joonecli 0.2.0 → 0.2.1

package/dist/tools/browser.js

@@ -1,114 +0,0 @@
-// ─── Sandbox + Installer references ─────────────────────────────────────────
-let _sandboxManager = null;
-let _installer = null;
-export function bindBrowserSandbox(sandbox, installer) {
-    _sandboxManager = sandbox;
-    _installer = installer;
-}
-// ─── Helpers ────────────────────────────────────────────────────────────────────
-/**
- * Escapes a string so it can be safely used as an argument in a Bash shell command.
- * It wraps the string in single quotes and safely escapes internal single quotes.
- */
-function escapeBashArg(arg) {
-    return `'${arg.replace(/'/g, "'\\''")}'`;
-}
-// ─── BrowserTool ────────────────────────────────────────────────────────────────
-/**
- * Web Browser Tool — wraps Vercel Labs' `agent-browser` CLI.
- *
- * Provides compact accessibility-tree output optimized for LLMs
- * (low token usage vs raw HTML). Runs inside the E2B sandbox.
- *
- * Supported actions:
- * - navigate: Go to a URL
- * - snapshot: Get the accessibility tree (compact text representation)
- * - click: Click an element by ref
- * - type: Type text into a form field by ref
- * - screenshot: Capture a screenshot
- * - scroll: Scroll the page up or down
- */
-export const BrowserTool = {
-    name: "browser",
-    description: "Interact with web pages using a headless browser. Actions: navigate, snapshot, click, type, screenshot, scroll. " +
-        "Returns compact accessibility-tree text output optimized for AI consumption.",
-    schema: {
-        type: "object",
-        properties: {
-            action: {
-                type: "string",
-                enum: ["navigate", "snapshot", "click", "type", "screenshot", "scroll"],
-                description: "The browser action to perform",
-            },
-            url: {
-                type: "string",
-                description: "URL to navigate to (required for 'navigate')",
-            },
-            ref: {
-                type: "string",
-                description: "Element reference from the accessibility tree (required for 'click' and 'type')",
-            },
-            text: {
-                type: "string",
-                description: "Text to type (required for 'type')",
-            },
-            direction: {
-                type: "string",
-                enum: ["up", "down"],
-                description: "Scroll direction for 'scroll' action (optional, defaults to 'down')",
-            },
-        },
-        required: ["action"],
-    },
-    execute: async (args, emitter) => {
-        if (args.action === "navigate" && args.url && emitter) {
-            emitter.emit("agent:event", { type: "browser:nav", url: args.url });
-        }
-        if (!_sandboxManager || !_sandboxManager.isActive()) {
-            return { content: "Sandbox is not active. Cannot use browser tool.", isError: true };
-        }
-        // Build the CLI command
-        let command;
-        switch (args.action) {
-            case "navigate":
-                if (!args.url)
-                    return { content: "Error: 'url' is required for navigate action.", isError: true };
-                command = `agent-browser navigate ${escapeBashArg(args.url)} 2>&1`;
-                break;
-            case "snapshot":
-                command = "agent-browser snapshot 2>&1";
-                break;
-            case "click":
-                if (!args.ref)
-                    return { content: "Error: 'ref' is required for click action.", isError: true };
-                command = `agent-browser click ${escapeBashArg(args.ref)} 2>&1`;
-                break;
-            case "type":
-                if (!args.ref)
-                    return { content: "Error: 'ref' is required for type action.", isError: true };
-                if (!args.text)
-                    return { content: "Error: 'text' is required for type action.", isError: true };
-                command = `agent-browser type ${escapeBashArg(args.ref)} ${escapeBashArg(args.text)} 2>&1`;
-                break;
-            case "screenshot":
-                command = "agent-browser screenshot 2>&1";
-                break;
-            case "scroll":
-                const dir = args.direction || "down";
-                command = `agent-browser scroll ${escapeBashArg(dir)} 2>&1`;
-                break;
-            default:
-                return { content: `Error: Unknown action "${args.action}". Use: navigate, snapshot, click, type, screenshot, scroll.`, isError: true };
-        }
-        const result = await _sandboxManager.exec(command);
-        if (result.exitCode !== 0) {
-            return {
-                content: `Browser action failed (exit code ${result.exitCode}):\n${result.stdout}\n${result.stderr}`,
-                metadata: { exitCode: result.exitCode },
-                isError: true
-            };
-        }
-        return { content: result.stdout || "(no output)", metadata: { exitCode: result.exitCode }, isError: false };
-    },
-};
-//# sourceMappingURL=browser.js.map

package/dist/tools/browser.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/tools/browser.ts"],"names":[],"mappings":"AAKA,+EAA+E;AAE/E,IAAI,eAAe,GAA0B,IAAI,CAAC;AAClD,IAAI,UAAU,GAAyB,IAAI,CAAC;AAE5C,MAAM,UAAU,kBAAkB,CAChC,OAAuB,EACvB,SAAwB;IAExB,eAAe,GAAG,OAAO,CAAC;IAC1B,UAAU,GAAG,SAAS,CAAC;AACzB,CAAC;AAED,mFAAmF;AAEnF;;;GAGG;AACH,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC;AAC3C,CAAC;AAED,mFAAmF;AAEnF;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,MAAM,WAAW,GAAyB;IAC/C,IAAI,EAAE,SAAS;IACf,WAAW,EACT,kHAAkH;QAClH,8EAA8E;IAChF,MAAM,EAAE;QACN,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,QAAQ,CAAC;gBACvE,WAAW,EAAE,+BAA+B;aAC7C;YACD,GAAG,EAAE;gBACH,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,8CAA8C;aAC5D;YACD,GAAG,EAAE;gBACH,IAAI,EAAE,QAAQ;gBACd,WAAW,EACT,iFAAiF;aACpF;YACD,IAAI,EAAE;gBACJ,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,oCAAoC;aAClD;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC;gBACpB,WAAW,EAAE,qEAAqE;aACnF;SAAM;QACT,QAAQ,EAAE,CAAC,QAAQ,CAAC;KACrB;IACD,OAAO,EAAE,KAAK,EAAE,IAMf,EAAE,OAA2B,EAAuB,EAAE;QACrD,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,IAAI,OAAO,EAAE,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,eAAe,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,CAAC;YACpD,OAAO,EAAE,OAAO,EAAE,iDAAiD,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QACvF,CAAC;QAED,wBAAwB;QACxB,IAAI,OAAe,CAAC;QAEpB,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;YACpB,KAAK,UAAU;gBACb,IAAI,CAAC,IAAI,CAAC,GAAG;oBAAE,OAAO,EAAE,OAAO,EAAE,+CAA+C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAClG,OAAO,GAAG,0BAA0B,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC;gBACnE,MAAM;YAER,KAAK,UAAU;gBACb,OAAO,GAAG,6BAA6B,CAAC;gBACxC,MAAM;YAER,KAAK,OAAO;gBACV,IAAI,CAAC,IAAI,CAAC,GAAG;oBAAE,OAAO,EAAE,OAAO,EAAE,4CAA4C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC/F,OAAO,GAAG,uBAAuB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC;gBAChE,MAAM;YAER,KAAK,MAAM;gBACT,IAAI,CAAC,IAAI,CAAC,GAAG;oBAAE,OAAO,EAAE,OAAO,EAAE,2CAA2C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAC9F,IAAI,CAAC,IAAI,CAAC,IAAI;oBAAE,OAAO,EAAE,OAAO,EAAE,4CAA4C,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;gBAChG,OAAO,GAAG,sBAAsB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC;gBAC3F,MAAM;YAER,KAAK,YAAY;gBACf,OAAO,GAAG,+BAA+B,CAAC;gBAC1C,MAAM;YAER,KAAK,QAAQ;gBACX,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC;gBACrC,OAAO,GAAG,wBAAwB,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC;gBAC5D,MAAM;YAER;gBACE,OAAO,EAAE,OAAO,EAAE,0BAA0B,IAAI,CAAC,MAAM,8DAA8D,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3I,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,oCAAoC,MAAM,CAAC,QAAQ,OAAO,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE;gBACpG,QAAQ,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvC,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,IAAI,aAAa,EAAE,QAAQ,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC9G,CAAC;CACF,CAAC"}

package/dist/tools/registry.d.ts

@@ -1,31 +0,0 @@
-import { DynamicToolInterface } from "./index.js";
-/**
- * Lazy Tool Registry
- *
- * Instead of loading all complex tools into the System Prompt (which burns tokens
- * and risks cache invalidation if changed), this registry maintains "stubs" —
- * lightweight descriptors that let the agent discover tools on demand.
- *
- * Tools in DeferredToolsDB are NOT sent to the LLM by default. The agent can
- * search for them via SearchToolsTool, then activate them via ActivateToolTool.
- */
-export declare const DeferredToolsDB: Record<string, DynamicToolInterface>;
-/**
- * Returns a tool that has been dynamically activated.
- */
-export declare function getActivatedTool(name: string): DynamicToolInterface | undefined;
-/**
- * Returns all currently activated tools.
- */
-export declare function getActivatedTools(): DynamicToolInterface[];
-/**
- * Activates a tool from the deferred registry, making it available for execution.
- * Returns the activated tool, or undefined if not found.
- */
-export declare function activateTool(name: string): DynamicToolInterface | undefined;
-/**
- * Resets all activated tools. For testing.
- */
-export declare function resetActivatedTools(): void;
-export declare const SearchToolsTool: DynamicToolInterface;
-export declare const ActivateToolTool: DynamicToolInterface;

package/dist/tools/registry.js

@@ -1,168 +0,0 @@
-/**
- * Lazy Tool Registry
- *
- * Instead of loading all complex tools into the System Prompt (which burns tokens
- * and risks cache invalidation if changed), this registry maintains "stubs" —
- * lightweight descriptors that let the agent discover tools on demand.
- *
- * Tools in DeferredToolsDB are NOT sent to the LLM by default. The agent can
- * search for them via SearchToolsTool, then activate them via ActivateToolTool.
- */
-// ─── Deferred (Lazy) Tools ─────────────────────────────────────────────────────
-export const DeferredToolsDB = {
-    git_commit: {
-        name: "git_commit",
-        description: "Creates a new git commit with staged changes.",
-        schema: {
-            type: "object",
-            properties: { message: { type: "string" } },
-            required: ["message"],
-        },
-        execute: async (args) => ({ content: `Committed with message: ${args.message}` }),
-    },
-    git_diff: {
-        name: "git_diff",
-        description: "Shows the diff of uncommitted changes or between two branches/commits.",
-        schema: {
-            type: "object",
-            properties: {
-                target: {
-                    type: "string",
-                    description: "Branch, commit, or file path (optional)",
-                },
-            },
-        },
-        execute: async (args) => ({ content: `Diff for: ${args.target || "working directory"}` }),
-    },
-    git_log: {
-        name: "git_log",
-        description: "Shows recent commit history with messages and hashes.",
-        schema: {
-            type: "object",
-            properties: {
-                count: {
-                    type: "number",
-                    description: "Number of recent commits to show (default: 10)",
-                },
-            },
-        },
-        execute: async (args) => ({ content: `Showing last ${args.count || 10} commits.` }),
-    },
-    grep_search: {
-        name: "grep_search",
-        description: "Searches for a text pattern across project files using ripgrep. Returns matching lines with filenames and line numbers.",
-        schema: {
-            type: "object",
-            properties: {
-                query: { type: "string", description: "Search pattern (regex supported)" },
-                path: { type: "string", description: "Directory or file to search in (default: .)" },
-                includes: { type: "string", description: "File glob filter (e.g., '*.ts')" },
-            },
-            required: ["query"],
-        },
-        execute: async (args) => ({ content: `Search results for '${args.query}'` }),
-    },
-    list_dir: {
-        name: "list_dir",
-        description: "Lists the contents of a directory — files and subdirectories with sizes.",
-        schema: {
-            type: "object",
-            properties: {
-                path: { type: "string", description: "Directory path to list" },
-            },
-            required: ["path"],
-        },
-        execute: async (args) => ({ content: `Directory listing for: ${args.path}` }),
-    },
-};
-// ─── Active Tool Set (starts empty, filled by ActivateToolTool) ─────────────
-const activatedTools = new Map();
-/**
- * Returns a tool that has been dynamically activated.
- */
-export function getActivatedTool(name) {
-    return activatedTools.get(name);
-}
-/**
- * Returns all currently activated tools.
- */
-export function getActivatedTools() {
-    return Array.from(activatedTools.values());
-}
-/**
- * Activates a tool from the deferred registry, making it available for execution.
- * Returns the activated tool, or undefined if not found.
- */
-export function activateTool(name) {
-    const tool = DeferredToolsDB[name];
-    if (!tool)
-        return undefined;
-    activatedTools.set(name, tool);
-    return tool;
-}
-/**
- * Resets all activated tools. For testing.
- */
-export function resetActivatedTools() {
-    activatedTools.clear();
-}
-// ─── SearchToolsTool ────────────────────────────────────────────────────────────
-/**
- * Fuzzy search: matches on tool name OR any word in the description.
- */
-function fuzzyMatch(query, tool) {
-    const q = query.toLowerCase();
-    const nameMatch = tool.name.toLowerCase().includes(q);
-    const descWords = tool.description.toLowerCase();
-    const descMatch = descWords.includes(q);
-    return nameMatch || descMatch;
-}
-export const SearchToolsTool = {
-    name: "search_tools",
-    description: "Search for advanced tools available in the environment. Matches by tool name or description keywords.",
-    schema: {
-        type: "object",
-        properties: {
-            query: { type: "string", description: "Search query" },
-        },
-        required: ["query"],
-    },
-    execute: async (args) => {
-        const matches = Object.values(DeferredToolsDB).filter((tool) => fuzzyMatch(args.query, tool));
-        if (matches.length === 0) {
-            return { content: `No tools found matching '${args.query}'. Available categories: git, file, search.` };
-        }
-        const descriptions = matches.map((t) => `- **${t.name}**: ${t.description}`);
-        return {
-            content: `Found ${matches.length} tool(s):\n${descriptions.join("\n")}\n\n` +
-                `To use a tool, call activate_tool with its name.`
-        };
-    },
-};
-// ─── ActivateToolTool ───────────────────────────────────────────────────────────
-export const ActivateToolTool = {
-    name: "activate_tool",
-    description: "Activates a discovered tool for use. Call search_tools first to find available tools.",
-    schema: {
-        type: "object",
-        properties: {
-            name: { type: "string", description: "The tool name to activate" },
-        },
-        required: ["name"],
-    },
-    execute: async (args) => {
-        const tool = activateTool(args.name);
-        if (!tool) {
-            return {
-                content: `Error: Tool '${args.name}' not found in the registry. Use search_tools to see available tools.`,
-                isError: true
-            };
-        }
-        return {
-            content: `✓ Tool '${args.name}' activated.\n` +
-                `Schema: ${JSON.stringify(tool.schema, null, 2)}\n` +
-                `You can now call it directly.`
-        };
-    },
-};
-//# sourceMappingURL=registry.js.map

package/dist/tools/registry.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/tools/registry.ts"],"names":[],"mappings":"AAEA;;;;;;;;;GASG;AAEH,kFAAkF;AAElF,MAAM,CAAC,MAAM,eAAe,GAAyC;IACnE,UAAU,EAAE;QACV,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,+CAA+C;QAC5D,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;YAC3C,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,2BAA2B,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;KAClF;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,wEAAwE;QAC1E,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,yCAAyC;iBACvD;aACF;SACF;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,aAAa,IAAI,CAAC,MAAM,IAAI,mBAAmB,EAAE,EAAE,CAAC;KAC1F;IACD,OAAO,EAAE;QACP,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,uDAAuD;QACpE,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gDAAgD;iBAC9D;aACF;SACF;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,gBAAgB,IAAI,CAAC,KAAK,IAAI,EAAE,WAAW,EAAE,CAAC;KACpF;IACD,WAAW,EAAE;QACX,IAAI,EAAE,aAAa;QACnB,WAAW,EACT,yHAAyH;QAC3H,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kCAAkC,EAAE;gBAC1E,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE;gBACpF,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iCAAiC,EAAE;aAC7E;YACD,QAAQ,EAAE,CAAC,OAAO,CAAC;SACpB;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,uBAAuB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;KAC7E;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,0EAA0E;QAC5E,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;aAChE;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,OAAO,EAAE,0BAA0B,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;KAC9E;CACF,CAAC;AAEF,+EAA+E;AAE/E,MAAM,cAAc,GAAsC,IAAI,GAAG,EAAE,CAAC;AAEpE;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,OAAO,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,IAAY;IACvC,MAAM,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IACnC,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAE5B,cAAc,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC/B,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,cAAc,CAAC,KAAK,EAAE,CAAC;AACzB,CAAC;AAED,mFAAmF;AAEnF;;GAEG;AACH,SAAS,UAAU,CAAC,KAAa,EAAE,IAA0B;IAC3D,MAAM,CAAC,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;IACjD,MAAM,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,SAAS,IAAI,SAAS,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,MAAM,eAAe,GAAyB;IACnD,IAAI,EAAE,cAAc;IACpB,WAAW,EACT,uGAAuG;IACzG,MAAM,EAAE;QACN,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE;SACvD;QACD,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB;IACD,OAAO,EAAE,KAAK,EAAE,IAAuB,EAAE,EAAE;QACzC,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAC7D,UAAU,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAC7B,CAAC;QAEF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,EAAE,OAAO,EAAE,4BAA4B,IAAI,CAAC,KAAK,6CAA6C,EAAE,CAAC;QAC1G,CAAC;QAED,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAC9B,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,CAC3C,CAAC;QAEF,OAAO;YACL,OAAO,EACL,SAAS,OAAO,CAAC,MAAM,cAAc,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM;gBAClE,kDAAkD;SACrD,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,mFAAmF;AAEnF,MAAM,CAAC,MAAM,gBAAgB,GAAyB;IACpD,IAAI,EAAE,eAAe;IACrB,WAAW,EACT,uFAAuF;IACzF,MAAM,EAAE;QACN,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;SACnE;QACD,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD,OAAO,EAAE,KAAK,EAAE,IAAsB,EAAE,EAAE;QACxC,MAAM,IAAI,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAErC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,gBAAgB,IAAI,CAAC,IAAI,uEAAuE;gBACzG,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EACL,WAAW,IAAI,CAAC,IAAI,gBAAgB;gBACpC,WAAW,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI;gBACnD,+BAA+B;SAClC,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/tools/router.d.ts

@@ -1,34 +0,0 @@
-/**
- * Where a tool executes — on the host machine or in the sandbox.
- */
-export declare enum ToolTarget {
-    /** Run on the host (Node.js process). User sees changes in IDE. */
-    HOST = "host",
-    /** Run inside the E2B sandbox. Commands are isolated. */
-    SANDBOX = "sandbox"
-}
-/**
- * Routes tool calls to either the host machine or the E2B sandbox.
- *
- * Design principle: File I/O runs on the host so the user sees changes
- * in their IDE in real-time. Code execution runs in the sandbox for safety.
- *
- * Unknown tools default to SANDBOX (safe-by-default).
- */
-export declare class ToolRouter {
-    /**
-     * Determines where a tool should execute.
-     *
-     * @param toolName The name of the tool being invoked.
-     * @returns ToolTarget.HOST or ToolTarget.SANDBOX
-     */
-    getTarget(toolName: string): ToolTarget;
-    /**
-     * Returns true if the tool should run on the host.
-     */
-    isHostTool(toolName: string): boolean;
-    /**
-     * Returns true if the tool should run in the sandbox.
-     */
-    isSandboxTool(toolName: string): boolean;
-}

package/dist/tools/router.js

@@ -1,76 +0,0 @@
-/**
- * Where a tool executes — on the host machine or in the sandbox.
- */
-export var ToolTarget;
-(function (ToolTarget) {
-    /** Run on the host (Node.js process). User sees changes in IDE. */
-    ToolTarget["HOST"] = "host";
-    /** Run inside the E2B sandbox. Commands are isolated. */
-    ToolTarget["SANDBOX"] = "sandbox";
-})(ToolTarget || (ToolTarget = {}));
-/**
- * Tools that execute on the host machine (no code execution risk).
- */
-const HOST_TOOLS = new Set([
-    "write_file",
-    "read_file",
-    "search_tools",
-    "activate_tool",
-    "list_files",
-    "search_files",
-    "web_search",
-    "search_skills",
-    "load_skill",
-    "spawn_agent",
-    "check_agent",
-    "install_host_dependencies",
-]);
-/**
- * Tools that execute inside the sandboxed environment.
- */
-const SANDBOX_TOOLS = new Set([
-    "bash",
-    "run_tests",
-    "install_deps",
-    "run_command",
-    "python",
-    "security_scan",
-    "dep_scan",
-    "browser",
-]);
-/**
- * Routes tool calls to either the host machine or the E2B sandbox.
- *
- * Design principle: File I/O runs on the host so the user sees changes
- * in their IDE in real-time. Code execution runs in the sandbox for safety.
- *
- * Unknown tools default to SANDBOX (safe-by-default).
- */
-export class ToolRouter {
-    /**
-     * Determines where a tool should execute.
-     *
-     * @param toolName The name of the tool being invoked.
-     * @returns ToolTarget.HOST or ToolTarget.SANDBOX
-     */
-    getTarget(toolName) {
-        if (HOST_TOOLS.has(toolName)) {
-            return ToolTarget.HOST;
-        }
-        // Default: sandbox (safe-by-default — never execute unknown tools on host)
-        return ToolTarget.SANDBOX;
-    }
-    /**
-     * Returns true if the tool should run on the host.
-     */
-    isHostTool(toolName) {
-        return this.getTarget(toolName) === ToolTarget.HOST;
-    }
-    /**
-     * Returns true if the tool should run in the sandbox.
-     */
-    isSandboxTool(toolName) {
-        return this.getTarget(toolName) === ToolTarget.SANDBOX;
-    }
-}
-//# sourceMappingURL=router.js.map

package/dist/tools/router.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"router.js","sourceRoot":"","sources":["../../src/tools/router.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAN,IAAY,UAKX;AALD,WAAY,UAAU;IACpB,mEAAmE;IACnE,2BAAa,CAAA;IACb,yDAAyD;IACzD,iCAAmB,CAAA;AACrB,CAAC,EALW,UAAU,KAAV,UAAU,QAKrB;AAED;;GAEG;AACH,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,YAAY;IACZ,WAAW;IACX,cAAc;IACd,eAAe;IACf,YAAY;IACZ,cAAc;IACd,YAAY;IACZ,eAAe;IACf,YAAY;IACZ,aAAa;IACb,aAAa;IACb,2BAA2B;CAC5B,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,MAAM;IACN,WAAW;IACX,cAAc;IACd,aAAa;IACb,QAAQ;IACR,eAAe;IACf,UAAU;IACV,SAAS;CACV,CAAC,CAAC;AAEH;;;;;;;GAOG;AACH,MAAM,OAAO,UAAU;IACrB;;;;;OAKG;IACH,SAAS,CAAC,QAAgB;QACxB,IAAI,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,UAAU,CAAC,IAAI,CAAC;QACzB,CAAC;QACD,2EAA2E;QAC3E,OAAO,UAAU,CAAC,OAAO,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,QAAgB;QACzB,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,UAAU,CAAC,IAAI,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,QAAgB;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,UAAU,CAAC,OAAO,CAAC;IACzD,CAAC;CACF"}

package/dist/tools/security.d.ts

@@ -1,28 +0,0 @@
-import { SandboxManager } from "../sandbox/manager.js";
-import { LazyInstaller } from "../sandbox/bootstrap.js";
-import { DynamicToolInterface } from "./index.js";
-/**
- * Binds the security tools to the sandbox and installer.
- * Must be called at session start.
- */
-export declare function bindSecuritySandbox(sandbox: SandboxManager, installer: LazyInstaller): void;
-/**
- * Scans code for security vulnerabilities using the Gemini CLI Security Extension.
- *
- * Execution flow:
- * 1. LazyInstaller ensures Gemini CLI + security extension are in the sandbox.
- * 2. Runs `gemini -x security:analyze` in the sandbox.
- * 3. Returns the generated security report.
- *
- * If Gemini CLI installation fails, returns a descriptive fallback message
- * suggesting manual review or alternative tools.
- */
-export declare const SecurityScanTool: DynamicToolInterface;
-/**
- * Scans project dependencies for known vulnerabilities.
- *
- * Execution flow:
- * 1. Try OSV-Scanner (more comprehensive, covers multiple ecosystems).
- * 2. Fall back to `npm audit --json` (always available in Node sandboxes).
- */
-export declare const DepScanTool: DynamicToolInterface;

package/dist/tools/security.js

@@ -1,183 +0,0 @@
-// ─── Sandbox + Installer references (set at session start) ──────────────────
-let _sandboxManager = null;
-let _installer = null;
-/**
- * Binds the security tools to the sandbox and installer.
- * Must be called at session start.
- */
-export function bindSecuritySandbox(sandbox, installer) {
-    _sandboxManager = sandbox;
-    _installer = installer;
-}
-// ─── Security Helpers ───────────────────────────────────────────────────────────
-/**
- * Escapes a string so it can be safely used as an argument in a Bash shell command.
- */
-function escapeBashArg(arg) {
-    return `'${arg.replace(/'/g, "'\\''")}'`;
-}
-/**
- * Validates a file path to prevent directory traversal out of the workspace.
- */
-function isSafePath(pathStr) {
-    if (!pathStr || pathStr.trim() === "")
-        return false;
-    if (pathStr.includes("..") || pathStr.startsWith("/"))
-        return false;
-    return true;
-}
-// ─── SecurityScanTool ───────────────────────────────────────────────────────────
-/**
- * Scans code for security vulnerabilities using the Gemini CLI Security Extension.
- *
- * Execution flow:
- * 1. LazyInstaller ensures Gemini CLI + security extension are in the sandbox.
- * 2. Runs `gemini -x security:analyze` in the sandbox.
- * 3. Returns the generated security report.
- *
- * If Gemini CLI installation fails, returns a descriptive fallback message
- * suggesting manual review or alternative tools.
- */
-export const SecurityScanTool = {
-    name: "security_scan",
-    description: "Scans code changes for security vulnerabilities using the Gemini CLI Security Extension. " +
-        "Analyzes the current branch diff for common vulnerabilities and generates a security report.",
-    schema: {
-        type: "object",
-        properties: {
-            target: {
-                type: "string",
-                enum: ["changes", "file", "deps"],
-                description: 'What to scan: "changes" (branch diff), "file" (specific file), "deps" (dependencies only)',
-            },
-            path: {
-                type: "string",
-                description: "File path for single-file scan (required when target is 'file')",
-            },
-        },
-        required: ["target"],
-    },
-    execute: async (args) => {
-        if (!_sandboxManager || !_sandboxManager.isActive()) {
-            return { content: "Sandbox is not active. Cannot run security scan.", isError: true };
-        }
-        if (!_installer) {
-            return { content: "LazyInstaller not initialized. Call bindSecuritySandbox() first.", isError: true };
-        }
-        // Ensure Gemini CLI is available
-        const cliReady = await _installer.ensureGeminiCli(_sandboxManager);
-        if (!cliReady) {
-            return {
-                content: ("⚠ Gemini CLI could not be installed in the sandbox.\n" +
-                    "Suggestions:\n" +
-                    '  - Use `dep_scan` tool for dependency vulnerability scanning (uses npm audit)\n' +
-                    "  - Manually review code for OWASP Top 10 vulnerabilities\n" +
-                    "  - Set sandboxTemplate to a pre-baked template with Gemini CLI installed"),
-                isError: true
-            };
-        }
-        // Build the command based on target
-        let command;
-        switch (args.target) {
-            case "changes":
-                command = "cd /workspace && gemini -x security:analyze 2>&1";
-                break;
-            case "file":
-                if (!args.path) {
-                    return { content: "Error: 'path' is required when target is 'file'.", isError: true };
-                }
-                if (!isSafePath(args.path)) {
-                    return { content: "Error: Invalid file path. Path must be relative and cannot contain traversal characters ('..').", isError: true };
-                }
-                command = `cd /workspace && gemini -x security:analyze --file ${escapeBashArg(args.path)} 2>&1`;
-                break;
-            case "deps":
-                command = "cd /workspace && gemini -x security:analyze --deps-only 2>&1";
-                break;
-            default:
-                return { content: `Error: Unknown target "${args.target}". Use "changes", "file", or "deps".`, isError: true };
-        }
-        const result = await _sandboxManager.exec(command);
-        if (result.exitCode !== 0) {
-            return {
-                content: `Security scan failed (exit code ${result.exitCode}):\n${result.stdout}\n${result.stderr}`,
-                metadata: { exitCode: result.exitCode },
-                isError: true
-            };
-        }
-        return {
-            content: result.stdout || "Security scan completed — no issues found.",
-            metadata: { exitCode: result.exitCode },
-            isError: false
-        };
-    },
-};
-// ─── DepScanTool ────────────────────────────────────────────────────────────────
-/**
- * Scans project dependencies for known vulnerabilities.
- *
- * Execution flow:
- * 1. Try OSV-Scanner (more comprehensive, covers multiple ecosystems).
- * 2. Fall back to `npm audit --json` (always available in Node sandboxes).
- */
-export const DepScanTool = {
-    name: "dep_scan",
-    description: "Scans project dependencies for known vulnerabilities (CVEs). " +
-        "Uses OSV-Scanner when available, falls back to npm audit.",
-    schema: {
-        type: "object",
-        properties: {
-            format: {
-                type: "string",
-                enum: ["summary", "json"],
-                description: 'Output format: "summary" (human readable) or "json" (raw)',
-            },
-        },
-    },
-    execute: async (args) => {
-        if (!_sandboxManager || !_sandboxManager.isActive()) {
-            return { content: "Sandbox is not active. Cannot run dependency scan.", isError: true };
-        }
-        if (!_installer) {
-            return { content: "LazyInstaller not initialized.", isError: true };
-        }
-        const format = args?.format ?? "summary";
-        // Try OSV-Scanner first
-        const osvReady = await _installer.ensureOsvScanner(_sandboxManager);
-        if (osvReady) {
-            const osvCmd = format === "json"
-                ? "cd /workspace && osv-scanner --json . 2>&1"
-                : "cd /workspace && osv-scanner . 2>&1";
-            const result = await _sandboxManager.exec(osvCmd);
-            if (result.exitCode === 0) {
-                return {
-                    content: result.stdout || "No known vulnerabilities found in dependencies.",
-                    metadata: { exitCode: result.exitCode },
-                    isError: false
-                };
-            }
-            // Exit code 1 from OSV-Scanner means vulnerabilities found — still valid output
-            if (result.exitCode === 1 && result.stdout) {
-                return {
-                    content: result.stdout,
-                    metadata: { exitCode: result.exitCode },
-                    isError: false
-                };
-            }
-            // If we reach here, OSV-Scanner failed for another reason (e.g. exit > 1)
-            console.warn(`⚠ OSV-Scanner failed (exit code ${result.exitCode}). Falling back to npm audit.\nDetails: ${result.stdout}\n${result.stderr}`);
-        }
-        // Fallback: npm audit
-        const auditCmd = format === "json"
-            ? "cd /workspace && npm audit --json 2>&1"
-            : "cd /workspace && npm audit 2>&1";
-        const auditResult = await _sandboxManager.exec(auditCmd);
-        // npm audit returns 1 when vulnerabilities are found — that's valid output
-        return {
-            content: auditResult.stdout || "No known vulnerabilities found in dependencies.",
-            metadata: { exitCode: auditResult.exitCode },
-            isError: false
-        };
-    },
-};
-//# sourceMappingURL=security.js.map