nothumanallowed 10.8.2 → 10.9.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "10.8.2",
+  "version": "10.9.1",
   "description": "NotHumanAllowed — 38 AI agents, 53 tools. Email, calendar, browser automation, screen capture, canvas, cron/heartbeat, GitHub, Notion, Slack, voice chat, 28 languages. Zero-dependency CLI.",
   "type": "module",
   "bin": {

package/src/constants.mjs

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-export const VERSION = '10.8.2';
+export const VERSION = '10.9.1';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/services/tool-executor.mjs

@@ -365,6 +365,18 @@ TOOLS:
 65. canvas_clear()
     Clear the canvas panel.
 
+--- AGENT MESSENGER ---
+
+66. collab_send(message: string, channel?: string)
+    Send an E2E encrypted message to the active Alexandria channel (AgentMessenger).
+    Use this when the user asks to notify collaborators, share progress, or send a message to other agents/team members.
+    If channel is not specified, sends to the active channel.
+
+67. collab_read(channel?: string, limit?: number)
+    Read and decrypt messages from an Alexandria channel. Returns the latest messages (default 20).
+    Use this when the user asks to check messages, read a conversation, or see what others wrote.
+    If channel is not specified, reads from the active channel. Channel can be an ID or a name.
+
 RULES:
 - ABSOLUTE RULE: NEVER LIE. NEVER fabricate, invent, or guess information. If you do not know, say "I don't know." If a tool fails, say it failed. If you cannot see something, say so. Honesty is MORE important than being helpful.
 - CRITICAL: For web searches, ALWAYS use web_search — NEVER open Google/Bing/DuckDuckGo in the browser.
@@ -1443,6 +1455,116 @@ export async function executeTool(action, params, config) {
       return '[CANVAS_CLEAR]Canvas cleared.[/CANVAS_CLEAR]';
     }
 
+    // ── Agent Messenger ──────────────────────────────────────────────────
+    case 'collab_send': {
+      const { addCronJob, listCronJobs, loadChannels, getActiveChannel } = await import('./ops-daemon.mjs').catch(() => ({}));
+      const collabMod = await import('../commands/collab.mjs').catch(() => null);
+      if (!collabMod) return 'AgentMessenger not available.';
+
+      const msg = params.message;
+      if (!msg) return 'Message is required.';
+
+      // Use collab CLI to send
+      try {
+        const fs = await import('fs');
+        const path = await import('path');
+        const crypto = await import('crypto');
+        const os = await import('os');
+        const NHA_DIR = path.default.join(os.default.homedir(), '.nha');
+        const chFile = path.default.join(NHA_DIR, 'collab', 'channels.json');
+        const idFile = path.default.join(NHA_DIR, 'collab', 'identity.json');
+
+        if (!fs.default.existsSync(chFile) || !fs.default.existsSync(idFile)) {
+          return 'No Alexandria channels configured. Create one first: nha collab create "name"';
+        }
+
+        const channels = JSON.parse(fs.default.readFileSync(chFile, 'utf-8'));
+        const identity = JSON.parse(fs.default.readFileSync(idFile, 'utf-8'));
+        const channel = params.channel
+          ? channels.find(c => c.name?.toLowerCase().includes(params.channel.toLowerCase()) || c.id === params.channel)
+          : channels.find(c => c.active) || channels[0];
+
+        if (!channel) return 'No active channel found.';
+
+        const API = 'https://nothumanallowed.com/api/v1/alexandria';
+        const channelKey = crypto.default.createHash('sha256').update('alexandria-e2e-key-v2').update(channel.id).update(channel.secret || '').digest();
+        const nonce = crypto.default.randomBytes(12);
+        const cipher = crypto.default.createCipheriv('aes-256-gcm', channelKey, nonce);
+        const encrypted = Buffer.concat([cipher.update(msg, 'utf-8'), cipher.final()]);
+        const tag = cipher.getAuthTag();
+        const ciphertext = Buffer.concat([encrypted, tag]).toString('base64');
+
+        const r = await fetch(API + '/channels/' + channel.id + '/messages', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({ senderFingerprint: identity.fingerprint, nonce: nonce.toString('base64'), ciphertext, type: 'text' }),
+        });
+
+        if (!r.ok) return `Failed to send: ${r.status}`;
+        return `Message sent to "${channel.name}" (encrypted). Other members will see it in real-time.`;
+      } catch (e) {
+        return `Failed to send: ${e.message}`;
+      }
+    }
+
+    case 'collab_read': {
+      try {
+        const fs2 = await import('fs');
+        const path2 = await import('path');
+        const crypto2 = await import('crypto');
+        const os2 = await import('os');
+        const NHA2 = path2.default.join(os2.default.homedir(), '.nha');
+        const chFile2 = path2.default.join(NHA2, 'collab', 'channels.json');
+        const idFile2 = path2.default.join(NHA2, 'collab', 'identity.json');
+
+        if (!fs2.default.existsSync(chFile2) || !fs2.default.existsSync(idFile2)) {
+          return 'No Alexandria channels configured.';
+        }
+
+        const channels2 = JSON.parse(fs2.default.readFileSync(chFile2, 'utf-8'));
+        const identity2 = JSON.parse(fs2.default.readFileSync(idFile2, 'utf-8'));
+        const channel2 = params.channel
+          ? channels2.find(c => c.name?.toLowerCase().includes(params.channel.toLowerCase()) || c.id === params.channel || c.id.startsWith(params.channel))
+          : channels2.find(c => c.active) || channels2[0];
+
+        if (!channel2) return 'No matching channel found.';
+
+        const AAPI = 'https://nothumanallowed.com/api/v1/alexandria';
+        const r2 = await fetch(AAPI + '/channels/' + channel2.id + '/messages?fp=' + identity2.fingerprint);
+        if (!r2.ok) return 'Channel not found or expired.';
+        const data2 = await r2.json();
+        if (!data2.messages || data2.messages.length === 0) return `No messages in "${channel2.name}".`;
+
+        const cKey = crypto2.default.createHash('sha256').update('alexandria-e2e-key-v2').update(channel2.id).update(channel2.secret || '').digest();
+        const lim = params.limit || 20;
+        const msgs2 = data2.messages.slice(-lim);
+        const lines = [`Channel: ${channel2.name} (${data2.messages.length} total)\n`];
+
+        for (const msg of msgs2) {
+          if (msg.type === 'system') { lines.push('[system] member joined'); continue; }
+          let content = '[encrypted]';
+          if (msg.ciphertext && msg.nonce) {
+            try {
+              const nonce = Buffer.from(msg.nonce, 'base64');
+              const raw = Buffer.from(msg.ciphertext, 'base64');
+              const tag = raw.subarray(raw.length - 16);
+              const enc = raw.subarray(0, raw.length - 16);
+              const dec = crypto2.default.createDecipheriv('aes-256-gcm', cKey, nonce);
+              dec.setAuthTag(tag);
+              content = dec.update(enc) + dec.final('utf-8');
+            } catch {}
+          }
+          const sender = data2.members?.find(m => m.fingerprint === msg.senderFingerprint);
+          const time = new Date(msg.timestamp).toLocaleTimeString();
+          lines.push(`[${time}] ${sender?.displayName || '?'}: ${content}`);
+        }
+
+        return lines.join('\n');
+      } catch (e) {
+        return `Failed to read: ${e.message}`;
+      }
+    }
+
     default:
       return `Unknown action: ${action}`;
   }