined;
|
|
2130
|
+
} | undefined;
|
|
2131
|
+
}>>>;
|
|
2132
|
+
}, "strip", z.ZodTypeAny, {
|
|
2133
|
+
filesystem: {
|
|
2134
|
+
allow_write: string[];
|
|
2135
|
+
deny_read: string[];
|
|
2136
|
+
deny_write: string[];
|
|
2137
|
+
allow_read?: string[] | undefined;
|
|
2138
|
+
};
|
|
2139
|
+
network: {
|
|
2140
|
+
allowed_domains: string[];
|
|
2141
|
+
denied_domains: string[];
|
|
2142
|
+
};
|
|
2143
|
+
enabled: boolean;
|
|
2144
|
+
presets: string[];
|
|
2145
|
+
overrides: Record<string, {
|
|
2146
|
+
filesystem?: {
|
|
2147
|
+
allow_write: string[];
|
|
2148
|
+
deny_read: string[];
|
|
2149
|
+
deny_write: string[];
|
|
2150
|
+
allow_read?: string[] | undefined;
|
|
2151
|
+
} | undefined;
|
|
2152
|
+
network?: {
|
|
2153
|
+
allowed_domains: string[];
|
|
2154
|
+
denied_domains: string[];
|
|
2155
|
+
} | undefined;
|
|
2156
|
+
}>;
|
|
2157
|
+
}, {
|
|
2158
|
+
filesystem?: {
|
|
2159
|
+
allow_write?: string[] | undefined;
|
|
2160
|
+
deny_read?: string[] | undefined;
|
|
2161
|
+
deny_write?: string[] | undefined;
|
|
2162
|
+
allow_read?: string[] | undefined;
|
|
2163
|
+
} | undefined;
|
|
2164
|
+
network?: {
|
|
2165
|
+
allowed_domains?: string[] | undefined;
|
|
2166
|
+
denied_domains?: string[] | undefined;
|
|
2167
|
+
} | undefined;
|
|
2168
|
+
enabled?: boolean | undefined;
|
|
2169
|
+
presets?: string | string[] | undefined;
|
|
2170
|
+
overrides?: Record<string, {
|
|
2171
|
+
filesystem?: {
|
|
2172
|
+
allow_write?: string[] | undefined;
|
|
2173
|
+
deny_read?: string[] | undefined;
|
|
2174
|
+
deny_write?: string[] | undefined;
|
|
2175
|
+
allow_read?: string[] | undefined;
|
|
2176
|
+
} | undefined;
|
|
2177
|
+
network?: {
|
|
2178
|
+
allowed_domains?: string[] | undefined;
|
|
2179
|
+
denied_domains?: string[] | undefined;
|
|
2180
|
+
} | undefined;
|
|
2181
|
+
}> | undefined;
|
|
2182
|
+
}>>;
|
|
1301
2183
|
middleware: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
1302
2184
|
name: z.ZodEnum<["schema-validator", "rate-limiter", "untrusted-envelope", "strip-query-params", "output-injection-detector", "canary-token-injector", "output-size-limiter", "output-summarizer", "injection-detector", "sensitivity-classifier"]>;
|
|
1303
2185
|
enabled: z.ZodDefault<z.ZodBoolean>;
|
|
@@ -1353,13 +2235,52 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1353
2235
|
max_response_bytes: number;
|
|
1354
2236
|
timeout_ms: number;
|
|
1355
2237
|
};
|
|
2238
|
+
sandbox: {
|
|
2239
|
+
filesystem: {
|
|
2240
|
+
allow_write: string[];
|
|
2241
|
+
deny_read: string[];
|
|
2242
|
+
deny_write: string[];
|
|
2243
|
+
allow_read?: string[] | undefined;
|
|
2244
|
+
};
|
|
2245
|
+
network: {
|
|
2246
|
+
allowed_domains: string[];
|
|
2247
|
+
denied_domains: string[];
|
|
2248
|
+
};
|
|
2249
|
+
enabled: boolean;
|
|
2250
|
+
presets: string[];
|
|
2251
|
+
overrides: Record<string, {
|
|
2252
|
+
filesystem?: {
|
|
2253
|
+
allow_write: string[];
|
|
2254
|
+
deny_read: string[];
|
|
2255
|
+
deny_write: string[];
|
|
2256
|
+
allow_read?: string[] | undefined;
|
|
2257
|
+
} | undefined;
|
|
2258
|
+
network?: {
|
|
2259
|
+
allowed_domains: string[];
|
|
2260
|
+
denied_domains: string[];
|
|
2261
|
+
} | undefined;
|
|
2262
|
+
}>;
|
|
2263
|
+
};
|
|
1356
2264
|
allow: string[];
|
|
1357
2265
|
ask: string[];
|
|
1358
2266
|
deny: string[];
|
|
1359
2267
|
extends: string[];
|
|
1360
2268
|
tool_overrides: Record<string, {
|
|
1361
|
-
|
|
2269
|
+
sandbox_presets: string[];
|
|
1362
2270
|
description?: string | undefined;
|
|
2271
|
+
alias_of?: string | undefined;
|
|
2272
|
+
sandbox?: {
|
|
2273
|
+
filesystem?: {
|
|
2274
|
+
allow_write: string[];
|
|
2275
|
+
deny_read: string[];
|
|
2276
|
+
deny_write: string[];
|
|
2277
|
+
allow_read?: string[] | undefined;
|
|
2278
|
+
} | undefined;
|
|
2279
|
+
network?: {
|
|
2280
|
+
allowed_domains: string[];
|
|
2281
|
+
denied_domains: string[];
|
|
2282
|
+
} | undefined;
|
|
2283
|
+
} | undefined;
|
|
1363
2284
|
}>;
|
|
1364
2285
|
exec: {
|
|
1365
2286
|
env: Record<string, string>;
|
|
@@ -1392,6 +2313,32 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1392
2313
|
max_response_bytes?: number | undefined;
|
|
1393
2314
|
timeout_ms?: number | undefined;
|
|
1394
2315
|
} | undefined;
|
|
2316
|
+
sandbox?: {
|
|
2317
|
+
filesystem?: {
|
|
2318
|
+
allow_write?: string[] | undefined;
|
|
2319
|
+
deny_read?: string[] | undefined;
|
|
2320
|
+
deny_write?: string[] | undefined;
|
|
2321
|
+
allow_read?: string[] | undefined;
|
|
2322
|
+
} | undefined;
|
|
2323
|
+
network?: {
|
|
2324
|
+
allowed_domains?: string[] | undefined;
|
|
2325
|
+
denied_domains?: string[] | undefined;
|
|
2326
|
+
} | undefined;
|
|
2327
|
+
enabled?: boolean | undefined;
|
|
2328
|
+
presets?: string | string[] | undefined;
|
|
2329
|
+
overrides?: Record<string, {
|
|
2330
|
+
filesystem?: {
|
|
2331
|
+
allow_write?: string[] | undefined;
|
|
2332
|
+
deny_read?: string[] | undefined;
|
|
2333
|
+
deny_write?: string[] | undefined;
|
|
2334
|
+
allow_read?: string[] | undefined;
|
|
2335
|
+
} | undefined;
|
|
2336
|
+
network?: {
|
|
2337
|
+
allowed_domains?: string[] | undefined;
|
|
2338
|
+
denied_domains?: string[] | undefined;
|
|
2339
|
+
} | undefined;
|
|
2340
|
+
}> | undefined;
|
|
2341
|
+
} | undefined;
|
|
1395
2342
|
allow?: string[] | undefined;
|
|
1396
2343
|
ask?: string[] | undefined;
|
|
1397
2344
|
deny?: string[] | undefined;
|
|
@@ -1399,7 +2346,20 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1399
2346
|
extends?: string[] | undefined;
|
|
1400
2347
|
tool_overrides?: Record<string, {
|
|
1401
2348
|
description?: string | undefined;
|
|
1402
|
-
|
|
2349
|
+
alias_of?: string | undefined;
|
|
2350
|
+
sandbox_presets?: string | string[] | undefined;
|
|
2351
|
+
sandbox?: {
|
|
2352
|
+
filesystem?: {
|
|
2353
|
+
allow_write?: string[] | undefined;
|
|
2354
|
+
deny_read?: string[] | undefined;
|
|
2355
|
+
deny_write?: string[] | undefined;
|
|
2356
|
+
allow_read?: string[] | undefined;
|
|
2357
|
+
} | undefined;
|
|
2358
|
+
network?: {
|
|
2359
|
+
allowed_domains?: string[] | undefined;
|
|
2360
|
+
denied_domains?: string[] | undefined;
|
|
2361
|
+
} | undefined;
|
|
2362
|
+
} | undefined;
|
|
1403
2363
|
}> | undefined;
|
|
1404
2364
|
exec?: {
|
|
1405
2365
|
env?: Record<string, string> | undefined;
|
|
@@ -1736,6 +2696,18 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1736
2696
|
api_secret?: string | undefined;
|
|
1737
2697
|
}>>;
|
|
1738
2698
|
}, "strip", z.ZodTypeAny, {
|
|
2699
|
+
sandbox_presets: Record<string, {
|
|
2700
|
+
filesystem?: {
|
|
2701
|
+
allow_write: string[];
|
|
2702
|
+
deny_read: string[];
|
|
2703
|
+
deny_write: string[];
|
|
2704
|
+
allow_read?: string[] | undefined;
|
|
2705
|
+
} | undefined;
|
|
2706
|
+
network?: {
|
|
2707
|
+
allowed_domains: string[];
|
|
2708
|
+
denied_domains: string[];
|
|
2709
|
+
} | undefined;
|
|
2710
|
+
}>;
|
|
1739
2711
|
providers: Record<string, {
|
|
1740
2712
|
type: "stdio";
|
|
1741
2713
|
command: string;
|
|
@@ -1798,13 +2770,52 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1798
2770
|
max_response_bytes: number;
|
|
1799
2771
|
timeout_ms: number;
|
|
1800
2772
|
};
|
|
2773
|
+
sandbox: {
|
|
2774
|
+
filesystem: {
|
|
2775
|
+
allow_write: string[];
|
|
2776
|
+
deny_read: string[];
|
|
2777
|
+
deny_write: string[];
|
|
2778
|
+
allow_read?: string[] | undefined;
|
|
2779
|
+
};
|
|
2780
|
+
network: {
|
|
2781
|
+
allowed_domains: string[];
|
|
2782
|
+
denied_domains: string[];
|
|
2783
|
+
};
|
|
2784
|
+
enabled: boolean;
|
|
2785
|
+
presets: string[];
|
|
2786
|
+
overrides: Record<string, {
|
|
2787
|
+
filesystem?: {
|
|
2788
|
+
allow_write: string[];
|
|
2789
|
+
deny_read: string[];
|
|
2790
|
+
deny_write: string[];
|
|
2791
|
+
allow_read?: string[] | undefined;
|
|
2792
|
+
} | undefined;
|
|
2793
|
+
network?: {
|
|
2794
|
+
allowed_domains: string[];
|
|
2795
|
+
denied_domains: string[];
|
|
2796
|
+
} | undefined;
|
|
2797
|
+
}>;
|
|
2798
|
+
};
|
|
1801
2799
|
allow: string[];
|
|
1802
2800
|
ask: string[];
|
|
1803
2801
|
deny: string[];
|
|
1804
2802
|
extends: string[];
|
|
1805
2803
|
tool_overrides: Record<string, {
|
|
1806
|
-
|
|
2804
|
+
sandbox_presets: string[];
|
|
1807
2805
|
description?: string | undefined;
|
|
2806
|
+
alias_of?: string | undefined;
|
|
2807
|
+
sandbox?: {
|
|
2808
|
+
filesystem?: {
|
|
2809
|
+
allow_write: string[];
|
|
2810
|
+
deny_read: string[];
|
|
2811
|
+
deny_write: string[];
|
|
2812
|
+
allow_read?: string[] | undefined;
|
|
2813
|
+
} | undefined;
|
|
2814
|
+
network?: {
|
|
2815
|
+
allowed_domains: string[];
|
|
2816
|
+
denied_domains: string[];
|
|
2817
|
+
} | undefined;
|
|
2818
|
+
} | undefined;
|
|
1808
2819
|
}>;
|
|
1809
2820
|
exec: {
|
|
1810
2821
|
env: Record<string, string>;
|
|
@@ -1904,6 +2915,458 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1904
2915
|
api_secret?: string | undefined;
|
|
1905
2916
|
};
|
|
1906
2917
|
}, {
|
|
2918
|
+
sandbox_presets?: Record<string, {
|
|
2919
|
+
filesystem?: {
|
|
2920
|
+
allow_write?: string[] | undefined;
|
|
2921
|
+
deny_read?: string[] | undefined;
|
|
2922
|
+
deny_write?: string[] | undefined;
|
|
2923
|
+
allow_read?: string[] | undefined;
|
|
2924
|
+
} | undefined;
|
|
2925
|
+
network?: {
|
|
2926
|
+
allowed_domains?: string[] | undefined;
|
|
2927
|
+
denied_domains?: string[] | undefined;
|
|
2928
|
+
} | undefined;
|
|
2929
|
+
}> | undefined;
|
|
2930
|
+
providers?: Record<string, {
|
|
2931
|
+
type: "stdio";
|
|
2932
|
+
command: string;
|
|
2933
|
+
args?: string[] | undefined;
|
|
2934
|
+
env?: Record<string, string> | undefined;
|
|
2935
|
+
} | {
|
|
2936
|
+
url: string;
|
|
2937
|
+
type: "sse";
|
|
2938
|
+
headers?: Record<string, string> | undefined;
|
|
2939
|
+
} | {
|
|
2940
|
+
url: string;
|
|
2941
|
+
type: "http";
|
|
2942
|
+
oauth?: boolean | undefined;
|
|
2943
|
+
headers?: Record<string, string> | undefined;
|
|
2944
|
+
oauth_callback_port?: number | undefined;
|
|
2945
|
+
} | "builtin"> | undefined;
|
|
2946
|
+
profiles?: Record<string, {
|
|
2947
|
+
allow?: string[] | undefined;
|
|
2948
|
+
ask?: string[] | undefined;
|
|
2949
|
+
}> | undefined;
|
|
2950
|
+
clis?: Record<string, {
|
|
2951
|
+
cwd?: string | undefined;
|
|
2952
|
+
discovered?: string | undefined;
|
|
2953
|
+
shell?: string | undefined;
|
|
2954
|
+
max_output_bytes?: number | undefined;
|
|
2955
|
+
commands?: Record<string, {
|
|
2956
|
+
exec: string;
|
|
2957
|
+
params?: Record<string, {
|
|
2958
|
+
type: "string" | "number" | "boolean";
|
|
2959
|
+
default?: string | number | boolean | undefined;
|
|
2960
|
+
description?: string | undefined;
|
|
2961
|
+
required?: boolean | undefined;
|
|
2962
|
+
flag?: string | undefined;
|
|
2963
|
+
positional?: boolean | undefined;
|
|
2964
|
+
}> | undefined;
|
|
2965
|
+
description?: string | undefined;
|
|
2966
|
+
timeout?: number | undefined;
|
|
2967
|
+
cwd?: string | undefined;
|
|
2968
|
+
}> | undefined;
|
|
2969
|
+
}> | undefined;
|
|
2970
|
+
apis?: Record<string, {
|
|
2971
|
+
spec: string;
|
|
2972
|
+
max_response_bytes?: number | undefined;
|
|
2973
|
+
timeout_ms?: number | undefined;
|
|
2974
|
+
exclude?: string[] | undefined;
|
|
2975
|
+
base_url?: string | undefined;
|
|
2976
|
+
auth?: {
|
|
2977
|
+
type: "bearer";
|
|
2978
|
+
token: string;
|
|
2979
|
+
} | {
|
|
2980
|
+
name: string;
|
|
2981
|
+
type: "header";
|
|
2982
|
+
value: string;
|
|
2983
|
+
} | undefined;
|
|
2984
|
+
include?: string[] | undefined;
|
|
2985
|
+
}> | undefined;
|
|
2986
|
+
agents?: Record<string, {
|
|
2987
|
+
http?: {
|
|
2988
|
+
domain_allowlist?: string[] | undefined;
|
|
2989
|
+
max_response_bytes?: number | undefined;
|
|
2990
|
+
timeout_ms?: number | undefined;
|
|
2991
|
+
} | undefined;
|
|
2992
|
+
sandbox?: {
|
|
2993
|
+
filesystem?: {
|
|
2994
|
+
allow_write?: string[] | undefined;
|
|
2995
|
+
deny_read?: string[] | undefined;
|
|
2996
|
+
deny_write?: string[] | undefined;
|
|
2997
|
+
allow_read?: string[] | undefined;
|
|
2998
|
+
} | undefined;
|
|
2999
|
+
network?: {
|
|
3000
|
+
allowed_domains?: string[] | undefined;
|
|
3001
|
+
denied_domains?: string[] | undefined;
|
|
3002
|
+
} | undefined;
|
|
3003
|
+
enabled?: boolean | undefined;
|
|
3004
|
+
presets?: string | string[] | undefined;
|
|
3005
|
+
overrides?: Record<string, {
|
|
3006
|
+
filesystem?: {
|
|
3007
|
+
allow_write?: string[] | undefined;
|
|
3008
|
+
deny_read?: string[] | undefined;
|
|
3009
|
+
deny_write?: string[] | undefined;
|
|
3010
|
+
allow_read?: string[] | undefined;
|
|
3011
|
+
} | undefined;
|
|
3012
|
+
network?: {
|
|
3013
|
+
allowed_domains?: string[] | undefined;
|
|
3014
|
+
denied_domains?: string[] | undefined;
|
|
3015
|
+
} | undefined;
|
|
3016
|
+
}> | undefined;
|
|
3017
|
+
} | undefined;
|
|
3018
|
+
allow?: string[] | undefined;
|
|
3019
|
+
ask?: string[] | undefined;
|
|
3020
|
+
deny?: string[] | undefined;
|
|
3021
|
+
token?: string | undefined;
|
|
3022
|
+
extends?: string[] | undefined;
|
|
3023
|
+
tool_overrides?: Record<string, {
|
|
3024
|
+
description?: string | undefined;
|
|
3025
|
+
alias_of?: string | undefined;
|
|
3026
|
+
sandbox_presets?: string | string[] | undefined;
|
|
3027
|
+
sandbox?: {
|
|
3028
|
+
filesystem?: {
|
|
3029
|
+
allow_write?: string[] | undefined;
|
|
3030
|
+
deny_read?: string[] | undefined;
|
|
3031
|
+
deny_write?: string[] | undefined;
|
|
3032
|
+
allow_read?: string[] | undefined;
|
|
3033
|
+
} | undefined;
|
|
3034
|
+
network?: {
|
|
3035
|
+
allowed_domains?: string[] | undefined;
|
|
3036
|
+
denied_domains?: string[] | undefined;
|
|
3037
|
+
} | undefined;
|
|
3038
|
+
} | undefined;
|
|
3039
|
+
}> | undefined;
|
|
3040
|
+
exec?: {
|
|
3041
|
+
env?: Record<string, string> | undefined;
|
|
3042
|
+
allow?: string[] | undefined;
|
|
3043
|
+
ask?: string[] | undefined;
|
|
3044
|
+
deny?: string[] | undefined;
|
|
3045
|
+
default_timeout_ms?: number | undefined;
|
|
3046
|
+
} | undefined;
|
|
3047
|
+
middleware?: {
|
|
3048
|
+
name: "schema-validator" | "rate-limiter" | "untrusted-envelope" | "strip-query-params" | "output-injection-detector" | "canary-token-injector" | "output-size-limiter" | "output-summarizer" | "injection-detector" | "sensitivity-classifier";
|
|
3049
|
+
model?: string | undefined;
|
|
3050
|
+
tools?: string[] | undefined;
|
|
3051
|
+
enabled?: boolean | undefined;
|
|
3052
|
+
exclude?: string[] | undefined;
|
|
3053
|
+
max_requests?: number | undefined;
|
|
3054
|
+
window_ms?: number | undefined;
|
|
3055
|
+
per?: "agent" | "tool" | undefined;
|
|
3056
|
+
mode?: "detect" | "mangle" | "escalate" | undefined;
|
|
3057
|
+
backend?: "regex" | "deberta" | "heuristic" | "llm" | undefined;
|
|
3058
|
+
inference_url?: string | undefined;
|
|
3059
|
+
threshold?: number | undefined;
|
|
3060
|
+
max_lines?: number | undefined;
|
|
3061
|
+
max_chars?: number | undefined;
|
|
3062
|
+
threshold_chars?: number | undefined;
|
|
3063
|
+
}[] | undefined;
|
|
3064
|
+
}> | undefined;
|
|
3065
|
+
approvals?: {
|
|
3066
|
+
timeout_ms?: number | undefined;
|
|
3067
|
+
provider?: {
|
|
3068
|
+
type: "telegram";
|
|
3069
|
+
bot_token: string;
|
|
3070
|
+
chat_id: string;
|
|
3071
|
+
} | {
|
|
3072
|
+
type: "openclaw";
|
|
3073
|
+
token: string;
|
|
3074
|
+
gateway_url?: string | undefined;
|
|
3075
|
+
session_key?: string | undefined;
|
|
3076
|
+
} | {
|
|
3077
|
+
type: "slack";
|
|
3078
|
+
webhook_url: string;
|
|
3079
|
+
} | {
|
|
3080
|
+
url: string;
|
|
3081
|
+
type: "webhook";
|
|
3082
|
+
headers?: Record<string, string> | undefined;
|
|
3083
|
+
} | {
|
|
3084
|
+
type: "tui";
|
|
3085
|
+
} | {
|
|
3086
|
+
type: "macos";
|
|
3087
|
+
sound?: string | undefined;
|
|
3088
|
+
} | {
|
|
3089
|
+
type: "dashboard";
|
|
3090
|
+
port?: number | undefined;
|
|
3091
|
+
} | {
|
|
3092
|
+
type: "stdio";
|
|
3093
|
+
} | ({
|
|
3094
|
+
type: "telegram";
|
|
3095
|
+
bot_token: string;
|
|
3096
|
+
chat_id: string;
|
|
3097
|
+
} | {
|
|
3098
|
+
type: "openclaw";
|
|
3099
|
+
token: string;
|
|
3100
|
+
gateway_url?: string | undefined;
|
|
3101
|
+
session_key?: string | undefined;
|
|
3102
|
+
} | {
|
|
3103
|
+
type: "slack";
|
|
3104
|
+
webhook_url: string;
|
|
3105
|
+
} | {
|
|
3106
|
+
url: string;
|
|
3107
|
+
type: "webhook";
|
|
3108
|
+
headers?: Record<string, string> | undefined;
|
|
3109
|
+
} | {
|
|
3110
|
+
type: "tui";
|
|
3111
|
+
} | {
|
|
3112
|
+
type: "macos";
|
|
3113
|
+
sound?: string | undefined;
|
|
3114
|
+
} | {
|
|
3115
|
+
type: "dashboard";
|
|
3116
|
+
port?: number | undefined;
|
|
3117
|
+
} | {
|
|
3118
|
+
type: "stdio";
|
|
3119
|
+
})[] | undefined;
|
|
3120
|
+
batch_window_ms?: number | undefined;
|
|
3121
|
+
} | undefined;
|
|
3122
|
+
security?: {
|
|
3123
|
+
blocked_hosts?: string[] | undefined;
|
|
3124
|
+
allowed_local?: string[] | undefined;
|
|
3125
|
+
} | undefined;
|
|
3126
|
+
audit?: {
|
|
3127
|
+
db_path?: string | undefined;
|
|
3128
|
+
retention_days?: number | undefined;
|
|
3129
|
+
redact_fields?: string[] | undefined;
|
|
3130
|
+
} | undefined;
|
|
3131
|
+
server?: {
|
|
3132
|
+
port?: number | undefined;
|
|
3133
|
+
host?: string | undefined;
|
|
3134
|
+
api_secret?: string | undefined;
|
|
3135
|
+
} | undefined;
|
|
3136
|
+
}>, {
|
|
3137
|
+
agents: {
|
|
3138
|
+
[k: string]: {
|
|
3139
|
+
http: {
|
|
3140
|
+
domain_allowlist: string[];
|
|
3141
|
+
max_response_bytes: number;
|
|
3142
|
+
timeout_ms: number;
|
|
3143
|
+
};
|
|
3144
|
+
sandbox: {
|
|
3145
|
+
filesystem: {
|
|
3146
|
+
allow_write: string[];
|
|
3147
|
+
deny_read: string[];
|
|
3148
|
+
deny_write: string[];
|
|
3149
|
+
allow_read?: string[] | undefined;
|
|
3150
|
+
};
|
|
3151
|
+
network: {
|
|
3152
|
+
allowed_domains: string[];
|
|
3153
|
+
denied_domains: string[];
|
|
3154
|
+
};
|
|
3155
|
+
enabled: boolean;
|
|
3156
|
+
presets: string[];
|
|
3157
|
+
overrides: Record<string, {
|
|
3158
|
+
filesystem?: {
|
|
3159
|
+
allow_write: string[];
|
|
3160
|
+
deny_read: string[];
|
|
3161
|
+
deny_write: string[];
|
|
3162
|
+
allow_read?: string[] | undefined;
|
|
3163
|
+
} | undefined;
|
|
3164
|
+
network?: {
|
|
3165
|
+
allowed_domains: string[];
|
|
3166
|
+
denied_domains: string[];
|
|
3167
|
+
} | undefined;
|
|
3168
|
+
}>;
|
|
3169
|
+
};
|
|
3170
|
+
allow: string[];
|
|
3171
|
+
ask: string[];
|
|
3172
|
+
deny: string[];
|
|
3173
|
+
extends: string[];
|
|
3174
|
+
tool_overrides: Record<string, {
|
|
3175
|
+
sandbox_presets: string[];
|
|
3176
|
+
description?: string | undefined;
|
|
3177
|
+
alias_of?: string | undefined;
|
|
3178
|
+
sandbox?: {
|
|
3179
|
+
filesystem?: {
|
|
3180
|
+
allow_write: string[];
|
|
3181
|
+
deny_read: string[];
|
|
3182
|
+
deny_write: string[];
|
|
3183
|
+
allow_read?: string[] | undefined;
|
|
3184
|
+
} | undefined;
|
|
3185
|
+
network?: {
|
|
3186
|
+
allowed_domains: string[];
|
|
3187
|
+
denied_domains: string[];
|
|
3188
|
+
} | undefined;
|
|
3189
|
+
} | undefined;
|
|
3190
|
+
}>;
|
|
3191
|
+
exec: {
|
|
3192
|
+
env: Record<string, string>;
|
|
3193
|
+
allow: string[];
|
|
3194
|
+
ask: string[];
|
|
3195
|
+
deny: string[];
|
|
3196
|
+
default_timeout_ms: number;
|
|
3197
|
+
};
|
|
3198
|
+
token?: string | undefined;
|
|
3199
|
+
middleware?: {
|
|
3200
|
+
name: "schema-validator" | "rate-limiter" | "untrusted-envelope" | "strip-query-params" | "output-injection-detector" | "canary-token-injector" | "output-size-limiter" | "output-summarizer" | "injection-detector" | "sensitivity-classifier";
|
|
3201
|
+
enabled: boolean;
|
|
3202
|
+
model?: string | undefined;
|
|
3203
|
+
tools?: string[] | undefined;
|
|
3204
|
+
exclude?: string[] | undefined;
|
|
3205
|
+
max_requests?: number | undefined;
|
|
3206
|
+
window_ms?: number | undefined;
|
|
3207
|
+
per?: "agent" | "tool" | undefined;
|
|
3208
|
+
mode?: "detect" | "mangle" | "escalate" | undefined;
|
|
3209
|
+
backend?: "regex" | "deberta" | "heuristic" | "llm" | undefined;
|
|
3210
|
+
inference_url?: string | undefined;
|
|
3211
|
+
threshold?: number | undefined;
|
|
3212
|
+
max_lines?: number | undefined;
|
|
3213
|
+
max_chars?: number | undefined;
|
|
3214
|
+
threshold_chars?: number | undefined;
|
|
3215
|
+
}[] | undefined;
|
|
3216
|
+
};
|
|
3217
|
+
};
|
|
3218
|
+
sandbox_presets: Record<string, {
|
|
3219
|
+
filesystem?: {
|
|
3220
|
+
allow_write: string[];
|
|
3221
|
+
deny_read: string[];
|
|
3222
|
+
deny_write: string[];
|
|
3223
|
+
allow_read?: string[] | undefined;
|
|
3224
|
+
} | undefined;
|
|
3225
|
+
network?: {
|
|
3226
|
+
allowed_domains: string[];
|
|
3227
|
+
denied_domains: string[];
|
|
3228
|
+
} | undefined;
|
|
3229
|
+
}>;
|
|
3230
|
+
providers: Record<string, {
|
|
3231
|
+
type: "stdio";
|
|
3232
|
+
command: string;
|
|
3233
|
+
args: string[];
|
|
3234
|
+
env?: Record<string, string> | undefined;
|
|
3235
|
+
} | {
|
|
3236
|
+
url: string;
|
|
3237
|
+
type: "sse";
|
|
3238
|
+
headers?: Record<string, string> | undefined;
|
|
3239
|
+
} | {
|
|
3240
|
+
url: string;
|
|
3241
|
+
type: "http";
|
|
3242
|
+
oauth: boolean;
|
|
3243
|
+
oauth_callback_port: number;
|
|
3244
|
+
headers?: Record<string, string> | undefined;
|
|
3245
|
+
} | "builtin">;
|
|
3246
|
+
profiles: Record<string, {
|
|
3247
|
+
allow: string[];
|
|
3248
|
+
ask: string[];
|
|
3249
|
+
}>;
|
|
3250
|
+
clis: Record<string, {
|
|
3251
|
+
max_output_bytes: number;
|
|
3252
|
+
commands: Record<string, {
|
|
3253
|
+
params: Record<string, {
|
|
3254
|
+
type: "string" | "number" | "boolean";
|
|
3255
|
+
required: boolean;
|
|
3256
|
+
positional: boolean;
|
|
3257
|
+
default?: string | number | boolean | undefined;
|
|
3258
|
+
description?: string | undefined;
|
|
3259
|
+
flag?: string | undefined;
|
|
3260
|
+
}>;
|
|
3261
|
+
timeout: number;
|
|
3262
|
+
exec: string;
|
|
3263
|
+
description?: string | undefined;
|
|
3264
|
+
cwd?: string | undefined;
|
|
3265
|
+
}>;
|
|
3266
|
+
cwd?: string | undefined;
|
|
3267
|
+
discovered?: string | undefined;
|
|
3268
|
+
shell?: string | undefined;
|
|
3269
|
+
}>;
|
|
3270
|
+
apis: Record<string, {
|
|
3271
|
+
max_response_bytes: number;
|
|
3272
|
+
timeout_ms: number;
|
|
3273
|
+
spec: string;
|
|
3274
|
+
exclude?: string[] | undefined;
|
|
3275
|
+
base_url?: string | undefined;
|
|
3276
|
+
auth?: {
|
|
3277
|
+
type: "bearer";
|
|
3278
|
+
token: string;
|
|
3279
|
+
} | {
|
|
3280
|
+
name: string;
|
|
3281
|
+
type: "header";
|
|
3282
|
+
value: string;
|
|
3283
|
+
} | undefined;
|
|
3284
|
+
include?: string[] | undefined;
|
|
3285
|
+
}>;
|
|
3286
|
+
approvals: {
|
|
3287
|
+
timeout_ms: number;
|
|
3288
|
+
provider: {
|
|
3289
|
+
type: "telegram";
|
|
3290
|
+
bot_token: string;
|
|
3291
|
+
chat_id: string;
|
|
3292
|
+
} | {
|
|
3293
|
+
type: "openclaw";
|
|
3294
|
+
token: string;
|
|
3295
|
+
gateway_url: string;
|
|
3296
|
+
session_key: string;
|
|
3297
|
+
} | {
|
|
3298
|
+
type: "slack";
|
|
3299
|
+
webhook_url: string;
|
|
3300
|
+
} | {
|
|
3301
|
+
url: string;
|
|
3302
|
+
type: "webhook";
|
|
3303
|
+
headers: Record<string, string>;
|
|
3304
|
+
} | {
|
|
3305
|
+
type: "tui";
|
|
3306
|
+
} | {
|
|
3307
|
+
type: "macos";
|
|
3308
|
+
sound?: string | undefined;
|
|
3309
|
+
} | {
|
|
3310
|
+
type: "dashboard";
|
|
3311
|
+
port: number;
|
|
3312
|
+
} | {
|
|
3313
|
+
type: "stdio";
|
|
3314
|
+
} | ({
|
|
3315
|
+
type: "telegram";
|
|
3316
|
+
bot_token: string;
|
|
3317
|
+
chat_id: string;
|
|
3318
|
+
} | {
|
|
3319
|
+
type: "openclaw";
|
|
3320
|
+
token: string;
|
|
3321
|
+
gateway_url: string;
|
|
3322
|
+
session_key: string;
|
|
3323
|
+
} | {
|
|
3324
|
+
type: "slack";
|
|
3325
|
+
webhook_url: string;
|
|
3326
|
+
} | {
|
|
3327
|
+
url: string;
|
|
3328
|
+
type: "webhook";
|
|
3329
|
+
headers: Record<string, string>;
|
|
3330
|
+
} | {
|
|
3331
|
+
type: "tui";
|
|
3332
|
+
} | {
|
|
3333
|
+
type: "macos";
|
|
3334
|
+
sound?: string | undefined;
|
|
3335
|
+
} | {
|
|
3336
|
+
type: "dashboard";
|
|
3337
|
+
port: number;
|
|
3338
|
+
} | {
|
|
3339
|
+
type: "stdio";
|
|
3340
|
+
})[];
|
|
3341
|
+
batch_window_ms: number;
|
|
3342
|
+
};
|
|
3343
|
+
security: {
|
|
3344
|
+
blocked_hosts: string[];
|
|
3345
|
+
allowed_local: string[];
|
|
3346
|
+
};
|
|
3347
|
+
audit: {
|
|
3348
|
+
db_path: string;
|
|
3349
|
+
retention_days: number;
|
|
3350
|
+
redact_fields: string[];
|
|
3351
|
+
};
|
|
3352
|
+
server: {
|
|
3353
|
+
port: number;
|
|
3354
|
+
host: string;
|
|
3355
|
+
api_secret?: string | undefined;
|
|
3356
|
+
};
|
|
3357
|
+
}, {
|
|
3358
|
+
sandbox_presets?: Record<string, {
|
|
3359
|
+
filesystem?: {
|
|
3360
|
+
allow_write?: string[] | undefined;
|
|
3361
|
+
deny_read?: string[] | undefined;
|
|
3362
|
+
deny_write?: string[] | undefined;
|
|
3363
|
+
allow_read?: string[] | undefined;
|
|
3364
|
+
} | undefined;
|
|
3365
|
+
network?: {
|
|
3366
|
+
allowed_domains?: string[] | undefined;
|
|
3367
|
+
denied_domains?: string[] | undefined;
|
|
3368
|
+
} | undefined;
|
|
3369
|
+
}> | undefined;
|
|
1907
3370
|
providers?: Record<string, {
|
|
1908
3371
|
type: "stdio";
|
|
1909
3372
|
command: string;
|
|
@@ -1966,6 +3429,32 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1966
3429
|
max_response_bytes?: number | undefined;
|
|
1967
3430
|
timeout_ms?: number | undefined;
|
|
1968
3431
|
} | undefined;
|
|
3432
|
+
sandbox?: {
|
|
3433
|
+
filesystem?: {
|
|
3434
|
+
allow_write?: string[] | undefined;
|
|
3435
|
+
deny_read?: string[] | undefined;
|
|
3436
|
+
deny_write?: string[] | undefined;
|
|
3437
|
+
allow_read?: string[] | undefined;
|
|
3438
|
+
} | undefined;
|
|
3439
|
+
network?: {
|
|
3440
|
+
allowed_domains?: string[] | undefined;
|
|
3441
|
+
denied_domains?: string[] | undefined;
|
|
3442
|
+
} | undefined;
|
|
3443
|
+
enabled?: boolean | undefined;
|
|
3444
|
+
presets?: string | string[] | undefined;
|
|
3445
|
+
overrides?: Record<string, {
|
|
3446
|
+
filesystem?: {
|
|
3447
|
+
allow_write?: string[] | undefined;
|
|
3448
|
+
deny_read?: string[] | undefined;
|
|
3449
|
+
deny_write?: string[] | undefined;
|
|
3450
|
+
allow_read?: string[] | undefined;
|
|
3451
|
+
} | undefined;
|
|
3452
|
+
network?: {
|
|
3453
|
+
allowed_domains?: string[] | undefined;
|
|
3454
|
+
denied_domains?: string[] | undefined;
|
|
3455
|
+
} | undefined;
|
|
3456
|
+
}> | undefined;
|
|
3457
|
+
} | undefined;
|
|
1969
3458
|
allow?: string[] | undefined;
|
|
1970
3459
|
ask?: string[] | undefined;
|
|
1971
3460
|
deny?: string[] | undefined;
|
|
@@ -1973,7 +3462,20 @@ export declare const GatewayConfig: z.ZodObject<{
|
|
|
1973
3462
|
extends?: string[] | undefined;
|
|
1974
3463
|
tool_overrides?: Record<string, {
|
|
1975
3464
|
description?: string | undefined;
|
|
1976
|
-
|
|
3465
|
+
alias_of?: string | undefined;
|
|
3466
|
+
sandbox_presets?: string | string[] | undefined;
|
|
3467
|
+
sandbox?: {
|
|
3468
|
+
filesystem?: {
|
|
3469
|
+
allow_write?: string[] | undefined;
|
|
3470
|
+
deny_read?: string[] | undefined;
|
|
3471
|
+
deny_write?: string[] | undefined;
|
|
3472
|
+
allow_read?: string[] | undefined;
|
|
3473
|
+
} | undefined;
|
|
3474
|
+
network?: {
|
|
3475
|
+
allowed_domains?: string[] | undefined;
|
|
3476
|
+
denied_domains?: string[] | undefined;
|
|
3477
|
+
} | undefined;
|
|
3478
|
+
} | undefined;
|
|
1977
3479
|
}> | undefined;
|
|
1978
3480
|
exec?: {
|
|
1979
3481
|
env?: Record<string, string> | undefined;
|