pi-agent-toolkit 0.1.0

package/dist/dotfiles/agent-skills/exa-search/scripts/exa-api.cjs

@@ -0,0 +1,197 @@
+#!/usr/bin/env node
+
+/**
+ * Exa API Helper Script
+ * Provides a CLI wrapper around Exa endpoints for Pi skill integration.
+ *
+ * Usage:
+ *   node exa-api.cjs <search|contents|findsimilar|answer|research> [<json-string>]
+ *   cat payload.json | node exa-api.cjs search
+ *   node exa-api.cjs search --file ./payload.json
+ */
+
+const https = require('https');
+const fs = require('fs');
+const path = require('path');
+
+const API_BASE = 'https://api.exa.ai';
+
+function readApiKeyFromFile(filePath) {
+  if (!fs.existsSync(filePath)) {
+    return null;
+  }
+
+  const envContent = fs.readFileSync(filePath, 'utf8');
+  const match = envContent.match(/EXA_API_KEY\s*=\s*(.+)/);
+  if (!match) {
+    return null;
+  }
+
+  return match[1].trim().replace(/^["']|["']$/g, '');
+}
+
+function loadApiKey() {
+  if (process.env.EXA_API_KEY) {
+    return process.env.EXA_API_KEY;
+  }
+
+  const candidatePaths = [
+    path.join(__dirname, '..', '.env'),
+    path.join(__dirname, '.env'),
+  ];
+
+  for (const envPath of candidatePaths) {
+    const apiKey = readApiKeyFromFile(envPath);
+    if (apiKey) return apiKey;
+  }
+
+  return null;
+}
+
+function usage() {
+  const cmd = path.basename(process.argv[1] || 'exa-api.cjs');
+  console.error(
+    [
+      'Usage:',
+      `  node ${cmd} <search|contents|findsimilar|answer|research> [<json-string>]`,
+      `  cat payload.json | node ${cmd} search`,
+      `  node ${cmd} search --file ./payload.json`,
+      '',
+      'Env:',
+      '  EXA_API_KEY (env var), .env in the skill root, or .env next to this script',
+    ].join('\n'),
+  );
+}
+
+function readStdin() {
+  return new Promise((resolve, reject) => {
+    let data = '';
+    process.stdin.setEncoding('utf8');
+    process.stdin.on('data', (chunk) => {
+      data += chunk;
+    });
+    process.stdin.on('end', () => resolve(data));
+    process.stdin.on('error', reject);
+  });
+}
+
+async function readPayload(args) {
+  const fileFlagIndex = args.findIndex((arg) => arg === '--file');
+  if (fileFlagIndex !== -1) {
+    const filePath = args[fileFlagIndex + 1];
+    if (!filePath) {
+      throw new Error('Missing value for --file');
+    }
+    const content = fs.readFileSync(filePath, 'utf8');
+    return JSON.parse(content);
+  }
+
+  const dataFlagIndex = args.findIndex((arg) => arg === '--data');
+  if (dataFlagIndex !== -1) {
+    const json = args[dataFlagIndex + 1];
+    if (!json) {
+      throw new Error('Missing value for --data');
+    }
+    return JSON.parse(json);
+  }
+
+  if (args[0] && !args[0].startsWith('-')) {
+    return JSON.parse(args[0]);
+  }
+
+  if (process.stdin.isTTY) {
+    throw new Error('No payload provided (pass JSON arg, --data, --file, or pipe via stdin)');
+  }
+
+  const stdin = await readStdin();
+  if (!stdin.trim()) {
+    throw new Error('Empty stdin payload');
+  }
+  return JSON.parse(stdin);
+}
+
+function postJson(endpointPath, apiKey, payload) {
+  return new Promise((resolve, reject) => {
+    const body = JSON.stringify(payload);
+    const url = new URL(endpointPath, API_BASE);
+
+    const req = https.request(
+      url,
+      {
+        method: 'POST',
+        headers: {
+          'x-api-key': apiKey,
+          'Content-Type': 'application/json',
+          'Content-Length': Buffer.byteLength(body),
+          'User-Agent': 'Exa-Skill/1.0',
+        },
+        timeout: 60_000,
+      },
+      (res) => {
+        let data = '';
+        res.setEncoding('utf8');
+        res.on('data', (chunk) => {
+          data += chunk;
+        });
+        res.on('end', () => {
+          const ok = res.statusCode && res.statusCode >= 200 && res.statusCode < 300;
+          if (!ok) {
+            reject(new Error(`API Error ${res.statusCode}: ${data}`));
+            return;
+          }
+
+          try {
+            resolve(JSON.parse(data));
+          } catch {
+            resolve(data);
+          }
+        });
+      },
+    );
+
+    req.on('error', reject);
+    req.on('timeout', () => {
+      req.destroy(new Error('Request timed out'));
+    });
+
+    req.write(body);
+    req.end();
+  });
+}
+
+const ENDPOINT_BY_COMMAND = {
+  search: '/search',
+  contents: '/contents',
+  findsimilar: '/findSimilar',
+  answer: '/answer',
+  research: '/research',
+};
+
+(async () => {
+  const command = process.argv[2];
+  if (!command || command === '--help' || command === '-h') {
+    usage();
+    process.exit(command ? 0 : 1);
+  }
+
+  const endpoint = ENDPOINT_BY_COMMAND[command];
+  if (!endpoint) {
+    usage();
+    process.exit(1);
+  }
+
+  const apiKey = loadApiKey();
+  if (!apiKey) {
+    console.error('Missing Exa API key: set EXA_API_KEY or create .env in the skill root');
+    process.exit(1);
+  }
+
+  try {
+    const payload = await readPayload(process.argv.slice(3));
+    const result = await postJson(endpoint, apiKey, payload);
+    console.log(JSON.stringify(result, null, 2));
+  } catch (error) {
+    console.error(`Error: ${error.message}`);
+    process.exit(1);
+  }
+})();

package/dist/dotfiles/auth.json.template

@@ -0,0 +1,5 @@
+{
+  "anthropic": "sk-ant-YOUR_ANTHROPIC_API_KEY",
+  "openai-codex": "YOUR_OPENAI_API_KEY",
+  "google-antigravity": "YOUR_GOOGLE_API_KEY"
+}

package/dist/dotfiles/damage-control-rules.yaml

@@ -0,0 +1,318 @@
+# Damage Control Rules
+#
+# Defines safety guardrails for the PI agent. Loaded by damage-control.ts.
+#
+# Sections:
+#   bashToolPatterns  - regex patterns matched against bash commands
+#                       "ask: true" prompts for confirmation instead of hard-blocking
+#   zeroAccessPaths   - agent cannot read, search, or modify these paths
+#   askAccessPaths    - agent must ask before reading or searching these paths
+#   readOnlyPaths     - agent can read but not write or delete
+#   noDeletePaths     - agent can read and write but not delete
+#
+# Path entries support:
+#   - Globs: *.pem, *-credentials.json
+#   - Home dir: ~/
+#   - Directories (trailing /): ~/.ssh/
+
+bashToolPatterns:
+  # -- Destructive file operations --
+  - pattern: '\brm\b'
+    reason: rm usage (delete operation)
+    ask: true
+  - pattern: '\bgit\s+rm\b'
+    reason: git rm (delete operation)
+    ask: true
+  - pattern: '\bfind\b[^\n]*\s-delete\b'
+    reason: find with -delete flag
+    ask: true
+  - pattern: '\bsudo\b'
+    reason: sudo (elevated privileges)
+    ask: true
+  - pattern: '\brm\s+(-[^\s]*)*-[rRf]'
+    reason: rm with recursive or force flags
+  - pattern: '\brm\s+-[rRf]'
+    reason: rm with recursive or force flags
+  - pattern: '\brm\s+--recursive'
+    reason: rm with --recursive flag
+  - pattern: '\brm\s+--force'
+    reason: rm with --force flag
+  - pattern: '\bsudo\s+rm\b'
+    reason: sudo rm (blocked, not just asked)
+  - pattern: '\brmdir\s+--ignore-fail-on-non-empty'
+    reason: rmdir ignore-fail
+  - pattern: '\bchmod\s+(-[^\s]+\s+)*777\b'
+    reason: chmod 777 (world writable)
+  - pattern: '\bchmod\s+-[Rr].*777'
+    reason: recursive chmod 777
+  - pattern: '\bchown\s+-[Rr].*\broot\b'
+    reason: recursive chown to root
+  - pattern: '\bmkfs\.'
+    reason: filesystem format command
+  - pattern: '\bdd\s+.*of=/dev/'
+    reason: dd writing to device
+  - pattern: '\bkill\s+-9\s+-1\b'
+    reason: kill all processes
+  - pattern: '\bkillall\s+-9\b'
+    reason: killall -9
+  - pattern: '\bpkill\s+-9\b'
+    reason: pkill -9
+  - pattern: '\bhistory\s+-c\b'
+    reason: clearing shell history
+
+  # -- Git --
+  - pattern: '\bgit\s+reset\s+--hard\b'
+    reason: git reset --hard (use --soft or stash)
+  - pattern: '\bgit\s+clean\s+(-[^\s]*)*-[fd]'
+    reason: git clean with force/directory flags
+  - pattern: '\bgit\s+push\s+.*--force(?!-with-lease)'
+    reason: git push --force (use --force-with-lease)
+  - pattern: '\bgit\s+push\s+(-[^\s]*)*-f\b'
+    reason: git push -f (use --force-with-lease)
+  - pattern: '\bgit\s+stash\s+clear\b'
+    reason: git stash clear (deletes ALL stashes)
+  - pattern: '\bgit\s+reflog\s+expire\b'
+    reason: git reflog expire (destroys recovery mechanism)
+  - pattern: '\bgit\s+gc\s+.*--prune=now'
+    reason: git gc --prune=now (can lose dangling commits)
+  - pattern: '\bgit\s+filter-branch\b'
+    reason: git filter-branch (rewrites entire history)
+  - pattern: '\bgit\b.*--no-verify'
+    reason: git --no-verify bypasses all hooks
+  - pattern: '\bgit\s+checkout\s+--\s*\.'
+    reason: discards all uncommitted changes
+    ask: true
+  - pattern: '\bgit\s+restore\s+\.'
+    reason: discards all uncommitted changes
+    ask: true
+  - pattern: '\bgit\s+stash\s+drop\b'
+    reason: permanently deletes a stash
+    ask: true
+  - pattern: '\bgit\s+branch\s+(-[^\s]*)*-D'
+    reason: force deletes branch (even if unmerged)
+    ask: true
+  - pattern: '\bgit\s+push\s+\S+\s+--delete\b'
+    reason: deletes remote branch
+    ask: true
+  - pattern: '\bgit\s+push\s+\S+\s+:\S+'
+    reason: deletes remote branch (old syntax)
+    ask: true
+
+  # -- AWS S3 allowlist --
+  # Allow rules are checked first and always win over block rules.
+  # Only ls (list) and cp (copy/download/upload) are permitted.
+  - pattern: '\baws\s+s3\s+(ls|cp)\b'
+    reason: aws S3 ls/cp operations are permitted
+    allow: true
+
+  # -- AWS S3 blocks --
+  - pattern: '\baws\s+s3\s+rm\b'
+    reason: aws s3 rm (deletes S3 objects)
+  - pattern: '\baws\s+s3\s+rb\b'
+    reason: aws s3 rb (removes bucket)
+  - pattern: '\baws\s+s3\s+mv\b'
+    reason: aws s3 mv (moves by deleting source objects)
+  - pattern: '\baws\s+s3\s+sync\b.*\s--delete\b'
+    reason: aws s3 sync --delete (removes destination objects)
+  - pattern: '\baws\s+s3\s+sync\b'
+    reason: aws s3 sync is blocked; use only explicit find/read/download/upload flows
+  - pattern: '\baws\s+s3api\s+(?:delete|remove)\S*\b'
+    reason: aws s3api delete/remove operation
+  - pattern: '\baws\s+s3api\s+abort-multipart-upload\b'
+    reason: aws s3api abort-multipart-upload (discards multipart upload)
+  - pattern: '\baws\s+s3api\b.*\b--delete\b'
+    reason: aws s3api command with --delete flag
+  - pattern: '\baws\s+s3control\s+(?:delete|remove)\S*\b'
+    reason: aws s3control delete/remove operation
+  - pattern: '\baws\s+s3control\b.*\b--delete\b'
+    reason: aws s3control command with --delete flag
+  - pattern: '\baws\s+s3api\s+(?:put|create|copy)\S*\b'
+    reason: aws s3api mutating command is blocked; allow only cp uploads/downloads
+  - pattern: '\baws\s+s3control\s+(?:put|create|update)\S*\b'
+    reason: aws s3control mutating command is blocked
+  - pattern: '\baws\s+s3\s+presign\b'
+    reason: aws s3 presign is blocked
+  - pattern: '\baws\s+s3\b'
+    reason: aws S3 command not in allowlist (only ls/cp are permitted via allow rules)
+  - pattern: '\baws\s+ec2\s+terminate-instances\b'
+    reason: aws ec2 terminate-instances
+  - pattern: '\baws\s+rds\s+delete-db-instance\b'
+    reason: aws rds delete-db-instance
+  - pattern: '\baws\s+cloudformation\s+delete-stack\b'
+    reason: aws cloudformation delete-stack
+  - pattern: '\baws\s+dynamodb\s+delete-table\b'
+    reason: aws dynamodb delete-table
+  - pattern: '\baws\s+eks\s+delete-cluster\b'
+    reason: aws eks delete-cluster
+  - pattern: '\baws\s+lambda\s+delete-function\b'
+    reason: aws lambda delete-function
+  - pattern: '\baws\s+iam\s+delete-role\b'
+    reason: aws iam delete-role
+  - pattern: '\baws\s+iam\s+delete-user\b'
+    reason: aws iam delete-user
+
+  # -- GCP --
+  - pattern: '\bgcloud\s+projects\s+delete\b'
+    reason: gcloud projects delete (DELETES ENTIRE PROJECT)
+  - pattern: '\bgcloud\s+compute\s+instances\s+delete\b'
+    reason: gcloud compute instances delete
+  - pattern: '\bgcloud\s+sql\s+instances\s+delete\b'
+    reason: gcloud sql instances delete
+  - pattern: '\bgcloud\s+container\s+clusters\s+delete\b'
+    reason: gcloud container clusters delete (GKE)
+  - pattern: '\bgcloud\s+storage\s+rm\s+.*-r'
+    reason: gcloud storage rm -r (recursive delete)
+  - pattern: '\bgcloud\s+functions\s+delete\b'
+    reason: gcloud functions delete
+  - pattern: '\bgcloud\s+iam\s+service-accounts\s+delete\b'
+    reason: gcloud iam service-accounts delete
+  - pattern: '\bgcloud\s+run\s+services\s+delete\b'
+    reason: gcloud run services delete
+  - pattern: '\bgcloud\s+run\s+jobs\s+delete\b'
+    reason: gcloud run jobs delete
+  - pattern: '\bgcloud\s+services\s+disable\b'
+    reason: gcloud services disable (disables GCP APIs)
+  - pattern: '\bgcloud\s+iam\s+roles\s+delete\b'
+    reason: gcloud iam roles delete
+  - pattern: '\bgcloud\s+iam\s+policies\b'
+    reason: gcloud iam policies (modifies IAM policies)
+    ask: true
+
+  # -- Firebase --
+  - pattern: '\bfirebase\s+projects:delete\b'
+    reason: firebase projects:delete (deletes entire project)
+  - pattern: '\bfirebase\s+firestore:delete\s+.*--all-collections'
+    reason: firebase firestore:delete --all-collections (wipes all data)
+  - pattern: '\bfirebase\s+database:remove\b'
+    reason: firebase database:remove (wipes Realtime DB)
+  - pattern: '\bfirebase\s+hosting:disable\b'
+    reason: firebase hosting:disable
+  - pattern: '\bfirebase\s+functions:delete\b'
+    reason: firebase functions:delete
+
+  # -- Vercel --
+  - pattern: '\bvercel\s+remove\s+.*--yes'
+    reason: vercel remove --yes (removes deployment)
+  - pattern: '\bvercel\s+projects\s+rm\b'
+    reason: vercel projects rm (deletes project)
+  - pattern: '\bvercel\s+env\s+rm\b'
+    reason: vercel env rm (removes env variables)
+  - pattern: '\bvercel\s+rm\b'
+    reason: vercel rm (removes deployment)
+  - pattern: '\bvercel\s+remove\b'
+    reason: vercel remove (removes deployment)
+  - pattern: '\bvercel\s+domains\s+rm\b'
+    reason: vercel domains rm (removes custom domain)
+
+  # -- Netlify --
+  - pattern: '\bnetlify\s+sites:delete\b'
+    reason: netlify sites:delete (deletes entire site)
+  - pattern: '\bnetlify\s+functions:delete\b'
+    reason: netlify functions:delete
+
+  # -- Cloudflare --
+  - pattern: '\bwrangler\s+delete\b'
+    reason: wrangler delete (deletes Worker)
+  - pattern: '\bwrangler\s+r2\s+bucket\s+delete\b'
+    reason: wrangler r2 bucket delete
+  - pattern: '\bwrangler\s+kv:namespace\s+delete\b'
+    reason: wrangler kv:namespace delete
+  - pattern: '\bwrangler\s+d1\s+delete\b'
+    reason: wrangler d1 delete (deletes database)
+  - pattern: '\bwrangler\s+queues\s+delete\b'
+    reason: wrangler queues delete
+
+  # -- SQL --
+  - pattern: 'DELETE\s+FROM\s+\w+\s*;'
+    reason: DELETE without WHERE clause (will delete ALL rows)
+  - pattern: 'DELETE\s+\*\s+FROM'
+    reason: DELETE * (will delete ALL rows)
+  - pattern: '\bTRUNCATE\s+TABLE\b'
+    reason: TRUNCATE TABLE (will delete ALL rows)
+  - pattern: '\bDROP\s+TABLE\b'
+    reason: DROP TABLE
+  - pattern: '\bDROP\s+DATABASE\b'
+    reason: DROP DATABASE
+  - pattern: '\bDROP\s+SCHEMA\b'
+    reason: DROP SCHEMA
+  - pattern: '\bDELETE\s+FROM\s+\w+\s+WHERE\b.*\bid\s*='
+    reason: SQL DELETE with specific ID
+    ask: true
+
+askAccessPaths: []
+
+readOnlyPaths:
+  - /etc/
+  - /usr/
+  - /bin/
+  - /sbin/
+  - /boot/
+  - /root/
+  - ~/.bash_history
+  - ~/.zsh_history
+  - ~/.node_repl_history
+  - ~/.bashrc
+  - ~/.zshrc
+  - ~/.profile
+  - ~/.bash_profile
+  - "package-lock.json"
+  - "yarn.lock"
+  - "pnpm-lock.yaml"
+  - "Gemfile.lock"
+  - "poetry.lock"
+  - "Pipfile.lock"
+  - "composer.lock"
+  - "Cargo.lock"
+  - "go.sum"
+  - "flake.lock"
+  - "bun.lockb"
+  - "uv.lock"
+  - "npm-shrinkwrap.json"
+  - "*.lock"
+  - "*.lockb"
+  - "*.min.js"
+  - "*.min.css"
+  - "*.bundle.js"
+  - "*.chunk.js"
+  - dist/
+  - build/
+  - .next/
+  - .nuxt/
+  - .output/
+  - node_modules/
+  - __pycache__/
+  - .venv/
+  - venv/
+  - target/
+
+noDeletePaths:
+  - ~/.claude/
+  - ~/.pi/
+  - CLAUDE.md
+  - "LICENSE"
+  - "LICENSE.*"
+  - "COPYING"
+  - "COPYING.*"
+  - "NOTICE"
+  - "PATENTS"
+  - "README.md"
+  - "README.*"
+  - "CONTRIBUTING.md"
+  - "CHANGELOG.md"
+  - "CODE_OF_CONDUCT.md"
+  - "SECURITY.md"
+  - .git/
+  - .gitignore
+  - .gitattributes
+  - .gitmodules
+  - .github/
+  - .gitlab-ci.yml
+  - .circleci/
+  - Jenkinsfile
+  - .travis.yml
+  - azure-pipelines.yml
+  - Dockerfile
+  - "Dockerfile.*"
+  - docker-compose.yml
+  - "docker-compose.*.yml"
+  - .dockerignore