hyperclaw 5.4.1 → 5.4.2

package/dist/tool-policy-CfWEnRxy.js

@@ -0,0 +1,190 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+
+//#region src/infra/tool-policy.ts
+function expandToToolNames(entries) {
+	const out = /* @__PURE__ */ new Set();
+	for (const e of entries) {
+		const key = e.toLowerCase().trim();
+		if (key === "*" || key === "") continue;
+		if (key.startsWith("group:")) {
+			const group = TOOL_GROUPS[key];
+			if (group) group.forEach((t) => out.add(t));
+		} else out.add(key);
+	}
+	return out;
+}
+function matchesPattern(toolName, pattern) {
+	const p = pattern.toLowerCase();
+	const t = toolName.toLowerCase();
+	if (p === "*" || p === t) return true;
+	if (p.endsWith("*")) {
+		const prefix = p.slice(0, -1);
+		return t.startsWith(prefix);
+	}
+	return false;
+}
+function isAllowed(toolName, allowSet, denySet, profileAllowSet) {
+	if (denySet.size > 0) {
+		for (const d of denySet) if (matchesPattern(toolName, d)) return false;
+	}
+	if (profileAllowSet && profileAllowSet.size > 0) {
+		let inProfile = false;
+		for (const a of profileAllowSet) if (matchesPattern(toolName, a)) {
+			inProfile = true;
+			break;
+		}
+		if (!inProfile) return false;
+	}
+	if (allowSet.size > 0) {
+		for (const a of allowSet) if (matchesPattern(toolName, a)) return true;
+		return false;
+	}
+	return true;
+}
+function applyToolPolicy(tools, config, context) {
+	if (!config) return tools;
+	let profile = config.profile ?? "full";
+	let allow = config.allow ?? [];
+	let deny = config.deny ?? [];
+	if (context?.provider && config.byProvider) {
+		const providerKey = context.provider + (context.model ? "/" + context.model : "");
+		const exact = config.byProvider[providerKey] ?? config.byProvider[context.provider];
+		if (exact) {
+			if (exact.profile) profile = exact.profile;
+			if (exact.allow?.length) allow = [...allow, ...exact.allow];
+			if (exact.deny?.length) deny = [...deny, ...exact.deny];
+		}
+	}
+	const denySet = expandToToolNames(deny);
+	const allowSet = expandToToolNames(allow);
+	const profileTools = profile === "full" ? null : new Set(PROFILE_TOOLS[profile]);
+	return tools.filter((t) => isAllowed(t.name, allowSet, denySet, profileTools));
+}
+/** For sandbox explain: return effective policy description. */
+function describeToolPolicy(config, context) {
+	if (!config) return {
+		profile: "full",
+		allow: [],
+		deny: [],
+		source: "default"
+	};
+	let profile = config.profile ?? "full";
+	let allow = config.allow ?? [];
+	let deny = config.deny ?? [];
+	let source = "tools";
+	if (context?.provider && config.byProvider) {
+		const providerKey = context.provider + (context.model ? "/" + context.model : "");
+		const exact = config.byProvider[providerKey] ?? config.byProvider[context.provider];
+		if (exact) {
+			if (exact.profile) {
+				profile = exact.profile;
+				source = `tools.byProvider[${context.provider}]`;
+			}
+			if (exact.allow?.length) allow = [...allow, ...exact.allow];
+			if (exact.deny?.length) deny = [...deny, ...exact.deny];
+		}
+	}
+	return {
+		profile,
+		allow,
+		deny,
+		source
+	};
+}
+var TOOL_GROUPS, PROFILE_TOOLS;
+var init_tool_policy = require_chunk.__esm({ "src/infra/tool-policy.ts"() {
+	TOOL_GROUPS = {
+		"group:fs": [
+			"read_file",
+			"write_file",
+			"edit_file",
+			"delete_file",
+			"list_directory"
+		],
+		"group:runtime": ["run_shell", "kill_process"],
+		"group:sessions": [
+			"sessions_list",
+			"sessions_send",
+			"sessions_history",
+			"sessions_spawn"
+		],
+		"group:memory": [
+			"read_memory",
+			"write_memory",
+			"memory_graph_add",
+			"memory_graph_query"
+		],
+		"group:ui": [
+			"canvas_add",
+			"browser_snapshot",
+			"browser_action"
+		],
+		"group:messaging": [
+			"sessions_send",
+			"sessions_list",
+			"sessions_history"
+		],
+		"group:automation": [
+			"add_reminder",
+			"list_reminders",
+			"complete_reminder",
+			"watch_website_add",
+			"watch_website_check",
+			"watch_website_list"
+		],
+		"group:pc": [
+			"run_shell",
+			"read_file",
+			"write_file",
+			"edit_file",
+			"list_directory",
+			"delete_file",
+			"kill_process",
+			"system_info",
+			"open",
+			"clipboard",
+			"search_files",
+			"screenshot",
+			"camera_capture",
+			"screen_record",
+			"contacts_list",
+			"calendar_events",
+			"photos_recent",
+			"app_updates",
+			"notify"
+		],
+		"group:extraction": ["extract_pdf", "extract_spreadsheet"],
+		"group:vision": ["analyze_image"]
+	};
+	PROFILE_TOOLS = {
+		full: [],
+		messaging: [
+			"get_current_time",
+			"sessions_list",
+			"sessions_history",
+			"sessions_send",
+			"read_memory",
+			"write_memory"
+		],
+		coding: [
+			...TOOL_GROUPS["group:fs"],
+			...TOOL_GROUPS["group:runtime"],
+			...TOOL_GROUPS["group:sessions"],
+			...TOOL_GROUPS["group:memory"],
+			"http_get",
+			"canvas_add",
+			"create_skill",
+			"get_current_time"
+		],
+		minimal: [
+			"get_current_time",
+			"sessions_list",
+			"read_memory"
+		]
+	};
+} });
+
+//#endregion
+init_tool_policy();
+exports.applyToolPolicy = applyToolPolicy;
+exports.describeToolPolicy = describeToolPolicy;

package/dist/tts-elevenlabs-CCeOqqrh.js

@@ -0,0 +1,64 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const https = require_chunk.__toESM(require("https"));
+
+//#region src/services/tts-elevenlabs.ts
+const DEFAULT_VOICE = "21m00Tcm4TlvDq8ikWAM";
+const DEFAULT_MODEL = "eleven_multilingual_v2";
+function sanitizeForLog(value) {
+	return String(value ?? "").replace(/[\r\n\t]+/g, " ").replace(/[^\x20-\x7e]+/g, "?").slice(0, 200);
+}
+/**
+
+* Convert text to speech via ElevenLabs API.
+
+* Returns base64-encoded MP3 or null on error.
+
+*/
+async function textToSpeech(text, opts) {
+	const voiceId = opts.voiceId || DEFAULT_VOICE;
+	const modelId = opts.modelId || DEFAULT_MODEL;
+	const format = opts.outputFormat || "mp3_22050_32";
+	const body = JSON.stringify({
+		text,
+		model_id: modelId
+	});
+	const path = `/v1/text-to-speech/${voiceId}?output_format=${format}`;
+	return new Promise((resolve) => {
+		const req = https.default.request({
+			hostname: "api.elevenlabs.io",
+			port: 443,
+			path,
+			method: "POST",
+			headers: {
+				"Content-Type": "application/json",
+				"xi-api-key": opts.apiKey,
+				"Content-Length": Buffer.byteLength(body)
+			}
+		}, (res) => {
+			const chunks = [];
+			res.on("data", (c) => chunks.push(c));
+			res.on("end", () => {
+				const buf = Buffer.concat(chunks);
+				if (res.statusCode !== 200) {
+					console.warn(`[tts] ElevenLabs error ${res.statusCode}: ${sanitizeForLog(buf.toString("utf8", 0, 200))}`);
+					resolve(null);
+					return;
+				}
+				resolve(buf.toString("base64"));
+			});
+		});
+		req.on("error", (e) => {
+			console.warn("[tts] ElevenLabs request error:", sanitizeForLog(e.message));
+			resolve(null);
+		});
+		req.setTimeout(3e4, () => {
+			req.destroy();
+			resolve(null);
+		});
+		req.write(body);
+		req.end();
+	});
+}
+
+//#endregion
+exports.textToSpeech = textToSpeech;

package/dist/vision-BMRKyu3c.js

@@ -0,0 +1,167 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const os = require_chunk.__toESM(require("os"));
+const http = require_chunk.__toESM(require("http"));
+const https = require_chunk.__toESM(require("https"));
+
+//#region src/services/vision.ts
+function inferImageMediaType(ext) {
+	return {
+		".png": "image/png",
+		".jpg": "image/jpeg",
+		".jpeg": "image/jpeg",
+		".gif": "image/gif",
+		".webp": "image/webp"
+	}[ext] ?? "image/jpeg";
+}
+async function readValidatedImageFile(filePath) {
+	const resolvedPath = path.default.resolve(filePath.replace(/^~/, os.default.homedir()));
+	const ext = path.default.extname(resolvedPath).toLowerCase();
+	if (!ALLOWED_IMAGE_EXTENSIONS.has(ext)) throw new Error(`Unsupported image file type: ${ext || "unknown"}`);
+	const buf = await fs_extra.default.readFile(resolvedPath);
+	if (buf.length === 0) throw new Error("Image input is empty");
+	if (buf.length > MAX_IMAGE_BYTES) throw new Error(`Image input exceeds ${MAX_IMAGE_BYTES} bytes`);
+	return {
+		data: buf.toString("base64"),
+		mediaType: inferImageMediaType(ext)
+	};
+}
+async function fetchValidatedRemoteImage(urlString) {
+	const url = new URL(urlString);
+	if (!["http:", "https:"].includes(url.protocol)) throw new Error(`Unsupported image URL protocol: ${url.protocol}`);
+	const mod = url.protocol === "https:" ? https.default : http.default;
+	const buf = await new Promise((resolve, reject) => {
+		const req = mod.get(url, (res) => {
+			if ((res.statusCode ?? 0) >= 400) {
+				reject(new Error(`Image download failed with status ${res.statusCode}`));
+				res.resume();
+				return;
+			}
+			const contentLength = Number(res.headers["content-length"] ?? 0);
+			if (contentLength > MAX_IMAGE_BYTES) {
+				reject(new Error(`Image download exceeds ${MAX_IMAGE_BYTES} bytes`));
+				res.destroy();
+				return;
+			}
+			const chunks = [];
+			let total = 0;
+			res.on("data", (c) => {
+				total += c.length;
+				if (total > MAX_IMAGE_BYTES) {
+					req.destroy(new Error(`Image download exceeds ${MAX_IMAGE_BYTES} bytes`));
+					return;
+				}
+				chunks.push(c);
+			});
+			res.on("end", () => resolve(Buffer.concat(chunks)));
+			res.on("error", reject);
+		});
+		req.on("error", reject);
+	});
+	const pathnameExt = path.default.extname(url.pathname).toLowerCase();
+	return {
+		data: buf.toString("base64"),
+		mediaType: inferImageMediaType(ALLOWED_IMAGE_EXTENSIONS.has(pathnameExt) ? pathnameExt : ".jpg")
+	};
+}
+async function imageToBase64(input) {
+	const trimmed = input.trim();
+	if (trimmed.startsWith("data:")) {
+		const match = trimmed.match(/^data:(image\/[^;]+);base64,(.+)$/);
+		if (match) {
+			const buffer = Buffer.from(match[2], "base64");
+			if (buffer.length === 0) throw new Error("Image input is empty");
+			if (buffer.length > MAX_IMAGE_BYTES) throw new Error(`Image input exceeds ${MAX_IMAGE_BYTES} bytes`);
+			return {
+				data: match[2],
+				mediaType: match[1]
+			};
+		}
+	}
+	if (trimmed.startsWith("http")) return fetchValidatedRemoteImage(trimmed);
+	return readValidatedImageFile(trimmed);
+}
+async function analyzeImage(imageInput, prompt, apiKey, provider = "anthropic") {
+	const { data, mediaType } = await imageToBase64(imageInput);
+	const isAnthropic = provider === "anthropic";
+	const hostname = isAnthropic ? "api.anthropic.com" : "openrouter.ai";
+	const model = isAnthropic ? "claude-sonnet-4-20250514" : "openai/gpt-4o";
+	const body = {
+		model,
+		max_tokens: 1024,
+		messages: isAnthropic ? [{
+			role: "user",
+			content: [{
+				type: "image",
+				source: {
+					type: "base64",
+					media_type: mediaType,
+					data
+				}
+			}, {
+				type: "text",
+				text: prompt || "Describe this image."
+			}]
+		}] : [{
+			role: "user",
+			content: [{
+				type: "text",
+				text: "[Image attached] " + (prompt || "Describe this image.")
+			}, {
+				type: "image_url",
+				image_url: { url: `data:${mediaType};base64,${data}` }
+			}]
+		}]
+	};
+	if (isAnthropic) body.anthropic_version = "2023-06-01";
+	return new Promise((resolve, reject) => {
+		const payload = JSON.stringify(body);
+		const req = https.default.request({
+			hostname,
+			port: 443,
+			path: isAnthropic ? "/v1/messages" : "/api/v1/chat/completions",
+			method: "POST",
+			headers: {
+				"Authorization": `Bearer ${apiKey}`,
+				"Content-Type": "application/json",
+				...isAnthropic ? { "anthropic-version": "2023-06-01" } : { "HTTP-Referer": "https://hyperclaw.ai" }
+			}
+		}, (res) => {
+			let raw = "";
+			res.on("data", (c) => raw += c);
+			res.on("end", () => {
+				try {
+					const j = JSON.parse(raw);
+					if (isAnthropic) {
+						const text = j.content?.[0]?.text;
+						resolve(text || j.error?.message || "(no description)");
+					} else {
+						const text = j.choices?.[0]?.message?.content;
+						resolve(text || j.error?.message || "(no description)");
+					}
+				} catch {
+					resolve(raw || "(parse error)");
+				}
+			});
+		});
+		req.on("error", reject);
+		req.write(payload);
+		req.end();
+	});
+}
+var MAX_IMAGE_BYTES, ALLOWED_IMAGE_EXTENSIONS;
+var init_vision = require_chunk.__esm({ "src/services/vision.ts"() {
+	MAX_IMAGE_BYTES = 15 * 1024 * 1024;
+	ALLOWED_IMAGE_EXTENSIONS = new Set([
+		".png",
+		".jpg",
+		".jpeg",
+		".gif",
+		".webp"
+	]);
+} });
+
+//#endregion
+init_vision();
+exports.analyzeImage = analyzeImage;

package/dist/vision-tools-DVYx9-Jw.js

@@ -0,0 +1,5 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_vision_tools = require('./vision-tools-kYb3effk.js');
+
+require_vision_tools.init_vision_tools();
+exports.getVisionTools = require_vision_tools.getVisionTools;

package/dist/vision-tools-kYb3effk.js

@@ -0,0 +1,51 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+
+//#region packages/core/src/agent/vision-tools.ts
+function getVisionTools(opts = {}) {
+	const { apiKey = "", provider = "anthropic" } = opts;
+	return [{
+		name: "analyze_image",
+		description: "Analyze an image using a vision model. Describe scenes, receipts, documents, photos. Supports file path, URL, or data URI.",
+		input_schema: {
+			type: "object",
+			properties: {
+				image: {
+					type: "string",
+					description: "Image path (~/path), URL (https://...), or data:image/...;base64,..."
+				},
+				prompt: {
+					type: "string",
+					description: "What to describe or extract (e.g. \"Describe this scene\", \"List items on this receipt\")"
+				}
+			},
+			required: ["image"]
+		},
+		handler: async (input) => {
+			if (!apiKey) return "Error: No API key configured for vision. Set provider.apiKey or run hyperclaw auth add.";
+			const image = input.image?.trim();
+			const prompt = input.prompt?.trim() || "Describe this image concisely.";
+			if (!image) return "Error: image is required";
+			try {
+				const { analyzeImage } = await Promise.resolve().then(() => require("./vision-BMRKyu3c.js"));
+				return await analyzeImage(image, prompt, apiKey, provider);
+			} catch (e) {
+				return `Error: ${e.message}`;
+			}
+		}
+	}];
+}
+var init_vision_tools = require_chunk.__esm({ "packages/core/src/agent/vision-tools.ts"() {} });
+
+//#endregion
+Object.defineProperty(exports, 'getVisionTools', {
+  enumerable: true,
+  get: function () {
+    return getVisionTools;
+  }
+});
+Object.defineProperty(exports, 'init_vision_tools', {
+  enumerable: true,
+  get: function () {
+    return init_vision_tools;
+  }
+});

package/dist/voice-transcription-B1D1rpca.js

@@ -0,0 +1,170 @@
+const require_chunk = require('./chunk-jS-bbMI5.js');
+const require_paths = require('./paths-AIyBxIzm.js');
+const require_paths$1 = require('./paths-DPovhojT.js');
+const fs_extra = require_chunk.__toESM(require("fs-extra"));
+const path = require_chunk.__toESM(require("path"));
+const https = require_chunk.__toESM(require("https"));
+
+//#region src/services/voice-transcription.ts
+require_paths$1.init_paths();
+const MAX_AUDIO_BYTES = 25 * 1024 * 1024;
+const ALLOWED_AUDIO_EXTENSIONS = new Set([
+	".ogg",
+	".oga",
+	".mp3",
+	".wav",
+	".m4a",
+	".mp4",
+	".mpeg",
+	".webm"
+]);
+function sanitizeForError(value) {
+	return String(value ?? "").replace(/[\r\n\t]+/g, " ").slice(0, 160);
+}
+async function loadAudioInput(audioPathOrBuffer) {
+	if (Buffer.isBuffer(audioPathOrBuffer)) {
+		if (audioPathOrBuffer.length === 0) throw new Error("Audio input is empty");
+		if (audioPathOrBuffer.length > MAX_AUDIO_BYTES) throw new Error(`Audio input exceeds ${MAX_AUDIO_BYTES} bytes`);
+		return audioPathOrBuffer;
+	}
+	const resolvedPath = path.default.resolve(audioPathOrBuffer);
+	const ext = path.default.extname(resolvedPath).toLowerCase();
+	if (!ALLOWED_AUDIO_EXTENSIONS.has(ext)) throw new Error(`Unsupported audio file type: ${ext || "unknown"}`);
+	const buf = await fs_extra.default.readFile(resolvedPath);
+	if (buf.length === 0) throw new Error("Audio input is empty");
+	if (buf.length > MAX_AUDIO_BYTES) throw new Error(`Audio input exceeds ${MAX_AUDIO_BYTES} bytes`);
+	return buf;
+}
+async function getConfig() {
+	try {
+		const cfg = await fs_extra.default.readJson(require_paths.getConfigPath());
+		const providerId = cfg?.provider?.providerId;
+		const apiKey = cfg?.provider?.apiKey;
+		return {
+			providerId,
+			apiKey
+		};
+	} catch {
+		return {};
+	}
+}
+async function transcribeWithWhisper(buffer, apiKey) {
+	return new Promise((resolve, reject) => {
+		const boundary = "----HyperClaw" + Date.now();
+		const header = [
+			`--${boundary}`,
+			"Content-Disposition: form-data; name=\"file\"; filename=\"audio.ogg\"",
+			"Content-Type: application/octet-stream",
+			"",
+			""
+		].join("\r\n");
+		const footer = `\r\n--${boundary}\r\nContent-Disposition: form-data; name="model"\r\n\r\nwhisper-1\r\n--${boundary}--\r\n`;
+		const body = Buffer.concat([
+			Buffer.from(header, "utf8"),
+			buffer,
+			Buffer.from(footer, "utf8")
+		]);
+		const req = https.default.request({
+			hostname: "api.openai.com",
+			port: 443,
+			path: "/v1/audio/transcriptions",
+			method: "POST",
+			headers: {
+				"Authorization": `Bearer ${apiKey}`,
+				"Content-Type": `multipart/form-data; boundary=${boundary}`,
+				"Content-Length": body.length
+			}
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					const j = JSON.parse(data);
+					resolve(j.text?.trim() || "[No transcription]");
+				} catch {
+					resolve(`[Transcription error: ${data.slice(0, 100)}]`);
+				}
+			});
+		});
+		req.on("error", reject);
+		req.write(body);
+		req.end();
+	});
+}
+async function transcribeWithGemini(buffer, apiKey) {
+	const base64 = buffer.toString("base64");
+	const payload = JSON.stringify({
+		contents: [{ parts: [{ text: "Transcribe this audio to text. Output only the transcription, no other text." }, { inlineData: {
+			mimeType: "audio/ogg",
+			data: base64
+		} }] }],
+		generationConfig: { maxOutputTokens: 1024 }
+	});
+	return new Promise((resolve, reject) => {
+		const req = https.default.request({
+			hostname: "generativelanguage.googleapis.com",
+			port: 443,
+			path: "/v1beta/models/gemini-2.0-flash:generateContent?key=" + encodeURIComponent(apiKey),
+			method: "POST",
+			headers: {
+				"Content-Type": "application/json",
+				"Content-Length": Buffer.byteLength(payload)
+			}
+		}, (res) => {
+			let data = "";
+			res.on("data", (c) => data += c);
+			res.on("end", () => {
+				try {
+					const j = JSON.parse(data);
+					const text = j.candidates?.[0]?.content?.parts?.[0]?.text?.trim();
+					resolve(text || "[No transcription]");
+				} catch {
+					resolve(`[Transcription error: ${data.slice(0, 100)}]`);
+				}
+			});
+		});
+		req.on("error", reject);
+		req.write(payload);
+		req.end();
+	});
+}
+/**
+
+* Transcribe audio using configured provider or fallbacks.
+
+* Providers: OpenAI (Whisper), Google (Gemini), OpenRouter.
+
+* Env: OPENAI_API_KEY, WHISPER_API_KEY, GOOGLE_AI_API_KEY.
+
+*/
+async function transcribeVoiceNote(audioPathOrBuffer, apiKey) {
+	let buffer;
+	try {
+		buffer = await loadAudioInput(audioPathOrBuffer);
+	} catch (e) {
+		return `[Transcription failed: ${sanitizeForError(e?.message)}]`;
+	}
+	const cfg = await getConfig();
+	const openaiKey = apiKey || process.env.OPENAI_API_KEY || process.env.WHISPER_API_KEY || (cfg.providerId === "openai" || cfg.providerId === "openrouter" ? cfg.apiKey : "");
+	const googleKey = process.env.GOOGLE_AI_API_KEY || (cfg.providerId === "google" ? cfg.apiKey : "");
+	if (cfg.providerId === "google" && googleKey) try {
+		return await transcribeWithGemini(buffer, googleKey);
+	} catch {}
+	if ((cfg.providerId === "openrouter" || cfg.providerId === "openai") && openaiKey) try {
+		return await transcribeWithWhisper(buffer, openaiKey);
+	} catch {}
+	if (openaiKey) try {
+		return await transcribeWithWhisper(buffer, openaiKey);
+	} catch (e) {
+		return `[Transcription failed: ${sanitizeForError(e?.message)}]`;
+	}
+	if (googleKey) try {
+		return await transcribeWithGemini(buffer, googleKey);
+	} catch (e) {
+		return `[Transcription failed: ${sanitizeForError(e?.message)}]`;
+	}
+	return "[Voice note — add OPENAI_API_KEY or GOOGLE_AI_API_KEY (or select OpenAI/Google provider in the wizard) for transcription]";
+}
+
+//#endregion
+exports.transcribeVoiceNote = transcribeVoiceNote;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hyperclaw",
-  "version": "5.4.1",
+  "version": "5.4.2",
   "description": "⚡ HyperClaw — AI Gateway Platform. The Lobster Evolution 🦅",
   "main": "dist/run-main.js",
   "bin": {