poke-gate 0.1.9 → 0.2.1

package/src/agents.js

@@ -1,8 +1,9 @@
 import { readdirSync, readFileSync, writeFileSync, existsSync, mkdirSync } from "node:fs";
-import { join, basename } from "node:path";
+import { join, dirname } from "node:path";
 import { homedir } from "node:os";
 import { exec } from "node:child_process";
 import { createInterface } from "node:readline";
+import { fileURLToPath } from "node:url";
 
 const CONFIG_DIR = process.env.XDG_CONFIG_HOME || join(homedir(), ".config");
 const AGENTS_DIR = join(CONFIG_DIR, "poke-gate", "agents");
@@ -113,7 +114,7 @@ export function discoverAgents() {
 import { symlinkSync, lstatSync } from "node:fs";
 
 function ensureNodeModulesLink() {
-  const pkgRoot = join(new URL(".", import.meta.url).pathname, "..");
+  const pkgRoot = join(dirname(fileURLToPath(import.meta.url)), "..");
   const source = join(pkgRoot, "node_modules");
   const target = join(AGENTS_DIR, "node_modules");
 
@@ -125,7 +126,8 @@ function ensureNodeModulesLink() {
   } catch {}
 
   try {
-    symlinkSync(source, target, "junction");
+    const type = process.platform === "win32" ? "junction" : "dir";
+    symlinkSync(source, target, type);
   } catch {}
 }
 
@@ -187,11 +189,6 @@ export async function downloadAgent(name) {
 
   console.log(`Fetching agent "${name}" from GitHub...`);
 
-  const indexRes = await fetch(`${REPO_BASE}/`).catch(() => null);
-
-  const jsUrl = `${REPO_BASE}/${name}`;
-  const envUrl = `${REPO_BASE}/.env.${name}`;
-
   // Try to find the exact file first, or search for name.*.js pattern
   let jsFileName = null;
   let jsContent = null;

package/src/app.js

@@ -1,4 +1,4 @@
-import { startMcpServer, enableLogging } from "./mcp-server.js";
+import { startMcpServer, enableLogging, getPermissionMode } from "./mcp-server.js";
 import { startTunnel } from "./tunnel.js";
 import { startAgentScheduler, stopAgentScheduler } from "./agents.js";
 import { Poke, isLoggedIn, login, getToken } from "poke";
@@ -30,7 +30,6 @@ async function ensureAuthenticated() {
 }
 
 let currentTunnel = null;
-let reconnectTimer = null;
 let reconnectWatchdog = null;
 
 async function connectWithRetry(mcpUrl, token) {
@@ -104,6 +103,7 @@ function scheduleReconnect(mcpUrl, token) {
 
 async function main() {
   log("poke-gate starting...");
+  log(`Access mode: ${getPermissionMode()}`);
 
   const token = await ensureAuthenticated();
 
@@ -115,14 +115,38 @@ async function main() {
   await connectWithRetry(mcpUrl, token);
 }
 
+function buildAccessModeMessage(mode) {
+  switch (mode) {
+    case "limited":
+      return (
+        "Access mode: Limited. " +
+        "You can read files, list directories, and run safe read-only commands (ls, cat, grep, curl, jq…). " +
+        "You cannot write files, take screenshots, or run other commands."
+      );
+    case "sandbox":
+      return (
+        "Access mode: Sandbox. " +
+        "You can read files, list directories, and run commands like brew, node, python, ffmpeg, curl, and more. " +
+        "File writes are restricted to ~/Downloads and /tmp by macOS sandbox. Screenshots are disabled."
+      );
+    default:
+      return (
+        "Access mode: Full. " +
+        "You can run any shell command, read and write files, list directories, take screenshots, and check system info. " +
+        "Risky actions (commands, file writes, screenshots) require user approval in chat before execution."
+      );
+  }
+}
+
 async function notifyPoke(connectionId, token) {
   try {
+    const mode = getPermissionMode();
     const poke = new Poke({ token });
     await poke.sendMessage(
       `Hey! I've connected my computer to you via Poke Gate (tunnel: ${connectionId}). ` +
-      `You can now run commands, read and write files, list directories, take screenshots, and check system info on my machine. ` +
-      `Just use the tools whenever I ask you to do something on my computer.` +
-      `Now reply me in my language "now I am connected to your computer".`
+      `${buildAccessModeMessage(mode)} ` +
+      `Just use the tools whenever I ask you to do something on my computer. ` +
+      `Now reply me with "now I am connected to your computer" but everytime write those replies in most creative fun way.`
     );
     log("Notified Poke agent about connection.");
   } catch (err) {