inspiration-agent 0.0.1

package/dist/tools/command.tools.js

@@ -0,0 +1,361 @@
+const { exec } = require("child_process");
+const logger = require("../utils/logger");
+const util = require("util");
+
+const execPromise = util.promisify(exec);
+
+/**
+ * 配置：是否启用命令白名单
+ * 可通过环境变量 COMMAND_WHITELIST_ENABLED 控制
+ * - true: 启用白名单模式（推荐，更安全）
+ * - false: 禁用白名单，允许执行任意命令（仅用于可信环境）
+ */
+const WHITELIST_ENABLED = process.env.COMMAND_WHITELIST_ENABLED !== "false";
+
+/**
+ * 命令白名单
+ * 仅在 WHITELIST_ENABLED 为 true 时生效
+ * 仅允许执行以下基础命令，确保系统安全
+ */
+const ALLOWED_COMMANDS = [
+  // 文件操作（安全）
+  "ls",
+  "cat",
+  "head",
+  "tail",
+  "wc",
+  "grep",
+  "sort",
+  "uniq",
+  "find",
+  "tree",
+  "file",
+  "stat",
+
+  // 版本控制
+  "git",
+
+  // 包管理器
+  "npm",
+  "yarn",
+  "pnpm",
+
+  // 构建工具
+  "make",
+  "cmake",
+  "gradle",
+  "mvn",
+
+  // 运行工具
+  "node",
+  "python",
+  "python3",
+  "java",
+
+  // 压缩工具
+  "tar",
+  "zip",
+  "unzip",
+  "gzip",
+  "gunzip",
+
+  // 系统信息（只读）
+  "df",
+  "du",
+  "free",
+  "top",
+  "ps",
+  "uname",
+  "whoami",
+  "date",
+  "pwd",
+
+  // 文本处理
+  "echo",
+  "printf",
+  "sed",
+  "awk",
+  "cut",
+  "tr",
+
+  // 网络工具（安全）
+  "curl",
+  "wget",
+  "ping",
+  "nslookup",
+  "dig",
+
+  // Docker（需谨慎）
+  "docker",
+
+  // 开发工具
+  "eslint",
+  "prettier",
+  "tsc",
+  "jest",
+  "mocha",
+  "pytest",
+];
+
+/**
+ * 危险命令模式黑名单
+ * 任何包含这些模式的命令都将被拒绝
+ */
+const DANGEROUS_PATTERNS = [
+  // 文件删除
+  /\brm\s+[-rf]+\s*\//, // rm -rf /
+  /\brm\s+[-rf]+\s+\*\*?/, // rm -rf *
+
+  // 磁盘操作
+  /dd\s+.*of=\//, // dd writing to root
+  /\bmkfs\./, // mkfs.* filesystem creation
+  /\bformat\b/, // format command (Windows)
+
+  // 权限提升
+  /\bsudo\b/, // sudo
+  /\bdoas\b/, // doas
+  /\bsu\b/, // su
+
+  // 系统配置
+  /\/etc\/.*write/, // writing to /etc
+  /\/boot\/.*write/, // writing to /boot
+  /\/sys\/.*write/, // writing to /sys
+  /\/proc\/.*write/, // writing to /proc
+
+  // 进程终止
+  /\bkill\s+[-9]/, // kill -9
+  /\bpkill\b/, // pkill
+  /\bkillall\b/, // killall
+
+  // 系统控制
+  /\bshutdown\b/, // shutdown
+  /\breboot\b/, // reboot
+  /\bhalt\b/, // halt
+  /\bpoweroff\b/, // poweroff
+
+  // 用户管理
+  /\buseradd\b/, // useradd
+  /\buserdel\b/, // userdel
+  /\busermod\b/, // usermod
+  /\bpasswd\b/, // passwd
+
+  // 软件包安装（需要确认）
+  /\bapt-get\s+install\b/, // apt-get install
+  /\bapt\s+install\b/, // apt install
+  /\byum\s+install\b/, // yum install
+  /\bapk\s+add\b/, // apk add
+
+  // 覆盖/重定向危险操作
+  />.*\/dev\/sda/, // writing to disk directly
+  />.*\/dev\/hda/, // writing to disk directly
+  />\s*\/dev\/null/, // redirect to /dev/null (might hide errors)
+
+  // 命令注入
+  /&&\s*rm/, // command && rm
+  /\|\s*rm/, // command | rm
+  /;\s*rm/, // command ; rm
+
+  // 下载执行脚本（危险）
+  /\bcurl.*\|\s*sh\b/, // curl | sh
+  /\bcurl.*\|\s*bash\b/, // curl | bash
+  /\bwget.*\|\s*sh\b/, // wget | sh
+  /\bwget.*\|\s*bash\b/, // wget | bash
+];
+
+/**
+ * 危险参数黑名单
+ * 某些命令配合特定参数会很危险
+ */
+const DANGEROUS_ARGS = {
+  rm: ["-rf", "-fr", "-r", "-R", "--recursive"],
+  dd: ["of=/dev/", "if=/dev/"],
+  chmod: ["777", "4755", "+s"],
+  chown: ["root:", ":root"],
+};
+
+/**
+ * 命令行工具类
+ * 提供执行 shell 命令的功能
+ * 包含白名单和安全检查机制
+ */
+class CommandTools {
+  /**
+   * 验证命令是否在白名单中且不包含危险操作
+   * @param {string} command - 要验证的命令
+   * @returns {{allowed: boolean, reason: string|null}}
+   */
+  validateCommand(command) {
+    const trimmedCommand = command.trim();
+
+    if (!trimmedCommand) {
+      return { allowed: false, reason: "命令不能为空" };
+    }
+
+    // 提取基础命令名称
+    const baseCommand = trimmedCommand.split(/\s+/)[0];
+
+    // 如果启用了白名单模式，检查命令是否在白名单中
+    if (WHITELIST_ENABLED && !ALLOWED_COMMANDS.includes(baseCommand)) {
+      return {
+        allowed: false,
+        reason: `命令 "${baseCommand}" 不在允许的命令白名单中。允许的命令: ${ALLOWED_COMMANDS.join(", ")}`,
+      };
+    }
+
+    // 无论是否启用白名单，都检查危险命令模式
+    for (const pattern of DANGEROUS_PATTERNS) {
+      if (pattern.test(trimmedCommand)) {
+        return {
+          allowed: false,
+          reason: `命令包含危险操作模式，已被安全策略阻止`,
+        };
+      }
+    }
+
+    // 无论是否启用白名单，都检查危险参数组合
+    if (DANGEROUS_ARGS[baseCommand]) {
+      const dangerousArgs = DANGEROUS_ARGS[baseCommand];
+      for (const arg of dangerousArgs) {
+        const argPattern = new RegExp(
+          `\\b${arg.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}\\b`
+        );
+        if (argPattern.test(trimmedCommand)) {
+          return {
+            allowed: false,
+            reason: `命令 "${baseCommand}" 包含危险参数 "${arg}"，已被安全策略阻止`,
+          };
+        }
+      }
+    }
+
+    return { allowed: true, reason: null };
+  }
+
+  /**
+   * 执行 shell 命令
+   * @param {Object} args - 参数对象
+   * @param {string} args.command - 要执行的命令
+   * @param {string} args.cwd - 工作目录，可选，默认当前目录
+   * @param {number} args.timeout - 超时时间（毫秒），可选，默认 30000
+   * @returns {Promise<Object>} 操作结果
+   */
+  async executeCommand(args) {
+    try {
+      const { command, cwd, timeout = 30000 } = args;
+
+      // 安全验证
+      const validation = this.validateCommand(command);
+      if (!validation.allowed) {
+        logger.warn(`\n========== 命令被安全策略阻止 ==========`);
+        logger.warn(`命令: ${command}`);
+        logger.warn(`原因: ${validation.reason}`);
+        logger.warn(`白名单模式: ${WHITELIST_ENABLED ? "启用" : "禁用"}`);
+        logger.warn(`============================================\n`);
+
+        return {
+          success: false,
+          exitCode: -1,
+          error: validation.reason,
+          message: `命令执行被阻止: ${validation.reason}`,
+        };
+      }
+
+      logger.info(`\n========== 执行命令 ==========`);
+      logger.info(`命令: ${command}`);
+      logger.info(`工作目录: ${cwd || "当前目录"}`);
+      logger.info(`超时: ${timeout}ms`);
+      logger.info(`白名单模式: ${WHITELIST_ENABLED ? "启用" : "禁用"}`);
+      logger.info(`================================\n`);
+
+      const options = {
+        timeout: timeout,
+        maxBuffer: 10 * 1024 * 1024, // 10MB
+      };
+
+      if (cwd) {
+        options.cwd = cwd;
+      }
+
+      const { stdout, stderr } = await execPromise(command, options);
+
+      logger.info(`\n========== 命令执行结果 ==========`);
+      logger.info(`退出码: 0`);
+      logger.info(`标准输出长度: ${stdout?.length || 0} 字符`);
+      logger.info(`错误输出长度: ${stderr?.length || 0} 字符`);
+      logger.info(`========================================\n`);
+
+      return {
+        success: true,
+        exitCode: 0,
+        stdout: stdout || "",
+        stderr: stderr || "",
+        message: `命令执行成功: ${command}`,
+      };
+    } catch (error) {
+      logger.info(`\n========== 命令执行失败 ==========`);
+      logger.info(`命令: ${args.command}`);
+      logger.info(`退出码: ${error.code || error.signal || "未知"}`);
+      logger.info(`错误信息: ${error.message}`);
+      logger.info(`========================================\n`);
+
+      return {
+        success: false,
+        exitCode: error.code || error.signal || -1,
+        stdout: error.stdout || "",
+        stderr: error.stderr || "",
+        error: error.message,
+        message: `命令执行失败: ${args.command}`,
+      };
+    }
+  }
+
+  /**
+   * 获取允许的命令白名单
+   * @returns {Array<string>} 允许的命令列表
+   */
+  getAllowedCommands() {
+    return [...ALLOWED_COMMANDS];
+  }
+
+  /**
+   * 获取函数定义
+   * @returns {Array<Object>} 函数定义数组
+   */
+  getFunctionDefinitions() {
+    const whitelistStatus = WHITELIST_ENABLED
+      ? `仅允许执行白名单中的命令。允许的命令: ${ALLOWED_COMMANDS.join(", ")}。`
+      : `白名单已禁用，可以执行任意命令。但仍然会阻止危险操作。`;
+
+    return [
+      {
+        type: "function",
+        function: {
+          name: "execute_command",
+          description: `执行 shell 命令或命令行工具。
+          ${whitelistStatus}
+          始终不允许的操作: 权限提升(sudo/su)、危险删除(rm -rf /)、系统关机等。`,
+          parameters: {
+            type: "object",
+            properties: {
+              command: {
+                type: "string",
+                description: `要执行的命令，如 'ls -la', 'npm install', 'git status' 等。${WHITELIST_ENABLED ? "仅支持白名单中的命令" : ""}`,
+              },
+              cwd: {
+                type: "string",
+                description: "命令执行的工作目录，可选，默认为当前目录",
+              },
+              timeout: {
+                type: "number",
+                description: "命令超时时间（毫秒），可选，默认 30000（30秒）",
+              },
+            },
+            required: ["command"],
+          },
+        },
+      },
+    ];
+  }
+}
+
+module.exports = CommandTools;

package/dist/tools/file.tools.js

@@ -0,0 +1,222 @@
+const fs = require("fs").promises;
+const path = require("path");
+
+/**
+ * 文件工具类
+ * 提供文件读取、写入、列表和删除功能
+ */
+class FileTools {
+  /**
+   * 读取文件内容
+   * @param {Object} args - 参数对象
+   * @param {string} args.filePath - 文件路径
+   * @returns {Promise<Object>} 操作结果
+   */
+  async readFile(args) {
+    try {
+      const { filePath } = args;
+      const absolutePath = path.resolve(filePath);
+
+      const content = await fs.readFile(absolutePath, "utf-8");
+
+      return {
+        success: true,
+        filePath: absolutePath,
+        content: content,
+        message: `成功读取文件: ${absolutePath}`,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error.message,
+        message: `读取文件失败: ${error.message}`,
+      };
+    }
+  }
+
+  /**
+   * 写入内容到文件
+   * @param {Object} args - 参数对象
+   * @param {string} args.filePath - 文件路径
+   * @param {string} args.content - 要写入的内容
+   * @returns {Promise<Object>} 操作结果
+   */
+  async writeFile(args) {
+    try {
+      const { filePath, content } = args;
+      const absolutePath = path.resolve(filePath);
+
+      const dir = path.dirname(absolutePath);
+      await fs.mkdir(dir, { recursive: true });
+
+      await fs.writeFile(absolutePath, content, "utf-8");
+
+      return {
+        success: true,
+        filePath: absolutePath,
+        message: `成功写入文件: ${absolutePath}`,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error.message,
+        message: `写入文件失败: ${error.message}`,
+      };
+    }
+  }
+
+  /**
+   * 列出目录内容
+   * @param {Object} args - 参数对象
+   * @param {string} args.directoryPath - 目录路径，默认为当前目录
+   * @returns {Promise<Object>} 操作结果
+   */
+  async listFiles(args) {
+    try {
+      const { directoryPath = "." } = args;
+      const absolutePath = path.resolve(directoryPath);
+
+      const entries = await fs.readdir(absolutePath, { withFileTypes: true });
+
+      const files = [];
+      const directories = [];
+
+      for (const entry of entries) {
+        if (entry.isDirectory()) {
+          directories.push(entry.name);
+        } else {
+          const stat = await fs.stat(path.join(absolutePath, entry.name));
+          files.push({
+            name: entry.name,
+            size: stat.size,
+          });
+        }
+      }
+
+      return {
+        success: true,
+        path: absolutePath,
+        directories: directories,
+        files: files,
+        message: `成功列出目录: ${absolutePath}`,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error.message,
+        message: `列出目录失败: ${error.message}`,
+      };
+    }
+  }
+
+  /**
+   * 删除文件
+   * @param {Object} args - 参数对象
+   * @param {string} args.filePath - 要删除的文件路径
+   * @returns {Promise<Object>} 操作结果
+   */
+  async deleteFile(args) {
+    try {
+      const { filePath } = args;
+      const absolutePath = path.resolve(filePath);
+
+      await fs.unlink(absolutePath);
+
+      return {
+        success: true,
+        filePath: absolutePath,
+        message: `成功删除文件: ${absolutePath}`,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error.message,
+        message: `删除文件失败: ${error.message}`,
+      };
+    }
+  }
+
+  /**
+   * 获取函数定义
+   * 返回所有文件工具的函数定义，用于 OpenAI 函数调用格式
+   * @returns {Array<Object>} 函数定义数组
+   */
+  getFunctionDefinitions() {
+    return [
+      {
+        type: "function",
+        function: {
+          name: "read_file",
+          description: "读取本地文件内容",
+          parameters: {
+            type: "object",
+            properties: {
+              filePath: {
+                type: "string",
+                description: "文件路径，可以是相对路径或绝对路径",
+              },
+            },
+            required: ["filePath"],
+          },
+        },
+      },
+      {
+        type: "function",
+        function: {
+          name: "write_file",
+          description: "写入内容到本地文件",
+          parameters: {
+            type: "object",
+            properties: {
+              filePath: {
+                type: "string",
+                description: "文件路径，可以是相对路径或绝对路径",
+              },
+              content: {
+                type: "string",
+                description: "要写入文件的内容",
+              },
+            },
+            required: ["filePath", "content"],
+          },
+        },
+      },
+      {
+        type: "function",
+        function: {
+          name: "list_files",
+          description: "列出指定目录下的文件和子目录",
+          parameters: {
+            type: "object",
+            properties: {
+              directoryPath: {
+                type: "string",
+                description: "目录路径，默认为当前目录",
+                default: ".",
+              },
+            },
+          },
+        },
+      },
+      {
+        type: "function",
+        function: {
+          name: "delete_file",
+          description: "删除指定的文件",
+          parameters: {
+            type: "object",
+            properties: {
+              filePath: {
+                type: "string",
+                description: "要删除的文件路径",
+              },
+            },
+            required: ["filePath"],
+          },
+        },
+      },
+    ];
+  }
+}
+
+module.exports = FileTools;