opc-agent 2.1.0 → 3.0.1

package/src/mcp/servers/web-mcp.ts

@@ -0,0 +1,49 @@
+import type { MCPServerConfig } from '../../protocols/mcp/types';
+
+export function createWebServer(): MCPServerConfig {
+  return {
+    name: 'web',
+    version: '1.0.0',
+    tools: [
+      {
+        name: 'web_fetch',
+        description: 'Fetch a URL and return its content',
+        inputSchema: { type: 'object', properties: { url: { type: 'string' }, method: { type: 'string', default: 'GET' }, headers: { type: 'object' }, body: { type: 'string' } }, required: ['url'] },
+        handler: async (args: { url: string; method?: string; headers?: Record<string, string>; body?: string }) => {
+          const res = await fetch(args.url, { method: args.method || 'GET', headers: args.headers, body: args.body });
+          const contentType = res.headers.get('content-type') || '';
+          const text = await res.text();
+          return { status: res.status, contentType, body: text.slice(0, 50000), truncated: text.length > 50000 };
+        },
+      },
+      {
+        name: 'web_extract_text',
+        description: 'Fetch a URL and extract readable text (strips HTML tags)',
+        inputSchema: { type: 'object', properties: { url: { type: 'string' } }, required: ['url'] },
+        handler: async (args: { url: string }) => {
+          const res = await fetch(args.url);
+          const html = await res.text();
+          const text = html.replace(/<script[\s\S]*?<\/script>/gi, '').replace(/<style[\s\S]*?<\/style>/gi, '').replace(/<[^>]+>/g, ' ').replace(/\s+/g, ' ').trim();
+          return { text: text.slice(0, 30000), truncated: text.length > 30000 };
+        },
+      },
+      {
+        name: 'web_search',
+        description: 'Search the web (simulated — returns search URL for manual use)',
+        inputSchema: { type: 'object', properties: { query: { type: 'string' }, engine: { type: 'string', enum: ['google', 'bing', 'duckduckgo'], default: 'duckduckgo' } }, required: ['query'] },
+        handler: async (args: { query: string; engine?: string }) => {
+          const engines: Record<string, string> = {
+            google: `https://www.google.com/search?q=${encodeURIComponent(args.query)}`,
+            bing: `https://www.bing.com/search?q=${encodeURIComponent(args.query)}`,
+            duckduckgo: `https://html.duckduckgo.com/html/?q=${encodeURIComponent(args.query)}`,
+          };
+          const url = engines[args.engine || 'duckduckgo'];
+          const res = await fetch(url, { headers: { 'User-Agent': 'Mozilla/5.0 opc-mcp/1.0' } });
+          const html = await res.text();
+          const text = html.replace(/<script[\s\S]*?<\/script>/gi, '').replace(/<style[\s\S]*?<\/style>/gi, '').replace(/<[^>]+>/g, ' ').replace(/\s+/g, ' ').trim();
+          return { query: args.query, engine: args.engine || 'duckduckgo', results: text.slice(0, 20000) };
+        },
+      },
+    ],
+  };
+}

package/src/schema/oad.ts

@@ -167,6 +167,18 @@ export const ProtocolsSchema = z.object({
   mcp: MCPServeSchema.optional(),
 });
 
+export const GuardrailRuleSchema = z.object({
+  name: z.string(),
+  type: z.enum(['regex', 'keyword', 'llm', 'custom']),
+  action: z.enum(['block', 'warn', 'redact', 'log']),
+  config: z.record(z.any()).optional(),
+});
+
+export const GuardrailsSchema = z.object({
+  input: z.array(GuardrailRuleSchema).optional(),
+  output: z.array(GuardrailRuleSchema).optional(),
+});
+
 export const SpecSchema = z.object({
   provider: ProviderSchema.optional(),
   model: z.string().default('deepseek-chat'),
@@ -187,6 +199,7 @@ export const SpecSchema = z.object({
   telemetry: TelemetrySchema.optional(),
   protocols: ProtocolsSchema.optional(),
   plugins: z.array(PluginRefSchema).optional(),
+  guardrails: GuardrailsSchema.optional(),
 });
 
 export const OADSchema = z.object({

package/src/security/guardrails.ts

@@ -0,0 +1,248 @@
+/**
+ * Guardrails Module - v2.1.0
+ * Input/output guardrails for LLM safety: PII, toxicity, injection, compliance.
+ */
+
+// ── Types ───────────────────────────────────────────────────
+
+export interface GuardrailConfig {
+  input?: GuardrailRule[];
+  output?: GuardrailRule[];
+}
+
+export interface GuardrailRule {
+  name: string;
+  type: 'regex' | 'keyword' | 'llm' | 'custom';
+  action: 'block' | 'warn' | 'redact' | 'log';
+  config?: Record<string, any>;
+}
+
+export interface GuardrailResult {
+  passed: boolean;
+  blocked: boolean;
+  warned: boolean;
+  redacted: boolean;
+  message?: string;
+  redactedText?: string;
+  violations: GuardrailViolation[];
+}
+
+export interface GuardrailViolation {
+  rule: string;
+  action: string;
+  detail: string;
+}
+
+// ── Built-in Patterns ───────────────────────────────────────
+
+const PII_PATTERNS: Record<string, RegExp> = {
+  email: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g,
+  phone: /(\+?1[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}/g,
+  ssn: /\b\d{3}-\d{2}-\d{4}\b/g,
+  creditCard: /\b(?:\d{4}[-\s]?){3}\d{4}\b/g,
+  ipAddress: /\b(?:\d{1,3}\.){3}\d{1,3}\b/g,
+};
+
+const INJECTION_PATTERNS = [
+  /ignore\s+(all\s+)?previous\s+instructions/i,
+  /ignore\s+(all\s+)?above\s+instructions/i,
+  /system\s*prompt\s*:/i,
+  /you\s+are\s+now\s+(?:a|an|the)\s+/i,
+  /act\s+as\s+(?:a|an)\s+/i,
+  /pretend\s+(?:you(?:'re|\s+are)\s+)?/i,
+  /new\s+instruction[s]?\s*:/i,
+  /override\s+(?:your\s+)?(?:instructions|rules|guidelines)/i,
+  /jailbreak/i,
+  /DAN\s+mode/i,
+];
+
+const TOXICITY_KEYWORDS = [
+  'kill yourself', 'kys', 'go die', 'hate you',
+  'stupid idiot', 'worthless', 'piece of shit',
+];
+
+const COMPLIANCE_PATTERNS = [
+  { pattern: /(?:you\s+should\s+)?(?:buy|sell|invest\s+in)\s+(?:stocks?|crypto|bitcoin)/i, label: 'financial advice' },
+  { pattern: /(?:you\s+(?:have|probably\s+have)|diagnos(?:e|is))\s+(?:\w+\s+){0,3}(?:disease|syndrome|disorder|cancer)/i, label: 'medical diagnosis' },
+  { pattern: /(?:legal(?:ly)?|sue|lawsuit|court)\s+(?:you\s+should|advice)/i, label: 'legal advice' },
+];
+
+// ── Rule Executors ──────────────────────────────────────────
+
+function checkPII(text: string, action: string): { violations: GuardrailViolation[]; redactedText: string } {
+  const violations: GuardrailViolation[] = [];
+  let redacted = text;
+  for (const [type, pattern] of Object.entries(PII_PATTERNS)) {
+    const cloned = new RegExp(pattern.source, pattern.flags);
+    const matches = text.match(cloned);
+    if (matches) {
+      violations.push({ rule: 'pii-detector', action, detail: `Found ${type}: ${matches.length} match(es)` });
+      redacted = redacted.replace(cloned, '[REDACTED]');
+    }
+  }
+  return { violations, redactedText: redacted };
+}
+
+function checkInjection(text: string): GuardrailViolation[] {
+  const violations: GuardrailViolation[] = [];
+  for (const pattern of INJECTION_PATTERNS) {
+    if (pattern.test(text)) {
+      violations.push({ rule: 'prompt-injection', action: 'block', detail: `Matched pattern: ${pattern.source}` });
+      break; // one is enough
+    }
+  }
+  return violations;
+}
+
+function checkToxicity(text: string, extraKeywords?: string[]): GuardrailViolation[] {
+  const lower = text.toLowerCase();
+  const keywords = [...TOXICITY_KEYWORDS, ...(extraKeywords ?? [])];
+  for (const kw of keywords) {
+    if (lower.includes(kw.toLowerCase())) {
+      return [{ rule: 'toxicity', action: 'block', detail: `Matched keyword: "${kw}"` }];
+    }
+  }
+  return [];
+}
+
+function checkTopicRestriction(text: string, config?: Record<string, any>): GuardrailViolation[] {
+  const denyTopics: string[] = config?.denyTopics ?? [];
+  const lower = text.toLowerCase();
+  for (const topic of denyTopics) {
+    if (lower.includes(topic.toLowerCase())) {
+      return [{ rule: 'topic-restrictor', action: 'block', detail: `Blocked topic: "${topic}"` }];
+    }
+  }
+  return [];
+}
+
+function checkLength(text: string, config?: Record<string, any>): GuardrailViolation[] {
+  const maxChars = config?.maxChars ?? 10000;
+  if (text.length > maxChars) {
+    return [{ rule: 'length-limit', action: 'warn', detail: `Response length ${text.length} exceeds max ${maxChars}` }];
+  }
+  return [];
+}
+
+function checkLanguage(text: string, config?: Record<string, any>): GuardrailViolation[] {
+  const allowed: string[] = config?.allowedLanguages ?? [];
+  if (allowed.length === 0) return [];
+  // Simple heuristic: check if text contains CJK characters
+  const hasCJK = /[\u4e00-\u9fff\u3040-\u309f\u30a0-\u30ff]/.test(text);
+  const hasLatin = /[a-zA-Z]{3,}/.test(text);
+  if (allowed.includes('en') && !allowed.includes('zh') && hasCJK && !hasLatin) {
+    return [{ rule: 'language-filter', action: 'block', detail: 'Non-allowed language detected' }];
+  }
+  if (allowed.includes('zh') && !allowed.includes('en') && hasLatin && !hasCJK) {
+    return [{ rule: 'language-filter', action: 'block', detail: 'Non-allowed language detected' }];
+  }
+  return [];
+}
+
+function checkCompliance(text: string): GuardrailViolation[] {
+  for (const { pattern, label } of COMPLIANCE_PATTERNS) {
+    if (pattern.test(text)) {
+      return [{ rule: 'compliance-filter', action: 'block', detail: `Potential ${label} detected` }];
+    }
+  }
+  return [];
+}
+
+// ── Guardrail Manager ───────────────────────────────────────
+
+export class GuardrailManager {
+  private config: GuardrailConfig;
+
+  constructor(config: GuardrailConfig) {
+    this.config = config;
+  }
+
+  async checkInput(message: string): Promise<GuardrailResult> {
+    return this.runRules(message, this.config.input ?? []);
+  }
+
+  async checkOutput(response: string): Promise<GuardrailResult> {
+    return this.runRules(response, this.config.output ?? []);
+  }
+
+  private async runRules(text: string, rules: GuardrailRule[]): Promise<GuardrailResult> {
+    const allViolations: GuardrailViolation[] = [];
+    let blocked = false;
+    let warned = false;
+    let redacted = false;
+    let redactedText = text;
+    let blockMessage = '';
+
+    for (const rule of rules) {
+      let violations: GuardrailViolation[] = [];
+
+      switch (rule.name) {
+        case 'pii-detector': {
+          const result = checkPII(text, rule.action);
+          violations = result.violations;
+          if (violations.length > 0 && rule.action === 'redact') {
+            redacted = true;
+            redactedText = result.redactedText;
+          }
+          break;
+        }
+        case 'prompt-injection':
+          violations = checkInjection(text);
+          break;
+        case 'toxicity':
+          violations = checkToxicity(text, rule.config?.keywords);
+          break;
+        case 'topic-restrictor':
+          violations = checkTopicRestriction(text, rule.config);
+          break;
+        case 'length-limit':
+          violations = checkLength(text, rule.config);
+          break;
+        case 'language-filter':
+          violations = checkLanguage(text, rule.config);
+          break;
+        case 'compliance-filter':
+          violations = checkCompliance(text);
+          break;
+        default:
+          // Unknown rule — skip
+          break;
+      }
+
+      if (violations.length > 0) {
+        // Override action from rule config
+        violations = violations.map(v => ({ ...v, action: rule.action }));
+        allViolations.push(...violations);
+
+        if (rule.action === 'block') {
+          blocked = true;
+          blockMessage = `Message blocked by ${rule.name}: ${violations[0].detail}`;
+        } else if (rule.action === 'warn') {
+          warned = true;
+        }
+      }
+    }
+
+    return {
+      passed: allViolations.length === 0,
+      blocked,
+      warned,
+      redacted,
+      message: blocked ? blockMessage : undefined,
+      redactedText: redacted ? redactedText : undefined,
+      violations: allViolations,
+    };
+  }
+}
+
+// ── Factory from OAD config ─────────────────────────────────
+
+export function createGuardrailsFromConfig(config: {
+  input?: Array<{ name: string; type: string; action: string; config?: any }>;
+  output?: Array<{ name: string; type: string; action: string; config?: any }>;
+}): GuardrailManager {
+  return new GuardrailManager({
+    input: config.input as GuardrailRule[],
+    output: config.output as GuardrailRule[],
+  });
+}

package/src/studio/server.ts

@@ -1,9 +1,35 @@
 import { createServer, IncomingMessage, ServerResponse, request as httpRequest } from 'http';
-import { readFileSync, existsSync } from 'fs';
+import { readFileSync, existsSync, writeFileSync, mkdirSync } from 'fs';
 import { join, extname } from 'path';
 import * as net from 'net';
 import { Tracer } from '../telemetry';
 
+export interface WorkflowNode {
+  id: string;
+  type: 'agent' | 'tool' | 'condition' | 'loop' | 'parallel' | 'input' | 'output';
+  name: string;
+  x: number;
+  y: number;
+  config: Record<string, any>;
+}
+
+export interface WorkflowEdge {
+  id: string;
+  from: string;
+  to: string;
+  fromPort: string;
+  toPort: string;
+}
+
+export interface WorkflowDefinition {
+  id: string;
+  name: string;
+  nodes: WorkflowNode[];
+  edges: WorkflowEdge[];
+  created: string;
+  updated: string;
+}
+
 interface StudioConfig {
   port: number;
   agentDir: string;
@@ -100,6 +126,29 @@ class StudioServer {
     try {
       let data: any;
 
+      // Dynamic workflow routes (parameterized)
+      if (route.match(/^workflows\/[^/]+\/run$/) && req.method === 'POST') {
+        const wfId = route.split('/')[1];
+        data = await this.runWorkflow(wfId);
+        res.writeHead(200, { 'Content-Type': 'application/json', 'Access-Control-Allow-Origin': '*' });
+        res.end(JSON.stringify(data));
+        return;
+      }
+      if (route.match(/^workflows\/[^/]+$/) && req.method === 'GET') {
+        const wfId = route.split('/')[1];
+        data = this.getWorkflowById(wfId);
+        res.writeHead(data.error ? 404 : 200, { 'Content-Type': 'application/json', 'Access-Control-Allow-Origin': '*' });
+        res.end(JSON.stringify(data));
+        return;
+      }
+      if (route.match(/^workflows\/[^/]+$/) && req.method === 'DELETE') {
+        const wfId = route.split('/')[1];
+        data = this.deleteWorkflow(wfId);
+        res.writeHead(200, { 'Content-Type': 'application/json', 'Access-Control-Allow-Origin': '*' });
+        res.end(JSON.stringify(data));
+        return;
+      }
+
       switch (route) {
         case 'modules':
           data = await this.getModulesStatus();
@@ -130,7 +179,12 @@ class StudioServer {
           data = await this.getTools();
           break;
         case 'workflows/list':
-          data = await this.getWorkflows();
+          data = this.listWorkflows();
+          break;
+        case 'workflows':
+          if (req.method === 'POST') data = await this.saveWorkflow(req);
+          else if (req.method === 'GET') data = this.listWorkflows();
+          else { res.writeHead(405); res.end(); return; }
           break;
         case 'jobs/list':
           data = await this.getJobs();
@@ -188,6 +242,14 @@ class StudioServer {
         case 'telemetry/metrics':
           data = this.tracer ? this.tracer.getMetrics() : [];
           break;
+        case 'playground/chat':
+          if (req.method === 'POST') {
+            return this.handlePlaygroundChat(req, res);
+          }
+          res.writeHead(405); res.end(); return;
+        case 'playground/models':
+          data = { models: ['gpt-4o', 'gpt-4o-mini', 'claude-sonnet-4', 'claude-haiku', 'gemini-2.0-flash', 'deepseek-v3'] };
+          break;
         default:
           res.writeHead(404, { 'Content-Type': 'application/json' });
           res.end(JSON.stringify({ error: 'Not found' }));
@@ -333,9 +395,84 @@ class StudioServer {
     }
   }
 
-  private async getWorkflows() {
+  private getWorkflowsDir(): string {
+    const dir = join(this.config.agentDir, '.opc', 'workflows');
+    if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
+    return dir;
+  }
+
+  private listWorkflows(): { workflows: WorkflowDefinition[] } {
+    const dir = this.getWorkflowsDir();
+    const files = require('fs').readdirSync(dir).filter((f: string) => f.endsWith('.json'));
+    const workflows = files.map((f: string) => {
+      try { return JSON.parse(readFileSync(join(dir, f), 'utf-8')); } catch { return null; }
+    }).filter(Boolean);
+    // Also include OAD-defined workflows
     const oad = this.loadOAD();
-    return { workflows: oad?.spec?.workflows || [] };
+    const oadWorkflows = (oad?.spec?.workflows || []).map((w: any, i: number) => ({
+      id: `oad-${i}`,
+      name: w.name || `Workflow ${i + 1}`,
+      nodes: [],
+      edges: [],
+      steps: w.steps,
+      source: 'oad',
+    }));
+    return { workflows: [...workflows, ...oadWorkflows] };
+  }
+
+  private getWorkflowById(id: string): WorkflowDefinition | { error: string } {
+    const filePath = join(this.getWorkflowsDir(), `${id}.json`);
+    if (!existsSync(filePath)) return { error: 'Workflow not found' };
+    return JSON.parse(readFileSync(filePath, 'utf-8'));
+  }
+
+  private async saveWorkflow(req: IncomingMessage): Promise<{ success: boolean; id: string }> {
+    const body = await this.readBody(req);
+    const workflow = JSON.parse(body) as WorkflowDefinition;
+    if (!workflow.id) workflow.id = `wf-${Date.now()}`;
+    workflow.updated = new Date().toISOString();
+    if (!workflow.created) workflow.created = workflow.updated;
+    const filePath = join(this.getWorkflowsDir(), `${workflow.id}.json`);
+    writeFileSync(filePath, JSON.stringify(workflow, null, 2));
+    return { success: true, id: workflow.id };
+  }
+
+  private deleteWorkflow(id: string): { success: boolean } {
+    const filePath = join(this.getWorkflowsDir(), `${id}.json`);
+    if (existsSync(filePath)) require('fs').unlinkSync(filePath);
+    return { success: true };
+  }
+
+  private async runWorkflow(id: string): Promise<any> {
+    const wf = this.getWorkflowById(id);
+    if ('error' in wf) return wf;
+    // Basic topological execution simulation
+    const results: Record<string, any> = {};
+    const sorted = this.topoSort(wf.nodes, wf.edges);
+    for (const node of sorted) {
+      results[node.id] = { type: node.type, name: node.name, status: 'completed', output: `[simulated output for ${node.name}]` };
+    }
+    return { workflowId: id, status: 'completed', results };
+  }
+
+  private topoSort(nodes: WorkflowNode[], edges: WorkflowEdge[]): WorkflowNode[] {
+    const nodeMap = new Map(nodes.map(n => [n.id, n]));
+    const inDegree = new Map<string, number>();
+    const adj = new Map<string, string[]>();
+    for (const n of nodes) { inDegree.set(n.id, 0); adj.set(n.id, []); }
+    for (const e of edges) { adj.get(e.from)?.push(e.to); inDegree.set(e.to, (inDegree.get(e.to) || 0) + 1); }
+    const queue = nodes.filter(n => (inDegree.get(n.id) || 0) === 0);
+    const result: WorkflowNode[] = [];
+    while (queue.length > 0) {
+      const node = queue.shift()!;
+      result.push(node);
+      for (const next of (adj.get(node.id) || [])) {
+        const d = (inDegree.get(next) || 1) - 1;
+        inDegree.set(next, d);
+        if (d === 0) queue.push(nodeMap.get(next)!);
+      }
+    }
+    return result;
   }
 
   private async getJobs() {
@@ -616,6 +753,31 @@ class StudioServer {
     res.end(content);
   }
 
+  private async handlePlaygroundChat(req: IncomingMessage, res: ServerResponse): Promise<void> {
+    const body = JSON.parse(await this.readBody(req));
+    const { messages = [], model = 'gpt-4o', temperature = 0.7, systemPrompt } = body;
+
+    res.writeHead(200, {
+      'Content-Type': 'text/event-stream',
+      'Cache-Control': 'no-cache',
+      'Connection': 'keep-alive',
+      'Access-Control-Allow-Origin': '*',
+    });
+
+    // Simulated streaming response for playground demo
+    const allMsgs = systemPrompt ? [{ role: 'system', content: systemPrompt }, ...messages] : messages;
+    const lastMsg = allMsgs[allMsgs.length - 1]?.content || '';
+    const response = `This is a playground demo response to: "${lastMsg}"\n\nModel: ${model}, Temperature: ${temperature}\nMessages in context: ${allMsgs.length}`;
+
+    const words = response.split(' ');
+    for (let i = 0; i < words.length; i++) {
+      const chunk = (i === 0 ? '' : ' ') + words[i];
+      res.write(`data: ${JSON.stringify({ content: chunk })}\n\n`);
+    }
+    res.write('data: [DONE]\n\n');
+    res.end();
+  }
+
   private readBody(req: IncomingMessage): Promise<string> {
     return new Promise((resolve, reject) => {
       let body = '';