opencode-swarm 7.71.3 → 7.72.0

package/dist/tools/index.d.ts

@@ -93,6 +93,7 @@ export { test_impact } from './test-impact';
 export { test_runner } from './test-runner';
 export { todo_extract } from './todo-extract';
 export { executeUpdateTaskStatus, type UpdateTaskStatusArgs, type UpdateTaskStatusResult, update_task_status, } from './update-task-status';
+export { web_fetch } from './web-fetch';
 export { web_search } from './web-search';
 export { write_drift_evidence } from './write-drift-evidence';
 export { write_final_council_evidence } from './write-final-council-evidence';

package/dist/tools/manifest.d.ts

@@ -83,6 +83,7 @@ export declare const TOOL_MANIFEST: {
     get_qa_gate_profile: () => ToolDefinition;
     set_qa_gates: () => ToolDefinition;
     web_search: () => ToolDefinition;
+    web_fetch: () => ToolDefinition;
     convene_general_council: () => ToolDefinition;
     write_final_council_evidence: () => ToolDefinition;
     skill_generate: () => ToolDefinition;

package/dist/tools/tool-metadata.d.ts

@@ -263,6 +263,10 @@ export declare const TOOL_METADATA: {
         description: string;
         agents: ("sme" | "architect" | "skill_improver")[];
     };
+    web_fetch: {
+        description: string;
+        agents: "architect"[];
+    };
     convene_general_council: {
         description: string;
         agents: "architect"[];

package/dist/tools/web-fetch.d.ts

@@ -0,0 +1,86 @@
+/**
+ * web_fetch tool — owned by the architect for MODE: DEEP_RESEARCH source
+ * reading (and available for any architect-driven research that needs full
+ * document text rather than search snippets).
+ *
+ * web_search returns titled snippets; web_fetch retrieves the readable text of
+ * a single URL so the architect can ground claims in primary sources. Results
+ * are stored as `crawl` evidence documents (same cache as web_search) and the
+ * returned `evidenceRef` can be cited in a research report.
+ *
+ * Config-gated on `council.general.enabled` — the same feature flag that opts a
+ * project into external network research. Unlike web_search it does NOT require
+ * a search API key, because it fetches arbitrary user/agent-supplied URLs
+ * directly rather than calling a search provider.
+ *
+ * Security (this is the first arbitrary-URL fetcher in the repo, so it carries
+ * its own SSRF + resource defenses — there is no provider host allowlist to
+ * lean on):
+ *   - http/https schemes only; file:, ftp:, data:, etc. are rejected.
+ *   - The host is DNS-resolved and every resolved address is checked against
+ *     loopback / private / link-local / unique-local / CGNAT / metadata ranges;
+ *     literal-IP hosts are checked directly. This blocks cloud metadata
+ *     (169.254.169.254) and internal services.
+ *   - The socket is then PINNED to the exact validated IP (host = resolved
+ *     address) while the original hostname is kept for the Host header and TLS
+ *     SNI/certificate identity. There is no second name resolution at connect
+ *     time, so DNS rebinding cannot swap in a private/metadata address after the
+ *     check (TOCTOU), and HTTPS verification still validates the hostname.
+ *   - Redirects are followed manually (the underlying request never auto-follows)
+ *     and every hop is re-validated AND re-pinned, so a public URL cannot 302
+ *     into the metadata endpoint or an internal host.
+ *   - The body is streamed and aborted once it exceeds `max_bytes` of DECODED
+ *     output (so a gzip bomb is bounded by decompressed size, not the
+ *     advisory Content-Length header).
+ *   - An AbortController enforces `timeout_ms`; the signal is always cleared in
+ *     a finally block.
+ *
+ * Never throws — returns a structured `success: true | false` JSON string.
+ */
+import { lookup } from 'node:dns/promises';
+import type { tool } from '@opencode-ai/plugin';
+import { loadPluginConfig } from '../config/loader';
+import { writeEvidenceDocuments } from '../evidence/documents';
+interface HttpRequestArgs {
+    /** The URL to request. Used for path, Host header, and TLS SNI/identity. */
+    url: URL;
+    /**
+     * The pre-validated address to open the socket to. The connection is pinned
+     * to this exact IP so there is no second, unvalidated name resolution between
+     * the SSRF check and the connection (defeats DNS rebinding).
+     */
+    pinnedAddress: string;
+    signal: AbortSignal;
+    headers: Record<string, string>;
+}
+interface RawHttpResponse {
+    status: number;
+    headers: Record<string, string | undefined>;
+    /** Decoded (decompressed) body, streamed lazily so the byte cap bounds it. */
+    body: AsyncIterable<Uint8Array> | null;
+    /** Destroy the underlying socket/stream to close the connection early. */
+    cancel?: () => void;
+}
+/**
+ * Decide whether a single resolved IP address must be blocked because it points
+ * at a loopback, private, link-local, unique-local, CGNAT, or reserved target.
+ * Handles IPv4, IPv6, and IPv4-mapped IPv6 (::ffff:a.b.c.d).
+ */
+export declare function isBlockedAddress(address: string): boolean;
+/**
+ * Extract the document <title>, if present. Uses a forward indexOf scan so
+ * there is no regex backtracking on large inputs — a lazy
+ * `/<title[^>]*>([\s\S]*?)<\/title>/i` is O(n²) on unclosed title tags
+ * (same ReDoS class as the `stripSpans` fix).
+ */
+export declare function extractTitle(html: string): string | undefined;
+/** Strip HTML to readable plain text. Dependency-free; not a full reader. */
+export declare function htmlToText(html: string): string;
+export declare const web_fetch: ReturnType<typeof tool>;
+export declare const _internals: {
+    httpRequest: (args: HttpRequestArgs) => Promise<RawHttpResponse>;
+    dnsLookup: typeof lookup;
+    loadPluginConfig: typeof loadPluginConfig;
+    writeEvidenceDocuments: typeof writeEvidenceDocuments;
+};
+export {};

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencode-swarm",
-	"version": "7.71.3",
+	"version": "7.72.0",
 	"description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",
@@ -43,6 +43,7 @@
 		".opencode/skills/pre-phase-briefing",
 		".opencode/skills/council",
 		".opencode/skills/deep-dive",
+		".opencode/skills/deep-research",
 		".opencode/skills/codebase-review-swarm",
 		".opencode/skills/design-docs",
 		".opencode/skills/swarm-pr-review",