naisys 1.0.3 → 1.1.0

package/README.md

@@ -61,7 +61,7 @@ title: Software Engineer
 
 # The model to use for console interactions
 # (gpt4turbo, gpt4turbo, gemini-pro, claude3sonnet, claude3opus, local)
-consoleModel: claude3sonnet
+shellModel: claude3sonnet
 
 # The model to use for llmynx, pre-processing websites to fit into a smaller context
 webModel: gpt3turbo
@@ -92,6 +92,12 @@ wakeOnMessage: false
 # The maximum amount to spend on LLM interactions
 # Once reached the agent will stop and this value will need to be increased to continue
 spendLimitDollars: 2.00
+
+# None: Commands from the LLM run automatically, this is the default setting as well if the value is not set
+# Manual: Every command the LLM wants you run you have to approve [y/n]
+# Auto: All commands are run through the separate LLM instace, commands that look like they'll modify the system are blocked
+commandProtection: 'none'
+
 # Additional custom variables can be defined here and/or in the .env file to be loaded into the agent prompt
 ```
 

package/dist/apps/llmail.js

@@ -347,4 +347,10 @@ function validateMsgTokenCount(message) {
 async function usingDatabase(run) {
     return dbUtils.usingDatabase(_dbFilePath, run);
 }
+export async function hasMultipleUsers() {
+    return await usingDatabase(async (db) => {
+        const users = await db.all("SELECT * FROM Users");
+        return users.length > 1;
+    });
+}
 //# sourceMappingURL=llmail.js.map

package/dist/command/commandHandler.js

@@ -11,6 +11,7 @@ import * as logService from "../utils/logService.js";
 import * as output from "../utils/output.js";
 import { OutputColor } from "../utils/output.js";
 import * as utilities from "../utils/utilities.js";
+import * as commandProtection from "./commandProtection.js";
 import * as promptBuilder from "./promptBuilder.js";
 import * as shellCommand from "./shellCommand.js";
 export var NextCommandAction;
@@ -20,7 +21,7 @@ export var NextCommandAction;
     NextCommandAction[NextCommandAction["ExitApplication"] = 2] = "ExitApplication";
 })(NextCommandAction || (NextCommandAction = {}));
 export let previousSessionNotes = await logService.getPreviousEndSessionNote();
-export async function consoleInput(prompt, consoleInput) {
+export async function processCommand(prompt, consoleInput) {
     // We process the lines one at a time so we can support multiple commands with line breaks
     let firstLine = true;
     let processNextLLMpromptBlock = true;
@@ -47,6 +48,13 @@ export async function consoleInput(prompt, consoleInput) {
                 await output.commentAndLog("Continuing with next command from same LLM response...");
                 await contextManager.append(input, ContentSource.LLM);
             }
+            // Run write protection checks if enabled
+            const { commandAllowed, rejectReason } = await commandProtection.validateCommand(input);
+            if (!commandAllowed) {
+                await output.errorAndLog(`Write Protection Triggered`);
+                await contextManager.append(rejectReason || "Unknown");
+                break;
+            }
         }
         const cmdParams = input.split(" ");
         const cmdArgs = input.slice(cmdParams[0].length).trim();

package/dist/command/commandLoop.js

@@ -18,7 +18,7 @@ import * as promptBuilder from "./promptBuilder.js";
 const maxErrorCount = 5;
 export async function run() {
     // Show Agent Config exept the agent prompt
-    await output.commentAndLog(`Agent configured to use ${config.agent.consoleModel} model`);
+    await output.commentAndLog(`Agent configured to use ${config.agent.shellModel} model`);
     // Show System Message
     await output.commentAndLog("System Message:");
     const systemMessage = contextManager.getSystemMessage();
@@ -35,28 +35,30 @@ export async function run() {
         await output.commentAndLog("Starting Context:");
         await contextManager.append("Previous Session Note:");
         await contextManager.append(commandHandler.previousSessionNotes || "None");
-        await commandHandler.consoleInput(await promptBuilder.getPrompt(), "llmail help");
-        await commandHandler.consoleInput(await promptBuilder.getPrompt(), "llmail users");
+        if (await llmail.hasMultipleUsers()) {
+            await commandHandler.processCommand(await promptBuilder.getPrompt(), "llmail help");
+            await commandHandler.processCommand(await promptBuilder.getPrompt(), "llmail users");
+        }
         inputMode.toggle(InputMode.Debug);
         let pauseSeconds = config.agent.debugPauseSeconds;
         let wakeOnMessage = config.agent.wakeOnMessage;
         while (nextCommandAction == NextCommandAction.Continue) {
             const prompt = await promptBuilder.getPrompt(pauseSeconds, wakeOnMessage);
-            let input = "";
+            let consoleInput = "";
             // Debug command prompt
             if (inputMode.current === InputMode.Debug) {
-                input = await promptBuilder.getInput(`${prompt}`, pauseSeconds, wakeOnMessage);
+                consoleInput = await promptBuilder.getInput(`${prompt}`, pauseSeconds, wakeOnMessage);
             }
             // LLM command prompt
             else if (inputMode.current === InputMode.LLM) {
                 const workingMsg = prompt +
-                    chalk[output.OutputColor.loading](`LLM (${config.agent.consoleModel}) Working...`);
+                    chalk[output.OutputColor.loading](`LLM (${config.agent.shellModel}) Working...`);
                 try {
-                    await displayNewMail();
-                    await displayContextWarning();
+                    await checkNewMailNotification();
+                    await checkContextLimitWarning();
                     await contextManager.append(prompt, ContentSource.ConsolePrompt);
                     process.stdout.write(workingMsg);
-                    input = await llmService.query(config.agent.consoleModel, contextManager.getSystemMessage(), contextManager.messages, "console");
+                    consoleInput = await llmService.query(config.agent.shellModel, contextManager.getSystemMessage(), contextManager.messages, "console");
                     clearPromptMessage(workingMsg);
                 }
                 catch (e) {
@@ -73,7 +75,7 @@ export async function run() {
             // Run the command
             try {
                 ({ nextCommandAction, pauseSeconds, wakeOnMessage } =
-                    await commandHandler.consoleInput(prompt, input));
+                    await commandHandler.processCommand(prompt, consoleInput));
                 if (inputMode.current == InputMode.LLM) {
                     llmErrorCount = 0;
                 }
@@ -85,7 +87,7 @@ export async function run() {
             }
             // If the user is in debug mode and they didn't enter anything, switch to LLM
             // If in LLM mode, auto switch back to debug
-            if ((inputMode.current == InputMode.Debug && !input) ||
+            if ((inputMode.current == InputMode.Debug && !consoleInput) ||
                 inputMode.current == InputMode.LLM) {
                 inputMode.toggle();
             }
@@ -136,7 +138,7 @@ async function handleErrorAndSwitchToDebugMode(e, llmErrorCount, addToContext) {
         wakeOnMessage,
     };
 }
-async function displayNewMail() {
+async function checkNewMailNotification() {
     // Check for unread threads
     const unreadThreads = await llmail.getUnreadThreads();
     if (!unreadThreads.length) {
@@ -174,7 +176,7 @@ async function displayNewMail() {
             `Use llmail read <id>' to read the thread, but be mindful you are close to the token limit for the session.`, ContentSource.Console);
     }
 }
-async function displayContextWarning() {
+async function checkContextLimitWarning() {
     const tokenCount = contextManager.getTokenCount();
     const tokenMax = config.agent.tokenMax;
     if (tokenCount > tokenMax) {

package/dist/command/commandProtection.js

@@ -0,0 +1,49 @@
+import * as config from "../config.js";
+import { LlmRole } from "../llm/llmDtos.js";
+import * as llmService from "../llm/llmService.js";
+import { CommandProtection } from "../utils/enums.js";
+import * as output from "../utils/output.js";
+import * as promptBuilder from "./promptBuilder.js";
+export async function validateCommand(command) {
+    switch (config.agent.commandProtection) {
+        case CommandProtection.None:
+            return {
+                commandAllowed: true,
+            };
+        case CommandProtection.Manual: {
+            const confirmation = await promptBuilder.getCommandConfirmation();
+            const commandAllowed = confirmation.toLowerCase() === "y";
+            return {
+                commandAllowed,
+                rejectReason: commandAllowed ? undefined : "Command denied by admin",
+            };
+        }
+        case CommandProtection.Auto:
+            return await autoValidateCommand(command);
+        default:
+            throw "Write protection not configured correctly";
+    }
+}
+async function autoValidateCommand(command) {
+    output.comment("Checking if command is allowed...");
+    const systemMessage = `You are a command validator that checks if shell commands are ok to run.
+The user is 'junior admin' allowed to move around the system, anywhere, and read anything, list anything.
+They are not allowed to execute programs that could modify the system.
+Programs that just give information responses are ok.
+The user is allowed to write to their home directory in ${config.naisysFolder}/home/${config.agent.username}
+In addition to the commands you know are ok, these additional commands are whitelisted: 
+  llmail, llmynx, comment, endsession, and pause
+Reply with 'allow' to allow the command, otherwise you can give a reason for your rejection.`;
+    const response = await llmService.query(config.agent.shellModel, systemMessage, [
+        {
+            role: LlmRole.User,
+            content: command,
+        },
+    ], "write-protection");
+    const commandAllowed = response.toLocaleLowerCase().startsWith("allow");
+    return {
+        commandAllowed,
+        rejectReason: commandAllowed ? undefined : "Command Rejected: " + response,
+    };
+}
+//# sourceMappingURL=commandProtection.js.map

package/dist/command/promptBuilder.js

@@ -130,4 +130,11 @@ export function getInput(commandPrompt, pauseSeconds, wakeOnMessage) {
         }
     });
 }
+export function getCommandConfirmation() {
+    return new Promise((resolve) => {
+        _readlineInterface.question(chalk.greenBright("Allow command to run? [y/n] "), (answer) => {
+            resolve(answer);
+        });
+    });
+}
 //# sourceMappingURL=promptBuilder.js.map

package/dist/command/shellCommand.js

@@ -1,6 +1,8 @@
+import * as config from "../config.js";
 import * as contextManager from "../llm/contextManager.js";
 import * as inputMode from "../utils/inputMode.js";
 import { InputMode } from "../utils/inputMode.js";
+import * as utilities from "../utils/utilities.js";
 import * as shellWrapper from "./shellWrapper.js";
 export async function handleCommand(input) {
     const cmdParams = input.split(" ");
@@ -29,7 +31,19 @@ export async function handleCommand(input) {
     }
     const output = await shellWrapper.executeCommand(input);
     if (output.value) {
-        await contextManager.append(output.value);
+        let text = output.value;
+        let outputLimitExceeded = false;
+        const tokenCount = utilities.getTokenCount(text);
+        // Prevent too much output from blowing up the context
+        if (tokenCount > config.shellOutputTokenMax) {
+            outputLimitExceeded = true;
+            const trimLength = (text.length * config.shellOutputTokenMax) / tokenCount;
+            text = text.slice(0, trimLength);
+        }
+        await contextManager.append(text);
+        if (outputLimitExceeded) {
+            await contextManager.append(`\nThe shell command generated too much output (${tokenCount} tokens). Only 2,000 tokens worth are shown above.`);
+        }
     }
     response.hasErrors = output.hasErrors;
     return response;

package/dist/command/shellWrapper.js

@@ -39,12 +39,12 @@ async function ensureOpen() {
     // Init users home dir on first run, on shell crash/rerun go back to the current path
     if (!_currentPath) {
         output.comment("NEW SHELL OPENED. PID: " + _process.pid);
-        commentIfNotEmpty(await executeCommand(`mkdir -p ${config.naisysFolder}/home/` + config.agent.username));
-        commentIfNotEmpty(await executeCommand(`cd ${config.naisysFolder}/home/` + config.agent.username));
+        errorIfNotEmpty(await executeCommand(`mkdir -p ${config.naisysFolder}/home/` + config.agent.username));
+        errorIfNotEmpty(await executeCommand(`cd ${config.naisysFolder}/home/` + config.agent.username));
     }
     else {
         output.comment("SHELL RESTORED. PID: " + _process.pid);
-        commentIfNotEmpty(await executeCommand("cd " + _currentPath));
+        errorIfNotEmpty(await executeCommand("cd " + _currentPath));
     }
     // Stop running commands if one fails
     // Often the LLM will give us back all kinds of invalid commands, we want to break on the first one
@@ -52,9 +52,9 @@ async function ensureOpen() {
     //commentIfNotEmpty(await executeCommand("set -e"));
 }
 /** Basically don't show anything in the console unless there is an error */
-function commentIfNotEmpty(response) {
+function errorIfNotEmpty(response) {
     if (response.value) {
-        output.comment(response.value);
+        output.error(response.value);
     }
 }
 export function processOutput(dataStr, eventType) {
@@ -128,19 +128,22 @@ export async function executeCommand(command) {
         const commandWithDelimiter = `${command.trim()}\necho "${_commandDelimiter} LINE:\${LINENO}"\n`;
         //_log += "INPUT: " + commandWithDelimiter;
         _process === null || _process === void 0 ? void 0 : _process.stdin.write(commandWithDelimiter);
-        // If no response after 5 seconds, kill and reset the shell, often hanging on some unescaped input
-        const timeoutSeconds = 5;
-        _currentCommandTimeout = setTimeout(() => {
-            if (_resolveCurrentCommand) {
-                _process === null || _process === void 0 ? void 0 : _process.kill();
-                output.error("SHELL TIMEMOUT/KILLED. PID: " + (_process === null || _process === void 0 ? void 0 : _process.pid));
-                resetProcess();
-                _resolveCurrentCommand({
-                    value: `Error: Command timed out after ${timeoutSeconds} seconds.`,
-                    hasErrors: true,
-                });
-            }
-        }, timeoutSeconds * 1000);
+        // If no response, kill and reset the shell, often hanging on some unescaped input
+        _currentCommandTimeout = setTimeout(resetShell, config.shellCommmandTimeoutSeconds * 1000);
+    });
+}
+function resetShell() {
+    if (!_resolveCurrentCommand) {
+        return;
+    }
+    _process === null || _process === void 0 ? void 0 : _process.kill();
+    output.error("SHELL TIMEMOUT/KILLED. PID: " + (_process === null || _process === void 0 ? void 0 : _process.pid));
+    const outputWithError = _commandOutput.trim() +
+        `\nError: Command timed out after ${config.shellCommmandTimeoutSeconds} seconds.`;
+    resetProcess();
+    _resolveCurrentCommand({
+        value: outputWithError,
+        hasErrors: true,
     });
 }
 export async function getCurrentPath() {

package/dist/config.js

@@ -2,11 +2,14 @@ import { program } from "commander";
 import dotenv from "dotenv";
 import * as fs from "fs";
 import yaml from "js-yaml";
+import { CommandProtection } from "./utils/enums.js";
 import { valueFromString } from "./utils/utilities.js";
 program.argument("<agent-path>", "Path to agent configuration file").parse();
 dotenv.config();
 /** The system name that shows after the @ in the command prompt */
 export const hostname = "naisys";
+export const shellOutputTokenMax = 2500;
+export const shellCommmandTimeoutSeconds = 10;
 /* .env is used for global configs across naisys, while agent configs are for the specific agent */
 export const naisysFolder = getEnv("NAISYS_FOLDER", true);
 export const websiteFolder = getEnv("WEBSITE_FOLDER");
@@ -16,13 +19,6 @@ export const openaiApiKey = getEnv("OPENAI_API_KEY");
 export const googleApiKey = getEnv("GOOGLE_API_KEY");
 export const anthropicApiKey = getEnv("ANTHROPIC_API_KEY");
 export const agent = loadAgentConfig();
-function getEnv(key, required) {
-    const value = process.env[key];
-    if (!value && required) {
-        throw `Config: Error, .env ${key} is not defined`;
-    }
-    return value;
-}
 function loadAgentConfig() {
     const agentPath = program.args[0];
     const checkAgentConfig = yaml.load(fs.readFileSync(agentPath, "utf8"));
@@ -30,17 +26,23 @@ function loadAgentConfig() {
     for (const key of [
         "username",
         "title",
-        "consoleModel",
+        "shellModel",
         "webModel",
         "agentPrompt",
         "spendLimitDollars",
         "tokenMax",
-        // debugPauseSeconds and wakeOnMessage can be undefined
+        // other properties can be undefined
     ]) {
         if (!valueFromString(checkAgentConfig, key)) {
             throw `Agent config: Error, ${key} is not defined`;
         }
     }
+    if (!checkAgentConfig.commandProtection) {
+        checkAgentConfig.commandProtection = CommandProtection.None;
+    }
+    if (!Object.values(CommandProtection).includes(checkAgentConfig.commandProtection)) {
+        throw `Agent config: Error, 'commandProtection' is not a valid value`;
+    }
     return checkAgentConfig;
 }
 export const packageVersion = await getVersion();
@@ -58,4 +60,11 @@ async function getVersion() {
         return "0.1";
     }
 }
+function getEnv(key, required) {
+    const value = process.env[key];
+    if (!value && required) {
+        throw `Config: Error, .env ${key} is not defined`;
+    }
+    return value;
+}
 //# sourceMappingURL=config.js.map

package/dist/utils/enums.js

@@ -0,0 +1,9 @@
+/* To separate enums from services which is useful for mocking where the enum
+is used across the code base, but the service it originates from is mocked. */
+export var CommandProtection;
+(function (CommandProtection) {
+    CommandProtection["None"] = "none";
+    CommandProtection["Manual"] = "manual";
+    CommandProtection["Auto"] = "auto";
+})(CommandProtection || (CommandProtection = {}));
+//# sourceMappingURL=enums.js.map

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "naisys",
   "description": "Node.js Autonomous Intelligence System",
-  "version": "1.0.3",
+  "version": "1.1.0",
   "type": "module",
   "main": "dist/naisys.js",
   "preferGlobal": true,
@@ -9,9 +9,9 @@
     "naisys": "naisys.sh"
   },
   "scripts": {
-    "compile/run/attachable": "tsc && node --inspect dist/naisys.js ./agents/example.yaml",
-    "run agent:dev": "node dist/naisys.js ./agents/eva-site-2-team/dev.yaml",
-    "run agent:admin": "node dist/naisys.js ./agents/eva-site-2-team/admin.yaml",
+    "compile/run/attachable": "tsc && node --inspect dist/naisys.js ./agents/webdev-fansite.yaml",
+    "run agent:dev": "node dist/naisys.js ./agents/2-team/dev.yaml",
+    "run agent:admin": "node dist/naisys.js ./agents/2-team/admin.yaml",
     "clean": "rm -rf dist",
     "clean:win": "wsl rm -rf dist",
     "compile": "tsc",
@@ -21,7 +21,8 @@
     "dependency-graph": "madge --image dependency-graph.png dist",
     "detect-cycles": "madge --circular dist",
     "updates:check": "npm-check-updates",
-    "updates:apply": "npm-check-updates -u && npm update"
+    "updates:apply": "npm-check-updates -u && npm update",
+    "npm:publish:dryrun": "npm run clean && npm run compile && npm publish --dry-run"
   },
   "repository": {
     "type": "git",
@@ -37,6 +38,7 @@
   ],
   "author": "John Marshall",
   "license": "MIT",
+  "homepage": "https://naisys.org",
   "devDependencies": {
     "@types/escape-html": "1.0.4",
     "@types/js-yaml": "4.0.9",