npm - clementine-agent - Versions diffs - 1.18.175 → 1.18.176 - Mend

clementine-agent 1.18.175 → 1.18.176

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/agent/run-agent.d.ts CHANGED Viewed

@@ -75,6 +75,10 @@ export interface RunAgentOptions {
     /** Optional explicit allowedTools list. When unset, falls back to a sensible default
      *  including Agent (so subagents can be spawned) + core SDK tools + Clementine MCP. */
     allowedTools?: string[];
+    /** Extra tools to pre-approve without making their built-in tools visible to
+     *  the main agent. Useful when the main agent may only call Agent, but the
+     *  forced subagent still needs pre-approved MCP/Clementine tools. */
+    permissionTools?: string[];
     /** SDK permission mode. Defaults to dontAsk so allowedTools is enforceable.
      *  Only explicit operator/full-surface paths should request bypassPermissions. */
     permissionMode?: ExecutionPermissionMode;

package/dist/agent/run-agent.js CHANGED Viewed

@@ -254,6 +254,27 @@ export async function runAgent(prompt, opts) {
         clementineServerName: TOOLS_SERVER,
         permissionMode: opts.permissionMode,
     });
+    const permissionToolPolicy = opts.permissionTools
+        ? buildExecutionToolPolicy({
+            requestedTools: opts.permissionTools,
+            defaultBuiltins: CORE_TOOLS_FOR_AGENT_PARENT,
+            mcpServerNames: policyMcpServerNames,
+            clementineServerName: TOOLS_SERVER,
+            permissionMode: opts.permissionMode,
+        })
+        : null;
+    const sdkAllowedTools = permissionToolPolicy
+        ? Array.from(new Set([...toolPolicy.allowedTools, ...permissionToolPolicy.allowedTools])).sort()
+        : toolPolicy.allowedTools;
+    const clementineToolAllowlist = (() => {
+        if (!permissionToolPolicy)
+            return toolPolicy.clementineToolAllowlist;
+        const parts = [toolPolicy.clementineToolAllowlist, permissionToolPolicy.clementineToolAllowlist]
+            .flatMap(v => v.split(',').map(s => s.trim()).filter(Boolean));
+        if (parts.includes('*'))
+            return '*';
+        return Array.from(new Set(parts)).sort().join(',');
+    })();
     // SDK accepts a Record<string, McpServerConfig> here. We cast on
     // assignment because we mix the always-on Clementine stdio server
     // with caller-supplied servers of various types.
@@ -267,7 +288,7 @@ export async function runAgent(prompt, opts) {
                 CLEMENTINE_HOME: BASE_DIR,
                 ...(opts.profile?.slug ? { CLEMENTINE_TEAM_AGENT: opts.profile.slug } : {}),
                 CLEMENTINE_INTERACTION_SOURCE: interactionSourceForSession(opts.sessionKey, source),
-                CLEMENTINE_TOOL_ALLOWLIST: toolPolicy.clementineToolAllowlist,
+                CLEMENTINE_TOOL_ALLOWLIST: clementineToolAllowlist,
             },
         },
         ...baseMcpServers,
@@ -407,7 +428,7 @@ export async function runAgent(prompt, opts) {
         // callers can mix stdio + http + sse server shapes.
         mcpServers: mcpServers,
         tools: toolPolicy.builtinTools,
-        allowedTools: toolPolicy.allowedTools,
+        allowedTools: sdkAllowedTools,
         permissionMode: toolPolicy.permissionMode,
         ...(sessionStore ? { sessionStore } : {}),
         ...(toolPolicy.allowDangerouslySkipPermissions
@@ -447,7 +468,7 @@ export async function runAgent(prompt, opts) {
         maxBudgetUsd: maxBudgetUsd ?? 'uncapped',
         agentCount: Object.keys(agents).length,
         allowedToolCount: allowedTools.length,
-        sdkAllowedToolCount: toolPolicy.allowedTools.length,
+        sdkAllowedToolCount: sdkAllowedTools.length,
         builtinToolCount: toolPolicy.builtinTools.length,
         permissionMode: toolPolicy.permissionMode,
         mcpServerCount: Object.keys(mcpServers).length,
@@ -739,7 +760,7 @@ export async function runAgent(prompt, opts) {
         ...(usage ? { usage } : {}),
         runId,
         permissionMode: toolPolicy.permissionMode,
-        allowedToolsApplied: toolPolicy.allowedTools,
+        allowedToolsApplied: sdkAllowedTools,
         builtinToolsApplied: toolPolicy.builtinTools,
         mcpServersApplied: Object.keys(mcpServers),
     };

package/dist/agent/run-skill.js CHANGED Viewed

@@ -417,6 +417,9 @@ export async function runSkill(name, options = {}) {
                 // the parent's context shape predictable and prevents it from
                 // doing data-heavy work itself even if the LLM disagrees.
                 allowedTools: ['Agent'],
+                // SDK permissions are session-level, so the worker's tools still
+                // need to be pre-approved even though the parent only sees Agent.
+                permissionTools: ['Agent', ...effectiveTools],
                 // Force-routing: SDK wraps the prompt with "Use the skill-worker
                 // agent to handle this request" so dispatch is the natural
                 // first action.

package/dist/gateway/router.js CHANGED Viewed

@@ -2368,7 +2368,10 @@ export class Gateway {
                 if (scheduledSkillName) {
                     const { runSkill } = await import('../agent/run-skill.js');
                     const configuredCap = tier >= 2 ? BUDGET.cronT2 : BUDGET.cronT1;
-                    const scheduledSkillBudget = configuredCap > 0 ? configuredCap : undefined;
+                    // Pass 0 through intentionally. It means "uncapped" and must
+                    // override skill-local clementine.limits.maxBudgetUsd values when
+                    // the operator has disabled global cron budgets.
+                    const scheduledSkillBudget = configuredCap > 0 ? configuredCap : 0;
                     logger.info({ jobName, skill: scheduledSkillName, agentSlug, tier, wallMs, path: 'run_skill' }, 'Routing scheduled skill through runSkill');
                     const skillResult = await runSkill(scheduledSkillName, {
                         sessionKey: `cron:${jobName}`,
@@ -2380,7 +2383,7 @@ export class Gateway {
                         projectWorkDir: workDir,
                         model,
                         ...(maxTurns ? { maxTurns } : {}),
-                        ...(scheduledSkillBudget !== undefined ? { maxBudgetUsd: scheduledSkillBudget } : {}),
+                        maxBudgetUsd: scheduledSkillBudget,
                         abortSignal: cronAc.signal,
                         context: `[Scheduled skill: ${jobName}]`,
                     });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.18.175",
+  "version": "1.18.176",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",