nothumanallowed 13.3.2 → 13.4.7

package/README.md

@@ -1,6 +1,6 @@
 # NotHumanAllowed
 
-**38 specialized AI agents, 80 tools, Studio visual workflows — all local, all free.** Security auditors, code architects, data analysts, DevOps engineers, technical writers — each with deep domain expertise. Use them individually, run complex multi-agent workflows in Studio, or let them deliberate together.
+**38 specialized AI agents, 81 tools, Studio visual workflows — all local, all free.** Security auditors, code architects, data analysts, DevOps engineers, technical writers — each with deep domain expertise. Use them individually, run complex multi-agent workflows in Studio, or let them deliberate together with Parliament mode.
 
 ## Quick Start
 
@@ -36,7 +36,8 @@ EmailAgent → WebSearchAgent → WriterAgent
 
 - **No configuration** — works with any LLM provider including Liara (free, no API key)
 - **Live canvas** — see each agent activate, stream output, and hand off to the next
-- **2–5 step workflows** — context flows automatically between steps
+- **HTML dashboard** — canvas generates a downloadable visual report (HTML + PDF)
+- **Parliament mode** — enable for 2+ specialist agents to cross-read and deliberate: R1 (independent), R2 (agents read each other), R3 (HERALD mediation), convergence score
 - Open `nha ui` → click **Studio** in the sidebar
 
 ## Daily Operations (PAO)
@@ -83,6 +84,26 @@ All data stored locally in `~/.nha/ops/`. Tokens encrypted with AES-256-GCM. You
 
 38 agents across 11 domains. Each agent is a standalone `.mjs` file you own locally — inspect it, modify it, run it offline.
 
+## Code Execution
+
+`execute_code` runs Python, JavaScript, or TypeScript in an isolated sandbox:
+
+```bash
+# Python with auto-installed packages
+nha chat
+> use execute_code to analyze this CSV with pandas
+
+# TypeScript
+> write and run a TypeScript script that parses this JSON
+```
+
+- **Isolated sandbox** — dedicated temp dir per run, deleted after execution
+- **Stripped environment** — subprocess never sees NHA API keys
+- **Package install** — `packages: ["pandas", "numpy"]` auto-installs via pip/npm
+- **Multi-file** — pass extra files (CSV, JSON, helper modules) via `files: [{path, content}]`
+- **SIGKILL on timeout** — 30s default, configurable up to 120s
+- **Returns** stdout, stderr, exit code, and list of files created in sandbox
+
 ### Security
 - **SABER** — Security audit, OWASP, threat modeling, pentest planning
 - **ZERO** — Vulnerability scanning, dependency audit, secret detection

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nothumanallowed",
-  "version": "13.3.2",
+  "version": "13.4.7",
   "description": "NotHumanAllowed — 38 AI agents, 80 tools, Studio (visual agentic workflows). Email, calendar, browser automation, screen capture, canvas, cron/heartbeat, Alexandria E2E messaging, GitHub, Notion, Slack, voice chat, free AI (Liara), 28 languages. Zero-dependency CLI.",
   "type": "module",
   "bin": {

package/src/commands/ui.mjs

@@ -3664,11 +3664,16 @@ ${writtenSoFar ? `## REPORT WRITTEN SO FAR (for consistency):\n${writtenSoFar.sl
               return out.join('');
             };
 
-            // If LLM output has no HTML tags → it's markdown → convert
-            if (!bodyHtml || !bodyHtml.includes('<')) {
-              const source = bodyHtml || context;
+            // Quality check: count <p> and <li> tags — if output is a sparse skeleton
+            // (many sections but almost no paragraph/list content), fall back to converting context directly.
+            const sectionCount = (bodyHtml.match(/<div[^>]*class="section/g) || []).length;
+            const contentCount = (bodyHtml.match(/<p[\s>]|<li[\s>]/g) || []).length;
+            const isSparse = bodyHtml.includes('<') && sectionCount > 0 && contentCount < sectionCount;
+
+            // If LLM output has no HTML tags, or is a sparse skeleton → use context directly
+            if (!bodyHtml || !bodyHtml.includes('<') || isSparse) {
+              const source = context || bodyHtml;
               const converted = mdToNhaHtml(source);
-              const agentNames = (stepDef && Array.isArray(stepDef)) ? '' : '';
               bodyHtml = `<div class="header"><h1>${reportTitle.replace(/</g,'&lt;')}</h1><p>NHA Studio Report \u00b7 ${today}</p><div class="meta"><span>${today}</span></div></div>` +
                 converted +
                 `<div class="footer">NHA Studio \u00b7 ${today}</div>`;

package/src/constants.mjs

@@ -5,7 +5,7 @@ import { fileURLToPath } from 'url';
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = path.dirname(__filename);
 
-export const VERSION = '13.3.2';
+export const VERSION = '13.4.7';
 export const BASE_URL = 'https://nothumanallowed.com/cli';
 export const API_BASE = 'https://nothumanallowed.com/api/v1';
 

package/src/services/tool-executor.mjs

@@ -47,6 +47,17 @@ import {
 
 import { notify } from './notification.mjs';
 
+// ── execute_code: module-level tsx path cache ─────────────────────────────────
+// Resolved once lazily (first TypeScript execution) — avoids shell spawn on every call.
+import { execSync as _execSyncTsx } from 'child_process';
+let _tsxPath = undefined; // undefined = not yet resolved; null = not found; string = path
+function getTsxPath() {
+  if (_tsxPath !== undefined) return _tsxPath;
+  try { _tsxPath = _execSyncTsx('which tsx 2>/dev/null', { timeout: 3000 }).toString().trim() || null; }
+  catch { _tsxPath = null; }
+  return _tsxPath;
+}
+
 // ── Constants ────────────────────────────────────────────────────────────────
 
 /** Actions that mutate external state and require user confirmation. */
@@ -452,6 +463,21 @@ TOOLS:
     Download a file from Drive. For Google Docs/Sheets/Slides, exports as PDF.
     Returns the file as base64-encoded content. Use for binary files, PDFs, images.
 
+--- CODE EXECUTION ---
+
+81. execute_code(language: "python"|"javascript"|"typescript", code: string, files?: [{path: string, content: string}], packages?: string[], stdin?: string, timeout?: number)
+    Execute code in an isolated sandbox and return the full output.
+    - language: "python", "javascript", or "typescript"
+    - code: the main script to run
+    - files (optional): extra files to create in the sandbox before running (e.g. input CSVs, helper modules). Paths are relative to sandbox.
+    - packages (optional): pip or npm packages to install before execution (e.g. ["pandas","numpy"] for python, ["lodash"] for js)
+    - stdin (optional): text piped to the process stdin
+    - timeout (optional): seconds before SIGKILL, default 30, max 120
+    Returns: exit_code (0=success ✓, non-zero=failure ✗), stdout, stderr, list of files written in sandbox.
+    Sandbox: isolated temp dir, stripped env (no NHA API keys visible to subprocess), SIGKILL on timeout, sandbox deleted after run.
+    Use for: data analysis, algorithm verification, running Python scripts, CSV/JSON processing, math computations, generating files (charts, reports), testing TypeScript/JS logic.
+    Do NOT use for: network requests (use fetch_url), permanent file I/O (use file_write/file_read).
+
 RULES:
 - ABSOLUTE RULE: NEVER LIE. NEVER fabricate, invent, or guess information. If you do not know, say "I don't know." If a tool fails, say it failed. If you cannot see something, say so. Honesty is MORE important than being helpful.
 - CRITICAL ROUTING RULE — browser_open vs web_search:
@@ -1948,6 +1974,197 @@ export async function executeTool(action, params, config) {
       return `Found ${results.length} match${results.length > 1 ? 'es' : ''} for "${params.query}":\n\n${results.join('\n')}`;
     }
 
+    case 'execute_code': {
+      const {
+        language = 'python',
+        code,
+        files = [],    // [{path: string, content: string}] — extra files to write in sandbox
+        packages = [], // string[] — pip/npm packages to install before running
+        stdin = '',    // string — piped to process stdin
+        timeout = 30,  // seconds (max 120)
+      } = params;
+
+      if (!code || typeof code !== 'string') return 'execute_code: missing required param "code"';
+
+      // bash removed: unrestricted shell has full filesystem access and can exfiltrate data.
+      const SUPPORTED = ['python', 'javascript', 'typescript'];
+      if (!SUPPORTED.includes(language)) {
+        return `execute_code: unsupported language "${language}" — use: ${SUPPORTED.join(', ')}`;
+      }
+
+      const { spawn } = await import('child_process');
+      const os = await import('os');
+      const fs = await import('fs');
+      const path = await import('path');
+      const crypto = await import('crypto');
+
+      const MAX_OUTPUT_BYTES = 128 * 1024;   // 128 KB per stream
+      const TIMEOUT_MS = Math.min(Math.max(timeout, 5), 120) * 1000;
+
+      // ── Isolated sandbox directory ─────────────────────────────────────────
+      // Each execution gets its own temp dir — cleaned up after run.
+      // Subprocess never sees NHA's cwd or env vars (API keys etc.).
+      const sandboxId = crypto.default.randomBytes(8).toString('hex');
+      const sandboxDir = path.default.join(os.default.tmpdir(), `nha_sandbox_${sandboxId}`);
+      fs.default.mkdirSync(sandboxDir, { recursive: true });
+
+      // Stripped env — only safe POSIX vars, zero NHA secrets.
+      // NOTE: packages install runs with network access (pip/npm fetch from registries).
+      // This is an accepted risk for a local CLI tool — not suitable for server deployment.
+      const safeEnv = {
+        PATH: process.env.PATH || '/usr/local/bin:/usr/bin:/bin',
+        HOME: sandboxDir,
+        TMPDIR: sandboxDir,
+        LANG: 'en_US.UTF-8',
+        PYTHONDONTWRITEBYTECODE: '1',
+        PYTHONUNBUFFERED: '1',
+        NODE_NO_WARNINGS: '1',
+      };
+
+      const cleanup = () => {
+        try { fs.default.rmSync(sandboxDir, { recursive: true, force: true }); } catch { /* ignore */ }
+      };
+
+      try {
+        // ── Write extra files first ──────────────────────────────────────────
+        for (const f of (files || [])) {
+          if (!f.path || typeof f.content !== 'string') continue;
+          // Prevent path traversal — only allow relative paths inside sandbox
+          const safePath = path.default.join(sandboxDir, path.default.normalize(f.path).replace(/^(\.\.[/\\])+/, ''));
+          fs.default.mkdirSync(path.default.dirname(safePath), { recursive: true });
+          fs.default.writeFileSync(safePath, f.content, 'utf-8');
+        }
+
+        // ── Install packages ─────────────────────────────────────────────────
+        if (packages && packages.length > 0) {
+          const validPkgName = /^[a-zA-Z0-9@._/-]+$/;
+          const safePkgs = packages.filter(p => typeof p === 'string' && validPkgName.test(p) && p.length < 80);
+          if (safePkgs.length > 0) {
+            let installCmd, installArgs;
+            if (language === 'python') {
+              installCmd = 'pip3';
+              installArgs = ['install', '--quiet', '--target', path.default.join(sandboxDir, 'site-packages'), ...safePkgs];
+            } else {
+              // javascript / typescript
+              fs.default.writeFileSync(path.default.join(sandboxDir, 'package.json'), JSON.stringify({ type: 'module' }));
+              installCmd = 'npm';
+              installArgs = ['install', '--prefix', sandboxDir, '--no-save', '--quiet', ...safePkgs];
+            }
+            await new Promise((resolve) => {
+              const inst = spawn(installCmd, installArgs, { cwd: sandboxDir, env: safeEnv, timeout: 60_000 });
+              inst.on('close', resolve);
+              inst.on('error', resolve);
+            });
+          }
+        }
+
+        // ── Resolve runtime + write main entrypoint ──────────────────────────
+        let cmd, cmdArgs, mainFile;
+        if (language === 'python') {
+          mainFile = path.default.join(sandboxDir, 'main.py');
+          // Prepend sys.path so installed packages are found
+          const sitePkgs = path.default.join(sandboxDir, 'site-packages');
+          const preamble = `import sys; sys.path.insert(0, ${JSON.stringify(sitePkgs)})\n`;
+          fs.default.writeFileSync(mainFile, preamble + code, 'utf-8');
+          cmd = 'python3'; cmdArgs = [mainFile];
+        } else if (language === 'javascript') {
+          mainFile = path.default.join(sandboxDir, 'main.mjs');
+          fs.default.writeFileSync(mainFile, code, 'utf-8');
+          cmd = 'node'; cmdArgs = [mainFile];
+        } else if (language === 'typescript') {
+          // Prefer tsx (faster, more compatible), fallback to node --experimental-strip-types (Node 22+)
+          mainFile = path.default.join(sandboxDir, 'main.ts');
+          fs.default.writeFileSync(mainFile, code, 'utf-8');
+          const tsxPath = getTsxPath();
+          if (tsxPath) { cmd = tsxPath; cmdArgs = [mainFile]; }
+          else { cmd = 'node'; cmdArgs = ['--experimental-strip-types', mainFile]; }
+        }
+
+        // ── Execute ──────────────────────────────────────────────────────────
+        const result = await new Promise((resolve) => {
+          const child = spawn(cmd, cmdArgs, {
+            cwd: sandboxDir,
+            env: safeEnv,
+            stdio: ['pipe', 'pipe', 'pipe'],
+          });
+
+          // Feed stdin if provided
+          if (stdin) {
+            child.stdin.write(stdin);
+            child.stdin.end();
+          } else {
+            child.stdin.end();
+          }
+
+          let stdoutBuf = '';
+          let stderrBuf = '';
+          let stdoutTrunc = false;
+          let stderrTrunc = false;
+
+          child.stdout.on('data', (d) => {
+            if (stdoutBuf.length < MAX_OUTPUT_BYTES) stdoutBuf += d.toString();
+            else stdoutTrunc = true;
+          });
+          child.stderr.on('data', (d) => {
+            if (stderrBuf.length < MAX_OUTPUT_BYTES) stderrBuf += d.toString();
+            else stderrTrunc = true;
+          });
+
+          // Hard kill after timeout
+          const killer = setTimeout(() => {
+            try { child.kill('SIGKILL'); } catch {}
+            resolve({ exit_code: 124, stdout: stdoutBuf, stderr: stderrBuf, timed_out: true });
+          }, TIMEOUT_MS);
+
+          child.on('close', (exitCode) => {
+            clearTimeout(killer);
+            resolve({
+              exit_code: exitCode ?? 1,
+              stdout: stdoutBuf + (stdoutTrunc ? '\n[stdout truncated at 128 KB]' : ''),
+              stderr: stderrBuf + (stderrTrunc ? '\n[stderr truncated at 128 KB]' : ''),
+              timed_out: false,
+            });
+          });
+
+          child.on('error', (err) => {
+            clearTimeout(killer);
+            resolve({ exit_code: 1, stdout: '', stderr: `[spawn error] ${err.message}`, timed_out: false });
+          });
+        });
+
+        // ── Collect created/modified files ───────────────────────────────────
+        // List files written inside sandbox (excluding the main entrypoint and site-packages)
+        let createdFiles = [];
+        try {
+          const walk = (dir, base) => {
+            for (const entry of fs.default.readdirSync(dir, { withFileTypes: true })) {
+              const rel = base ? `${base}/${entry.name}` : entry.name;
+              if (entry.isDirectory()) {
+                if (!['site-packages', 'node_modules', '__pycache__'].includes(entry.name)) walk(path.default.join(dir, entry.name), rel);
+              } else if (!['main.py','main.mjs','main.ts','main.sh','package.json'].includes(entry.name)) {
+                const size = fs.default.statSync(path.default.join(dir, entry.name)).size;
+                createdFiles.push(`  ${rel} (${size} bytes)`);
+              }
+            }
+          };
+          walk(sandboxDir, '');
+        } catch {}
+
+        // ── Format response ──────────────────────────────────────────────────
+        const lines = [];
+        if (result.timed_out) lines.push(`⏱ TIMEOUT — execution exceeded ${timeout}s (exit 124)`);
+        lines.push(`exit_code: ${result.exit_code}${result.exit_code === 0 ? ' ✓' : ' ✗'}`);
+        if (result.stdout.trim()) lines.push(`\nstdout:\n${result.stdout.trimEnd()}`);
+        if (result.stderr.trim()) lines.push(`\nstderr:\n${result.stderr.trimEnd()}`);
+        if (!result.stdout.trim() && !result.stderr.trim()) lines.push('\n(no output)');
+        if (createdFiles.length > 0) lines.push(`\nfiles written in sandbox:\n${createdFiles.join('\n')}`);
+
+        return lines.join('\n');
+      } finally {
+        cleanup();
+      }
+    }
+
     default:
       return `Unknown action: ${action}`;
   }