npm - cowork-os - Versions diffs - 0.3.21 - Mend

cowork-os 0.3.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (526) hide show

package/LICENSE +21 -0
package/README.md +1638 -0
package/bin/cowork.js +42 -0
package/build/entitlements.mac.plist +16 -0
package/build/icon.icns +0 -0
package/build/icon.png +0 -0
package/dist/electron/electron/activity/ActivityRepository.js +190 -0
package/dist/electron/electron/agent/browser/browser-service.js +639 -0
package/dist/electron/electron/agent/context-manager.js +225 -0
package/dist/electron/electron/agent/custom-skill-loader.js +566 -0
package/dist/electron/electron/agent/daemon.js +975 -0
package/dist/electron/electron/agent/executor.js +3561 -0
package/dist/electron/electron/agent/llm/anthropic-provider.js +155 -0
package/dist/electron/electron/agent/llm/bedrock-provider.js +202 -0
package/dist/electron/electron/agent/llm/gemini-provider.js +375 -0
package/dist/electron/electron/agent/llm/index.js +34 -0
package/dist/electron/electron/agent/llm/ollama-provider.js +263 -0
package/dist/electron/electron/agent/llm/openai-oauth.js +101 -0
package/dist/electron/electron/agent/llm/openai-provider.js +657 -0
package/dist/electron/electron/agent/llm/openrouter-provider.js +232 -0
package/dist/electron/electron/agent/llm/pricing.js +160 -0
package/dist/electron/electron/agent/llm/provider-factory.js +880 -0
package/dist/electron/electron/agent/llm/types.js +178 -0
package/dist/electron/electron/agent/queue-manager.js +378 -0
package/dist/electron/electron/agent/sandbox/docker-sandbox.js +402 -0
package/dist/electron/electron/agent/sandbox/macos-sandbox.js +407 -0
package/dist/electron/electron/agent/sandbox/runner.js +410 -0
package/dist/electron/electron/agent/sandbox/sandbox-factory.js +228 -0
package/dist/electron/electron/agent/sandbox/security-utils.js +258 -0
package/dist/electron/electron/agent/search/brave-provider.js +119 -0
package/dist/electron/electron/agent/search/google-provider.js +100 -0
package/dist/electron/electron/agent/search/index.js +28 -0
package/dist/electron/electron/agent/search/provider-factory.js +395 -0
package/dist/electron/electron/agent/search/serpapi-provider.js +112 -0
package/dist/electron/electron/agent/search/tavily-provider.js +90 -0
package/dist/electron/electron/agent/search/types.js +40 -0
package/dist/electron/electron/agent/security/index.js +12 -0
package/dist/electron/electron/agent/security/input-sanitizer.js +303 -0
package/dist/electron/electron/agent/security/output-filter.js +217 -0
package/dist/electron/electron/agent/skill-eligibility.js +281 -0
package/dist/electron/electron/agent/skill-registry.js +396 -0
package/dist/electron/electron/agent/skills/document.js +878 -0
package/dist/electron/electron/agent/skills/image-generator.js +225 -0
package/dist/electron/electron/agent/skills/organizer.js +141 -0
package/dist/electron/electron/agent/skills/presentation.js +367 -0
package/dist/electron/electron/agent/skills/spreadsheet.js +165 -0
package/dist/electron/electron/agent/tools/browser-tools.js +523 -0
package/dist/electron/electron/agent/tools/builtin-settings.js +384 -0
package/dist/electron/electron/agent/tools/canvas-tools.js +530 -0
package/dist/electron/electron/agent/tools/cron-tools.js +577 -0
package/dist/electron/electron/agent/tools/edit-tools.js +194 -0
package/dist/electron/electron/agent/tools/file-tools.js +719 -0
package/dist/electron/electron/agent/tools/glob-tools.js +283 -0
package/dist/electron/electron/agent/tools/grep-tools.js +387 -0
package/dist/electron/electron/agent/tools/image-tools.js +111 -0
package/dist/electron/electron/agent/tools/mention-tools.js +282 -0
package/dist/electron/electron/agent/tools/node-tools.js +476 -0
package/dist/electron/electron/agent/tools/registry.js +2719 -0
package/dist/electron/electron/agent/tools/search-tools.js +91 -0
package/dist/electron/electron/agent/tools/shell-tools.js +574 -0
package/dist/electron/electron/agent/tools/skill-tools.js +274 -0
package/dist/electron/electron/agent/tools/system-tools.js +578 -0
package/dist/electron/electron/agent/tools/web-fetch-tools.js +444 -0
package/dist/electron/electron/agent/tools/x-tools.js +264 -0
package/dist/electron/electron/agents/AgentRoleRepository.js +420 -0
package/dist/electron/electron/agents/HeartbeatService.js +356 -0
package/dist/electron/electron/agents/MentionRepository.js +197 -0
package/dist/electron/electron/agents/TaskSubscriptionRepository.js +168 -0
package/dist/electron/electron/agents/WorkingStateRepository.js +229 -0
package/dist/electron/electron/canvas/canvas-manager.js +714 -0
package/dist/electron/electron/canvas/canvas-preload.js +53 -0
package/dist/electron/electron/canvas/canvas-protocol.js +195 -0
package/dist/electron/electron/canvas/canvas-store.js +174 -0
package/dist/electron/electron/canvas/index.js +13 -0
package/dist/electron/electron/control-plane/client.js +364 -0
package/dist/electron/electron/control-plane/handlers.js +572 -0
package/dist/electron/electron/control-plane/index.js +41 -0
package/dist/electron/electron/control-plane/node-manager.js +264 -0
package/dist/electron/electron/control-plane/protocol.js +194 -0
package/dist/electron/electron/control-plane/remote-client.js +437 -0
package/dist/electron/electron/control-plane/server.js +640 -0
package/dist/electron/electron/control-plane/settings.js +369 -0
package/dist/electron/electron/control-plane/ssh-tunnel.js +549 -0
package/dist/electron/electron/cron/index.js +30 -0
package/dist/electron/electron/cron/schedule.js +190 -0
package/dist/electron/electron/cron/service.js +614 -0
package/dist/electron/electron/cron/store.js +155 -0
package/dist/electron/electron/cron/types.js +82 -0
package/dist/electron/electron/cron/webhook.js +258 -0
package/dist/electron/electron/database/SecureSettingsRepository.js +444 -0
package/dist/electron/electron/database/TaskLabelRepository.js +120 -0
package/dist/electron/electron/database/repositories.js +1781 -0
package/dist/electron/electron/database/schema.js +978 -0
package/dist/electron/electron/extensions/index.js +33 -0
package/dist/electron/electron/extensions/loader.js +313 -0
package/dist/electron/electron/extensions/registry.js +485 -0
package/dist/electron/electron/extensions/types.js +11 -0
package/dist/electron/electron/gateway/channel-registry.js +1102 -0
package/dist/electron/electron/gateway/channels/bluebubbles-client.js +479 -0
package/dist/electron/electron/gateway/channels/bluebubbles.js +432 -0
package/dist/electron/electron/gateway/channels/discord.js +975 -0
package/dist/electron/electron/gateway/channels/email-client.js +593 -0
package/dist/electron/electron/gateway/channels/email.js +443 -0
package/dist/electron/electron/gateway/channels/google-chat.js +631 -0
package/dist/electron/electron/gateway/channels/imessage-client.js +363 -0
package/dist/electron/electron/gateway/channels/imessage.js +465 -0
package/dist/electron/electron/gateway/channels/index.js +36 -0
package/dist/electron/electron/gateway/channels/line-client.js +470 -0
package/dist/electron/electron/gateway/channels/line.js +479 -0
package/dist/electron/electron/gateway/channels/matrix-client.js +432 -0
package/dist/electron/electron/gateway/channels/matrix.js +592 -0
package/dist/electron/electron/gateway/channels/mattermost-client.js +394 -0
package/dist/electron/electron/gateway/channels/mattermost.js +496 -0
package/dist/electron/electron/gateway/channels/signal-client.js +500 -0
package/dist/electron/electron/gateway/channels/signal.js +582 -0
package/dist/electron/electron/gateway/channels/slack.js +415 -0
package/dist/electron/electron/gateway/channels/teams.js +596 -0
package/dist/electron/electron/gateway/channels/telegram.js +1390 -0
package/dist/electron/electron/gateway/channels/twitch-client.js +502 -0
package/dist/electron/electron/gateway/channels/twitch.js +396 -0
package/dist/electron/electron/gateway/channels/types.js +8 -0
package/dist/electron/electron/gateway/channels/whatsapp.js +953 -0
package/dist/electron/electron/gateway/context-policy.js +268 -0
package/dist/electron/electron/gateway/index.js +1063 -0
package/dist/electron/electron/gateway/infrastructure.js +496 -0
package/dist/electron/electron/gateway/router.js +2700 -0
package/dist/electron/electron/gateway/security.js +375 -0
package/dist/electron/electron/gateway/session.js +115 -0
package/dist/electron/electron/gateway/tunnel.js +503 -0
package/dist/electron/electron/guardrails/guardrail-manager.js +348 -0
package/dist/electron/electron/hooks/gmail-watcher.js +300 -0
package/dist/electron/electron/hooks/index.js +46 -0
package/dist/electron/electron/hooks/mappings.js +381 -0
package/dist/electron/electron/hooks/server.js +480 -0
package/dist/electron/electron/hooks/settings.js +447 -0
package/dist/electron/electron/hooks/types.js +41 -0
package/dist/electron/electron/ipc/canvas-handlers.js +158 -0
package/dist/electron/electron/ipc/handlers.js +3138 -0
package/dist/electron/electron/ipc/mission-control-handlers.js +141 -0
package/dist/electron/electron/main.js +448 -0
package/dist/electron/electron/mcp/client/MCPClientManager.js +330 -0
package/dist/electron/electron/mcp/client/MCPServerConnection.js +437 -0
package/dist/electron/electron/mcp/client/transports/SSETransport.js +304 -0
package/dist/electron/electron/mcp/client/transports/StdioTransport.js +307 -0
package/dist/electron/electron/mcp/client/transports/WebSocketTransport.js +329 -0
package/dist/electron/electron/mcp/host/MCPHostServer.js +354 -0
package/dist/electron/electron/mcp/host/ToolAdapter.js +100 -0
package/dist/electron/electron/mcp/registry/MCPRegistryManager.js +497 -0
package/dist/electron/electron/mcp/settings.js +446 -0
package/dist/electron/electron/mcp/types.js +59 -0
package/dist/electron/electron/memory/MemoryService.js +435 -0
package/dist/electron/electron/notifications/index.js +17 -0
package/dist/electron/electron/notifications/service.js +118 -0
package/dist/electron/electron/notifications/store.js +144 -0
package/dist/electron/electron/preload.js +842 -0
package/dist/electron/electron/reports/StandupReportService.js +272 -0
package/dist/electron/electron/security/concurrency.js +293 -0
package/dist/electron/electron/security/index.js +15 -0
package/dist/electron/electron/security/policy-manager.js +435 -0
package/dist/electron/electron/settings/appearance-manager.js +193 -0
package/dist/electron/electron/settings/personality-manager.js +724 -0
package/dist/electron/electron/settings/x-manager.js +58 -0
package/dist/electron/electron/tailscale/exposure.js +188 -0
package/dist/electron/electron/tailscale/index.js +28 -0
package/dist/electron/electron/tailscale/settings.js +205 -0
package/dist/electron/electron/tailscale/tailscale.js +355 -0
package/dist/electron/electron/tray/QuickInputWindow.js +568 -0
package/dist/electron/electron/tray/TrayManager.js +895 -0
package/dist/electron/electron/tray/index.js +9 -0
package/dist/electron/electron/updater/index.js +6 -0
package/dist/electron/electron/updater/update-manager.js +418 -0
package/dist/electron/electron/utils/env-migration.js +209 -0
package/dist/electron/electron/utils/process.js +102 -0
package/dist/electron/electron/utils/rate-limiter.js +104 -0
package/dist/electron/electron/utils/validation.js +419 -0
package/dist/electron/electron/utils/x-cli.js +177 -0
package/dist/electron/electron/voice/VoiceService.js +507 -0
package/dist/electron/electron/voice/index.js +14 -0
package/dist/electron/electron/voice/voice-settings-manager.js +359 -0
package/dist/electron/shared/channelMessages.js +170 -0
package/dist/electron/shared/types.js +1185 -0
package/package.json +159 -0
package/resources/skills/1password.json +10 -0
package/resources/skills/add-documentation.json +31 -0
package/resources/skills/analyze-csv.json +17 -0
package/resources/skills/apple-notes.json +10 -0
package/resources/skills/apple-reminders.json +10 -0
package/resources/skills/auto-commenter.json +10 -0
package/resources/skills/bear-notes.json +10 -0
package/resources/skills/bird.json +35 -0
package/resources/skills/blogwatcher.json +10 -0
package/resources/skills/blucli.json +10 -0
package/resources/skills/bluebubbles.json +10 -0
package/resources/skills/camsnap.json +10 -0
package/resources/skills/clean-imports.json +18 -0
package/resources/skills/code-review.json +18 -0
package/resources/skills/coding-agent.json +10 -0
package/resources/skills/compare-files.json +23 -0
package/resources/skills/convert-code.json +34 -0
package/resources/skills/create-changelog.json +24 -0
package/resources/skills/debug-error.json +17 -0
package/resources/skills/dependency-check.json +10 -0
package/resources/skills/discord.json +10 -0
package/resources/skills/eightctl.json +10 -0
package/resources/skills/explain-code.json +29 -0
package/resources/skills/extract-todos.json +18 -0
package/resources/skills/food-order.json +10 -0
package/resources/skills/gemini.json +10 -0
package/resources/skills/generate-readme.json +10 -0
package/resources/skills/gifgrep.json +10 -0
package/resources/skills/git-commit.json +10 -0
package/resources/skills/github.json +10 -0
package/resources/skills/gog.json +10 -0
package/resources/skills/goplaces.json +10 -0
package/resources/skills/himalaya.json +10 -0
package/resources/skills/imsg.json +10 -0
package/resources/skills/karpathy-guidelines.json +12 -0
package/resources/skills/last30days.json +26 -0
package/resources/skills/local-places.json +10 -0
package/resources/skills/mcporter.json +10 -0
package/resources/skills/model-usage.json +10 -0
package/resources/skills/nano-banana-pro.json +10 -0
package/resources/skills/nano-pdf.json +10 -0
package/resources/skills/notion.json +10 -0
package/resources/skills/obsidian.json +10 -0
package/resources/skills/openai-image-gen.json +10 -0
package/resources/skills/openai-whisper-api.json +10 -0
package/resources/skills/openai-whisper.json +10 -0
package/resources/skills/openhue.json +10 -0
package/resources/skills/oracle.json +10 -0
package/resources/skills/ordercli.json +10 -0
package/resources/skills/peekaboo.json +10 -0
package/resources/skills/project-structure.json +10 -0
package/resources/skills/proofread.json +17 -0
package/resources/skills/refactor-code.json +31 -0
package/resources/skills/rename-symbol.json +23 -0
package/resources/skills/sag.json +10 -0
package/resources/skills/security-audit.json +18 -0
package/resources/skills/session-logs.json +10 -0
package/resources/skills/sherpa-onnx-tts.json +10 -0
package/resources/skills/skill-creator.json +15 -0
package/resources/skills/skill-hub.json +29 -0
package/resources/skills/slack.json +10 -0
package/resources/skills/songsee.json +10 -0
package/resources/skills/sonoscli.json +10 -0
package/resources/skills/spotify-player.json +10 -0
package/resources/skills/startup-cfo.json +55 -0
package/resources/skills/summarize-folder.json +18 -0
package/resources/skills/summarize.json +10 -0
package/resources/skills/things-mac.json +10 -0
package/resources/skills/tmux.json +10 -0
package/resources/skills/translate.json +36 -0
package/resources/skills/trello.json +10 -0
package/resources/skills/video-frames.json +10 -0
package/resources/skills/voice-call.json +10 -0
package/resources/skills/wacli.json +10 -0
package/resources/skills/weather.json +10 -0
package/resources/skills/write-tests.json +31 -0
package/src/electron/activity/ActivityRepository.ts +238 -0
package/src/electron/agent/browser/browser-service.ts +721 -0
package/src/electron/agent/context-manager.ts +257 -0
package/src/electron/agent/custom-skill-loader.ts +634 -0
package/src/electron/agent/daemon.ts +1097 -0
package/src/electron/agent/executor.ts +4017 -0
package/src/electron/agent/llm/anthropic-provider.ts +175 -0
package/src/electron/agent/llm/bedrock-provider.ts +236 -0
package/src/electron/agent/llm/gemini-provider.ts +422 -0
package/src/electron/agent/llm/index.ts +9 -0
package/src/electron/agent/llm/ollama-provider.ts +347 -0
package/src/electron/agent/llm/openai-oauth.ts +127 -0
package/src/electron/agent/llm/openai-provider.ts +686 -0
package/src/electron/agent/llm/openrouter-provider.ts +273 -0
package/src/electron/agent/llm/pricing.ts +180 -0
package/src/electron/agent/llm/provider-factory.ts +971 -0
package/src/electron/agent/llm/types.ts +291 -0
package/src/electron/agent/queue-manager.ts +408 -0
package/src/electron/agent/sandbox/docker-sandbox.ts +453 -0
package/src/electron/agent/sandbox/macos-sandbox.ts +426 -0
package/src/electron/agent/sandbox/runner.ts +453 -0
package/src/electron/agent/sandbox/sandbox-factory.ts +337 -0
package/src/electron/agent/sandbox/security-utils.ts +251 -0
package/src/electron/agent/search/brave-provider.ts +141 -0
package/src/electron/agent/search/google-provider.ts +131 -0
package/src/electron/agent/search/index.ts +6 -0
package/src/electron/agent/search/provider-factory.ts +450 -0
package/src/electron/agent/search/serpapi-provider.ts +138 -0
package/src/electron/agent/search/tavily-provider.ts +108 -0
package/src/electron/agent/search/types.ts +118 -0
package/src/electron/agent/security/index.ts +20 -0
package/src/electron/agent/security/input-sanitizer.ts +380 -0
package/src/electron/agent/security/output-filter.ts +259 -0
package/src/electron/agent/skill-eligibility.ts +334 -0
package/src/electron/agent/skill-registry.ts +457 -0
package/src/electron/agent/skills/document.ts +1070 -0
package/src/electron/agent/skills/image-generator.ts +272 -0
package/src/electron/agent/skills/organizer.ts +131 -0
package/src/electron/agent/skills/presentation.ts +418 -0
package/src/electron/agent/skills/spreadsheet.ts +166 -0
package/src/electron/agent/tools/browser-tools.ts +546 -0
package/src/electron/agent/tools/builtin-settings.ts +422 -0
package/src/electron/agent/tools/canvas-tools.ts +572 -0
package/src/electron/agent/tools/cron-tools.ts +723 -0
package/src/electron/agent/tools/edit-tools.ts +196 -0
package/src/electron/agent/tools/file-tools.ts +811 -0
package/src/electron/agent/tools/glob-tools.ts +303 -0
package/src/electron/agent/tools/grep-tools.ts +432 -0
package/src/electron/agent/tools/image-tools.ts +126 -0
package/src/electron/agent/tools/mention-tools.ts +371 -0
package/src/electron/agent/tools/node-tools.ts +550 -0
package/src/electron/agent/tools/registry.ts +3052 -0
package/src/electron/agent/tools/search-tools.ts +111 -0
package/src/electron/agent/tools/shell-tools.ts +651 -0
package/src/electron/agent/tools/skill-tools.ts +340 -0
package/src/electron/agent/tools/system-tools.ts +665 -0
package/src/electron/agent/tools/web-fetch-tools.ts +528 -0
package/src/electron/agent/tools/x-tools.ts +267 -0
package/src/electron/agents/AgentRoleRepository.ts +557 -0
package/src/electron/agents/HeartbeatService.ts +469 -0
package/src/electron/agents/MentionRepository.ts +242 -0
package/src/electron/agents/TaskSubscriptionRepository.ts +231 -0
package/src/electron/agents/WorkingStateRepository.ts +278 -0
package/src/electron/canvas/canvas-manager.ts +818 -0
package/src/electron/canvas/canvas-preload.ts +102 -0
package/src/electron/canvas/canvas-protocol.ts +174 -0
package/src/electron/canvas/canvas-store.ts +200 -0
package/src/electron/canvas/index.ts +8 -0
package/src/electron/control-plane/client.ts +527 -0
package/src/electron/control-plane/handlers.ts +723 -0
package/src/electron/control-plane/index.ts +51 -0
package/src/electron/control-plane/node-manager.ts +322 -0
package/src/electron/control-plane/protocol.ts +269 -0
package/src/electron/control-plane/remote-client.ts +517 -0
package/src/electron/control-plane/server.ts +853 -0
package/src/electron/control-plane/settings.ts +401 -0
package/src/electron/control-plane/ssh-tunnel.ts +624 -0
package/src/electron/cron/index.ts +9 -0
package/src/electron/cron/schedule.ts +217 -0
package/src/electron/cron/service.ts +743 -0
package/src/electron/cron/store.ts +165 -0
package/src/electron/cron/types.ts +291 -0
package/src/electron/cron/webhook.ts +303 -0
package/src/electron/database/SecureSettingsRepository.ts +514 -0
package/src/electron/database/TaskLabelRepository.ts +148 -0
package/src/electron/database/repositories.ts +2397 -0
package/src/electron/database/schema.ts +1017 -0
package/src/electron/extensions/index.ts +18 -0
package/src/electron/extensions/loader.ts +336 -0
package/src/electron/extensions/registry.ts +546 -0
package/src/electron/extensions/types.ts +372 -0
package/src/electron/gateway/channel-registry.ts +1267 -0
package/src/electron/gateway/channels/bluebubbles-client.ts +641 -0
package/src/electron/gateway/channels/bluebubbles.ts +509 -0
package/src/electron/gateway/channels/discord.ts +1150 -0
package/src/electron/gateway/channels/email-client.ts +708 -0
package/src/electron/gateway/channels/email.ts +516 -0
package/src/electron/gateway/channels/google-chat.ts +760 -0
package/src/electron/gateway/channels/imessage-client.ts +473 -0
package/src/electron/gateway/channels/imessage.ts +520 -0
package/src/electron/gateway/channels/index.ts +21 -0
package/src/electron/gateway/channels/line-client.ts +598 -0
package/src/electron/gateway/channels/line.ts +559 -0
package/src/electron/gateway/channels/matrix-client.ts +632 -0
package/src/electron/gateway/channels/matrix.ts +655 -0
package/src/electron/gateway/channels/mattermost-client.ts +526 -0
package/src/electron/gateway/channels/mattermost.ts +550 -0
package/src/electron/gateway/channels/signal-client.ts +722 -0
package/src/electron/gateway/channels/signal.ts +666 -0
package/src/electron/gateway/channels/slack.ts +458 -0
package/src/electron/gateway/channels/teams.ts +681 -0
package/src/electron/gateway/channels/telegram.ts +1727 -0
package/src/electron/gateway/channels/twitch-client.ts +665 -0
package/src/electron/gateway/channels/twitch.ts +468 -0
package/src/electron/gateway/channels/types.ts +1002 -0
package/src/electron/gateway/channels/whatsapp.ts +1101 -0
package/src/electron/gateway/context-policy.ts +382 -0
package/src/electron/gateway/index.ts +1274 -0
package/src/electron/gateway/infrastructure.ts +645 -0
package/src/electron/gateway/router.ts +3206 -0
package/src/electron/gateway/security.ts +422 -0
package/src/electron/gateway/session.ts +144 -0
package/src/electron/gateway/tunnel.ts +626 -0
package/src/electron/guardrails/guardrail-manager.ts +380 -0
package/src/electron/hooks/gmail-watcher.ts +355 -0
package/src/electron/hooks/index.ts +30 -0
package/src/electron/hooks/mappings.ts +404 -0
package/src/electron/hooks/server.ts +574 -0
package/src/electron/hooks/settings.ts +466 -0
package/src/electron/hooks/types.ts +245 -0
package/src/electron/ipc/canvas-handlers.ts +223 -0
package/src/electron/ipc/handlers.ts +3661 -0
package/src/electron/ipc/mission-control-handlers.ts +182 -0
package/src/electron/main.ts +496 -0
package/src/electron/mcp/client/MCPClientManager.ts +406 -0
package/src/electron/mcp/client/MCPServerConnection.ts +514 -0
package/src/electron/mcp/client/transports/SSETransport.ts +360 -0
package/src/electron/mcp/client/transports/StdioTransport.ts +355 -0
package/src/electron/mcp/client/transports/WebSocketTransport.ts +384 -0
package/src/electron/mcp/host/MCPHostServer.ts +388 -0
package/src/electron/mcp/host/ToolAdapter.ts +140 -0
package/src/electron/mcp/registry/MCPRegistryManager.ts +565 -0
package/src/electron/mcp/settings.ts +468 -0
package/src/electron/mcp/types.ts +371 -0
package/src/electron/memory/MemoryService.ts +523 -0
package/src/electron/notifications/index.ts +16 -0
package/src/electron/notifications/service.ts +161 -0
package/src/electron/notifications/store.ts +163 -0
package/src/electron/preload.ts +2845 -0
package/src/electron/reports/StandupReportService.ts +356 -0
package/src/electron/security/concurrency.ts +333 -0
package/src/electron/security/index.ts +17 -0
package/src/electron/security/policy-manager.ts +539 -0
package/src/electron/settings/appearance-manager.ts +182 -0
package/src/electron/settings/personality-manager.ts +800 -0
package/src/electron/settings/x-manager.ts +62 -0
package/src/electron/tailscale/exposure.ts +262 -0
package/src/electron/tailscale/index.ts +34 -0
package/src/electron/tailscale/settings.ts +218 -0
package/src/electron/tailscale/tailscale.ts +379 -0
package/src/electron/tray/QuickInputWindow.ts +609 -0
package/src/electron/tray/TrayManager.ts +1005 -0
package/src/electron/tray/index.ts +6 -0
package/src/electron/updater/index.ts +1 -0
package/src/electron/updater/update-manager.ts +447 -0
package/src/electron/utils/env-migration.ts +203 -0
package/src/electron/utils/process.ts +124 -0
package/src/electron/utils/rate-limiter.ts +130 -0
package/src/electron/utils/validation.ts +493 -0
package/src/electron/utils/x-cli.ts +198 -0
package/src/electron/voice/VoiceService.ts +583 -0
package/src/electron/voice/index.ts +9 -0
package/src/electron/voice/voice-settings-manager.ts +403 -0
package/src/renderer/App.tsx +775 -0
package/src/renderer/components/ActivityFeed.tsx +407 -0
package/src/renderer/components/ActivityFeedItem.tsx +285 -0
package/src/renderer/components/AgentRoleCard.tsx +343 -0
package/src/renderer/components/AgentRoleEditor.tsx +805 -0
package/src/renderer/components/AgentSquadSettings.tsx +295 -0
package/src/renderer/components/AgentWorkingStatePanel.tsx +411 -0
package/src/renderer/components/AppearanceSettings.tsx +122 -0
package/src/renderer/components/ApprovalDialog.tsx +100 -0
package/src/renderer/components/BlueBubblesSettings.tsx +505 -0
package/src/renderer/components/BuiltinToolsSettings.tsx +307 -0
package/src/renderer/components/CanvasPreview.tsx +1189 -0
package/src/renderer/components/CommandOutput.tsx +202 -0
package/src/renderer/components/ContextPolicySettings.tsx +523 -0
package/src/renderer/components/ControlPlaneSettings.tsx +1134 -0
package/src/renderer/components/DisclaimerModal.tsx +124 -0
package/src/renderer/components/DiscordSettings.tsx +436 -0
package/src/renderer/components/EmailSettings.tsx +606 -0
package/src/renderer/components/ExtensionsSettings.tsx +542 -0
package/src/renderer/components/FileViewer.tsx +224 -0
package/src/renderer/components/GoogleChatSettings.tsx +535 -0
package/src/renderer/components/GuardrailSettings.tsx +487 -0
package/src/renderer/components/HooksSettings.tsx +581 -0
package/src/renderer/components/ImessageSettings.tsx +484 -0
package/src/renderer/components/LineSettings.tsx +483 -0
package/src/renderer/components/MCPRegistryBrowser.tsx +386 -0
package/src/renderer/components/MCPSettings.tsx +943 -0
package/src/renderer/components/MainContent.tsx +2433 -0
package/src/renderer/components/MatrixSettings.tsx +510 -0
package/src/renderer/components/MattermostSettings.tsx +473 -0
package/src/renderer/components/MemorySettings.tsx +247 -0
package/src/renderer/components/MentionBadge.tsx +87 -0
package/src/renderer/components/MentionInput.tsx +409 -0
package/src/renderer/components/MentionList.tsx +476 -0
package/src/renderer/components/MissionControlPanel.tsx +1995 -0
package/src/renderer/components/NodesSettings.tsx +316 -0
package/src/renderer/components/NotificationPanel.tsx +481 -0
package/src/renderer/components/Onboarding/AwakeningOrb.tsx +44 -0
package/src/renderer/components/Onboarding/Onboarding.tsx +443 -0
package/src/renderer/components/Onboarding/TypewriterText.tsx +102 -0
package/src/renderer/components/Onboarding/index.ts +3 -0
package/src/renderer/components/OnboardingModal.tsx +698 -0
package/src/renderer/components/PairingCodeDisplay.tsx +324 -0
package/src/renderer/components/PersonalitySettings.tsx +597 -0
package/src/renderer/components/QueueSettings.tsx +119 -0
package/src/renderer/components/QuickTaskFAB.tsx +71 -0
package/src/renderer/components/RightPanel.tsx +413 -0
package/src/renderer/components/ScheduledTasksSettings.tsx +1328 -0
package/src/renderer/components/SearchSettings.tsx +328 -0
package/src/renderer/components/Settings.tsx +1504 -0
package/src/renderer/components/Sidebar.tsx +344 -0
package/src/renderer/components/SignalSettings.tsx +673 -0
package/src/renderer/components/SkillHubBrowser.tsx +458 -0
package/src/renderer/components/SkillParameterModal.tsx +185 -0
package/src/renderer/components/SkillsSettings.tsx +451 -0
package/src/renderer/components/SlackSettings.tsx +442 -0
package/src/renderer/components/StandupReportViewer.tsx +614 -0
package/src/renderer/components/TaskBoard.tsx +498 -0
package/src/renderer/components/TaskBoardCard.tsx +357 -0
package/src/renderer/components/TaskBoardColumn.tsx +211 -0
package/src/renderer/components/TaskLabelManager.tsx +472 -0
package/src/renderer/components/TaskQueuePanel.tsx +144 -0
package/src/renderer/components/TaskQuickActions.tsx +492 -0
package/src/renderer/components/TaskTimeline.tsx +216 -0
package/src/renderer/components/TaskView.tsx +162 -0
package/src/renderer/components/TeamsSettings.tsx +518 -0
package/src/renderer/components/TelegramSettings.tsx +421 -0
package/src/renderer/components/Toast.tsx +76 -0
package/src/renderer/components/TraySettings.tsx +189 -0
package/src/renderer/components/TwitchSettings.tsx +511 -0
package/src/renderer/components/UpdateSettings.tsx +295 -0
package/src/renderer/components/VoiceIndicator.tsx +270 -0
package/src/renderer/components/VoiceSettings.tsx +867 -0
package/src/renderer/components/WhatsAppSettings.tsx +721 -0
package/src/renderer/components/WorkingStateEditor.tsx +309 -0
package/src/renderer/components/WorkingStateHistory.tsx +481 -0
package/src/renderer/components/WorkspaceSelector.tsx +150 -0
package/src/renderer/components/XSettings.tsx +311 -0
package/src/renderer/global.d.ts +9 -0
package/src/renderer/hooks/useAgentContext.ts +153 -0
package/src/renderer/hooks/useOnboardingFlow.ts +548 -0
package/src/renderer/hooks/useVoiceInput.ts +268 -0
package/src/renderer/index.html +12 -0
package/src/renderer/main.tsx +10 -0
package/src/renderer/public/cowork-os-logo.png +0 -0
package/src/renderer/quick-input.html +164 -0
package/src/renderer/styles/index.css +14504 -0
package/src/renderer/utils/agentMessages.ts +749 -0
package/src/renderer/utils/voice-directives.ts +169 -0
package/src/shared/channelMessages.ts +213 -0
package/src/shared/types.ts +3608 -0
package/tsconfig.electron.json +26 -0
package/tsconfig.json +26 -0
package/tsconfig.node.json +10 -0
package/vite.config.ts +23 -0

package/src/electron/security/policy-manager.ts ADDED Viewed

@@ -0,0 +1,539 @@
+/**
+ * Security Policy Manager
+ *
+ * Implements monotonic policy precedence (deny-wins) for tool access control.
+ *
+ * Policy layers (evaluated in order):
+ * 1. Global Guardrails (blocked commands, patterns)
+ * 2. Workspace Permissions (read, write, delete, shell, network)
+ * 3. Context Restrictions (private/group/public channel context)
+ * 4. Tool-Specific Rules (per-tool overrides)
+ *
+ * Key invariant: Once a tool is denied by an earlier layer, later layers CANNOT re-enable it.
+ */
+import {
+  Workspace,
+  WorkspacePermissions,
+  ToolType,
+  ToolRiskLevel,
+  GatewayContextType,
+  TOOL_GROUPS,
+  ToolGroupName,
+  TOOL_RISK_LEVELS,
+  CONTEXT_TOOL_RESTRICTIONS,
+} from '../../shared/types';
+import { GuardrailSettings } from '../../shared/types';
+/**
+ * Result of a policy check
+ */
+export interface PolicyCheckResult {
+  allowed: boolean;
+  reason?: string;
+  deniedBy?: PolicyLayer;
+  requiresApproval?: boolean;
+  approvalReason?: string;
+}
+/**
+ * Policy layers in precedence order
+ */
+export type PolicyLayer =
+  | 'global_guardrails'
+  | 'workspace_permissions'
+  | 'context_restrictions'
+  | 'tool_specific';
+/**
+ * Policy decision at each layer
+ */
+export interface LayerDecision {
+  layer: PolicyLayer;
+  decision: 'allow' | 'deny' | 'require_approval' | 'pass';
+  reason?: string;
+}
+/**
+ * Context for policy evaluation
+ */
+export interface PolicyContext {
+  workspace: Workspace;
+  guardrails: GuardrailSettings;
+  gatewayContext?: GatewayContextType;
+  toolInput?: Record<string, any>;
+}
+/**
+ * Security Policy Manager implementing monotonic deny-wins precedence
+ */
+export class SecurityPolicyManager {
+  private deniedTools: Set<string> = new Set();
+  private approvalRequiredTools: Set<string> = new Set();
+  private layerDecisions: Map<string, LayerDecision[]> = new Map();
+  constructor(private context: PolicyContext) {
+    this.evaluateAllPolicies();
+  }
+  /**
+   * Check if a tool is allowed to execute
+   * Implements C2: Approval Gate Enforcement
+   */
+  checkToolAccess(toolName: string, input?: Record<string, any>): PolicyCheckResult {
+    // Check if tool was denied by any layer
+    if (this.deniedTools.has(toolName)) {
+      const decisions = this.layerDecisions.get(toolName) || [];
+      const denyDecision = decisions.find(d => d.decision === 'deny');
+      return {
+        allowed: false,
+        reason: denyDecision?.reason || `Tool "${toolName}" is not permitted`,
+        deniedBy: denyDecision?.layer,
+      };
+    }
+    // Check if tool requires approval
+    if (this.approvalRequiredTools.has(toolName)) {
+      const decisions = this.layerDecisions.get(toolName) || [];
+      const approvalDecision = decisions.find(d => d.decision === 'require_approval');
+      return {
+        allowed: true,
+        requiresApproval: true,
+        approvalReason: approvalDecision?.reason || `Tool "${toolName}" requires approval`,
+      };
+    }
+    // Tool-specific input validation for shell commands
+    if (toolName === 'run_command' && input?.command) {
+      const commandCheck = this.checkCommandPolicy(input.command);
+      if (!commandCheck.allowed) {
+        return commandCheck;
+      }
+    }
+    return { allowed: true };
+  }
+  /**
+   * Check if a command is allowed by guardrails
+   */
+  private checkCommandPolicy(command: string): PolicyCheckResult {
+    const { guardrails } = this.context;
+    // Check blocked patterns (always denied, cannot be overridden)
+    if (guardrails.blockDangerousCommands) {
+      const allBlockedPatterns = [
+        ...getDefaultBlockedPatterns(),
+        ...guardrails.customBlockedPatterns,
+      ];
+      for (const pattern of allBlockedPatterns) {
+        try {
+          const regex = new RegExp(pattern, 'i');
+          if (regex.test(command)) {
+            return {
+              allowed: false,
+              reason: `Command blocked by security policy: matches pattern "${pattern}"`,
+              deniedBy: 'global_guardrails',
+            };
+          }
+        } catch {
+          // Invalid regex pattern, skip
+        }
+      }
+    }
+    // Check trusted patterns (auto-approve)
+    // NOTE: Trusted patterns can NEVER override a deny - they only affect approval requirement
+    if (guardrails.autoApproveTrustedCommands) {
+      for (const pattern of guardrails.trustedCommandPatterns) {
+        if (matchGlobPattern(command, pattern)) {
+          return {
+            allowed: true,
+            requiresApproval: false,
+          };
+        }
+      }
+    }
+    // Default: requires approval for shell commands
+    return {
+      allowed: true,
+      requiresApproval: true,
+      approvalReason: 'Shell commands require approval',
+    };
+  }
+  /**
+   * Get all denied tools
+   */
+  getDeniedTools(): string[] {
+    return Array.from(this.deniedTools);
+  }
+  /**
+   * Get all tools requiring approval
+   */
+  getApprovalRequiredTools(): string[] {
+    return Array.from(this.approvalRequiredTools);
+  }
+  /**
+   * Get policy decisions for a tool (for debugging/audit)
+   */
+  getToolDecisions(toolName: string): LayerDecision[] {
+    return this.layerDecisions.get(toolName) || [];
+  }
+  /**
+   * Expand a tool group to individual tools
+   * Implements C4: Tool Group Expansion Accuracy
+   */
+  static expandToolGroup(groupName: ToolGroupName): readonly string[] {
+    return TOOL_GROUPS[groupName] || [];
+  }
+  /**
+   * Check if a tool belongs to a group
+   */
+  static isToolInGroup(toolName: string, groupName: ToolGroupName): boolean {
+    const tools = TOOL_GROUPS[groupName];
+    return tools ? (tools as readonly string[]).includes(toolName) : false;
+  }
+  /**
+   * Get risk level for a tool
+   */
+  static getToolRiskLevel(toolName: string): ToolRiskLevel | undefined {
+    return TOOL_RISK_LEVELS[toolName as ToolType];
+  }
+  // Private methods
+  /**
+   * Evaluate all policy layers and build the denied/approval-required sets
+   * Key invariant: Once denied, a tool stays denied (monotonic)
+   */
+  private evaluateAllPolicies(): void {
+    const allTools = this.getAllKnownTools();
+    for (const toolName of allTools) {
+      const decisions: LayerDecision[] = [];
+      // Layer 1: Global Guardrails
+      const guardrailDecision = this.evaluateGuardrailLayer(toolName);
+      decisions.push(guardrailDecision);
+      if (guardrailDecision.decision === 'deny') {
+        this.deniedTools.add(toolName);
+        this.layerDecisions.set(toolName, decisions);
+        continue; // Monotonic: skip remaining layers
+      }
+      // Layer 2: Workspace Permissions
+      const workspaceDecision = this.evaluateWorkspaceLayer(toolName);
+      decisions.push(workspaceDecision);
+      if (workspaceDecision.decision === 'deny') {
+        this.deniedTools.add(toolName);
+        this.layerDecisions.set(toolName, decisions);
+        continue; // Monotonic: skip remaining layers
+      }
+      // Layer 3: Context Restrictions (if gateway context is set)
+      if (this.context.gatewayContext) {
+        const contextDecision = this.evaluateContextLayer(toolName);
+        decisions.push(contextDecision);
+        if (contextDecision.decision === 'deny') {
+          this.deniedTools.add(toolName);
+          this.layerDecisions.set(toolName, decisions);
+          continue; // Monotonic: skip remaining layers
+        }
+        if (contextDecision.decision === 'require_approval') {
+          this.approvalRequiredTools.add(toolName);
+        }
+      }
+      // Layer 4: Tool-Specific Rules
+      const toolSpecificDecision = this.evaluateToolSpecificLayer(toolName);
+      decisions.push(toolSpecificDecision);
+      if (toolSpecificDecision.decision === 'deny') {
+        this.deniedTools.add(toolName);
+      } else if (toolSpecificDecision.decision === 'require_approval') {
+        this.approvalRequiredTools.add(toolName);
+      }
+      this.layerDecisions.set(toolName, decisions);
+    }
+  }
+  /**
+   * Layer 1: Global Guardrails
+   */
+  private evaluateGuardrailLayer(toolName: string): LayerDecision {
+    const { guardrails } = this.context;
+    // Network tools require network to be allowed in guardrails
+    if (SecurityPolicyManager.isToolInGroup(toolName, 'group:network')) {
+      if (guardrails.enforceAllowedDomains && guardrails.allowedDomains.length === 0) {
+        return {
+          layer: 'global_guardrails',
+          decision: 'deny',
+          reason: 'Network tools blocked: no allowed domains configured',
+        };
+      }
+    }
+    return { layer: 'global_guardrails', decision: 'pass' };
+  }
+  /**
+   * Layer 2: Workspace Permissions
+   */
+  private evaluateWorkspaceLayer(toolName: string): LayerDecision {
+    const { workspace } = this.context;
+    const permissions = workspace.permissions;
+    // Check read permission
+    if (SecurityPolicyManager.isToolInGroup(toolName, 'group:read')) {
+      if (!permissions.read) {
+        return {
+          layer: 'workspace_permissions',
+          decision: 'deny',
+          reason: 'Workspace does not have read permission',
+        };
+      }
+    }
+    // Check write permission
+    if (SecurityPolicyManager.isToolInGroup(toolName, 'group:write')) {
+      if (!permissions.write) {
+        return {
+          layer: 'workspace_permissions',
+          decision: 'deny',
+          reason: 'Workspace does not have write permission',
+        };
+      }
+    }
+    // Check delete permission
+    if (toolName === 'delete_file') {
+      if (!permissions.delete) {
+        return {
+          layer: 'workspace_permissions',
+          decision: 'require_approval',
+          reason: 'File deletion requires approval (delete permission not granted)',
+        };
+      }
+    }
+    // Check shell permission
+    if (toolName === 'run_command') {
+      if (!permissions.shell) {
+        return {
+          layer: 'workspace_permissions',
+          decision: 'deny',
+          reason: 'Workspace does not have shell permission',
+        };
+      }
+      // Shell commands always require approval even with permission
+      return {
+        layer: 'workspace_permissions',
+        decision: 'require_approval',
+        reason: 'Shell commands require approval',
+      };
+    }
+    // Check network permission
+    if (SecurityPolicyManager.isToolInGroup(toolName, 'group:network')) {
+      if (!permissions.network) {
+        return {
+          layer: 'workspace_permissions',
+          decision: 'deny',
+          reason: 'Workspace does not have network permission',
+        };
+      }
+    }
+    return { layer: 'workspace_permissions', decision: 'pass' };
+  }
+  /**
+   * Layer 3: Context Restrictions (Gateway context)
+   * Implements C1: Memory Tool Isolation in Shared Contexts
+   */
+  private evaluateContextLayer(toolName: string): LayerDecision {
+    const contextType = this.context.gatewayContext;
+    if (!contextType) {
+      return { layer: 'context_restrictions', decision: 'pass' };
+    }
+    const restrictions = CONTEXT_TOOL_RESTRICTIONS[contextType];
+    // Check if tool is explicitly denied
+    if (restrictions.deniedTools.includes(toolName)) {
+      return {
+        layer: 'context_restrictions',
+        decision: 'deny',
+        reason: `Tool "${toolName}" is not allowed in ${contextType} context`,
+      };
+    }
+    // Check if tool's group is denied
+    for (const groupName of restrictions.deniedGroups) {
+      if (SecurityPolicyManager.isToolInGroup(toolName, groupName)) {
+        return {
+          layer: 'context_restrictions',
+          decision: 'deny',
+          reason: `Tool group "${groupName}" is not allowed in ${contextType} context`,
+        };
+      }
+    }
+    // Check if tool requires approval in this context
+    if (restrictions.requireApprovalFor.includes(toolName)) {
+      return {
+        layer: 'context_restrictions',
+        decision: 'require_approval',
+        reason: `Tool "${toolName}" requires approval in ${contextType} context`,
+      };
+    }
+    return { layer: 'context_restrictions', decision: 'pass' };
+  }
+  /**
+   * Layer 4: Tool-Specific Rules
+   */
+  private evaluateToolSpecificLayer(toolName: string): LayerDecision {
+    // Destructive tools always require approval
+    const riskLevel = SecurityPolicyManager.getToolRiskLevel(toolName);
+    if (riskLevel === 'destructive') {
+      return {
+        layer: 'tool_specific',
+        decision: 'require_approval',
+        reason: `Destructive tool "${toolName}" requires approval`,
+      };
+    }
+    return { layer: 'tool_specific', decision: 'pass' };
+  }
+  /**
+   * Get all known tool names
+   */
+  private getAllKnownTools(): string[] {
+    const tools = new Set<string>();
+    // Add all tools from groups
+    for (const groupTools of Object.values(TOOL_GROUPS)) {
+      for (const tool of groupTools) {
+        tools.add(tool);
+      }
+    }
+    // Add tools from TOOL_RISK_LEVELS
+    for (const tool of Object.keys(TOOL_RISK_LEVELS)) {
+      tools.add(tool);
+    }
+    return Array.from(tools);
+  }
+}
+/**
+ * Default blocked command patterns (security-critical)
+ */
+function getDefaultBlockedPatterns(): string[] {
+  return [
+    'sudo',
+    'rm\\s+-rf\\s+/',
+    'rm\\s+-rf\\s+~',
+    'rm\\s+-rf\\s+/\\*',
+    'rm\\s+-rf\\s+\\*',
+    'mkfs',
+    'dd\\s+if=',
+    ':\\(\\)\\{\\s*:\\|:\\&\\s*\\};:', // Fork bomb
+    'curl.*\\|.*bash',
+    'wget.*\\|.*bash',
+    'curl.*\\|.*sh',
+    'wget.*\\|.*sh',
+    'chmod\\s+777',
+    '>\\s*/dev/sd',
+    'mv\\s+/\\*',
+    'format\\s+c:',
+    'del\\s+/f\\s+/s\\s+/q',
+  ];
+}
+/**
+ * Match a command against a glob-like pattern
+ */
+function matchGlobPattern(command: string, pattern: string): boolean {
+  // Convert glob pattern to regex
+  const regexPattern = pattern
+    .replace(/[.+^${}()|[\]\\]/g, '\\$&') // Escape special chars except * and ?
+    .replace(/\*/g, '.*')
+    .replace(/\?/g, '.');
+  try {
+    const regex = new RegExp(`^${regexPattern}$`, 'i');
+    return regex.test(command);
+  } catch {
+    return false;
+  }
+}
+/**
+ * Create a policy manager for a workspace context
+ */
+export function createPolicyManager(
+  workspace: Workspace,
+  guardrails: GuardrailSettings,
+  gatewayContext?: GatewayContextType
+): SecurityPolicyManager {
+  return new SecurityPolicyManager({
+    workspace,
+    guardrails,
+    gatewayContext,
+  });
+}
+/**
+ * Quick check if a tool is allowed (without full policy evaluation)
+ * Use for filtering tool lists before presenting to LLM
+ */
+export function isToolAllowedQuick(
+  toolName: string,
+  workspace: Workspace,
+  gatewayContext?: GatewayContextType
+): boolean {
+  const permissions = workspace.permissions;
+  // Check basic permissions
+  if (SecurityPolicyManager.isToolInGroup(toolName, 'group:read') && !permissions.read) {
+    return false;
+  }
+  if (SecurityPolicyManager.isToolInGroup(toolName, 'group:write') && !permissions.write) {
+    return false;
+  }
+  if (toolName === 'run_command' && !permissions.shell) {
+    return false;
+  }
+  if (SecurityPolicyManager.isToolInGroup(toolName, 'group:network') && !permissions.network) {
+    return false;
+  }
+  // Check context restrictions
+  if (gatewayContext) {
+    const restrictions = CONTEXT_TOOL_RESTRICTIONS[gatewayContext];
+    if (restrictions.deniedTools.includes(toolName)) {
+      return false;
+    }
+    for (const groupName of restrictions.deniedGroups) {
+      if (SecurityPolicyManager.isToolInGroup(toolName, groupName)) {
+        return false;
+      }
+    }
+  }
+  return true;
+}