nyxora 1.6.6 → 1.6.7

package/packages/core/src/gateway/server.ts

@@ -26,11 +26,28 @@ import { checkPortfolioToolDefinition } from '../web3/skills/checkPortfolio';
 import { marketAnalysisToolDefinition } from '../web3/skills/marketAnalysis';
 import { createWalletToolDefinition } from '../web3/skills/createWallet';
 import { createLimitOrderToolDefinition, listLimitOrdersToolDefinition, cancelLimitOrderToolDefinition } from '../agent/limitOrderManager';
+import { isSkillActive, toggleSkill } from '../utils/skillManager';
 import { executeBridge, bridgeTokenToolDefinition } from '../web3/skills/bridgeToken';
 import { executeMintNft, mintNftToolDefinition } from '../web3/skills/mintNft';
 import { executeCustomTx, customTxToolDefinition } from '../web3/skills/customTx';
+
+// System Skills
+import { browseWebsiteToolDefinition } from '../system/skills/browseWeb';
+import { runTerminalCommandToolDefinition } from '../system/skills/executeShell';
+import { installExternalSkillToolDefinition } from '../system/skills/installSkill';
+import { readLocalFileToolDefinition } from '../system/skills/readFile';
+import { updateSecurityPolicyToolDefinition } from '../system/skills/updateSecurityPolicy';
+import { writeLocalFileToolDefinition } from '../system/skills/writeFile';
+import { analyzeDocumentToolDefinition } from '../system/skills/analyzeDocument';
+import { searchWebToolDefinition } from '../system/skills/searchWeb';
+import { readGmailInboxToolDefinition, listCalendarEventsToolDefinition, appendRowToSheetsToolDefinition, readGoogleDocsToolDefinition, readGoogleFormResponsesToolDefinition } from '../system/skills/googleWorkspace';
+
 import { startTelegramBot } from './telegram';
 import { formatTransactionSuccess, formatTransactionError } from '../utils/formatter';
+import { initGoogleAuth, getAuthUrl, processCallback, isAuthenticated } from './googleAuthModule';
+
+// Initialize Google Auth
+initGoogleAuth();
 
 import util from 'util';
 
@@ -52,7 +69,16 @@ console.error = function (...args) {
 
 const app = express();
 app.use(helmet());
-app.use(cors({ origin: ['http://localhost:3000', 'http://localhost:5173'] }));
+app.use(cors({ 
+  origin: function (origin, callback) {
+    if (!origin || /^(http:\/\/(localhost|127\.0\.0\.1):\d+)$/.test(origin)) {
+      callback(null, true);
+    } else {
+      callback(new Error('Not allowed by CORS'));
+    }
+  },
+  allowedHeaders: ['Content-Type', 'Authorization', 'x-nyxora-token']
+}));
 app.use(express.json());
 
 const apiLimiter = rateLimit({
@@ -64,9 +90,15 @@ app.use('/api/', apiLimiter);
 
 // API Auth Middleware
 app.use('/api', (req, res, next) => {
+  // Bypass auth for Google OAuth callback and URLs since they are handled externally or by the browser
+  if (req.path.startsWith('/auth/google')) {
+    return next();
+  }
+
   const token = req.headers['x-nyxora-token'];
   if (token !== getSessionToken()) {
-    return res.status(401).json({ error: `Unauthorized: Invalid or missing token. Expected: ${getSessionToken()}, Received: ${token}` });
+    console.error(`[Auth] Rejected ${req.method} ${req.originalUrl} - Expected: ${getSessionToken().substring(0,8)}... Received: ${token ? token.toString().substring(0,8) + '...' : 'undefined'}`);
+    return res.status(401).json({ error: `Unauthorized: Invalid or missing token.` });
   }
   next();
 });
@@ -170,7 +202,7 @@ app.get('/api/logs', (req, res) => {
 });
 
 app.get('/api/skills', (req, res) => {
-  res.json([
+  const allSkills = [
     getBalanceToolDefinition,
     transferToolDefinition,
     getPriceToolDefinition,
@@ -187,7 +219,79 @@ app.get('/api/skills', (req, res) => {
     createLimitOrderToolDefinition,
     listLimitOrdersToolDefinition,
     cancelLimitOrderToolDefinition
-  ]);
+  ];
+  
+  const skillsWithStatus = allSkills.map(skill => ({
+    ...skill,
+    isActive: isSkillActive(skill.function.name)
+  }));
+  
+  res.json(skillsWithStatus);
+});
+
+app.get('/api/skills/system', (req, res) => {
+  const systemSkills = [
+    runTerminalCommandToolDefinition,
+    readLocalFileToolDefinition,
+    writeLocalFileToolDefinition,
+    browseWebsiteToolDefinition,
+    updateSecurityPolicyToolDefinition,
+    installExternalSkillToolDefinition,
+    analyzeDocumentToolDefinition,
+    searchWebToolDefinition,
+    readGmailInboxToolDefinition,
+    listCalendarEventsToolDefinition,
+    appendRowToSheetsToolDefinition,
+    readGoogleDocsToolDefinition,
+    readGoogleFormResponsesToolDefinition
+  ];
+  
+  const skillsWithStatus = systemSkills.map(skill => ({
+    ...skill,
+    isActive: isSkillActive(skill.function.name)
+  }));
+  
+  res.json(skillsWithStatus);
+});
+
+app.post('/api/skills/toggle', (req, res) => {
+  const { skillName, active } = req.body;
+  if (!skillName || typeof active !== 'boolean') {
+    return res.status(400).json({ error: 'Invalid payload' });
+  }
+  toggleSkill(skillName, active);
+  res.json({ success: true, skillName, active });
+});
+
+// Google Workspace Auth Routes
+app.get('/api/auth/google/url', (req, res) => {
+  const url = getAuthUrl();
+  if (!url) return res.status(500).json({ error: 'Google Auth not configured' });
+  res.json({ url });
+});
+
+app.get('/api/auth/google/callback', async (req, res) => {
+  const code = req.query.code as string;
+  if (!code) return res.status(400).send('No code provided');
+  
+  const success = await processCallback(code);
+  if (success) {
+    res.send(`
+      <html><body>
+      <h2>Authentication Successful!</h2>
+      <p>You can close this window and return to the dashboard.</p>
+      <script>
+        setTimeout(() => window.close(), 2000);
+      </script>
+      </body></html>
+    `);
+  } else {
+    res.status(500).send('Authentication failed');
+  }
+});
+
+app.get('/api/auth/google/status', async (req, res) => {
+  res.json({ connected: await isAuthenticated() });
 });
 
 app.get('/api/transactions', (req, res) => {
@@ -300,8 +404,8 @@ export function startServer() {
   });
   limitOrderManager.startMonitor();
 
-  const PORT = process.env.PORT || 3000;
-  app.listen(PORT, () => {
+  const PORT = Number(process.env.PORT || 3000);
+  app.listen(PORT, '0.0.0.0', () => {
     console.log(`🤖 Nyxora API Server running on port ${PORT}`);
     
     // Start the Telegram bot listener

package/packages/core/src/gateway/setup.ts

@@ -166,12 +166,12 @@ Provider: ${config.llm.provider}`;
     message: 'Select Default Chain:',
     initialValue: config.agent.default_chain,
     options: [
-      { value: 'sepolia', label: 'Sepolia (Testnet)' },
-      { value: 'base', label: 'Base' },
-      { value: 'bsc', label: 'BSC' },
       { value: 'ethereum', label: 'Ethereum Mainnet' },
-      { value: 'arbitrum', label: 'Arbitrum' },
+      { value: 'bsc', label: 'BSC' },
+      { value: 'base', label: 'Base' },
       { value: 'optimism', label: 'Optimism' },
+      { value: 'arbitrum', label: 'Arbitrum' },
+      { value: 'sepolia', label: 'Sepolia (Testnet)' },
     ],
   });
   if (isCancel(defaultChain)) return process.exit(0);

package/packages/core/src/system/skills/analyzeDocument.ts

@@ -0,0 +1,64 @@
+import fs from 'fs';
+import path from 'path';
+import pdfParse = require('pdf-parse');
+// @ts-ignore
+import mammoth from 'mammoth';
+
+export async function analyzeDocument(filePath: string): Promise<string> {
+  try {
+    const absolutePath = path.resolve(filePath);
+    if (!fs.existsSync(absolutePath)) {
+      return `Error: File not found at ${absolutePath}`;
+    }
+
+    const ext = path.extname(absolutePath).toLowerCase();
+    
+    if (ext === '.pdf') {
+      const dataBuffer = fs.readFileSync(absolutePath);
+      // @ts-ignore
+    const data = await pdfParse(dataBuffer);
+      let text = data.text.trim();
+      if (text.length > 20000) {
+        text = text.substring(0, 20000) + "... [Content Truncated]";
+      }
+      return text;
+    } 
+    
+    if (ext === '.docx') {
+      const result = await mammoth.extractRawText({ path: absolutePath });
+      let text = result.value.trim();
+      if (text.length > 20000) {
+        text = text.substring(0, 20000) + "... [Content Truncated]";
+      }
+      return text;
+    }
+
+    // Fallback for TXT, MD, CSV, etc.
+    let content = fs.readFileSync(absolutePath, 'utf8');
+    if (content.length > 20000) {
+      content = content.substring(0, 20000) + "... [Content Truncated]";
+    }
+    return content;
+
+  } catch (error: any) {
+    return `Failed to analyze document: ${error.message}`;
+  }
+}
+
+export const analyzeDocumentToolDefinition = {
+  type: "function",
+  function: {
+    name: "analyze_document",
+    description: "Extracts textual content from documents (PDF, DOCX) and plain text files (TXT, MD, CSV). Useful for reading reports, contracts, and data dumps.",
+    parameters: {
+      type: "object",
+      properties: {
+        filePath: {
+          type: "string",
+          description: "The absolute or relative path to the document file.",
+        }
+      },
+      required: ["filePath"],
+    },
+  },
+};

package/packages/core/src/system/skills/googleWorkspace.ts

@@ -0,0 +1,250 @@
+import { getAccessToken, isAuthenticated } from '../../gateway/googleAuthModule';
+
+export async function readGmailInbox(maxResults: number = 5): Promise<string> {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) {
+    return "Google Auth not configured. Please link your Google account in the dashboard.";
+  }
+
+  const token = await getAccessToken();
+  if (!token) return "Failed to retrieve access token.";
+
+  try {
+    const listRes = await fetch(`https://gmail.googleapis.com/gmail/v1/users/me/messages?maxResults=${maxResults}&q=in:inbox`, {
+      headers: { Authorization: `Bearer ${token}` }
+    });
+    const listData = await listRes.json();
+
+    if (!listData.messages || listData.messages.length === 0) {
+      return 'No emails found in inbox.';
+    }
+
+    let output = `Top ${listData.messages.length} recent emails:\n\n`;
+    
+    for (const msg of listData.messages) {
+      const msgRes = await fetch(`https://gmail.googleapis.com/gmail/v1/users/me/messages/${msg.id}?format=metadata&metadataHeaders=Subject&metadataHeaders=From&metadataHeaders=Date`, {
+        headers: { Authorization: `Bearer ${token}` }
+      });
+      const msgData = await msgRes.json();
+      const headers = msgData.payload?.headers;
+      
+      if (headers) {
+        const subject = headers.find((h: any) => h.name === 'Subject')?.value || 'No Subject';
+        const from = headers.find((h: any) => h.name === 'From')?.value || 'Unknown Sender';
+        const date = headers.find((h: any) => h.name === 'Date')?.value || 'Unknown Date';
+        const snippet = msgData.snippet ? `\nIsi/Snippet: ${msgData.snippet}` : '';
+        output += `From: ${from}\nSubject: ${subject}\nDate: ${date}${snippet}\n---\n`;
+      }
+    }
+    
+    return output.trim();
+  } catch (err: any) {
+    return `Error reading Gmail: ${err.message}`;
+  }
+}
+
+export async function listCalendarEvents(maxResults: number = 5): Promise<string> {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) return "Google Auth not configured. Please link your Google account in the dashboard.";
+  const token = await getAccessToken();
+  if (!token) return "Failed to retrieve access token.";
+
+  try {
+    const timeMin = encodeURIComponent(new Date().toISOString());
+    const res = await fetch(`https://www.googleapis.com/calendar/v3/calendars/primary/events?timeMin=${timeMin}&maxResults=${maxResults}&singleEvents=true&orderBy=startTime`, {
+      headers: { Authorization: `Bearer ${token}` }
+    });
+    const data = await res.json();
+
+    const events = data.items;
+    if (!events || events.length === 0) {
+      return 'No upcoming events found.';
+    }
+
+    let output = `Upcoming ${events.length} events:\n\n`;
+    events.map((event: any, i: number) => {
+      const start = event.start?.dateTime || event.start?.date;
+      output += `${i + 1}. ${event.summary} (${start})\n`;
+    });
+    
+    return output.trim();
+  } catch (err: any) {
+    return `Error reading Calendar: ${err.message}`;
+  }
+}
+
+export async function appendRowToSheets(spreadsheetId: string, range: string, values: any[]): Promise<string> {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) return "Google Auth not configured. Please link your Google account in the dashboard.";
+  const token = await getAccessToken();
+  if (!token) return "Failed to retrieve access token.";
+
+  try {
+    const res = await fetch(`https://sheets.googleapis.com/v4/spreadsheets/${spreadsheetId}/values/${range}:append?valueInputOption=USER_ENTERED`, {
+      method: 'POST',
+      headers: { 
+        Authorization: `Bearer ${token}`,
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ values: [values] })
+    });
+    
+    const data = await res.json();
+    if (!res.ok) {
+      return `Failed to append to Sheets: ${data.error?.message || JSON.stringify(data)}`;
+    }
+    
+    return `Successfully appended row to ${spreadsheetId} at range ${data.updates?.updatedRange}.`;
+  } catch (err: any) {
+    return `Error appending to Sheets: ${err.message}`;
+  }
+}
+
+export async function readGoogleDocs(documentId: string): Promise<string> {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) return "Google Auth not configured. Please link your Google account in the dashboard.";
+  const token = await getAccessToken();
+  if (!token) return "Failed to retrieve access token.";
+
+  try {
+    const res = await fetch(`https://docs.googleapis.com/v1/documents/${documentId}`, {
+      headers: { Authorization: `Bearer ${token}` }
+    });
+    const data = await res.json();
+    if (!res.ok) return `Failed to read document: ${data.error?.message || JSON.stringify(data)}`;
+
+    let text = '';
+    data.body?.content?.forEach((c: any) => {
+      if (c.paragraph) {
+        c.paragraph.elements?.forEach((e: any) => {
+          if (e.textRun) text += e.textRun.content;
+        });
+      }
+    });
+
+    return text ? text.substring(0, 2000) + (text.length > 2000 ? '... (truncated)' : '') : 'Document is empty.';
+  } catch (err: any) {
+    return `Error reading Google Docs: ${err.message}`;
+  }
+}
+
+export async function readGoogleFormResponses(formId: string): Promise<string> {
+  const isAuth = await isAuthenticated();
+  if (!isAuth) return "Google Auth not configured. Please link your Google account in the dashboard.";
+  const token = await getAccessToken();
+  if (!token) return "Failed to retrieve access token.";
+
+  try {
+    const res = await fetch(`https://forms.googleapis.com/v1/forms/${formId}/responses`, {
+      headers: { Authorization: `Bearer ${token}` }
+    });
+    const data = await res.json();
+    if (!res.ok) return `Failed to read form responses: ${data.error?.message || JSON.stringify(data)}`;
+
+    if (!data.responses || data.responses.length === 0) {
+      return 'No responses found for this form.';
+    }
+
+    let output = `Total ${data.responses.length} responses:\n\n`;
+    
+    // Only return the last 10 responses to avoid overflowing context window
+    const recentResponses = data.responses.slice(-10);
+    
+    recentResponses.forEach((response: any, i: number) => {
+      output += `Response ${i + 1} (Submitted at ${response.createTime}):\n`;
+      if (response.answers) {
+        for (const [questionId, answer] of Object.entries(response.answers)) {
+          const ans = answer as any;
+          const textAnswers = ans.textAnswers?.answers?.map((a: any) => a.value).join(', ') || 'No text answer';
+          output += `- Question ID ${questionId}: ${textAnswers}\n`;
+        }
+      }
+      output += '---\n';
+    });
+
+    return output.trim();
+  } catch (err: any) {
+    return `Error reading Google Forms: ${err.message}`;
+  }
+}
+
+export const readGmailInboxToolDefinition = {
+  type: "function",
+  function: {
+    name: "read_gmail_inbox",
+    description: "Reads the most recent emails from the user's Gmail inbox.",
+    parameters: {
+      type: "object",
+      properties: {
+        maxResults: { type: "number", description: "Number of emails to fetch (default: 5)." }
+      },
+      required: [],
+    },
+  },
+};
+
+export const listCalendarEventsToolDefinition = {
+  type: "function",
+  function: {
+    name: "list_calendar_events",
+    description: "Lists upcoming events from the user's Google Calendar.",
+    parameters: {
+      type: "object",
+      properties: {
+        maxResults: { type: "number", description: "Number of events to fetch (default: 5)." }
+      },
+      required: [],
+    },
+  },
+};
+
+export const appendRowToSheetsToolDefinition = {
+  type: "function",
+  function: {
+    name: "append_row_to_sheets",
+    description: "Appends a row of data to a Google Spreadsheet.",
+    parameters: {
+      type: "object",
+      properties: {
+        spreadsheetId: { type: "string", description: "The ID of the spreadsheet (found in the URL)." },
+        range: { type: "string", description: "The A1 notation of a range to search for a logical table of data, e.g. 'Sheet1!A:D'." },
+        values: { 
+          type: "array", 
+          items: { type: "string" },
+          description: "An array of strings representing the columns of the new row." 
+        }
+      },
+      required: ["spreadsheetId", "range", "values"],
+    },
+  },
+};
+
+export const readGoogleDocsToolDefinition = {
+  type: "function",
+  function: {
+    name: "read_google_docs",
+    description: "Reads the text content of a Google Document.",
+    parameters: {
+      type: "object",
+      properties: {
+        documentId: { type: "string", description: "The ID of the document (found in the URL)." }
+      },
+      required: ["documentId"],
+    },
+  },
+};
+
+export const readGoogleFormResponsesToolDefinition = {
+  type: "function",
+  function: {
+    name: "read_google_form_responses",
+    description: "Reads the most recent responses from a Google Form.",
+    parameters: {
+      type: "object",
+      properties: {
+        formId: { type: "string", description: "The ID of the form (found in the URL)." }
+      },
+      required: ["formId"],
+    },
+  },
+};

package/packages/core/src/system/skills/searchWeb.ts

@@ -0,0 +1,46 @@
+import { search, SafeSearchType } from 'duck-duck-scrape';
+
+export async function searchWeb(query: string): Promise<string> {
+  try {
+    const searchResults = await search(query, {
+      safeSearch: SafeSearchType.MODERATE
+    });
+
+    if (!searchResults.results || searchResults.results.length === 0) {
+      return "No results found for your query.";
+    }
+
+    // Limit to top 8 results
+    const topResults = searchResults.results.slice(0, 8);
+    
+    let responseText = `Search Results for "${query}":\n\n`;
+    
+    topResults.forEach((result, index) => {
+      responseText += `${index + 1}. ${result.title}\n`;
+      responseText += `URL: ${result.url}\n`;
+      responseText += `Snippet: ${result.description}\n\n`;
+    });
+
+    return responseText.trim();
+  } catch (error: any) {
+    return `Failed to search the web: ${error.message}`;
+  }
+}
+
+export const searchWebToolDefinition = {
+  type: "function",
+  function: {
+    name: "search_web",
+    description: "Searches the internet for information using a search engine. Returns top titles, snippets, and URLs. Use this to find current events, documentation, or general facts.",
+    parameters: {
+      type: "object",
+      properties: {
+        query: {
+          type: "string",
+          description: "The search query to look up.",
+        }
+      },
+      required: ["query"],
+    },
+  },
+};

package/packages/core/src/utils/dynamicTokenUpdater.ts

@@ -0,0 +1,72 @@
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+
+const CACHE_FILE = path.join(os.homedir(), '.nyxora', 'dynamic_tokens.json');
+const CACHE_TTL = 24 * 60 * 60 * 1000; // 24 hours
+
+const TOKEN_LIST_URLS: Record<string, string> = {
+  ethereum: 'https://tokens.coingecko.com/uniswap/all.json',
+  base: 'https://raw.githubusercontent.com/ethereum-optimism/ethereum-optimism.github.io/master/optimism.tokenlist.json',
+  arbitrum: 'https://bridge.arbitrum.io/token-list-42161.json',
+  optimism: 'https://static.optimism.io/optimism.tokenlist.json',
+  bsc: 'https://tokens.pancakeswap.finance/pancakeswap-extended.json'
+};
+
+export interface DynamicTokens {
+  [chainName: string]: Array<{ symbol: string, address: string }>;
+}
+
+export async function fetchDynamicTokens(): Promise<DynamicTokens> {
+  // Check cache first
+  try {
+    if (fs.existsSync(CACHE_FILE)) {
+      const stats = fs.statSync(CACHE_FILE);
+      if (Date.now() - stats.mtimeMs < CACHE_TTL) {
+        return JSON.parse(fs.readFileSync(CACHE_FILE, 'utf-8'));
+      }
+    }
+  } catch (e) {
+    // Ignore cache error
+  }
+
+  const result: DynamicTokens = {};
+  console.log('[DynamicTokenUpdater] Fetching updated token lists...');
+
+  for (const [chain, url] of Object.entries(TOKEN_LIST_URLS)) {
+    try {
+      const res = await fetch(url);
+      const data = await res.json();
+      
+      let tokens: Array<{symbol: string, address: string}> = [];
+      
+      if (data && data.tokens && Array.isArray(data.tokens)) {
+        // Limit to top 50 to avoid massive multicall
+        const topTokens = data.tokens.slice(0, 50);
+        tokens = topTokens.map((t: any) => ({
+          symbol: t.symbol,
+          address: t.address
+        }));
+      }
+      
+      result[chain] = tokens;
+    } catch (err) {
+      console.warn(`[DynamicTokenUpdater] Failed to fetch list for ${chain}:`, err);
+      result[chain] = [];
+    }
+  }
+
+  // Save to cache
+  try {
+    fs.writeFileSync(CACHE_FILE, JSON.stringify(result, null, 2), 'utf-8');
+  } catch (e) {
+    console.error('[DynamicTokenUpdater] Failed to write cache', e);
+  }
+
+  return result;
+}
+
+export async function getDynamicTokensForChain(chainName: string): Promise<Array<{symbol: string, address: string}>> {
+  const allTokens = await fetchDynamicTokens();
+  return allTokens[chainName] || [];
+}

package/packages/core/src/utils/skillManager.ts

@@ -0,0 +1,44 @@
+import fs from 'fs';
+import { getPath } from '../config/paths';
+
+let disabledSkillsCache: string[] | null = null;
+
+function getDisabledSkillsFile(): string {
+  return getPath('disabled_skills.json');
+}
+
+export function getDisabledSkills(): string[] {
+  if (disabledSkillsCache !== null) {
+    return disabledSkillsCache;
+  }
+  const filepath = getDisabledSkillsFile();
+  if (!fs.existsSync(filepath)) {
+    disabledSkillsCache = [];
+    return disabledSkillsCache;
+  }
+  try {
+    const data = fs.readFileSync(filepath, 'utf-8');
+    disabledSkillsCache = JSON.parse(data);
+    if (!Array.isArray(disabledSkillsCache)) disabledSkillsCache = [];
+    return disabledSkillsCache;
+  } catch (e) {
+    disabledSkillsCache = [];
+    return [];
+  }
+}
+
+export function toggleSkill(skillName: string, active: boolean): void {
+  const current = new Set(getDisabledSkills());
+  if (active) {
+    current.delete(skillName); // Remove from disabled list to activate
+  } else {
+    current.add(skillName); // Add to disabled list to deactivate
+  }
+  disabledSkillsCache = Array.from(current);
+  fs.writeFileSync(getDisabledSkillsFile(), JSON.stringify(disabledSkillsCache, null, 2));
+}
+
+export function isSkillActive(skillName: string): boolean {
+  const disabled = getDisabledSkills();
+  return !disabled.includes(skillName);
+}