neoagent 2.1.18-beta.10 → 2.1.18-beta.11

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "neoagent",
-  "version": "2.1.18-beta.10",
+  "version": "2.1.18-beta.11",
   "description": "Proactive personal AI agent with no limits",
   "license": "MIT",
   "main": "server/index.js",

package/server/public/flutter_bootstrap.js

@@ -37,6 +37,6 @@ _flutter.buildConfig = {"engineRevision":"425cfb54d01a9472b3e81d9e76fd63a4a44cfb
 
 _flutter.loader.load({
   serviceWorkerSettings: {
-    serviceWorkerVersion: "4008655561" /* Flutter's service worker is deprecated and will be removed in a future Flutter release. */
+    serviceWorkerVersion: "126115739" /* Flutter's service worker is deprecated and will be removed in a future Flutter release. */
   }
 });

package/server/services/ai/engine.js

@@ -258,7 +258,7 @@ function parseMaybeJson(value, fallback = null) {
   }
 }
 
-function classifyToolExecution(toolName, result, errorMessage = '') {
+function classifyToolExecution(toolName, toolArgs = {}, result, errorMessage = '') {
   const name = String(toolName || '');
   const evidenceRelevantPrefixes = ['browser_', 'android_'];
   const evidenceRelevantExact = new Set([
@@ -339,7 +339,7 @@ function classifyToolExecution(toolName, result, errorMessage = '') {
     evidenceRelevant,
     stateChanged,
     dependsOnOutput: true,
-    summary: compactToolResult(name, {}, result || { error: errorMessage || 'Tool failed' }, {
+    summary: compactToolResult(name, toolArgs, result || { error: errorMessage || 'Tool failed' }, {
       softLimit: 500,
       hardLimit: 900,
     }),
@@ -1396,7 +1396,7 @@ class AgentEngine {
             );
           }
 
-          toolExecutions.push(classifyToolExecution(toolName, toolResult, toolErrorMessage));
+          toolExecutions.push(classifyToolExecution(toolName, toolArgs, toolResult, toolErrorMessage));
           this.persistRunMetadata(runId, {
             evidenceSources: [...new Set(toolExecutions.map((item) => item.evidenceSource).filter(Boolean))],
             subagentState: this.listSubagents(runId),
@@ -1427,6 +1427,20 @@ class AgentEngine {
             });
           }
 
+          if (
+            toolName === 'execute_command'
+            && !toolErrorMessage
+            && !toolResult?.timedOut
+            && !toolResult?.killed
+            && toolResult?.exitCode !== undefined
+            && toolResult.exitCode !== 0
+          ) {
+            messages.push({
+              role: 'system',
+              content: 'The previous shell command exited non-zero. Treat its output as partial evidence only. If it chained multiple shell segments, later segments may not have run. Do not summarize missing sections as observed facts; rerun or verify them separately first.'
+            });
+          }
+
           if (conversationId) {
             db.prepare('INSERT INTO conversation_messages (conversation_id, role, content, tool_call_id, name) VALUES (?, ?, ?, ?, ?)')
               .run(conversationId, 'tool', toolMessage.content, toolCall.id, toolName);

package/server/services/ai/systemPrompt.js

@@ -89,8 +89,12 @@ When the system context gives app-level official integration status, trust it ov
 
 SHELL COMMANDS
 When you use execute_command, treat timed out or killed commands as unfinished work, not success. For installs, updates, restarts, config changes, or other state-changing shell actions, verify the outcome with a follow-up command before telling the user it is done.
+When execute_command exits non-zero, treat the output as partial evidence only. If the command chained multiple shell segments, later segments may not have run at all, so do not summarize them as observed facts unless you verified them separately.
 If you restart or stop the NeoAgent service, this run ends immediately. Warn the user before doing it and say you cannot continue the current run after the restart.
 
+MESSAGING CLAIMS
+Do not claim a messaging platform is blocked, disconnected, receive-only, or unable to send unless a messaging tool or capability check in this run actually showed that failure. If send_message succeeded, do not describe outbound delivery as blocked.
+
 SKILLS
 Create or improve a skill only when it is clearly reusable, polished, and likely to matter again. Most completed tasks should not become skills.
 

package/server/services/ai/taskAnalysis.js

@@ -286,6 +286,9 @@ function buildVerifierPrompt({ analysis, toolExecutionSummary, evidenceSources,
     'Return JSON only. No markdown, no prose, no code fences.',
     'Verify whether the draft final reply is adequately supported by the gathered evidence.',
     'If the evidence is insufficient, revise the reply so it states the uncertainty clearly instead of guessing.',
+    'Cross-check every concrete claim against tool status and output. Remove or rewrite claims that are contradicted by the evidence.',
+    'A non-zero execute_command exit code means partial or failed shell evidence. Do not treat later sections of a chained shell command as observed unless they were verified separately.',
+    'A successful send_message or make_call means outbound delivery succeeded in this run unless a later messaging tool failed.',
     `Freshness risk: ${analysis.freshness_risk}`,
     `Verification need: ${analysis.verification_need}`,
     evidenceSources?.length ? `Evidence sources used: ${evidenceSources.join(', ')}` : 'Evidence sources used: none',

package/server/services/ai/toolResult.js

@@ -47,14 +47,22 @@ function compactToolResult(toolName, toolArgs = {}, toolResult, options = {}) {
       envelope = trimObject({
         tool: toolName,
         status: toolResult?.timedOut ? 'timed_out' : (toolResult?.exitCode === 0 ? 'ok' : 'error'),
+        command: clampText(toolArgs.command || '', Math.floor(softLimit * 0.28)),
         exitCode: toolResult?.exitCode,
         cwd: toolResult?.cwd || toolArgs.cwd,
         killed: toolResult?.killed || false,
         timedOut: toolResult?.timedOut || false,
         signal: toolResult?.signal,
         durationMs: toolResult?.durationMs,
+        note: toolResult?.timedOut
+          ? 'Command timed out. Treat the output as partial.'
+          : toolResult?.killed
+            ? 'Command was killed. Treat the output as partial.'
+            : (toolResult?.exitCode !== undefined && toolResult?.exitCode !== 0)
+              ? 'Command exited non-zero. Output may be partial; later segments of a chained shell command may not have run.'
+              : '',
         stdout: lineExcerpt(toolResult?.stdout, 12, Math.floor(softLimit * 0.45)),
-        stderr: lineExcerpt(toolResult?.stderr, 8, Math.floor(softLimit * 0.25))
+        stderr: lineExcerpt(toolResult?.stderr, 10, Math.floor(softLimit * 0.35))
       });
       break;
 
@@ -156,6 +164,27 @@ function compactToolResult(toolName, toolArgs = {}, toolResult, options = {}) {
 
     case 'send_message':
     case 'make_call':
+      envelope = trimObject({
+        tool: toolName,
+        status: toolResult?.skipped
+          ? 'skipped'
+          : (toolResult?.success === false || toolResult?.error ? 'error' : 'ok'),
+        platform: toolArgs.platform,
+        to: toolArgs.to,
+        success: typeof toolResult?.success === 'boolean' ? toolResult.success : undefined,
+        skipped: toolResult?.skipped === true ? true : undefined,
+        sent: typeof toolResult?.sent === 'boolean' ? toolResult.sent : undefined,
+        suppressed: toolResult?.suppressed === true ? true : undefined,
+        message: clampText(toolResult?.message || toolResult?.reason || toolResult?.error || '', Math.floor(softLimit * 0.45)),
+        result: clampText(JSON.stringify(trimObject({
+          id: toolResult?.id,
+          key: toolResult?.key,
+          deleted: toolResult?.deleted,
+          count: Array.isArray(toolResult?.results) ? toolResult.results.length : undefined
+        })), Math.floor(softLimit * 0.3))
+      });
+      break;
+
     case 'memory_save':
     case 'memory_recall':
     case 'memory_update_core':

package/server/services/integrations/figma/provider.js

@@ -13,7 +13,109 @@ const FIGMA_APPS = [
     id: 'figma',
     label: 'Figma',
     description: 'Connect a Figma account for future official design and file tools.',
-    scopes: ['current_user:read'],
+    scopes: [
+      'current_user:read',
+      'file_content:read',
+      'file_metadata:read',
+      'file_comments:read',
+      'file_comments:write',
+      'library_content:read',
+      'library_assets:read',
+      'file_dev_resources:read',
+      'file_dev_resources:write',
+    ],
+  },
+];
+
+const figmaToolDefinitions = [
+  {
+    appId: 'figma',
+    name: 'figma_get_me',
+    description: 'Get the current Figma user.',
+    parameters: { type: 'object', properties: {} },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_get_file',
+    description: 'Read a Figma file JSON document.',
+    parameters: {
+      type: 'object',
+      properties: {
+        file_key: { type: 'string', description: 'Figma file key.' },
+        ids: { type: 'string', description: 'Optional comma-separated node IDs.' },
+        depth: { type: 'number', description: 'Optional traversal depth.' },
+      },
+      required: ['file_key'],
+    },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_get_file_nodes',
+    description: 'Read specific nodes from a Figma file.',
+    parameters: {
+      type: 'object',
+      properties: {
+        file_key: { type: 'string', description: 'Figma file key.' },
+        ids: { type: 'string', description: 'Comma-separated node IDs.' },
+      },
+      required: ['file_key', 'ids'],
+    },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_get_file_images',
+    description: 'Render Figma nodes to image URLs.',
+    parameters: {
+      type: 'object',
+      properties: {
+        file_key: { type: 'string', description: 'Figma file key.' },
+        ids: { type: 'string', description: 'Comma-separated node IDs.' },
+        format: { type: 'string', description: 'jpg, png, svg, or pdf. Default png.' },
+        scale: { type: 'number', description: 'Optional image scale.' },
+      },
+      required: ['file_key', 'ids'],
+    },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_get_comments',
+    description: 'List comments on a Figma file.',
+    parameters: {
+      type: 'object',
+      properties: {
+        file_key: { type: 'string', description: 'Figma file key.' },
+      },
+      required: ['file_key'],
+    },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_post_comment',
+    description: 'Post a Figma file comment.',
+    parameters: {
+      type: 'object',
+      properties: {
+        file_key: { type: 'string', description: 'Figma file key.' },
+        message: { type: 'string', description: 'Comment message.' },
+        client_meta: { type: 'object', description: 'Optional Figma comment position metadata.' },
+      },
+      required: ['file_key', 'message'],
+    },
+  },
+  {
+    appId: 'figma',
+    name: 'figma_api_request',
+    description: 'Make an authenticated Figma REST API request for advanced file, comment, library, variable, webhook, and dev resource operations.',
+    parameters: {
+      type: 'object',
+      properties: {
+        method: { type: 'string', description: 'HTTP method: GET, POST, PUT, PATCH, or DELETE.' },
+        path: { type: 'string', description: 'Figma API path, e.g. /v1/files/{key}.' },
+        query: { type: 'object', description: 'Optional query parameters.' },
+        body: { type: 'object', description: 'Optional JSON body.' },
+      },
+      required: ['method', 'path'],
+    },
   },
 ];
 
@@ -28,6 +130,102 @@ function normalizeFigmaUser(profile) {
   };
 }
 
+function requireText(value, label) {
+  const text = String(value || '').trim();
+  if (!text) throw new Error(`${label} is required.`);
+  return text;
+}
+
+function figmaUrl(path, query) {
+  const url = new URL(
+    String(path || '').startsWith('http')
+      ? String(path)
+      : `https://api.figma.com${String(path || '').startsWith('/') ? '' : '/'}${path}`,
+  );
+  if (url.hostname !== 'api.figma.com') {
+    throw new Error('Figma API request URL must target api.figma.com.');
+  }
+  for (const [key, value] of Object.entries(query || {})) {
+    if (value !== undefined && value !== null) url.searchParams.set(key, String(value));
+  }
+  return url.toString();
+}
+
+async function figmaRequest(credentials, { method = 'GET', path, query, body }) {
+  return fetchJson(
+    figmaUrl(path, query),
+    {
+      method: String(method || 'GET').toUpperCase(),
+      headers: { Authorization: `Bearer ${credentials.access_token}` },
+      ...(body === undefined ? {} : { json: body }),
+    },
+    { serviceName: 'Figma' },
+  );
+}
+
+async function executeFigmaTool(toolName, args, { credentials }) {
+  switch (toolName) {
+    case 'figma_get_me':
+      return { result: await figmaRequest(credentials, { path: '/v1/me' }) };
+    case 'figma_get_file':
+      return {
+        result: await figmaRequest(credentials, {
+          path: `/v1/files/${encodeURIComponent(requireText(args.file_key, 'file_key'))}`,
+          query: {
+            ids: args.ids || undefined,
+            depth: args.depth || undefined,
+          },
+        }),
+      };
+    case 'figma_get_file_nodes':
+      return {
+        result: await figmaRequest(credentials, {
+          path: `/v1/files/${encodeURIComponent(requireText(args.file_key, 'file_key'))}/nodes`,
+          query: { ids: requireText(args.ids, 'ids') },
+        }),
+      };
+    case 'figma_get_file_images':
+      return {
+        result: await figmaRequest(credentials, {
+          path: `/v1/images/${encodeURIComponent(requireText(args.file_key, 'file_key'))}`,
+          query: {
+            ids: requireText(args.ids, 'ids'),
+            format: String(args.format || 'png'),
+            scale: args.scale || undefined,
+          },
+        }),
+      };
+    case 'figma_get_comments':
+      return {
+        result: await figmaRequest(credentials, {
+          path: `/v1/files/${encodeURIComponent(requireText(args.file_key, 'file_key'))}/comments`,
+        }),
+      };
+    case 'figma_post_comment':
+      return {
+        result: await figmaRequest(credentials, {
+          method: 'POST',
+          path: `/v1/files/${encodeURIComponent(requireText(args.file_key, 'file_key'))}/comments`,
+          body: {
+            message: requireText(args.message, 'message'),
+            client_meta: args.client_meta || undefined,
+          },
+        }),
+      };
+    case 'figma_api_request':
+      return {
+        result: await figmaRequest(credentials, {
+          method: args.method,
+          path: requireText(args.path, 'path'),
+          query: args.query,
+          body: args.body,
+        }),
+      };
+    default:
+      return null;
+  }
+}
+
 function createFigmaProvider() {
   return createOAuthProvider({
     key: 'figma',
@@ -36,6 +234,7 @@ function createFigmaProvider() {
       'Official Figma OAuth account connections for future design file and collaboration workflows.',
     icon: 'figma',
     apps: FIGMA_APPS,
+    toolDefinitions: figmaToolDefinitions,
     connectPrompt:
       'This enables the official Figma account layer now. Native Figma tools are not shipped yet in this run.',
     getEnvStatus() {
@@ -58,13 +257,17 @@ function createFigmaProvider() {
     },
     async finishOAuth({ code, app }) {
       const config = resolveFigmaOAuthConfig();
+      const basic = Buffer.from(`${config.clientId}:${config.clientSecret}`).toString(
+        'base64',
+      );
       const token = await fetchJson(
         'https://api.figma.com/v1/oauth/token',
         {
           method: 'POST',
+          headers: {
+            Authorization: `Basic ${basic}`,
+          },
           form: {
-            client_id: config.clientId,
-            client_secret: config.clientSecret,
             redirect_uri: config.redirectUri,
             code,
             grant_type: 'authorization_code',
@@ -109,6 +312,7 @@ function createFigmaProvider() {
         },
       };
     },
+    executeTool: executeFigmaTool,
   });
 }
 

package/server/services/integrations/google/calendar.js

@@ -1,7 +1,7 @@
 'use strict';
 
 const { google } = require('googleapis');
-const { coerceStringList } = require('./common');
+const { coerceStringList, executeGoogleApiRequest } = require('./common');
 
 const calendarToolDefinitions = [
   {
@@ -117,6 +117,25 @@ const calendarToolDefinitions = [
       required: ['time_min', 'time_max'],
     },
   },
+  {
+    name: 'google_workspace_calendar_api_request',
+    description:
+      'Make an authenticated Google Calendar API request for advanced calendar operations not covered by the dedicated tools.',
+    parameters: {
+      type: 'object',
+      properties: {
+        method: { type: 'string', description: 'HTTP method: GET, POST, PUT, PATCH, or DELETE.' },
+        path: {
+          type: 'string',
+          description:
+            'Calendar API path or URL, e.g. /calendar/v3/users/me/calendarList.',
+        },
+        query: { type: 'object', description: 'Optional query parameters.' },
+        body: { type: 'object', description: 'Optional JSON request body.' },
+      },
+      required: ['method', 'path'],
+    },
+  },
 ];
 
 function summarizeEvent(event) {
@@ -241,6 +260,12 @@ async function executeCalendarTool(toolName, args, auth) {
       return { calendars: response.data.calendars || {} };
     }
 
+    case 'google_workspace_calendar_api_request': {
+      return executeGoogleApiRequest(auth, args, {
+        baseUrl: 'https://www.googleapis.com',
+      });
+    }
+
     default:
       return null;
   }

package/server/services/integrations/google/common.js

@@ -96,9 +96,48 @@ function summarizeFile(file) {
   };
 }
 
+function requireGoogleApiUrl(pathOrUrl, defaultBaseUrl) {
+  const raw = String(pathOrUrl || '').trim();
+  if (!raw) throw new Error('path is required.');
+  const base = String(defaultBaseUrl || 'https://www.googleapis.com').replace(/\/$/, '');
+  const url = raw.startsWith('http://') || raw.startsWith('https://')
+    ? new URL(raw)
+    : new URL(raw.startsWith('/') ? raw : `/${raw}`, base);
+  if (!url.hostname.endsWith('googleapis.com')) {
+    throw new Error('Google API request URL must target a googleapis.com host.');
+  }
+  return url.toString();
+}
+
+async function executeGoogleApiRequest(auth, args, options = {}) {
+  const method = String(args.method || 'GET').trim().toUpperCase();
+  const allowedMethods = new Set(['GET', 'POST', 'PUT', 'PATCH', 'DELETE']);
+  if (!allowedMethods.has(method)) {
+    throw new Error('method must be one of GET, POST, PUT, PATCH, DELETE.');
+  }
+
+  const response = await auth.request({
+    url: requireGoogleApiUrl(args.path || args.url, options.baseUrl),
+    method,
+    params: args.query && typeof args.query === 'object' ? args.query : undefined,
+    data: args.body === undefined ? undefined : args.body,
+    headers: args.headers && typeof args.headers === 'object' ? args.headers : undefined,
+    responseType: args.response_type === 'arraybuffer' ? 'arraybuffer' : undefined,
+  });
+
+  return {
+    status: response.status,
+    statusText: response.statusText,
+    data: Buffer.isBuffer(response.data)
+      ? response.data.toString('base64')
+      : response.data,
+  };
+}
+
 module.exports = {
   coerceStringList,
   ensureParentDir,
+  executeGoogleApiRequest,
   extractMessageBody,
   getHeader,
   stringToBase64Url,

package/server/services/integrations/google/docs.js

@@ -1,6 +1,7 @@
 'use strict';
 
 const { google } = require('googleapis');
+const { executeGoogleApiRequest } = require('./common');
 
 const docsToolDefinitions = [
   {
@@ -51,6 +52,25 @@ const docsToolDefinitions = [
       required: ['document_id', 'search_text', 'replace_text'],
     },
   },
+  {
+    name: 'google_workspace_docs_api_request',
+    description:
+      'Make an authenticated Google Docs API request for advanced document batchUpdate operations not covered by the dedicated tools.',
+    parameters: {
+      type: 'object',
+      properties: {
+        method: { type: 'string', description: 'HTTP method: GET, POST, PUT, PATCH, or DELETE.' },
+        path: {
+          type: 'string',
+          description:
+            'Docs API path or URL, e.g. /v1/documents/{documentId}:batchUpdate.',
+        },
+        query: { type: 'object', description: 'Optional query parameters.' },
+        body: { type: 'object', description: 'Optional JSON request body.' },
+      },
+      required: ['method', 'path'],
+    },
+  },
 ];
 
 function documentToText(document) {
@@ -176,6 +196,12 @@ async function executeDocsTool(toolName, args, auth) {
       };
     }
 
+    case 'google_workspace_docs_api_request': {
+      return executeGoogleApiRequest(auth, args, {
+        baseUrl: 'https://docs.googleapis.com',
+      });
+    }
+
     default:
       return null;
   }

package/server/services/integrations/google/drive.js

@@ -3,7 +3,12 @@
 const fs = require('fs');
 const path = require('path');
 const { google } = require('googleapis');
-const { coerceStringList, ensureParentDir, summarizeFile } = require('./common');
+const {
+  coerceStringList,
+  ensureParentDir,
+  executeGoogleApiRequest,
+  summarizeFile,
+} = require('./common');
 
 const driveToolDefinitions = [
   {
@@ -101,6 +106,25 @@ const driveToolDefinitions = [
       required: ['file_id'],
     },
   },
+  {
+    name: 'google_workspace_drive_api_request',
+    description:
+      'Make an authenticated Google Drive API request for advanced file, folder, permission, comment, revision, and shared drive operations.',
+    parameters: {
+      type: 'object',
+      properties: {
+        method: { type: 'string', description: 'HTTP method: GET, POST, PUT, PATCH, or DELETE.' },
+        path: {
+          type: 'string',
+          description:
+            'Drive API path or URL, e.g. /drive/v3/files or /drive/v3/files/{fileId}/comments.',
+        },
+        query: { type: 'object', description: 'Optional query parameters.' },
+        body: { type: 'object', description: 'Optional JSON request body.' },
+      },
+      required: ['method', 'path'],
+    },
+  },
 ];
 
 async function validateExistingReadableFilePath(filePath) {
@@ -235,6 +259,12 @@ async function executeDriveTool(toolName, args, auth) {
       return summarizeFile(fileResponse.data);
     }
 
+    case 'google_workspace_drive_api_request': {
+      return executeGoogleApiRequest(auth, args, {
+        baseUrl: 'https://www.googleapis.com',
+      });
+    }
+
     default:
       return null;
   }

package/server/services/integrations/google/gmail.js

@@ -3,6 +3,7 @@
 const { google } = require('googleapis');
 const {
   coerceStringList,
+  executeGoogleApiRequest,
   extractMessageBody,
   getHeader,
   stringToBase64Url,
@@ -113,6 +114,25 @@ const gmailToolDefinitions = [
       required: ['thread_id'],
     },
   },
+  {
+    name: 'google_workspace_gmail_api_request',
+    description:
+      'Make an authenticated Gmail API request for advanced Gmail operations not covered by the dedicated Gmail tools.',
+    parameters: {
+      type: 'object',
+      properties: {
+        method: { type: 'string', description: 'HTTP method: GET, POST, PUT, PATCH, or DELETE.' },
+        path: {
+          type: 'string',
+          description:
+            'Gmail API path or URL, e.g. /gmail/v1/users/me/settings/sendAs.',
+        },
+        query: { type: 'object', description: 'Optional query parameters.' },
+        body: { type: 'object', description: 'Optional JSON request body.' },
+      },
+      required: ['method', 'path'],
+    },
+  },
 ];
 
 function summarizeMessage(message) {
@@ -294,6 +314,12 @@ async function executeGmailTool(toolName, args, auth) {
       };
     }
 
+    case 'google_workspace_gmail_api_request': {
+      return executeGoogleApiRequest(auth, args, {
+        baseUrl: 'https://gmail.googleapis.com',
+      });
+    }
+
     default:
       return null;
   }

package/server/services/integrations/google/provider.js

@@ -21,7 +21,7 @@ const GOOGLE_WORKSPACE_APPS = [
     id: 'gmail',
     label: 'Gmail',
     description: 'Search threads, read messages, send mail, and manage labels.',
-    scopes: ['https://www.googleapis.com/auth/gmail.modify'],
+    scopes: ['https://mail.google.com/'],
     toolDefinitions: gmailToolDefinitions,
     executor: executeGmailTool,
   },