hyperclaw 5.1.9 → 5.2.1

package/dist/hub-CNQaC4JI.js

@@ -0,0 +1,515 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_paths = require('./paths-AIyBxIzm.js');
+const require_paths$1 = require('./paths-DPovhojT.js');
+const chalk = require_chunk.__toESM(require("chalk"));
+const ora = require_chunk.__toESM(require("ora"));
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const http = require_chunk.__toESM(require("http"));
+const https = require_chunk.__toESM(require("https"));
+const tar = require_chunk.__toESM(require("tar"));
+
+//#region src/skills/clawhub.ts
+require_paths$1.init_paths();
+const CLAWHUB_API = process.env.CLAWHUB_API_URL || "https://clawhub.com";
+const WORKSPACE_SKILLS$1 = path.default.join(require_paths.getHyperClawDir(), "workspace", "skills");
+async function searchSkills(query, category) {
+	const q = new URLSearchParams({ q: query });
+	if (category) q.set("category", category);
+	const url = `${CLAWHUB_API}/api/skills/search?${q}`;
+	try {
+		const body = await fetchJson(url);
+		return Array.isArray(body.skills) ? body.skills : Array.isArray(body) ? body : [];
+	} catch (e) {
+		return [];
+	}
+}
+async function installSkill(skillId, version) {
+	const ver = version ? `@${version}` : "";
+	const url = `${CLAWHUB_API}/api/skills/${encodeURIComponent(skillId)}/download${ver}`;
+	try {
+		const body = await fetchJson(url);
+		const tarballUrl = body.url || body.tarball;
+		if (!tarballUrl) throw new Error("No download URL in registry response");
+		await fs_extra.default.ensureDir(WORKSPACE_SKILLS$1);
+		const destDir = path.default.join(WORKSPACE_SKILLS$1, skillId);
+		await fs_extra.default.ensureDir(destDir);
+		if (body.content || body.skillMarkdown) {
+			const content = body.content || body.skillMarkdown;
+			await fs_extra.default.writeFile(path.default.join(destDir, "SKILL.md"), content, "utf8");
+			return destDir;
+		}
+		const tarballBuffer = await fetchBuffer(tarballUrl);
+		const extractDir = path.default.join(path.default.dirname(destDir), `.skill-extract-${skillId}-${Date.now()}`);
+		await fs_extra.default.ensureDir(extractDir);
+		try {
+			const tarPath = path.default.join(extractDir, "skill.tar.gz");
+			await fs_extra.default.writeFile(tarPath, tarballBuffer);
+			await tar.default.x({
+				file: tarPath,
+				cwd: extractDir
+			});
+			await fs_extra.default.remove(tarPath);
+			const entries = await fs_extra.default.readdir(extractDir);
+			let skillDir = extractDir;
+			const topSkill = path.default.join(extractDir, "SKILL.md");
+			if (!await fs_extra.default.pathExists(topSkill)) {
+				const sub = entries.find((e) => e !== "package.json" && !e.startsWith("."));
+				if (sub) {
+					const subPath = path.default.join(extractDir, sub);
+					if ((await fs_extra.default.stat(subPath)).isDirectory() && await fs_extra.default.pathExists(path.default.join(subPath, "SKILL.md"))) skillDir = subPath;
+				}
+			}
+			await fs_extra.default.copy(skillDir, destDir, { filter: (src) => !src.includes("node_modules") });
+			if (!await fs_extra.default.pathExists(path.default.join(destDir, "SKILL.md"))) throw new Error("Tarball did not contain SKILL.md");
+			return destDir;
+		} finally {
+			await fs_extra.default.remove(extractDir).catch(() => {});
+		}
+	} catch (e) {
+		if (e.message?.includes("ENOTFOUND") || e.code === "ENOTFOUND") throw new Error(`ClawHub registry unavailable. Install manually: mkdir -p ~/.hyperclaw/workspace/skills/${skillId} && add SKILL.md`);
+		throw e;
+	}
+}
+async function listInstalledFromClawHub() {
+	if (!await fs_extra.default.pathExists(WORKSPACE_SKILLS$1)) return [];
+	const dirs = await fs_extra.default.readdir(WORKSPACE_SKILLS$1);
+	const out = [];
+	for (const id of dirs) {
+		const p = path.default.join(WORKSPACE_SKILLS$1, id, "SKILL.md");
+		if (await fs_extra.default.pathExists(p)) out.push(id);
+	}
+	return out;
+}
+function fetchBuffer(url) {
+	return new Promise((resolve, reject) => {
+		const parsed = new URL(url);
+		const mod = parsed.protocol === "https:" ? https.default : http.default;
+		const req = mod.request({
+			hostname: parsed.hostname,
+			port: parsed.port || (parsed.protocol === "https:" ? 443 : 80),
+			path: parsed.pathname + parsed.search,
+			method: "GET",
+			headers: { "User-Agent": "HyperClaw/5.0.1" }
+		}, (res) => {
+			const chunks = [];
+			res.on("data", (c) => chunks.push(c));
+			res.on("end", () => resolve(Buffer.concat(chunks)));
+		});
+		req.on("error", reject);
+		req.setTimeout(3e4, () => {
+			req.destroy();
+			reject(new Error("Tarball download timeout"));
+		});
+		req.end();
+	});
+}
+function fetchJson(url) {
+	return new Promise((resolve, reject) => {
+		const parsed = new URL(url);
+		const req = https.default.request({
+			hostname: parsed.hostname,
+			port: 443,
+			path: parsed.pathname + parsed.search,
+			method: "GET",
+			headers: { "User-Agent": "HyperClaw/5.0.1" }
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					resolve(JSON.parse(data));
+				} catch {
+					reject(new Error("Invalid JSON from registry"));
+				}
+			});
+		});
+		req.on("error", reject);
+		req.setTimeout(15e3, () => {
+			req.destroy();
+			reject(new Error("Timeout"));
+		});
+		req.end();
+	});
+}
+
+//#endregion
+//#region src/plugins/hub.ts
+require_paths$1.init_paths();
+const SKILL_REGISTRY = [
+	{
+		id: "web-search",
+		name: "Web Search (Tavily)",
+		version: "2.1.0",
+		description: "Real-time web search via Tavily API. Powers research and news queries.",
+		author: "hyperclaw-team",
+		category: "utility",
+		downloads: 48200,
+		rating: 4.8,
+		risk: "clean",
+		requiresKeys: ["TAVILY_API_KEY"],
+		tags: [
+			"search",
+			"internet",
+			"tavily"
+		]
+	},
+	{
+		id: "calendar",
+		name: "Google Calendar",
+		version: "1.4.0",
+		description: "Read and create Google Calendar events via OAuth.",
+		author: "hyperclaw-team",
+		category: "productivity",
+		downloads: 32100,
+		rating: 4.6,
+		risk: "clean",
+		requiresKeys: ["GOOGLE_CALENDAR_CREDS"],
+		tags: [
+			"calendar",
+			"schedule",
+			"google"
+		],
+		npmPackage: "googleapis"
+	},
+	{
+		id: "github",
+		name: "GitHub Integration",
+		version: "1.2.0",
+		description: "Create issues, PRs, read repos. Requires GitHub PAT.",
+		author: "hyperclaw-team",
+		category: "integration",
+		downloads: 27800,
+		rating: 4.7,
+		risk: "clean",
+		requiresKeys: ["GITHUB_TOKEN"],
+		tags: [
+			"github",
+			"git",
+			"code"
+		],
+		npmPackage: "@octokit/rest"
+	},
+	{
+		id: "home-assistant",
+		name: "Home Assistant",
+		version: "1.5.0",
+		description: "Control smart home devices via Home Assistant REST API.",
+		author: "hyperclaw-team",
+		category: "automation",
+		downloads: 19400,
+		rating: 4.5,
+		risk: "clean",
+		requiresKeys: ["HA_URL", "HA_TOKEN"],
+		tags: [
+			"smart-home",
+			"iot",
+			"automation"
+		]
+	},
+	{
+		id: "code-executor",
+		name: "Code Executor (Sandbox)",
+		version: "3.0.1",
+		description: "Execute Python/JS/Bash code in a sandboxed Docker container.",
+		author: "hyperclaw-team",
+		category: "utility",
+		downloads: 41e3,
+		rating: 4.9,
+		risk: "clean",
+		tags: [
+			"code",
+			"sandbox",
+			"python",
+			"bash"
+		],
+		npmPackage: "dockerode"
+	},
+	{
+		id: "translator",
+		name: "Real-time Translator",
+		version: "2.0.0",
+		description: "DeepL + Google Translate integration for 90+ languages.",
+		author: "hyperclaw-team",
+		category: "utility",
+		downloads: 38500,
+		rating: 4.7,
+		risk: "clean",
+		requiresKeys: ["DEEPL_API_KEY"],
+		tags: [
+			"translate",
+			"language",
+			"deepl"
+		],
+		installed: true
+	},
+	{
+		id: "reminders",
+		name: "Smart Reminders",
+		version: "2.1.0",
+		description: "Natural language reminders with cron scheduling.",
+		author: "hyperclaw-team",
+		category: "productivity",
+		downloads: 29e3,
+		rating: 4.6,
+		risk: "clean",
+		tags: [
+			"reminders",
+			"cron",
+			"schedule"
+		],
+		installed: true
+	},
+	{
+		id: "weather",
+		name: "Weather Forecast",
+		version: "1.3.0",
+		description: "OpenWeatherMap integration. Current + 7-day forecast.",
+		author: "hyperclaw-team",
+		category: "utility",
+		downloads: 22100,
+		rating: 4.4,
+		risk: "clean",
+		requiresKeys: ["OPENWEATHER_API_KEY"],
+		tags: ["weather", "forecast"]
+	},
+	{
+		id: "stealth-browser",
+		name: "Stealth Browser",
+		version: "1.0.3",
+		description: "Headless browser with fingerprint evasion. Can bypass bot detection.",
+		author: "unknown-dev",
+		category: "utility",
+		downloads: 3200,
+		rating: 3.1,
+		risk: "suspicious",
+		riskReason: "Fingerprint evasion may violate ToS on some sites. VirusTotal: 2/72 engines flagged.",
+		tags: [
+			"browser",
+			"puppeteer",
+			"stealth"
+		],
+		npmPackage: "puppeteer-extra-plugin-stealth"
+	},
+	{
+		id: "db-reader",
+		name: "Database Reader",
+		version: "1.1.0",
+		description: "Read from PostgreSQL/MySQL/SQLite databases.",
+		author: "hyperclaw-team",
+		category: "integration",
+		downloads: 15600,
+		rating: 4.5,
+		risk: "clean",
+		requiresKeys: ["DATABASE_URL"],
+		tags: [
+			"database",
+			"sql",
+			"postgres"
+		],
+		npmPackage: "pg"
+	},
+	{
+		id: "keylogger-util",
+		name: "Input Monitor Pro",
+		version: "0.9.1",
+		description: "Monitors keyboard events for automation triggers.",
+		author: "shadowy-scripts",
+		category: "automation",
+		downloads: 890,
+		rating: 1.8,
+		risk: "dangerous",
+		riskReason: "Detected keylogging behavior. VirusTotal: 31/72 engines flagged as malware.",
+		tags: ["keyboard", "monitor"]
+	}
+];
+const WORKSPACE_SKILLS = () => path.default.join(require_paths.getHyperClawDir(), "workspace", "skills");
+var SkillHub = class {
+	installed = /* @__PURE__ */ new Set();
+	/** Sync installed set from workspace disk (persisted installs). */
+	async refreshInstalledFromDisk() {
+		const ids = await listInstalledFromClawHub();
+		this.installed = new Set(ids);
+	}
+	/** Persist bundled skill to workspace so it survives restarts and is loaded by skill-loader. */
+	async persistBundledSkill(skill) {
+		const destDir = path.default.join(WORKSPACE_SKILLS(), skill.id);
+		await fs_extra.default.ensureDir(destDir);
+		const skillPath = path.default.join(destDir, "SKILL.md");
+		const repoSkillPath = path.default.join(process.cwd(), "skills", skill.id, "SKILL.md");
+		const altRepoPath = path.default.join(__dirname, "..", "skills", skill.id, "SKILL.md");
+		if (await fs_extra.default.pathExists(repoSkillPath)) await fs_extra.default.copy(repoSkillPath, skillPath);
+		else if (await fs_extra.default.pathExists(altRepoPath)) await fs_extra.default.copy(altRepoPath, skillPath);
+		else {
+			const content = `# ${skill.name}\n\n${skill.description}\n\n## Usage\n\nWhen the user needs ${skill.description.toLowerCase()}, use this skill.${skill.requiresKeys?.length ? `\n\nRequires: ${skill.requiresKeys.join(", ")}` : ""}\n`;
+			await fs_extra.default.writeFile(skillPath, content, "utf8");
+		}
+		this.installed.add(skill.id);
+	}
+	async showHub(hideSuspicious = false) {
+		await this.refreshInstalledFromDisk();
+		console.log(chalk.default.bold.cyan("\n╔═══════════════════════════════════════════╗"));
+		console.log(chalk.default.bold.cyan("║           🧩 HYPERCLAW SKILL HUB          ║"));
+		console.log(chalk.default.bold.cyan("╚═══════════════════════════════════════════╝\n"));
+		const skills = hideSuspicious ? SKILL_REGISTRY.filter((s) => s.risk === "clean") : SKILL_REGISTRY;
+		for (const skill of skills) this.printSkillCard(skill);
+	}
+	printSkillCard(skill) {
+		const riskBadge = {
+			"clean": chalk.default.green("✔ CLEAN"),
+			"suspicious": chalk.default.yellow("⚠ SUSPICIOUS"),
+			"dangerous": chalk.default.red("✖ DANGEROUS")
+		}[skill.risk];
+		const instBadge = this.installed.has(skill.id) ? chalk.default.green("[installed]") : chalk.default.gray("[available]");
+		const stars = "★".repeat(Math.round(skill.rating)) + "☆".repeat(5 - Math.round(skill.rating));
+		console.log(`  ${chalk.default.bold(skill.name)} ${chalk.default.gray(`v${skill.version}`)} ${instBadge}`);
+		console.log(`  ${chalk.default.gray(skill.description)}`);
+		console.log(`  ${riskBadge}  ${chalk.default.yellow(stars)} ${chalk.default.gray(`${(skill.downloads / 1e3).toFixed(1)}k downloads`)}`);
+		if (skill.riskReason) console.log(`  ${chalk.default.yellow("⚠")} ${chalk.default.yellow(skill.riskReason)}`);
+		if (skill.requiresKeys?.length) console.log(`  🔑 Requires: ${chalk.default.cyan(skill.requiresKeys.join(", "))}`);
+		console.log();
+	}
+	async install(skillId, force = false) {
+		const skill = SKILL_REGISTRY.find((s) => s.id === skillId);
+		if (!skill) {
+			console.log(chalk.default.red(`❌ Skill not found: ${skillId}`));
+			return;
+		}
+		if (skill.risk === "dangerous" && !force) {
+			console.log(chalk.default.red(`\n🚨 DANGEROUS SKILL BLOCKED: ${skill.name}`));
+			console.log(chalk.default.red(`   ${skill.riskReason}`));
+			console.log(chalk.default.gray("   Use --force to override (NOT RECOMMENDED)\n"));
+			return;
+		}
+		if (skill.risk === "suspicious" && !force) {
+			console.log(chalk.default.yellow(`\n⚠️  SUSPICIOUS SKILL: ${skill.name}`));
+			console.log(chalk.default.yellow(`   ${skill.riskReason}`));
+			console.log(chalk.default.gray("   Use --force to install anyway\n"));
+			return;
+		}
+		const spinner = (0, ora.default)(`Installing ${skill.name}...`).start();
+		if (skill.npmPackage) {
+			spinner.text = `Installing npm package: ${skill.npmPackage}`;
+			await new Promise((r) => setTimeout(r, 800));
+		}
+		await this.persistBundledSkill(skill);
+		spinner.succeed(`${skill.name} installed ✓`);
+		if (skill.requiresKeys?.length) {
+			console.log(chalk.default.yellow(`\n📋 Required API keys to activate:`));
+			skill.requiresKeys.forEach((k) => {
+				console.log(chalk.default.cyan(`   hyperclaw config set-key ${k}`));
+			});
+		}
+		console.log();
+	}
+	async scan(skillId) {
+		const skill = SKILL_REGISTRY.find((s) => s.id === skillId);
+		if (!skill) return;
+		const spinner = (0, ora.default)(`Scanning ${skill.name}...`).start();
+		const stages = [
+			"Checking manifest...",
+			"Scanning for malicious patterns...",
+			"Checking VirusTotal...",
+			"Verifying author..."
+		];
+		for (const stage of stages) {
+			spinner.text = stage;
+			await new Promise((r) => setTimeout(r, 600));
+		}
+		const result = {
+			"clean": chalk.default.green("✅ All green — safe to install"),
+			"suspicious": chalk.default.yellow("⚠️  Suspicious patterns detected — proceed with caution"),
+			"dangerous": chalk.default.red("🚨 Malicious patterns detected — do NOT install")
+		}[skill.risk];
+		spinner.stop();
+		console.log(`\n🔬 Scan results for ${chalk.default.bold(skill.name)}:`);
+		console.log(`   ${result}`);
+		if (skill.riskReason) console.log(chalk.default.gray(`   Detail: ${skill.riskReason}`));
+		console.log();
+	}
+	async checkEligibility() {
+		const spinner = (0, ora.default)("Checking system eligibility...").start();
+		await new Promise((r) => setTimeout(r, 1e3));
+		spinner.succeed("Eligibility check complete");
+		console.log(chalk.default.green("\n✅ All installed skills are eligible on this system\n"));
+	}
+	async getInstalled() {
+		await this.refreshInstalledFromDisk();
+		const ids = this.installed;
+		const fromRegistry = SKILL_REGISTRY.filter((s) => ids.has(s.id));
+		const fromWorkspace = (await listInstalledFromClawHub()).filter((id) => !SKILL_REGISTRY.some((s) => s.id === id));
+		return [...fromRegistry, ...fromWorkspace.map((id) => ({
+			id,
+			name: id,
+			version: "0",
+			description: "",
+			author: "",
+			category: "utility",
+			downloads: 0,
+			rating: 0,
+			risk: "clean",
+			tags: []
+		}))];
+	}
+	/** ClawHub integration: search remote registry, fallback to bundled when remote unavailable */
+	async searchClawHub(query, category) {
+		let remote = await searchSkills(query, category);
+		if (remote.length === 0) {
+			const q = (query || "").toLowerCase();
+			const filtered = SKILL_REGISTRY.filter((s) => !q || s.id.includes(q) || s.name.toLowerCase().includes(q) || s.tags.some((t) => t.includes(q))).filter((s) => !category || s.category === category);
+			remote = filtered.map((s) => ({
+				id: s.id,
+				name: s.name,
+				author: s.author,
+				description: s.description,
+				rating: s.rating,
+				downloads: s.downloads,
+				version: s.version,
+				categories: [s.category]
+			}));
+		}
+		return remote;
+	}
+	/** ClawHub integration: install from remote registry */
+	async installFromClawHub(skillId, version) {
+		return installSkill(skillId, version);
+	}
+	/** ClawHub marketplace UX: unified browse (bundled + remote) */
+	async showMarketplace(opts) {
+		await this.refreshInstalledFromDisk();
+		const installedClawHub = await listInstalledFromClawHub();
+		const bundled = (opts?.hideSuspicious ? SKILL_REGISTRY.filter((s) => s.risk === "clean") : SKILL_REGISTRY).filter((s) => !opts?.category || s.category === opts.category);
+		console.log(chalk.default.bold.cyan("\n╔══════════════════════════════════════════════════════════╗"));
+		console.log(chalk.default.bold.cyan("║           🧩 CLAWHUB MARKETPLACE                         ║"));
+		console.log(chalk.default.bold.cyan("╚══════════════════════════════════════════════════════════╝\n"));
+		if (installedClawHub.length > 0) {
+			console.log(chalk.default.bold.green("  Installed (ClawHub):"));
+			installedClawHub.forEach((id) => console.log(chalk.default.gray(`    • ${id}`)));
+			console.log();
+		}
+		console.log(chalk.default.bold("  Bundled skills:"));
+		for (const skill of bundled) {
+			const inst = this.installed.has(skill.id) || installedClawHub.includes(skill.id);
+			const badge = inst ? chalk.default.green("✓ installed") : chalk.default.cyan("hyperclaw skill install " + skill.id);
+			const risk = skill.risk === "clean" ? "" : chalk.default.yellow(` [${skill.risk}]`);
+			console.log(`    ${chalk.default.bold(skill.name)} ${chalk.default.gray(`v${skill.version}`)} ${badge}${risk}`);
+			console.log(chalk.default.gray(`      ${skill.description}`));
+		}
+		console.log(chalk.default.gray("\n  Search remote: hyperclaw skill search <query>"));
+		console.log(chalk.default.gray("  Install:       hyperclaw skill install <id>\n"));
+	}
+};
+
+//#endregion
+Object.defineProperty(exports, 'SKILL_REGISTRY', {
+  enumerable: true,
+  get: function () {
+    return SKILL_REGISTRY;
+  }
+});
+Object.defineProperty(exports, 'SkillHub', {
+  enumerable: true,
+  get: function () {
+    return SkillHub;
+  }
+});

package/dist/hub-Co1SbxLs.js

@@ -0,0 +1,6 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+require('./paths-AIyBxIzm.js');
+require('./paths-DPovhojT.js');
+const require_hub = require('./hub-CNQaC4JI.js');
+
+exports.SkillHub = require_hub.SkillHub;

package/dist/hub-eUh89obm.js

@@ -0,0 +1,6 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+require('./paths-AIyBxIzm.js');
+require('./paths-DPovhojT.js');
+const require_hub = require('./hub-CI4qcd1b.js');
+
+exports.SkillHub = require_hub.SkillHub;