osai-agent 4.0.0

package/src/agent/loop/tool-executor.js

@@ -0,0 +1,470 @@
+import {
+  executeLocal, writeFile, editFile, listDir,
+  searchInFiles, appendFile, deleteFile, createDir, treeView, runScript,
+  moveFile, copyFile, getFileInfo, fetchUrl, webSearch,
+  todoAdd, todoComplete, todoUpdate, todoList, todoClear, todoStore,
+  globFiles, grepFiles, gitOp, readFileRange, diagPostEdit,
+  getDependencies, askUserQuestion, reloadTodos,
+} from '../../tools/local.js';
+import { executeSSH, closeAllConnections } from '../../tools/ssh.js';
+import { browse, searchAndBrowse, extractStructuredData } from '../../tools/browser.js';
+import { checkSafety } from '../../safety/check.js';
+import { memory } from '../../memory/store.js';
+import { mcpClientManager } from '../../tools/mcp-client.js';
+import { TOOLS, SAFETY_TIERS, MODES, EXECUTION_MODES, READ_ONLY_TOOLS, READ_FRESHNESS_INTERACTIONS, SUBAGENT_ALLOWED_TOOLS } from '../../utils/constants.js';
+import { discoverSkills, loadSkill, createSkill, formatSkillsList } from '../../skills/loader.js';
+import { runSubagent } from '../subagent.js';
+import { logger } from '../../utils/logger.js';
+import path from 'path';
+
+// Helper: yield rapide pour ne pas bloquer l'event loop
+// Utilise setImmediate car ces yields sont fréquents (avant/après chaque tool)
+const yieldToEventLoop = () => new Promise(r => setImmediate(r));
+
+export default {
+  async _executeTool(toolCall) {
+    const tool = toolCall.tool || TOOLS.LOCAL_CMD;
+    let result;
+    this._toolInteractionCounter += 1;
+
+    if (this.isSubagent) {
+      if (tool === TOOLS.TASK) {
+        return { success: false, output: '', error: 'Subagents cannot spawn other subagents.' };
+      }
+      if (!SUBAGENT_ALLOWED_TOOLS.has(tool)) {
+        return { success: false, output: '', error: `Subagent is read-only. Tool "${tool}" is not allowed.` };
+      }
+      if (tool === TOOLS.LOCAL_CMD) {
+        const safety = checkSafety(toolCall, this.mode);
+        if (safety.tier !== SAFETY_TIERS.READ) {
+          return { success: false, output: '', error: `Subagent can only run read-only LOCAL_CMD. Blocked: ${toolCall.cmd || ''}` };
+        }
+      }
+      if (tool === TOOLS.GIT) {
+        const op = String(toolCall.op || '').toLowerCase();
+        const writeOps = ['commit', 'add', 'push', 'pull', 'checkout', 'merge', 'rebase', 'reset', 'clean', 'stash'];
+        if (writeOps.some((w) => op.startsWith(w))) {
+          return { success: false, output: '', error: `Subagent can only run read-only GIT ops (status, diff, log, branch). Blocked: ${op}` };
+        }
+      }
+
+      const criticalReadBlock = this._subagentCriticalReadBlock(toolCall);
+      if (criticalReadBlock) {
+        try { await memory.recordFailure({ tool, target: toolCall.path || toolCall.cmd || '', reason: criticalReadBlock }); } catch {}
+        return { success: false, output: '', error: criticalReadBlock };
+      }
+    }
+
+    // Wrappers qui yielden avant/après pour que Ink puisse re-render
+    const emitToolStart = async (tc, safety) => {
+      await yieldToEventLoop();
+      this.onToolStart(tc, safety);
+      await yieldToEventLoop();
+    };
+    const emitToolResult = async (tc, res) => {
+      await yieldToEventLoop();
+      if (typeof this.onToolResult === 'function') await this.onToolResult(tc, res);
+      await yieldToEventLoop();
+    };
+
+    if (tool === TOOLS.LOCAL_CMD) {
+      const cdTargets = this._extractCommandDirectoryTargets(toolCall.cmd);
+      if (cdTargets.length > 0) {
+        const dirTarget = cdTargets[0];
+
+        if (this.mode === MODES.CODING && !this.noConfirm) {
+          const confirmed = await this._confirmExecution(
+            { tool: TOOLS.LOCAL_CMD, cmd: toolCall.cmd, description: `Change working directory to "${dirTarget}" ?` },
+            { tier: SAFETY_TIERS.WRITE, requiresConfirmation: true, isDangerous: false },
+          );
+          if (!confirmed) {
+            return { success: false, output: '', error: `Cancelled by user: directory change to "${dirTarget}" was not approved` };
+          }
+        }
+
+        this.onMarkdown(`\n_cd ${dirTarget}_\n`);
+      }
+    }
+
+    if (this._isFirstReadWithRange(toolCall)) {
+      const safety = { tier: SAFETY_TIERS.READ, requiresConfirmation: false, isDangerous: false };
+      await emitToolStart(toolCall, safety);
+      result = {
+        success: false,
+        output: '',
+        error: 'SYSTEM RULE: First READ_FILE for a file in this session must be full-file (no startLine/endLine). Call READ_FILE with only "path" first, then you may use line ranges.',
+      };
+      await emitToolResult(toolCall, result);
+      return result;
+    }
+
+    const directoryApproval = this._getDirectoryApprovalRequirement(toolCall);
+    if (directoryApproval.required) {
+      const approvalCall = {
+        ...toolCall,
+        description: `${toolCall.description || 'Directory change/request'} ${directoryApproval.reason} Requires user approval before continuing.`,
+      };
+      const approvalSafety = { tier: SAFETY_TIERS.WRITE, requiresConfirmation: true, isDangerous: false };
+      const approved = await this._confirmExecution(approvalCall, approvalSafety);
+      if (!approved) {
+        result = { success: false, output: '', error: `Cancelled by user (directory access not approved): ${directoryApproval.targetPath}` };
+        await emitToolResult(toolCall, result);
+        return result;
+      }
+      this._approvedExternalDirs.add(directoryApproval.targetPath);
+    }
+
+    if (this._requiresReadBeforeModify(toolCall) && this._isExistingFileTarget(toolCall)) {
+      const freshness = this._getReadFreshnessForTarget(toolCall);
+      if (!freshness.ok) {
+        const safety = { tier: SAFETY_TIERS.WRITE, requiresConfirmation: false, isDangerous: false };
+        await emitToolStart(toolCall, safety);
+        const staleDetails = freshness.reason === 'stale_read'
+          ? ' File was modified externally since last read.'
+          : '';
+        result = {
+          success: false,
+          output: '',
+          error: `SYSTEM RULE: You must read the target file with READ_FILE before ${tool}. Target: ${toolCall.path || '(unknown)'}.${staleDetails}\nNext step: call READ_FILE on this exact path (same target), then retry.`,
+        };
+        await emitToolResult(toolCall, result);
+        this._blockedWritesWithoutRead += 1;
+        await this._persistVerificationState();
+        try {
+          await memory.recordFailure({
+            tool,
+            target: toolCall.path || '',
+            reason: freshness.reason === 'stale_read'
+              ? `Verification failed: stale READ_FILE context (${freshness.age} interactions old)`
+              : 'Verification failed: missing READ_FILE before file modification',
+          });
+        } catch {}
+        return result;
+      }
+    }
+
+    if (this._requiresReadBeforeModify(toolCall) && toolCall.path) {
+      const deps = this._getFileDependencies(toolCall.path);
+      const missingDeps = [];
+      for (const depPath of deps) {
+        const depToolCall = { tool: TOOLS.READ_FILE, path: depPath };
+        if (this._isExistingFileTarget(depToolCall)) {
+          const freshness = this._getReadFreshnessForTarget(depToolCall);
+          if (!freshness.ok) {
+            missingDeps.push(depPath);
+          }
+        }
+      }
+      if (missingDeps.length > 0) {
+        this.onMarkdown(`\n_Reading ${missingDeps.length} file(s) referenced by "${path.basename(toolCall.path)}"..._\n`);
+        const depResults = await Promise.all(missingDeps.map(async (depPath) => {
+          const depCall = { tool: TOOLS.READ_FILE, path: depPath };
+          const depSafety = { tier: SAFETY_TIERS.READ, requiresConfirmation: false, isDangerous: false };
+          await emitToolStart(depCall, depSafety);
+          const depResult = await this._dispatchTool(depCall);
+          await emitToolResult(depCall, depResult);
+          await this._trackReadFile(depCall, depResult);
+          return depResult;
+        }));
+        const allOk = depResults.every(r => r.success);
+        if (!allOk) {
+          const failed = depResults.filter(r => !r.success).map((r, i) => missingDeps[i]).join(', ');
+          this.onMarkdown(`\n_Warning: could not read dependencies: ${failed}_\n`);
+        }
+      }
+    }
+
+    if (tool === TOOLS.READ_FILE && this._isCriticalEnvFile(toolCall.path)) {
+      if (this.isSubagent) {
+        result = {
+          success: false,
+          output: '',
+          error: 'Subagent blocked: critical environment/secret files require direct parent-agent user confirmation.',
+        };
+        await emitToolResult(toolCall, result);
+        try { await memory.recordFailure({ tool, target: toolCall.path, reason: 'Subagent blocked from reading critical env file' }); } catch {}
+        return result;
+      }
+
+      const criticalSafety = {
+        tier: SAFETY_TIERS.WRITE,
+        requiresConfirmation: true,
+        isDangerous: false,
+      };
+      toolCall = { ...toolCall, description: 'This file may contain sensitive environment variables, API keys, or credentials. Confirm reading?' };
+      const confirmed = await this._confirmExecution(toolCall, criticalSafety);
+      if (!confirmed) {
+        result = {
+          success: false,
+          output: '',
+          error: 'Cancelled by user — reading critical environment/secret file was not approved',
+        };
+        await emitToolResult(toolCall, result);
+        try { await memory.recordFailure({ tool, target: toolCall.path, reason: 'Cancelled by user (critical env file)' }); } catch {}
+        return result;
+      }
+    }
+
+    if (READ_ONLY_TOOLS.has(tool)) {
+      await emitToolStart(toolCall, { tier: SAFETY_TIERS.READ, requiresConfirmation: false, isDangerous: false });
+      result = await this._dispatchTool(toolCall);
+      await emitToolResult(toolCall, result);
+      this.commandsExecuted++;
+      try { await memory.recordAction({ tool, target: toolCall.path || toolCall.url || toolCall.query, status: result.success ? 'success' : 'error' }); } catch {}
+      return result;
+    }
+
+    if (tool.startsWith('TODO_') && tool !== 'TODO_CLEAR') {
+      await emitToolStart(toolCall, { tier: SAFETY_TIERS.READ, requiresConfirmation: false, isDangerous: false });
+      result = await this._dispatchTool(toolCall);
+      await emitToolResult(toolCall, result);
+      return result;
+    }
+
+    // PLAN mode: block any write or dangerous operation
+    if (this.executionMode === EXECUTION_MODES.PLAN) {
+      const planSafety = checkSafety(toolCall, this.mode);
+      if (planSafety.tier !== SAFETY_TIERS.READ && planSafety.tier !== SAFETY_TIERS.ASK) {
+        result = {
+          success: true,
+          output: 'Blocked by PLAN mode. Ask the user to press Tab to switch to EXEC, then retry.',
+          error: null,
+        };
+        await emitToolResult(toolCall, result);
+        return result;
+      }
+    }
+
+    const safety = checkSafety(toolCall, this.mode);
+
+    if ((safety.tier === SAFETY_TIERS.READ && this.noConfirm) || !safety.requiresConfirmation) {
+      await emitToolStart(toolCall, safety);
+      result = await this._dispatchTool(toolCall);
+      await emitToolResult(toolCall, result);
+      await this._trackWriteFile(toolCall, result);
+      this.commandsExecuted++;
+      try { await memory.recordAction({ tool, target: toolCall.cmd || toolCall.path, status: result.success ? 'success' : 'error' }); } catch {}
+      if (tool === TOOLS.LOCAL_CMD && result?.success) {
+        const cdTargets = this._extractCommandDirectoryTargets(toolCall.cmd);
+        if (cdTargets.length > 0) {
+          reloadTodos();
+          logger.debug('Todos reloaded for new cwd', { cwd: process.cwd() });
+        }
+      }
+      return result;
+    }
+
+    if (safety.requiresConfirmation) {
+      const confirmed = await this._confirmExecution(toolCall, safety);
+      if (!confirmed) {
+        result = { success: false, output: '', error: 'Cancelled by user' };
+        await emitToolResult(toolCall, result);
+        try { await memory.recordFailure({ tool, target: toolCall.cmd || toolCall.path, reason: 'Cancelled by user' }); } catch {}
+        return result;
+      }
+      await emitToolStart(toolCall, safety);
+    }
+
+    result = await this._dispatchTool(toolCall);
+    await emitToolResult(toolCall, result);
+    await this._trackReadFile(toolCall, result);
+    await this._trackWriteFile(toolCall, result);
+    this.commandsExecuted++;
+
+    if (tool === TOOLS.LOCAL_CMD && result?.success) {
+      const cdTargets = this._extractCommandDirectoryTargets(toolCall.cmd);
+      if (cdTargets.length > 0) {
+        reloadTodos();
+        logger.debug('Todos reloaded for new cwd', { cwd: process.cwd() });
+      }
+    }
+
+    try {
+      await memory.recordAction({
+        tool, target: toolCall.cmd || toolCall.path || toolCall.url || toolCall.query,
+        status: result.success ? 'success' : 'error', error: result.success ? null : result.error,
+      });
+    } catch {}
+
+    return result;
+  },
+
+  async _dispatchTool(toolCall) {
+    const tool = toolCall.tool || TOOLS.LOCAL_CMD;
+    try {
+      switch (tool) {
+        case TOOLS.WRITE_FILE:
+          return await writeFile(toolCall.path, toolCall.content || '');
+        case TOOLS.EDIT_FILE:
+          return await editFile(toolCall.path, toolCall.find || '', toolCall.replace || '');
+        case TOOLS.LIST_DIR:
+          return await listDir(toolCall.path);
+        case TOOLS.SSH_CMD:
+          if (this.device) return await executeSSH(this.device, toolCall.cmd);
+          return { success: false, output: '', error: 'No device connected for SSH' };
+
+        case TOOLS.SEARCH_FILE:
+          return await searchInFiles(toolCall.path || '.', toolCall.pattern || '', toolCall.filePattern);
+        case TOOLS.APPEND_FILE:
+          return await appendFile(toolCall.path, toolCall.content || '');
+        case TOOLS.DELETE_FILE:
+          return await deleteFile(toolCall.path);
+        case TOOLS.CREATE_DIR:
+          return await createDir(toolCall.path);
+        case TOOLS.TREE_VIEW:
+          return await treeView(toolCall.path, toolCall.maxDepth, toolCall.includeHidden);
+        case TOOLS.RUN_SCRIPT:
+          return await runScript(toolCall.path, toolCall.args || '', toolCall.interpreter);
+        case TOOLS.MOVE_FILE:
+          return await moveFile(toolCall.source, toolCall.destination);
+        case TOOLS.COPY_FILE:
+          return await copyFile(toolCall.source, toolCall.destination);
+        case TOOLS.FILE_INFO:
+          return await getFileInfo(toolCall.path);
+
+        case TOOLS.FETCH_URL:
+          return await fetchUrl(toolCall.url, toolCall.description);
+        case TOOLS.WEB_SEARCH:
+          return await webSearch(toolCall.query, this.server, this.token);
+        case TOOLS.BROWSE:
+          return await browse(toolCall.url);
+        case TOOLS.BROWSE_SEARCH:
+          return await searchAndBrowse(toolCall.query);
+        case TOOLS.BROWSE_EXTRACT:
+          return await extractStructuredData(toolCall.selectors, toolCall.url);
+
+        case TOOLS.GLOB:
+          return await globFiles(toolCall.pattern, toolCall.cwd || process.cwd(), toolCall.ignore || []);
+        case TOOLS.GREP:
+          return await grepFiles(toolCall.pattern, toolCall.path || '.', toolCall.filePattern, toolCall.caseSensitive ?? false);
+        case TOOLS.GIT:
+          return await gitOp(toolCall.op, toolCall.args || '', toolCall.path || process.cwd());
+        case TOOLS.READ_FILE:
+          if (toolCall.startLine || toolCall.endLine) {
+            return await readFileRange(toolCall.path, toolCall.startLine, toolCall.endLine);
+          }
+          return await readFileRange(toolCall.path);
+        case TOOLS.GET_DEPENDENCIES:
+          return await getDependencies(toolCall.path);
+        case TOOLS.DIAG_POST_EDIT:
+          return await diagPostEdit(toolCall.path, toolCall.lang || 'auto');
+        case TOOLS.ASK_USER: {
+          const result = askUserQuestion(toolCall.question, toolCall.options || []);
+          if (result.isQuestion) {
+            const answer = await this._askUserInline(toolCall.question, toolCall.options || []);
+            return { success: true, output: `User answered: "${answer}"`, answer };
+          }
+          return result;
+        }
+        case TOOLS.PLAN_MODE: {
+          const plan = toolCall.plan || toolCall.steps || '';
+          const approved = await this._showPlanAndConfirm(plan);
+          return approved
+            ? { success: true, output: 'Plan approved. Proceeding with execution.' }
+            : { success: false, output: '', error: 'Plan rejected by user. Stopping.' };
+        }
+
+        case TOOLS.TODO_ADD:
+          return todoAdd(toolCall.text, toolCall.priority, this.mode);
+        case TOOLS.TODO_COMPLETE:
+          return todoComplete(toolCall.id);
+        case TOOLS.TODO_UPDATE:
+          return todoUpdate(toolCall.id, { text: toolCall.text, priority: toolCall.priority, status: toolCall.status });
+        case TOOLS.TODO_LIST: {
+          const items = todoStore.list(toolCall.mode || this.mode);
+          const scopeLine = `Project: ${process.cwd()}`;
+          const header = `Todos for ${scopeLine}`;
+          return {
+            success: true,
+            output: `${header}\n${'─'.repeat(header.length)}\n${items.length === 0 ? 'No todos.' : items.map(t => `[${t.status === 'done' ? 'x' : ' '}] #${t.id} [${t.priority}] ${t.text}`).join('\n')}`,
+            todos: items,
+            stats: todoStore.getStats(toolCall.mode || this.mode),
+          };
+        }
+        case TOOLS.TODO_CLEAR:
+          return todoClear();
+
+        case TOOLS.MCP_TOOL:
+          return await mcpClientManager.executeTool(toolCall.server, toolCall.mcpTool, toolCall.params || {});
+
+        case TOOLS.SKILL_LIST: {
+          const skills = await discoverSkills();
+          return { success: true, output: formatSkillsList(skills), skills };
+        }
+        case TOOLS.LOAD_SKILL:
+          return await loadSkill(toolCall.name || toolCall.skill || '');
+
+        case TOOLS.CREATE_SKILL:
+          return await createSkill({
+            name: toolCall.name || toolCall.skill || '',
+            description: toolCall.description || '',
+            content: toolCall.content || '',
+            scope: toolCall.scope || 'project',
+          });
+
+        case TOOLS.TASK:
+          return await runSubagent(this, {
+            prompt: toolCall.prompt || '',
+            description: toolCall.description || '',
+          });
+
+        case TOOLS.LOCAL_CMD:
+        default:
+          return await executeLocal(toolCall.cmd || '');
+      }
+    } catch (error) {
+      logger.error('Tool dispatch error', { tool, error: error.message });
+      return { success: false, output: '', error: error.message };
+    }
+  },
+
+  _readStdinLine(prompt, color) {
+    return new Promise((resolve) => {
+      const output = this.readline ? this.readline.output : process.stdout;
+      const cleanPrompt = typeof prompt === 'string' ? prompt.replace(/\x1b\[[0-9;]*m/g, '') : prompt;
+      this.readline.question(cleanPrompt, (answer) => {
+        resolve(answer.trim());
+      });
+    });
+  },
+
+  async _confirmExecution(toolCall, safety) {
+    const tier = safety.tier || (safety.isDangerous ? SAFETY_TIERS.DANGEROUS : SAFETY_TIERS.WRITE);
+
+    if (this.isSubagent) {
+      return tier !== SAFETY_TIERS.DANGEROUS;
+    }
+
+    const tool = toolCall.tool || TOOLS.LOCAL_CMD;
+    const identifier = toolCall.cmd || toolCall.path || toolCall.url || '(operation)';
+    const desc = toolCall.description || (safety.isDangerous ? 'This will perform a dangerous operation' : 'This will modify the system');
+
+    this.onConfirmPrompt({ tool, identifier, description: desc, tier, isDangerous: safety.isDangerous });
+
+    if (tier === SAFETY_TIERS.DANGEROUS) {
+      const answer = await this._readStdinLine('  Type "confirm" to proceed: ', () => '');
+      return answer.toLowerCase() === 'confirm';
+    } else {
+      const answer = await this._readStdinLine('  Run this? (y/N): ', () => '');
+      return answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes';
+    }
+  },
+
+  async _askUserInline(question, options = []) {
+    this.onAskUserPrompt({ question, options });
+    const hint = options.length > 0 ? `  Answer (number or text): ` : `  Your answer: `;
+    const answer = await this._readStdinLine(hint, () => '');
+    if (options.length > 0) {
+      const n = parseInt(answer.trim(), 10);
+      if (!isNaN(n) && n >= 1 && n <= options.length) return options[n - 1];
+    }
+    return answer.trim();
+  },
+
+  async _showPlanAndConfirm(plan) {
+    const planText = typeof plan === 'string' ? plan : JSON.stringify(plan, null, 2);
+    this.onPlanPrompt({ plan: planText });
+    const answer = await this._readStdinLine('  Approve plan? (y/N): ', () => '');
+    return answer.toLowerCase() === 'y' || answer.toLowerCase() === 'yes';
+  },
+};