npm - cowork-os - Versions diffs - 0.3.21 - Mend

cowork-os 0.3.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/LICENSE +21 -0
package/README.md +1638 -0
package/bin/cowork.js +42 -0
package/build/entitlements.mac.plist +16 -0
package/build/icon.icns +0 -0
package/build/icon.png +0 -0
package/dist/electron/electron/activity/ActivityRepository.js +190 -0
package/dist/electron/electron/agent/browser/browser-service.js +639 -0
package/dist/electron/electron/agent/context-manager.js +225 -0
package/dist/electron/electron/agent/custom-skill-loader.js +566 -0
package/dist/electron/electron/agent/daemon.js +975 -0
package/dist/electron/electron/agent/executor.js +3561 -0
package/dist/electron/electron/agent/llm/anthropic-provider.js +155 -0
package/dist/electron/electron/agent/llm/bedrock-provider.js +202 -0
package/dist/electron/electron/agent/llm/gemini-provider.js +375 -0
package/dist/electron/electron/agent/llm/index.js +34 -0
package/dist/electron/electron/agent/llm/ollama-provider.js +263 -0
package/dist/electron/electron/agent/llm/openai-oauth.js +101 -0
package/dist/electron/electron/agent/llm/openai-provider.js +657 -0
package/dist/electron/electron/agent/llm/openrouter-provider.js +232 -0
package/dist/electron/electron/agent/llm/pricing.js +160 -0
package/dist/electron/electron/agent/llm/provider-factory.js +880 -0
package/dist/electron/electron/agent/llm/types.js +178 -0
package/dist/electron/electron/agent/queue-manager.js +378 -0
package/dist/electron/electron/agent/sandbox/docker-sandbox.js +402 -0
package/dist/electron/electron/agent/sandbox/macos-sandbox.js +407 -0
package/dist/electron/electron/agent/sandbox/runner.js +410 -0
package/dist/electron/electron/agent/sandbox/sandbox-factory.js +228 -0
package/dist/electron/electron/agent/sandbox/security-utils.js +258 -0
package/dist/electron/electron/agent/search/brave-provider.js +119 -0
package/dist/electron/electron/agent/search/google-provider.js +100 -0
package/dist/electron/electron/agent/search/index.js +28 -0
package/dist/electron/electron/agent/search/provider-factory.js +395 -0
package/dist/electron/electron/agent/search/serpapi-provider.js +112 -0
package/dist/electron/electron/agent/search/tavily-provider.js +90 -0
package/dist/electron/electron/agent/search/types.js +40 -0
package/dist/electron/electron/agent/security/index.js +12 -0
package/dist/electron/electron/agent/security/input-sanitizer.js +303 -0
package/dist/electron/electron/agent/security/output-filter.js +217 -0
package/dist/electron/electron/agent/skill-eligibility.js +281 -0
package/dist/electron/electron/agent/skill-registry.js +396 -0
package/dist/electron/electron/agent/skills/document.js +878 -0
package/dist/electron/electron/agent/skills/image-generator.js +225 -0
package/dist/electron/electron/agent/skills/organizer.js +141 -0
package/dist/electron/electron/agent/skills/presentation.js +367 -0
package/dist/electron/electron/agent/skills/spreadsheet.js +165 -0
package/dist/electron/electron/agent/tools/browser-tools.js +523 -0
package/dist/electron/electron/agent/tools/builtin-settings.js +384 -0
package/dist/electron/electron/agent/tools/canvas-tools.js +530 -0
package/dist/electron/electron/agent/tools/cron-tools.js +577 -0
package/dist/electron/electron/agent/tools/edit-tools.js +194 -0
package/dist/electron/electron/agent/tools/file-tools.js +719 -0
package/dist/electron/electron/agent/tools/glob-tools.js +283 -0
package/dist/electron/electron/agent/tools/grep-tools.js +387 -0
package/dist/electron/electron/agent/tools/image-tools.js +111 -0
package/dist/electron/electron/agent/tools/mention-tools.js +282 -0
package/dist/electron/electron/agent/tools/node-tools.js +476 -0
package/dist/electron/electron/agent/tools/registry.js +2719 -0
package/dist/electron/electron/agent/tools/search-tools.js +91 -0
package/dist/electron/electron/agent/tools/shell-tools.js +574 -0
package/dist/electron/electron/agent/tools/skill-tools.js +274 -0
package/dist/electron/electron/agent/tools/system-tools.js +578 -0
package/dist/electron/electron/agent/tools/web-fetch-tools.js +444 -0
package/dist/electron/electron/agent/tools/x-tools.js +264 -0
package/dist/electron/electron/agents/AgentRoleRepository.js +420 -0
package/dist/electron/electron/agents/HeartbeatService.js +356 -0
package/dist/electron/electron/agents/MentionRepository.js +197 -0
package/dist/electron/electron/agents/TaskSubscriptionRepository.js +168 -0
package/dist/electron/electron/agents/WorkingStateRepository.js +229 -0
package/dist/electron/electron/canvas/canvas-manager.js +714 -0
package/dist/electron/electron/canvas/canvas-preload.js +53 -0
package/dist/electron/electron/canvas/canvas-protocol.js +195 -0
package/dist/electron/electron/canvas/canvas-store.js +174 -0
package/dist/electron/electron/canvas/index.js +13 -0
package/dist/electron/electron/control-plane/client.js +364 -0
package/dist/electron/electron/control-plane/handlers.js +572 -0
package/dist/electron/electron/control-plane/index.js +41 -0
package/dist/electron/electron/control-plane/node-manager.js +264 -0
package/dist/electron/electron/control-plane/protocol.js +194 -0
package/dist/electron/electron/control-plane/remote-client.js +437 -0
package/dist/electron/electron/control-plane/server.js +640 -0
package/dist/electron/electron/control-plane/settings.js +369 -0
package/dist/electron/electron/control-plane/ssh-tunnel.js +549 -0
package/dist/electron/electron/cron/index.js +30 -0
package/dist/electron/electron/cron/schedule.js +190 -0
package/dist/electron/electron/cron/service.js +614 -0
package/dist/electron/electron/cron/store.js +155 -0
package/dist/electron/electron/cron/types.js +82 -0
package/dist/electron/electron/cron/webhook.js +258 -0
package/dist/electron/electron/database/SecureSettingsRepository.js +444 -0
package/dist/electron/electron/database/TaskLabelRepository.js +120 -0
package/dist/electron/electron/database/repositories.js +1781 -0
package/dist/electron/electron/database/schema.js +978 -0
package/dist/electron/electron/extensions/index.js +33 -0
package/dist/electron/electron/extensions/loader.js +313 -0
package/dist/electron/electron/extensions/registry.js +485 -0
package/dist/electron/electron/extensions/types.js +11 -0
package/dist/electron/electron/gateway/channel-registry.js +1102 -0
package/dist/electron/electron/gateway/channels/bluebubbles-client.js +479 -0
package/dist/electron/electron/gateway/channels/bluebubbles.js +432 -0
package/dist/electron/electron/gateway/channels/discord.js +975 -0
package/dist/electron/electron/gateway/channels/email-client.js +593 -0
package/dist/electron/electron/gateway/channels/email.js +443 -0
package/dist/electron/electron/gateway/channels/google-chat.js +631 -0
package/dist/electron/electron/gateway/channels/imessage-client.js +363 -0
package/dist/electron/electron/gateway/channels/imessage.js +465 -0
package/dist/electron/electron/gateway/channels/index.js +36 -0
package/dist/electron/electron/gateway/channels/line-client.js +470 -0
package/dist/electron/electron/gateway/channels/line.js +479 -0
package/dist/electron/electron/gateway/channels/matrix-client.js +432 -0
package/dist/electron/electron/gateway/channels/matrix.js +592 -0
package/dist/electron/electron/gateway/channels/mattermost-client.js +394 -0
package/dist/electron/electron/gateway/channels/mattermost.js +496 -0
package/dist/electron/electron/gateway/channels/signal-client.js +500 -0
package/dist/electron/electron/gateway/channels/signal.js +582 -0
package/dist/electron/electron/gateway/channels/slack.js +415 -0
package/dist/electron/electron/gateway/channels/teams.js +596 -0
package/dist/electron/electron/gateway/channels/telegram.js +1390 -0
package/dist/electron/electron/gateway/channels/twitch-client.js +502 -0
package/dist/electron/electron/gateway/channels/twitch.js +396 -0
package/dist/electron/electron/gateway/channels/types.js +8 -0
package/dist/electron/electron/gateway/channels/whatsapp.js +953 -0
package/dist/electron/electron/gateway/context-policy.js +268 -0
package/dist/electron/electron/gateway/index.js +1063 -0
package/dist/electron/electron/gateway/infrastructure.js +496 -0
package/dist/electron/electron/gateway/router.js +2700 -0
package/dist/electron/electron/gateway/security.js +375 -0
package/dist/electron/electron/gateway/session.js +115 -0
package/dist/electron/electron/gateway/tunnel.js +503 -0
package/dist/electron/electron/guardrails/guardrail-manager.js +348 -0
package/dist/electron/electron/hooks/gmail-watcher.js +300 -0
package/dist/electron/electron/hooks/index.js +46 -0
package/dist/electron/electron/hooks/mappings.js +381 -0
package/dist/electron/electron/hooks/server.js +480 -0
package/dist/electron/electron/hooks/settings.js +447 -0
package/dist/electron/electron/hooks/types.js +41 -0
package/dist/electron/electron/ipc/canvas-handlers.js +158 -0
package/dist/electron/electron/ipc/handlers.js +3138 -0
package/dist/electron/electron/ipc/mission-control-handlers.js +141 -0
package/dist/electron/electron/main.js +448 -0
package/dist/electron/electron/mcp/client/MCPClientManager.js +330 -0
package/dist/electron/electron/mcp/client/MCPServerConnection.js +437 -0
package/dist/electron/electron/mcp/client/transports/SSETransport.js +304 -0
package/dist/electron/electron/mcp/client/transports/StdioTransport.js +307 -0
package/dist/electron/electron/mcp/client/transports/WebSocketTransport.js +329 -0
package/dist/electron/electron/mcp/host/MCPHostServer.js +354 -0
package/dist/electron/electron/mcp/host/ToolAdapter.js +100 -0
package/dist/electron/electron/mcp/registry/MCPRegistryManager.js +497 -0
package/dist/electron/electron/mcp/settings.js +446 -0
package/dist/electron/electron/mcp/types.js +59 -0
package/dist/electron/electron/memory/MemoryService.js +435 -0
package/dist/electron/electron/notifications/index.js +17 -0
package/dist/electron/electron/notifications/service.js +118 -0
package/dist/electron/electron/notifications/store.js +144 -0
package/dist/electron/electron/preload.js +842 -0
package/dist/electron/electron/reports/StandupReportService.js +272 -0
package/dist/electron/electron/security/concurrency.js +293 -0
package/dist/electron/electron/security/index.js +15 -0
package/dist/electron/electron/security/policy-manager.js +435 -0
package/dist/electron/electron/settings/appearance-manager.js +193 -0
package/dist/electron/electron/settings/personality-manager.js +724 -0
package/dist/electron/electron/settings/x-manager.js +58 -0
package/dist/electron/electron/tailscale/exposure.js +188 -0
package/dist/electron/electron/tailscale/index.js +28 -0
package/dist/electron/electron/tailscale/settings.js +205 -0
package/dist/electron/electron/tailscale/tailscale.js +355 -0
package/dist/electron/electron/tray/QuickInputWindow.js +568 -0
package/dist/electron/electron/tray/TrayManager.js +895 -0
package/dist/electron/electron/tray/index.js +9 -0
package/dist/electron/electron/updater/index.js +6 -0
package/dist/electron/electron/updater/update-manager.js +418 -0
package/dist/electron/electron/utils/env-migration.js +209 -0
package/dist/electron/electron/utils/process.js +102 -0
package/dist/electron/electron/utils/rate-limiter.js +104 -0
package/dist/electron/electron/utils/validation.js +419 -0
package/dist/electron/electron/utils/x-cli.js +177 -0
package/dist/electron/electron/voice/VoiceService.js +507 -0
package/dist/electron/electron/voice/index.js +14 -0
package/dist/electron/electron/voice/voice-settings-manager.js +359 -0
package/dist/electron/shared/channelMessages.js +170 -0
package/dist/electron/shared/types.js +1185 -0
package/package.json +159 -0
package/resources/skills/1password.json +10 -0
package/resources/skills/add-documentation.json +31 -0
package/resources/skills/analyze-csv.json +17 -0
package/resources/skills/apple-notes.json +10 -0
package/resources/skills/apple-reminders.json +10 -0
package/resources/skills/auto-commenter.json +10 -0
package/resources/skills/bear-notes.json +10 -0
package/resources/skills/bird.json +35 -0
package/resources/skills/blogwatcher.json +10 -0
package/resources/skills/blucli.json +10 -0
package/resources/skills/bluebubbles.json +10 -0
package/resources/skills/camsnap.json +10 -0
package/resources/skills/clean-imports.json +18 -0
package/resources/skills/code-review.json +18 -0
package/resources/skills/coding-agent.json +10 -0
package/resources/skills/compare-files.json +23 -0
package/resources/skills/convert-code.json +34 -0
package/resources/skills/create-changelog.json +24 -0
package/resources/skills/debug-error.json +17 -0
package/resources/skills/dependency-check.json +10 -0
package/resources/skills/discord.json +10 -0
package/resources/skills/eightctl.json +10 -0
package/resources/skills/explain-code.json +29 -0
package/resources/skills/extract-todos.json +18 -0
package/resources/skills/food-order.json +10 -0
package/resources/skills/gemini.json +10 -0
package/resources/skills/generate-readme.json +10 -0
package/resources/skills/gifgrep.json +10 -0
package/resources/skills/git-commit.json +10 -0
package/resources/skills/github.json +10 -0
package/resources/skills/gog.json +10 -0
package/resources/skills/goplaces.json +10 -0
package/resources/skills/himalaya.json +10 -0
package/resources/skills/imsg.json +10 -0
package/resources/skills/karpathy-guidelines.json +12 -0
package/resources/skills/last30days.json +26 -0
package/resources/skills/local-places.json +10 -0
package/resources/skills/mcporter.json +10 -0
package/resources/skills/model-usage.json +10 -0
package/resources/skills/nano-banana-pro.json +10 -0
package/resources/skills/nano-pdf.json +10 -0
package/resources/skills/notion.json +10 -0
package/resources/skills/obsidian.json +10 -0
package/resources/skills/openai-image-gen.json +10 -0
package/resources/skills/openai-whisper-api.json +10 -0
package/resources/skills/openai-whisper.json +10 -0
package/resources/skills/openhue.json +10 -0
package/resources/skills/oracle.json +10 -0
package/resources/skills/ordercli.json +10 -0
package/resources/skills/peekaboo.json +10 -0
package/resources/skills/project-structure.json +10 -0
package/resources/skills/proofread.json +17 -0
package/resources/skills/refactor-code.json +31 -0
package/resources/skills/rename-symbol.json +23 -0
package/resources/skills/sag.json +10 -0
package/resources/skills/security-audit.json +18 -0
package/resources/skills/session-logs.json +10 -0
package/resources/skills/sherpa-onnx-tts.json +10 -0
package/resources/skills/skill-creator.json +15 -0
package/resources/skills/skill-hub.json +29 -0
package/resources/skills/slack.json +10 -0
package/resources/skills/songsee.json +10 -0
package/resources/skills/sonoscli.json +10 -0
package/resources/skills/spotify-player.json +10 -0
package/resources/skills/startup-cfo.json +55 -0
package/resources/skills/summarize-folder.json +18 -0
package/resources/skills/summarize.json +10 -0
package/resources/skills/things-mac.json +10 -0
package/resources/skills/tmux.json +10 -0
package/resources/skills/translate.json +36 -0
package/resources/skills/trello.json +10 -0
package/resources/skills/video-frames.json +10 -0
package/resources/skills/voice-call.json +10 -0
package/resources/skills/wacli.json +10 -0
package/resources/skills/weather.json +10 -0
package/resources/skills/write-tests.json +31 -0
package/src/electron/activity/ActivityRepository.ts +238 -0
package/src/electron/agent/browser/browser-service.ts +721 -0
package/src/electron/agent/context-manager.ts +257 -0
package/src/electron/agent/custom-skill-loader.ts +634 -0
package/src/electron/agent/daemon.ts +1097 -0
package/src/electron/agent/executor.ts +4017 -0
package/src/electron/agent/llm/anthropic-provider.ts +175 -0
package/src/electron/agent/llm/bedrock-provider.ts +236 -0
package/src/electron/agent/llm/gemini-provider.ts +422 -0
package/src/electron/agent/llm/index.ts +9 -0
package/src/electron/agent/llm/ollama-provider.ts +347 -0
package/src/electron/agent/llm/openai-oauth.ts +127 -0
package/src/electron/agent/llm/openai-provider.ts +686 -0
package/src/electron/agent/llm/openrouter-provider.ts +273 -0
package/src/electron/agent/llm/pricing.ts +180 -0
package/src/electron/agent/llm/provider-factory.ts +971 -0
package/src/electron/agent/llm/types.ts +291 -0
package/src/electron/agent/queue-manager.ts +408 -0
package/src/electron/agent/sandbox/docker-sandbox.ts +453 -0
package/src/electron/agent/sandbox/macos-sandbox.ts +426 -0
package/src/electron/agent/sandbox/runner.ts +453 -0
package/src/electron/agent/sandbox/sandbox-factory.ts +337 -0
package/src/electron/agent/sandbox/security-utils.ts +251 -0
package/src/electron/agent/search/brave-provider.ts +141 -0
package/src/electron/agent/search/google-provider.ts +131 -0
package/src/electron/agent/search/index.ts +6 -0
package/src/electron/agent/search/provider-factory.ts +450 -0
package/src/electron/agent/search/serpapi-provider.ts +138 -0
package/src/electron/agent/search/tavily-provider.ts +108 -0
package/src/electron/agent/search/types.ts +118 -0
package/src/electron/agent/security/index.ts +20 -0
package/src/electron/agent/security/input-sanitizer.ts +380 -0
package/src/electron/agent/security/output-filter.ts +259 -0
package/src/electron/agent/skill-eligibility.ts +334 -0
package/src/electron/agent/skill-registry.ts +457 -0
package/src/electron/agent/skills/document.ts +1070 -0
package/src/electron/agent/skills/image-generator.ts +272 -0
package/src/electron/agent/skills/organizer.ts +131 -0
package/src/electron/agent/skills/presentation.ts +418 -0
package/src/electron/agent/skills/spreadsheet.ts +166 -0
package/src/electron/agent/tools/browser-tools.ts +546 -0
package/src/electron/agent/tools/builtin-settings.ts +422 -0
package/src/electron/agent/tools/canvas-tools.ts +572 -0
package/src/electron/agent/tools/cron-tools.ts +723 -0
package/src/electron/agent/tools/edit-tools.ts +196 -0
package/src/electron/agent/tools/file-tools.ts +811 -0
package/src/electron/agent/tools/glob-tools.ts +303 -0
package/src/electron/agent/tools/grep-tools.ts +432 -0
package/src/electron/agent/tools/image-tools.ts +126 -0
package/src/electron/agent/tools/mention-tools.ts +371 -0
package/src/electron/agent/tools/node-tools.ts +550 -0
package/src/electron/agent/tools/registry.ts +3052 -0
package/src/electron/agent/tools/search-tools.ts +111 -0
package/src/electron/agent/tools/shell-tools.ts +651 -0
package/src/electron/agent/tools/skill-tools.ts +340 -0
package/src/electron/agent/tools/system-tools.ts +665 -0
package/src/electron/agent/tools/web-fetch-tools.ts +528 -0
package/src/electron/agent/tools/x-tools.ts +267 -0
package/src/electron/agents/AgentRoleRepository.ts +557 -0
package/src/electron/agents/HeartbeatService.ts +469 -0
package/src/electron/agents/MentionRepository.ts +242 -0
package/src/electron/agents/TaskSubscriptionRepository.ts +231 -0
package/src/electron/agents/WorkingStateRepository.ts +278 -0
package/src/electron/canvas/canvas-manager.ts +818 -0
package/src/electron/canvas/canvas-preload.ts +102 -0
package/src/electron/canvas/canvas-protocol.ts +174 -0
package/src/electron/canvas/canvas-store.ts +200 -0
package/src/electron/canvas/index.ts +8 -0
package/src/electron/control-plane/client.ts +527 -0
package/src/electron/control-plane/handlers.ts +723 -0
package/src/electron/control-plane/index.ts +51 -0
package/src/electron/control-plane/node-manager.ts +322 -0
package/src/electron/control-plane/protocol.ts +269 -0
package/src/electron/control-plane/remote-client.ts +517 -0
package/src/electron/control-plane/server.ts +853 -0
package/src/electron/control-plane/settings.ts +401 -0
package/src/electron/control-plane/ssh-tunnel.ts +624 -0
package/src/electron/cron/index.ts +9 -0
package/src/electron/cron/schedule.ts +217 -0
package/src/electron/cron/service.ts +743 -0
package/src/electron/cron/store.ts +165 -0
package/src/electron/cron/types.ts +291 -0
package/src/electron/cron/webhook.ts +303 -0
package/src/electron/database/SecureSettingsRepository.ts +514 -0
package/src/electron/database/TaskLabelRepository.ts +148 -0
package/src/electron/database/repositories.ts +2397 -0
package/src/electron/database/schema.ts +1017 -0
package/src/electron/extensions/index.ts +18 -0
package/src/electron/extensions/loader.ts +336 -0
package/src/electron/extensions/registry.ts +546 -0
package/src/electron/extensions/types.ts +372 -0
package/src/electron/gateway/channel-registry.ts +1267 -0
package/src/electron/gateway/channels/bluebubbles-client.ts +641 -0
package/src/electron/gateway/channels/bluebubbles.ts +509 -0
package/src/electron/gateway/channels/discord.ts +1150 -0
package/src/electron/gateway/channels/email-client.ts +708 -0
package/src/electron/gateway/channels/email.ts +516 -0
package/src/electron/gateway/channels/google-chat.ts +760 -0
package/src/electron/gateway/channels/imessage-client.ts +473 -0
package/src/electron/gateway/channels/imessage.ts +520 -0
package/src/electron/gateway/channels/index.ts +21 -0
package/src/electron/gateway/channels/line-client.ts +598 -0
package/src/electron/gateway/channels/line.ts +559 -0
package/src/electron/gateway/channels/matrix-client.ts +632 -0
package/src/electron/gateway/channels/matrix.ts +655 -0
package/src/electron/gateway/channels/mattermost-client.ts +526 -0
package/src/electron/gateway/channels/mattermost.ts +550 -0
package/src/electron/gateway/channels/signal-client.ts +722 -0
package/src/electron/gateway/channels/signal.ts +666 -0
package/src/electron/gateway/channels/slack.ts +458 -0
package/src/electron/gateway/channels/teams.ts +681 -0
package/src/electron/gateway/channels/telegram.ts +1727 -0
package/src/electron/gateway/channels/twitch-client.ts +665 -0
package/src/electron/gateway/channels/twitch.ts +468 -0
package/src/electron/gateway/channels/types.ts +1002 -0
package/src/electron/gateway/channels/whatsapp.ts +1101 -0
package/src/electron/gateway/context-policy.ts +382 -0
package/src/electron/gateway/index.ts +1274 -0
package/src/electron/gateway/infrastructure.ts +645 -0
package/src/electron/gateway/router.ts +3206 -0
package/src/electron/gateway/security.ts +422 -0
package/src/electron/gateway/session.ts +144 -0
package/src/electron/gateway/tunnel.ts +626 -0
package/src/electron/guardrails/guardrail-manager.ts +380 -0
package/src/electron/hooks/gmail-watcher.ts +355 -0
package/src/electron/hooks/index.ts +30 -0
package/src/electron/hooks/mappings.ts +404 -0
package/src/electron/hooks/server.ts +574 -0
package/src/electron/hooks/settings.ts +466 -0
package/src/electron/hooks/types.ts +245 -0
package/src/electron/ipc/canvas-handlers.ts +223 -0
package/src/electron/ipc/handlers.ts +3661 -0
package/src/electron/ipc/mission-control-handlers.ts +182 -0
package/src/electron/main.ts +496 -0
package/src/electron/mcp/client/MCPClientManager.ts +406 -0
package/src/electron/mcp/client/MCPServerConnection.ts +514 -0
package/src/electron/mcp/client/transports/SSETransport.ts +360 -0
package/src/electron/mcp/client/transports/StdioTransport.ts +355 -0
package/src/electron/mcp/client/transports/WebSocketTransport.ts +384 -0
package/src/electron/mcp/host/MCPHostServer.ts +388 -0
package/src/electron/mcp/host/ToolAdapter.ts +140 -0
package/src/electron/mcp/registry/MCPRegistryManager.ts +565 -0
package/src/electron/mcp/settings.ts +468 -0
package/src/electron/mcp/types.ts +371 -0
package/src/electron/memory/MemoryService.ts +523 -0
package/src/electron/notifications/index.ts +16 -0
package/src/electron/notifications/service.ts +161 -0
package/src/electron/notifications/store.ts +163 -0
package/src/electron/preload.ts +2845 -0
package/src/electron/reports/StandupReportService.ts +356 -0
package/src/electron/security/concurrency.ts +333 -0
package/src/electron/security/index.ts +17 -0
package/src/electron/security/policy-manager.ts +539 -0
package/src/electron/settings/appearance-manager.ts +182 -0
package/src/electron/settings/personality-manager.ts +800 -0
package/src/electron/settings/x-manager.ts +62 -0
package/src/electron/tailscale/exposure.ts +262 -0
package/src/electron/tailscale/index.ts +34 -0
package/src/electron/tailscale/settings.ts +218 -0
package/src/electron/tailscale/tailscale.ts +379 -0
package/src/electron/tray/QuickInputWindow.ts +609 -0
package/src/electron/tray/TrayManager.ts +1005 -0
package/src/electron/tray/index.ts +6 -0
package/src/electron/updater/index.ts +1 -0
package/src/electron/updater/update-manager.ts +447 -0
package/src/electron/utils/env-migration.ts +203 -0
package/src/electron/utils/process.ts +124 -0
package/src/electron/utils/rate-limiter.ts +130 -0
package/src/electron/utils/validation.ts +493 -0
package/src/electron/utils/x-cli.ts +198 -0
package/src/electron/voice/VoiceService.ts +583 -0
package/src/electron/voice/index.ts +9 -0
package/src/electron/voice/voice-settings-manager.ts +403 -0
package/src/renderer/App.tsx +775 -0
package/src/renderer/components/ActivityFeed.tsx +407 -0
package/src/renderer/components/ActivityFeedItem.tsx +285 -0
package/src/renderer/components/AgentRoleCard.tsx +343 -0
package/src/renderer/components/AgentRoleEditor.tsx +805 -0
package/src/renderer/components/AgentSquadSettings.tsx +295 -0
package/src/renderer/components/AgentWorkingStatePanel.tsx +411 -0
package/src/renderer/components/AppearanceSettings.tsx +122 -0
package/src/renderer/components/ApprovalDialog.tsx +100 -0
package/src/renderer/components/BlueBubblesSettings.tsx +505 -0
package/src/renderer/components/BuiltinToolsSettings.tsx +307 -0
package/src/renderer/components/CanvasPreview.tsx +1189 -0
package/src/renderer/components/CommandOutput.tsx +202 -0
package/src/renderer/components/ContextPolicySettings.tsx +523 -0
package/src/renderer/components/ControlPlaneSettings.tsx +1134 -0
package/src/renderer/components/DisclaimerModal.tsx +124 -0
package/src/renderer/components/DiscordSettings.tsx +436 -0
package/src/renderer/components/EmailSettings.tsx +606 -0
package/src/renderer/components/ExtensionsSettings.tsx +542 -0
package/src/renderer/components/FileViewer.tsx +224 -0
package/src/renderer/components/GoogleChatSettings.tsx +535 -0
package/src/renderer/components/GuardrailSettings.tsx +487 -0
package/src/renderer/components/HooksSettings.tsx +581 -0
package/src/renderer/components/ImessageSettings.tsx +484 -0
package/src/renderer/components/LineSettings.tsx +483 -0
package/src/renderer/components/MCPRegistryBrowser.tsx +386 -0
package/src/renderer/components/MCPSettings.tsx +943 -0
package/src/renderer/components/MainContent.tsx +2433 -0
package/src/renderer/components/MatrixSettings.tsx +510 -0
package/src/renderer/components/MattermostSettings.tsx +473 -0
package/src/renderer/components/MemorySettings.tsx +247 -0
package/src/renderer/components/MentionBadge.tsx +87 -0
package/src/renderer/components/MentionInput.tsx +409 -0
package/src/renderer/components/MentionList.tsx +476 -0
package/src/renderer/components/MissionControlPanel.tsx +1995 -0
package/src/renderer/components/NodesSettings.tsx +316 -0
package/src/renderer/components/NotificationPanel.tsx +481 -0
package/src/renderer/components/Onboarding/AwakeningOrb.tsx +44 -0
package/src/renderer/components/Onboarding/Onboarding.tsx +443 -0
package/src/renderer/components/Onboarding/TypewriterText.tsx +102 -0
package/src/renderer/components/Onboarding/index.ts +3 -0
package/src/renderer/components/OnboardingModal.tsx +698 -0
package/src/renderer/components/PairingCodeDisplay.tsx +324 -0
package/src/renderer/components/PersonalitySettings.tsx +597 -0
package/src/renderer/components/QueueSettings.tsx +119 -0
package/src/renderer/components/QuickTaskFAB.tsx +71 -0
package/src/renderer/components/RightPanel.tsx +413 -0
package/src/renderer/components/ScheduledTasksSettings.tsx +1328 -0
package/src/renderer/components/SearchSettings.tsx +328 -0
package/src/renderer/components/Settings.tsx +1504 -0
package/src/renderer/components/Sidebar.tsx +344 -0
package/src/renderer/components/SignalSettings.tsx +673 -0
package/src/renderer/components/SkillHubBrowser.tsx +458 -0
package/src/renderer/components/SkillParameterModal.tsx +185 -0
package/src/renderer/components/SkillsSettings.tsx +451 -0
package/src/renderer/components/SlackSettings.tsx +442 -0
package/src/renderer/components/StandupReportViewer.tsx +614 -0
package/src/renderer/components/TaskBoard.tsx +498 -0
package/src/renderer/components/TaskBoardCard.tsx +357 -0
package/src/renderer/components/TaskBoardColumn.tsx +211 -0
package/src/renderer/components/TaskLabelManager.tsx +472 -0
package/src/renderer/components/TaskQueuePanel.tsx +144 -0
package/src/renderer/components/TaskQuickActions.tsx +492 -0
package/src/renderer/components/TaskTimeline.tsx +216 -0
package/src/renderer/components/TaskView.tsx +162 -0
package/src/renderer/components/TeamsSettings.tsx +518 -0
package/src/renderer/components/TelegramSettings.tsx +421 -0
package/src/renderer/components/Toast.tsx +76 -0
package/src/renderer/components/TraySettings.tsx +189 -0
package/src/renderer/components/TwitchSettings.tsx +511 -0
package/src/renderer/components/UpdateSettings.tsx +295 -0
package/src/renderer/components/VoiceIndicator.tsx +270 -0
package/src/renderer/components/VoiceSettings.tsx +867 -0
package/src/renderer/components/WhatsAppSettings.tsx +721 -0
package/src/renderer/components/WorkingStateEditor.tsx +309 -0
package/src/renderer/components/WorkingStateHistory.tsx +481 -0
package/src/renderer/components/WorkspaceSelector.tsx +150 -0
package/src/renderer/components/XSettings.tsx +311 -0
package/src/renderer/global.d.ts +9 -0
package/src/renderer/hooks/useAgentContext.ts +153 -0
package/src/renderer/hooks/useOnboardingFlow.ts +548 -0
package/src/renderer/hooks/useVoiceInput.ts +268 -0
package/src/renderer/index.html +12 -0
package/src/renderer/main.tsx +10 -0
package/src/renderer/public/cowork-os-logo.png +0 -0
package/src/renderer/quick-input.html +164 -0
package/src/renderer/styles/index.css +14504 -0
package/src/renderer/utils/agentMessages.ts +749 -0
package/src/renderer/utils/voice-directives.ts +169 -0
package/src/shared/channelMessages.ts +213 -0
package/src/shared/types.ts +3608 -0
package/tsconfig.electron.json +26 -0
package/tsconfig.json +26 -0
package/tsconfig.node.json +10 -0
package/vite.config.ts +23 -0

package/dist/electron/electron/agent/sandbox/runner.js ADDED Viewed

@@ -0,0 +1,410 @@
+"use strict";
+/**
+ * SandboxRunner - Secure execution environment for shell commands
+ *
+ * This file maintains backward compatibility by re-exporting the refactored sandbox system.
+ *
+ * The sandbox system now supports:
+ * - macOS sandbox-exec profiles (native, preferred on macOS)
+ * - Docker containers (cross-platform, Linux/Windows)
+ * - No sandbox fallback (with timeout and output limits)
+ *
+ * Use createSandbox() from sandbox-factory.ts for new code.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SandboxRunner = exports.DockerSandbox = exports.MacOSSandbox = exports.NoSandbox = exports.isDockerAvailable = exports.detectAvailableSandbox = exports.createSandbox = void 0;
+exports.createSandboxRunner = createSandboxRunner;
+// Re-export the sandbox factory and types for backward compatibility
+// Note: SandboxOptions and SandboxResult are defined locally below to avoid conflicts
+var sandbox_factory_1 = require("./sandbox-factory");
+Object.defineProperty(exports, "createSandbox", { enumerable: true, get: function () { return sandbox_factory_1.createSandbox; } });
+Object.defineProperty(exports, "detectAvailableSandbox", { enumerable: true, get: function () { return sandbox_factory_1.detectAvailableSandbox; } });
+Object.defineProperty(exports, "isDockerAvailable", { enumerable: true, get: function () { return sandbox_factory_1.isDockerAvailable; } });
+Object.defineProperty(exports, "NoSandbox", { enumerable: true, get: function () { return sandbox_factory_1.NoSandbox; } });
+var macos_sandbox_1 = require("./macos-sandbox");
+Object.defineProperty(exports, "MacOSSandbox", { enumerable: true, get: function () { return macos_sandbox_1.MacOSSandbox; } });
+var docker_sandbox_1 = require("./docker-sandbox");
+Object.defineProperty(exports, "DockerSandbox", { enumerable: true, get: function () { return docker_sandbox_1.DockerSandbox; } });
+const child_process_1 = require("child_process");
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+const os = __importStar(require("os"));
+/**
+ * Default sandbox options
+ */
+const DEFAULT_OPTIONS = {
+    cwd: process.cwd(),
+    timeout: 5 * 60 * 1000, // 5 minutes
+    maxOutputSize: 100 * 1024, // 100KB
+    allowNetwork: false,
+    allowedReadPaths: [],
+    allowedWritePaths: [],
+    envPassthrough: ['PATH', 'HOME', 'USER', 'SHELL', 'LANG', 'TERM', 'TMPDIR'],
+};
+/**
+ * SandboxRunner manages secure command execution
+ */
+class SandboxRunner {
+    constructor(workspace) {
+        this.workspace = workspace;
+    }
+    /**
+     * Initialize sandbox environment
+     */
+    async initialize() {
+        // Generate sandbox profile for this workspace
+        this.sandboxProfile = this.generateSandboxProfile();
+    }
+    /**
+     * Execute a command in the sandbox
+     */
+    async execute(command, args = [], options = {}) {
+        const opts = { ...DEFAULT_OPTIONS, ...options };
+        // Determine working directory
+        const cwd = opts.cwd || this.workspace.path;
+        // Validate working directory is within allowed paths
+        if (!this.isPathAllowed(cwd, 'read')) {
+            return {
+                exitCode: 1,
+                stdout: '',
+                stderr: `Working directory not allowed: ${cwd}`,
+                killed: false,
+                timedOut: false,
+                error: 'Path access denied',
+            };
+        }
+        // Build minimal, safe environment
+        const env = this.buildSafeEnvironment(opts.envPassthrough);
+        // Check if we can use macOS sandbox-exec
+        const useSandboxExec = process.platform === 'darwin' && this.sandboxProfile;
+        let proc;
+        const spawnOptions = {
+            cwd,
+            env,
+            shell: true,
+            stdio: ['ignore', 'pipe', 'pipe'],
+        };
+        if (useSandboxExec && this.sandboxProfile) {
+            // Use sandbox-exec on macOS
+            const profilePath = this.writeTempProfile();
+            proc = (0, child_process_1.spawn)('sandbox-exec', ['-f', profilePath, '/bin/sh', '-c', `${command} ${args.join(' ')}`], spawnOptions);
+        }
+        else {
+            // Fallback: execute without OS-level sandboxing (still has resource limits)
+            proc = (0, child_process_1.spawn)('/bin/sh', ['-c', `${command} ${args.join(' ')}`], spawnOptions);
+        }
+        return new Promise((resolve) => {
+            let stdout = '';
+            let stderr = '';
+            let killed = false;
+            let timedOut = false;
+            // Timeout handler
+            const timeoutHandle = setTimeout(() => {
+                timedOut = true;
+                killed = true;
+                proc.kill('SIGKILL');
+            }, opts.timeout);
+            // Collect stdout
+            proc.stdout?.on('data', (data) => {
+                const chunk = data.toString();
+                if (stdout.length + chunk.length <= opts.maxOutputSize) {
+                    stdout += chunk;
+                }
+                else if (stdout.length < opts.maxOutputSize) {
+                    stdout += chunk.slice(0, opts.maxOutputSize - stdout.length);
+                    stdout += '\n[Output truncated]';
+                }
+            });
+            // Collect stderr
+            proc.stderr?.on('data', (data) => {
+                const chunk = data.toString();
+                if (stderr.length + chunk.length <= opts.maxOutputSize) {
+                    stderr += chunk;
+                }
+                else if (stderr.length < opts.maxOutputSize) {
+                    stderr += chunk.slice(0, opts.maxOutputSize - stderr.length);
+                    stderr += '\n[Output truncated]';
+                }
+            });
+            // Process completion
+            proc.on('close', (code) => {
+                clearTimeout(timeoutHandle);
+                resolve({
+                    exitCode: code ?? 1,
+                    stdout,
+                    stderr,
+                    killed,
+                    timedOut,
+                });
+            });
+            // Process error
+            proc.on('error', (err) => {
+                clearTimeout(timeoutHandle);
+                resolve({
+                    exitCode: 1,
+                    stdout,
+                    stderr: err.message,
+                    killed,
+                    timedOut,
+                    error: err.message,
+                });
+            });
+        });
+    }
+    /**
+     * Execute code in sandbox (for future scripting support)
+     */
+    async executeCode(code, language) {
+        // Create temp file with code
+        const ext = language === 'python' ? '.py' : '.js';
+        const tempFile = path.join(os.tmpdir(), `cowork_script_${Date.now()}${ext}`);
+        try {
+            fs.writeFileSync(tempFile, code, 'utf8');
+            const interpreter = language === 'python' ? 'python3' : 'node';
+            return await this.execute(interpreter, [tempFile], {
+                timeout: 60 * 1000, // 1 minute for scripts
+                allowNetwork: false,
+            });
+        }
+        finally {
+            // Cleanup temp file
+            try {
+                fs.unlinkSync(tempFile);
+            }
+            catch {
+                // Ignore cleanup errors
+            }
+        }
+    }
+    /**
+     * Cleanup sandbox resources
+     */
+    cleanup() {
+        // Clean up any temp files or resources
+        this.sandboxProfile = undefined;
+    }
+    /**
+     * Check if a path is allowed based on workspace permissions
+     */
+    isPathAllowed(targetPath, mode) {
+        const normalizedTarget = path.resolve(targetPath);
+        const normalizedWorkspace = path.resolve(this.workspace.path);
+        // Always allow paths within workspace
+        if (normalizedTarget.startsWith(normalizedWorkspace)) {
+            return true;
+        }
+        // Check unrestricted access
+        if (this.workspace.permissions.unrestrictedFileAccess) {
+            return true;
+        }
+        // Check allowed paths
+        const allowedPaths = this.workspace.permissions.allowedPaths || [];
+        for (const allowed of allowedPaths) {
+            const normalizedAllowed = path.resolve(allowed);
+            if (normalizedTarget.startsWith(normalizedAllowed)) {
+                return true;
+            }
+        }
+        // System paths for read-only access
+        if (mode === 'read') {
+            const systemReadPaths = [
+                '/usr/bin',
+                '/usr/local/bin',
+                '/bin',
+                '/usr/lib',
+                '/System',
+                os.tmpdir(),
+            ];
+            for (const sysPath of systemReadPaths) {
+                if (normalizedTarget.startsWith(sysPath)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+    /**
+     * Build a minimal, safe environment for command execution
+     */
+    buildSafeEnvironment(passthrough) {
+        const safeEnv = {};
+        // Only pass through allowed environment variables
+        for (const key of passthrough) {
+            if (process.env[key]) {
+                safeEnv[key] = process.env[key];
+            }
+        }
+        // Set safe defaults
+        safeEnv.HOME = process.env.HOME || os.homedir();
+        safeEnv.USER = process.env.USER || os.userInfo().username;
+        safeEnv.SHELL = process.env.SHELL || '/bin/bash';
+        safeEnv.TERM = 'xterm-256color';
+        safeEnv.LANG = process.env.LANG || 'en_US.UTF-8';
+        safeEnv.TMPDIR = os.tmpdir();
+        // Minimal PATH with only standard locations
+        safeEnv.PATH = [
+            '/usr/local/bin',
+            '/usr/bin',
+            '/bin',
+            '/usr/sbin',
+            '/sbin',
+        ].join(':');
+        // Add homebrew paths on macOS
+        if (process.platform === 'darwin') {
+            safeEnv.PATH = `/opt/homebrew/bin:/opt/homebrew/sbin:${safeEnv.PATH}`;
+        }
+        return safeEnv;
+    }
+    /**
+     * Generate macOS sandbox-exec profile
+     */
+    generateSandboxProfile() {
+        const workspacePath = this.workspace.path;
+        const permissions = this.workspace.permissions;
+        const tempDir = os.tmpdir();
+        const homeDir = os.homedir();
+        let profile = `(version 1)
+(deny default)
+; Allow basic process operations
+(allow process-fork)
+(allow process-exec)
+(allow signal)
+; Allow sysctl for system info
+(allow sysctl-read)
+; Allow reading system libraries and binaries
+(allow file-read*
+  (subpath "/usr/lib")
+  (subpath "/usr/bin")
+  (subpath "/bin")
+  (subpath "/usr/local")
+  (subpath "/System")
+  (subpath "/Library/Frameworks")
+  (subpath "/Applications/Xcode.app")
+  (subpath "/private/var/db")
+  (literal "/dev/null")
+  (literal "/dev/urandom")
+  (literal "/dev/random")
+  (subpath "/private/tmp")
+  (subpath "${tempDir}")
+)
+; Allow homebrew on macOS
+(allow file-read* (subpath "/opt/homebrew"))
+; Allow reading workspace
+(allow file-read* (subpath "${workspacePath}"))
+`;
+        // Allow writing to workspace if permitted
+        if (permissions.write) {
+            profile += `
+; Allow writing to workspace
+(allow file-write* (subpath "${workspacePath}"))
+`;
+        }
+        // Allow writing to temp directories
+        profile += `
+; Allow writing to temp directories
+(allow file-write*
+  (subpath "/private/tmp")
+  (subpath "${tempDir}")
+  (subpath "/private/var/folders")
+)
+`;
+        // Allow network if permitted
+        if (permissions.network) {
+            profile += `
+; Allow network access
+(allow network*)
+`;
+        }
+        else {
+            profile += `
+; Deny network access (except localhost)
+(deny network*)
+(allow network* (local ip "localhost:*"))
+`;
+        }
+        // Allow additional read paths
+        const allowedPaths = permissions.allowedPaths || [];
+        for (const allowedPath of allowedPaths) {
+            profile += `(allow file-read* (subpath "${allowedPath}"))\n`;
+            if (permissions.write) {
+                profile += `(allow file-write* (subpath "${allowedPath}"))\n`;
+            }
+        }
+        // Allow mach services needed for basic operation
+        profile += `
+; Allow essential mach services
+(allow mach-lookup
+  (global-name "com.apple.CoreServices.coreservicesd")
+  (global-name "com.apple.SecurityServer")
+  (global-name "com.apple.system.logger")
+  (global-name "com.apple.cfprefsd.daemon")
+  (global-name "com.apple.cfprefsd.agent")
+)
+`;
+        return profile;
+    }
+    /**
+     * Write sandbox profile to temp file
+     */
+    writeTempProfile() {
+        const profilePath = path.join(os.tmpdir(), `cowork_sandbox_${Date.now()}.sb`);
+        fs.writeFileSync(profilePath, this.sandboxProfile, 'utf8');
+        // Schedule cleanup
+        setTimeout(() => {
+            try {
+                fs.unlinkSync(profilePath);
+            }
+            catch {
+                // Ignore cleanup errors
+            }
+        }, 60 * 1000); // Clean up after 1 minute
+        return profilePath;
+    }
+}
+exports.SandboxRunner = SandboxRunner;
+/**
+ * Create a sandboxed command executor for a workspace
+ */
+async function createSandboxRunner(workspace) {
+    const runner = new SandboxRunner(workspace);
+    await runner.initialize();
+    return runner;
+}

package/dist/electron/electron/agent/sandbox/sandbox-factory.js ADDED Viewed

@@ -0,0 +1,228 @@
+"use strict";
+/**
+ * Sandbox Factory
+ *
+ * Provides a unified interface for sandbox implementations and factory
+ * function to create the appropriate sandbox based on platform and availability.
+ *
+ * Supports:
+ * - macOS sandbox-exec (native, preferred on macOS)
+ * - Docker containers (cross-platform)
+ * - No sandbox (fallback)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NoSandbox = void 0;
+exports.isDockerAvailable = isDockerAvailable;
+exports.detectAvailableSandbox = detectAvailableSandbox;
+exports.createSandbox = createSandbox;
+exports.resetDockerCache = resetDockerCache;
+const macos_sandbox_1 = require("./macos-sandbox");
+const docker_sandbox_1 = require("./docker-sandbox");
+const child_process_1 = require("child_process");
+const security_utils_1 = require("./security-utils");
+/**
+ * No-op sandbox implementation for when sandboxing is unavailable
+ * Still enforces timeouts and output limits, but no OS-level isolation
+ */
+class NoSandbox {
+    constructor(workspace) {
+        this.type = 'none';
+        this.workspace = workspace;
+    }
+    async initialize() {
+        // No initialization needed
+    }
+    async execute(command, args = [], options = {}) {
+        const timeout = options.timeout ?? 5 * 60 * 1000;
+        const maxOutputSize = options.maxOutputSize ?? 100 * 1024;
+        const cwd = options.cwd || this.workspace.path;
+        return new Promise((resolve) => {
+            let stdout = '';
+            let stderr = '';
+            let killed = false;
+            let timedOut = false;
+            const proc = (0, child_process_1.spawn)('/bin/sh', ['-c', `${command} ${args.join(' ')}`], {
+                cwd,
+                shell: true,
+                stdio: ['ignore', 'pipe', 'pipe'],
+            });
+            const timeoutHandle = setTimeout(() => {
+                timedOut = true;
+                killed = true;
+                proc.kill('SIGKILL');
+            }, timeout);
+            proc.stdout?.on('data', (data) => {
+                const chunk = data.toString();
+                if (stdout.length + chunk.length <= maxOutputSize) {
+                    stdout += chunk;
+                }
+                else if (stdout.length < maxOutputSize) {
+                    stdout += chunk.slice(0, maxOutputSize - stdout.length);
+                    stdout += '\n[Output truncated]';
+                }
+            });
+            proc.stderr?.on('data', (data) => {
+                const chunk = data.toString();
+                if (stderr.length + chunk.length <= maxOutputSize) {
+                    stderr += chunk;
+                }
+                else if (stderr.length < maxOutputSize) {
+                    stderr += chunk.slice(0, maxOutputSize - stderr.length);
+                    stderr += '\n[Output truncated]';
+                }
+            });
+            proc.on('close', (code) => {
+                clearTimeout(timeoutHandle);
+                resolve({
+                    exitCode: code ?? 1,
+                    stdout,
+                    stderr,
+                    killed,
+                    timedOut,
+                });
+            });
+            proc.on('error', (err) => {
+                clearTimeout(timeoutHandle);
+                resolve({
+                    exitCode: 1,
+                    stdout,
+                    stderr: err.message,
+                    killed,
+                    timedOut,
+                    error: err.message,
+                });
+            });
+        });
+    }
+    async executeCode(code, language) {
+        const ext = language === 'python' ? '.py' : '.js';
+        const { filePath, cleanup } = (0, security_utils_1.createSecureTempFile)(ext, code);
+        try {
+            const interpreter = language === 'python' ? 'python3' : 'node';
+            return await this.execute(interpreter, [filePath], {
+                timeout: 60 * 1000,
+                allowNetwork: false,
+            });
+        }
+        finally {
+            cleanup();
+        }
+    }
+    cleanup() {
+        // No cleanup needed
+    }
+}
+exports.NoSandbox = NoSandbox;
+/**
+ * Cached Docker availability status
+ */
+let dockerAvailable = null;
+let dockerCheckPromise = null;
+/**
+ * Check if Docker is available and running
+ */
+async function isDockerAvailable() {
+    // Return cached result if available
+    if (dockerAvailable !== null) {
+        return dockerAvailable;
+    }
+    // Return existing promise if check is in progress
+    if (dockerCheckPromise) {
+        return dockerCheckPromise;
+    }
+    dockerCheckPromise = new Promise((resolve) => {
+        const proc = (0, child_process_1.spawn)('docker', ['info'], {
+            stdio: ['ignore', 'pipe', 'pipe'],
+        });
+        let resolved = false;
+        const timeout = setTimeout(() => {
+            if (!resolved) {
+                resolved = true;
+                proc.kill();
+                dockerAvailable = false;
+                resolve(false);
+            }
+        }, 5000);
+        proc.on('close', (code) => {
+            clearTimeout(timeout);
+            if (!resolved) {
+                resolved = true;
+                dockerAvailable = code === 0;
+                resolve(dockerAvailable);
+            }
+        });
+        proc.on('error', () => {
+            clearTimeout(timeout);
+            if (!resolved) {
+                resolved = true;
+                dockerAvailable = false;
+                resolve(false);
+            }
+        });
+    });
+    return dockerCheckPromise;
+}
+/**
+ * Detect the best available sandbox type for the current platform
+ */
+async function detectAvailableSandbox() {
+    // On macOS, prefer native sandbox-exec
+    if (process.platform === 'darwin') {
+        return 'macos';
+    }
+    // On other platforms, check for Docker
+    if (await isDockerAvailable()) {
+        return 'docker';
+    }
+    // Fallback to no sandbox
+    return 'none';
+}
+/**
+ * Create a sandbox instance for the given workspace
+ *
+ * @param workspace - The workspace to create a sandbox for
+ * @param preferredType - Optional preferred sandbox type (overrides auto-detection)
+ * @returns An initialized sandbox instance
+ */
+async function createSandbox(workspace, preferredType) {
+    let sandboxType;
+    if (preferredType && preferredType !== 'auto') {
+        // Validate the preferred type is available
+        if (preferredType === 'macos' && process.platform !== 'darwin') {
+            console.warn('macOS sandbox requested but not on macOS, falling back to auto-detect');
+            sandboxType = await detectAvailableSandbox();
+        }
+        else if (preferredType === 'docker' && !(await isDockerAvailable())) {
+            console.warn('Docker sandbox requested but Docker not available, falling back to auto-detect');
+            sandboxType = await detectAvailableSandbox();
+        }
+        else {
+            sandboxType = preferredType;
+        }
+    }
+    else {
+        sandboxType = await detectAvailableSandbox();
+    }
+    let sandbox;
+    switch (sandboxType) {
+        case 'macos':
+            sandbox = new macos_sandbox_1.MacOSSandbox(workspace);
+            break;
+        case 'docker':
+            sandbox = new docker_sandbox_1.DockerSandbox(workspace);
+            break;
+        case 'none':
+        default:
+            sandbox = new NoSandbox(workspace);
+            break;
+    }
+    await sandbox.initialize();
+    return sandbox;
+}
+/**
+ * Reset Docker availability cache (useful for testing or after Docker installation)
+ */
+function resetDockerCache() {
+    dockerAvailable = null;
+    dockerCheckPromise = null;
+}