qlogicagent 0.2.1 → 0.4.0

package/dist/skills/skill-guard.js

@@ -1,229 +0,0 @@
-// ---------------------------------------------------------------------------
-// Skill security scanner — portable, zero external dependencies.
-// Mirrors openclaw/src/security/skill-scanner.ts rules but uses DI deps
-// instead of Node.js fs/path directly.
-// ---------------------------------------------------------------------------
-const LINE_RULES = [
-    {
-        ruleId: "dangerous-exec",
-        severity: "critical",
-        message: "Shell command execution detected (child_process)",
-        pattern: /\b(exec|execSync|spawn|spawnSync|execFile|execFileSync)\s*\(/,
-        requiresContext: /child_process/,
-    },
-    {
-        ruleId: "dynamic-code-execution",
-        severity: "critical",
-        message: "Dynamic code execution detected",
-        pattern: /\beval\s*\(|new\s+Function\s*\(/,
-    },
-    {
-        ruleId: "crypto-mining",
-        severity: "critical",
-        message: "Possible crypto-mining reference detected",
-        pattern: /stratum\+tcp|stratum\+ssl|coinhive|cryptonight|xmrig/i,
-    },
-    {
-        ruleId: "suspicious-network",
-        severity: "warn",
-        message: "WebSocket connection to non-standard port",
-        pattern: /new\s+WebSocket\s*\(\s*["']wss?:\/\/[^"']*:(\d+)/,
-    },
-];
-const STANDARD_PORTS = new Set([80, 443, 8080, 8443, 3000]);
-const SOURCE_RULES = [
-    {
-        ruleId: "potential-exfiltration",
-        severity: "warn",
-        message: "File read combined with network send — possible data exfiltration",
-        pattern: /readFileSync|readFile/,
-        requiresContext: /\bfetch\b|\bpost\b|http\.request/i,
-    },
-    {
-        ruleId: "obfuscated-code",
-        severity: "warn",
-        message: "Hex-encoded string sequence detected (possible obfuscation)",
-        pattern: /(\\x[0-9a-fA-F]{2}){6,}/,
-    },
-    {
-        ruleId: "obfuscated-code",
-        severity: "warn",
-        message: "Large base64 payload with decode call detected (possible obfuscation)",
-        pattern: /(?:atob|Buffer\.from)\s*\(\s*["'][A-Za-z0-9+/=]{200,}["']/,
-    },
-    {
-        ruleId: "env-harvesting",
-        severity: "critical",
-        message: "Environment variable access combined with network send — possible credential harvesting",
-        pattern: /process\.env/,
-        requiresContext: /\bfetch\b|\bpost\b|http\.request/i,
-    },
-];
-// ---------------------------------------------------------------------------
-// Scannable extensions
-// ---------------------------------------------------------------------------
-const SCANNABLE_EXTENSIONS = new Set([
-    ".js", ".ts", ".mjs", ".cjs", ".mts", ".cts", ".jsx", ".tsx",
-]);
-const DEFAULT_MAX_SCAN_FILES = 500;
-const DEFAULT_MAX_FILE_BYTES = 1024 * 1024;
-// ---------------------------------------------------------------------------
-// Core scanner (operates on source text — no FS dependency)
-// ---------------------------------------------------------------------------
-function truncateEvidence(evidence, maxLen = 120) {
-    return evidence.length <= maxLen ? evidence : `${evidence.slice(0, maxLen)}…`;
-}
-/**
- * Scan a source string for security findings.
- * This is a pure function — no file I/O.
- */
-export function scanSource(source, filePath) {
-    const findings = [];
-    const lines = source.split("\n");
-    const matchedLineRules = new Set();
-    // Line rules
-    for (const rule of LINE_RULES) {
-        if (matchedLineRules.has(rule.ruleId))
-            continue;
-        if (rule.requiresContext && !rule.requiresContext.test(source))
-            continue;
-        for (let i = 0; i < lines.length; i++) {
-            const line = lines[i];
-            const match = rule.pattern.exec(line);
-            if (!match)
-                continue;
-            // Special: suspicious-network checks port number
-            if (rule.ruleId === "suspicious-network") {
-                const port = parseInt(match[1], 10);
-                if (STANDARD_PORTS.has(port))
-                    continue;
-            }
-            findings.push({
-                ruleId: rule.ruleId,
-                severity: rule.severity,
-                file: filePath,
-                line: i + 1,
-                message: rule.message,
-                evidence: truncateEvidence(line.trim()),
-            });
-            matchedLineRules.add(rule.ruleId);
-            break; // one finding per line-rule per file
-        }
-    }
-    // Source rules
-    const matchedSourceRules = new Set();
-    for (const rule of SOURCE_RULES) {
-        const ruleKey = `${rule.ruleId}::${rule.message}`;
-        if (matchedSourceRules.has(ruleKey))
-            continue;
-        if (!rule.pattern.test(source))
-            continue;
-        if (rule.requiresContext && !rule.requiresContext.test(source))
-            continue;
-        let matchLine = 0;
-        let matchEvidence = "";
-        for (let i = 0; i < lines.length; i++) {
-            if (rule.pattern.test(lines[i])) {
-                matchLine = i + 1;
-                matchEvidence = lines[i].trim();
-                break;
-            }
-        }
-        if (matchLine === 0) {
-            matchLine = 1;
-            matchEvidence = source.slice(0, 120);
-        }
-        findings.push({
-            ruleId: rule.ruleId,
-            severity: rule.severity,
-            file: filePath,
-            line: matchLine,
-            message: rule.message,
-            evidence: truncateEvidence(matchEvidence),
-        });
-        matchedSourceRules.add(ruleKey);
-    }
-    return findings;
-}
-async function walkDirWithLimit(deps, dirPath, maxFiles) {
-    const files = [];
-    const stack = [dirPath];
-    while (stack.length > 0 && files.length < maxFiles) {
-        const currentDir = stack.pop();
-        if (!currentDir)
-            break;
-        let entries;
-        try {
-            entries = deps.fs.readdirSync(currentDir, { withFileTypes: true });
-        }
-        catch {
-            continue;
-        }
-        for (const entry of entries) {
-            if (files.length >= maxFiles)
-                break;
-            if (entry.name.startsWith(".") || entry.name === "node_modules")
-                continue;
-            const fullPath = deps.path.join(currentDir, entry.name);
-            if (entry.isDirectory()) {
-                stack.push(fullPath);
-            }
-            else if (SCANNABLE_EXTENSIONS.has(deps.path.extname(entry.name).toLowerCase())) {
-                files.push(fullPath);
-            }
-        }
-    }
-    return files;
-}
-/**
- * Scan an entire skill directory for security issues.
- * Returns a summary with per-file findings.
- */
-export async function scanSkillDirectory(deps, skillDir, opts) {
-    const maxFiles = Math.max(1, opts?.maxFiles ?? DEFAULT_MAX_SCAN_FILES);
-    const maxFileBytes = Math.max(1, opts?.maxFileBytes ?? DEFAULT_MAX_FILE_BYTES);
-    const files = opts?.includeFiles && opts.includeFiles.length > 0
-        ? opts.includeFiles
-        : await walkDirWithLimit(deps, skillDir, maxFiles);
-    const allFindings = [];
-    let scannedFiles = 0;
-    for (const filePath of files) {
-        try {
-            const stat = deps.fs.statSync(filePath);
-            if (stat.size > maxFileBytes)
-                continue;
-        }
-        catch {
-            continue;
-        }
-        let source;
-        try {
-            source = await deps.fs.readFile(filePath, "utf-8");
-        }
-        catch {
-            continue;
-        }
-        scannedFiles += 1;
-        const findings = scanSource(source, filePath);
-        allFindings.push(...findings);
-    }
-    return {
-        scannedFiles,
-        critical: allFindings.filter((f) => f.severity === "critical").length,
-        warn: allFindings.filter((f) => f.severity === "warn").length,
-        info: allFindings.filter((f) => f.severity === "info").length,
-        findings: allFindings,
-    };
-}
-/**
- * Quick check: does this source have any critical findings?
- */
-export function hasCriticalFindings(source, filePath) {
-    return scanSource(source, filePath).some((f) => f.severity === "critical");
-}
-/**
- * Check if a file extension is scannable by the guard.
- */
-export function isScannable(filePath, pathDeps) {
-    return SCANNABLE_EXTENSIONS.has(pathDeps.extname(filePath).toLowerCase());
-}

package/dist/skills/skill-loader.d.ts

@@ -1,16 +0,0 @@
-import type { SkillEntry, SkillLoadLimits, SkillLoaderDeps, SkillSnapshot } from "./skill-types.js";
-/**
- * Discover all skills from configured search paths, applying precedence merge
- * and size/count limits. Returns fully parsed `SkillEntry` objects.
- */
-export declare function loadSkillEntries(deps: SkillLoaderDeps): SkillEntry[];
-/**
- * Filter skill entries by a name-based filter list.
- * If filter is undefined or empty, returns all entries.
- */
-export declare function filterSkillEntries(entries: SkillEntry[], skillFilter?: string[]): SkillEntry[];
-/**
- * Build a system-prompt-embeddable skill snapshot.
- * Applies count and character limits from the provided config.
- */
-export declare function buildSkillSnapshot(entries: SkillEntry[], limits?: SkillLoadLimits, skillFilter?: string[]): SkillSnapshot;

package/dist/skills/skill-loader.js

@@ -1,303 +0,0 @@
-// ---------------------------------------------------------------------------
-// Skill discovery & loading — portable, DI-based.
-// Mirrors openclaw/src/agents/skills/workspace.ts logic but decoupled from
-// Node.js fs/path via SkillLoaderDeps.
-// ---------------------------------------------------------------------------
-import { parseFrontmatter, resolveSkillMetadata, resolveSkillInvocationPolicy } from "./skill-frontmatter.js";
-// ---------------------------------------------------------------------------
-// Default limits (match openclaw upstream)
-// ---------------------------------------------------------------------------
-const DEFAULT_LIMITS = {
-    maxCandidatesPerRoot: 300,
-    maxSkillsLoadedPerSource: 200,
-    maxSkillsInPrompt: 150,
-    maxSkillsPromptChars: 30_000,
-    maxSkillFileBytes: 256_000,
-};
-function resolveLimits(input) {
-    return {
-        maxCandidatesPerRoot: input?.maxCandidatesPerRoot ?? DEFAULT_LIMITS.maxCandidatesPerRoot,
-        maxSkillsLoadedPerSource: input?.maxSkillsLoadedPerSource ?? DEFAULT_LIMITS.maxSkillsLoadedPerSource,
-        maxSkillsInPrompt: input?.maxSkillsInPrompt ?? DEFAULT_LIMITS.maxSkillsInPrompt,
-        maxSkillsPromptChars: input?.maxSkillsPromptChars ?? DEFAULT_LIMITS.maxSkillsPromptChars,
-        maxSkillFileBytes: input?.maxSkillFileBytes ?? DEFAULT_LIMITS.maxSkillFileBytes,
-    };
-}
-// ---------------------------------------------------------------------------
-// Path containment guard
-// ---------------------------------------------------------------------------
-function isPathInside(parentRealPath, childRealPath, sep) {
-    const normalizedParent = parentRealPath.endsWith(sep) ? parentRealPath : parentRealPath + sep;
-    return childRealPath === parentRealPath || childRealPath.startsWith(normalizedParent);
-}
-function resolveContainedPath(deps, rootRealPath, candidatePath) {
-    try {
-        const real = deps.fs.realpathSync(candidatePath);
-        return isPathInside(rootRealPath, real, deps.path.sep) ? real : null;
-    }
-    catch {
-        return null;
-    }
-}
-// ---------------------------------------------------------------------------
-// Directory listing helpers
-// ---------------------------------------------------------------------------
-function listChildDirectories(deps, dir) {
-    try {
-        const entries = deps.fs.readdirSync(dir, { withFileTypes: true });
-        const dirs = [];
-        for (const entry of entries) {
-            if (entry.name.startsWith(".") || entry.name === "node_modules")
-                continue;
-            if (entry.isDirectory()) {
-                dirs.push(entry.name);
-                continue;
-            }
-            if (entry.isSymbolicLink()) {
-                try {
-                    const fullPath = deps.path.join(dir, entry.name);
-                    if (deps.fs.statSync(fullPath).isDirectory()) {
-                        dirs.push(entry.name);
-                    }
-                }
-                catch {
-                    // broken symlink — skip
-                }
-            }
-        }
-        return dirs;
-    }
-    catch {
-        return [];
-    }
-}
-/**
- * Detect nested `skills/` subfolder. If `dir/skills/<x>/SKILL.md` exists,
- * treat `dir/skills/` as the real root.
- */
-function resolveNestedSkillsRoot(deps, dir, maxEntriesToScan) {
-    const nested = deps.path.join(dir, "skills");
-    try {
-        if (!deps.fs.existsSync(nested) || !deps.fs.statSync(nested).isDirectory()) {
-            return dir;
-        }
-    }
-    catch {
-        return dir;
-    }
-    const nestedDirs = listChildDirectories(deps, nested);
-    const toScan = nestedDirs.slice(0, Math.min(nestedDirs.length, maxEntriesToScan));
-    for (const name of toScan) {
-        const skillMd = deps.path.join(nested, name, "SKILL.md");
-        if (deps.fs.existsSync(skillMd)) {
-            return nested;
-        }
-    }
-    return dir;
-}
-// ---------------------------------------------------------------------------
-// Single-source skill loading
-// ---------------------------------------------------------------------------
-function loadSkillsFromSourceDir(deps, dir, source, limits) {
-    const rootDir = deps.path.resolve(dir);
-    let rootRealPath;
-    try {
-        rootRealPath = deps.fs.realpathSync(rootDir);
-    }
-    catch {
-        return [];
-    }
-    const baseDir = resolveNestedSkillsRoot(deps, rootDir, limits.maxCandidatesPerRoot);
-    const baseDirRealPath = resolveContainedPath(deps, rootRealPath, baseDir);
-    if (!baseDirRealPath)
-        return [];
-    // Case 1: root itself is a single skill
-    const rootSkillMd = deps.path.join(baseDir, "SKILL.md");
-    if (deps.fs.existsSync(rootSkillMd)) {
-        if (!resolveContainedPath(deps, baseDirRealPath, rootSkillMd))
-            return [];
-        try {
-            const size = deps.fs.statSync(rootSkillMd).size;
-            if (size > limits.maxSkillFileBytes)
-                return [];
-        }
-        catch {
-            return [];
-        }
-        return [buildWorkspaceSkill(deps, rootSkillMd, baseDir, source)].filter((s) => s !== null);
-    }
-    // Case 2: enumerate child directories for `<child>/SKILL.md`
-    const childDirs = listChildDirectories(deps, baseDir);
-    const maxCandidates = Math.max(0, limits.maxSkillsLoadedPerSource);
-    const limitedChildren = childDirs.slice().sort().slice(0, maxCandidates);
-    const skills = [];
-    for (const name of limitedChildren) {
-        const skillDir = deps.path.join(baseDir, name);
-        if (!resolveContainedPath(deps, baseDirRealPath, skillDir))
-            continue;
-        const skillMd = deps.path.join(skillDir, "SKILL.md");
-        if (!deps.fs.existsSync(skillMd))
-            continue;
-        if (!resolveContainedPath(deps, baseDirRealPath, skillMd))
-            continue;
-        try {
-            const size = deps.fs.statSync(skillMd).size;
-            if (size > limits.maxSkillFileBytes)
-                continue;
-        }
-        catch {
-            continue;
-        }
-        const skill = buildWorkspaceSkill(deps, skillMd, skillDir, source);
-        if (skill)
-            skills.push(skill);
-        if (skills.length >= limits.maxSkillsLoadedPerSource)
-            break;
-    }
-    return skills;
-}
-function buildWorkspaceSkill(deps, filePath, baseDir, source) {
-    try {
-        const content = deps.fs.readFileSync(filePath, "utf-8");
-        const fm = parseFrontmatter(content);
-        const name = fm["name"] ?? deps.path.resolve(baseDir).split(deps.path.sep).pop() ?? "unknown";
-        return {
-            name,
-            description: fm["description"],
-            source,
-            filePath: deps.path.resolve(filePath),
-            baseDir: deps.path.resolve(baseDir),
-            primaryEnv: fm["primaryEnv"] ?? fm["primary-env"],
-            requiredEnv: fm["required-env"]?.split(",").map((s) => s.trim()).filter(Boolean),
-        };
-    }
-    catch {
-        return null;
-    }
-}
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-/**
- * Discover all skills from configured search paths, applying precedence merge
- * and size/count limits. Returns fully parsed `SkillEntry` objects.
- */
-export function loadSkillEntries(deps) {
-    const limits = resolveLimits(deps.limits);
-    const { searchPaths } = deps;
-    const sources = [];
-    // Order: extra < bundled < managed < personalAgents < projectAgents < workspace
-    if (searchPaths.extra) {
-        for (const dir of searchPaths.extra) {
-            sources.push({ dir, source: "extra" });
-        }
-    }
-    if (searchPaths.bundled) {
-        sources.push({ dir: searchPaths.bundled, source: "bundled" });
-    }
-    if (searchPaths.managed) {
-        sources.push({ dir: searchPaths.managed, source: "managed" });
-    }
-    if (searchPaths.personalAgents) {
-        sources.push({ dir: searchPaths.personalAgents, source: "agents-personal" });
-    }
-    if (searchPaths.projectAgents) {
-        sources.push({ dir: searchPaths.projectAgents, source: "agents-project" });
-    }
-    if (searchPaths.workspace) {
-        sources.push({ dir: searchPaths.workspace, source: "workspace" });
-    }
-    // Merge with later sources overriding earlier ones (by name)
-    const merged = new Map();
-    for (const src of sources) {
-        const skills = loadSkillsFromSourceDir(deps, src.dir, src.source, limits);
-        for (const skill of skills) {
-            merged.set(skill.name, skill);
-        }
-    }
-    // Build entries with parsed metadata
-    const entries = [];
-    for (const skill of merged.values()) {
-        let frontmatter = parseFrontmatter("");
-        try {
-            const raw = deps.fs.readFileSync(skill.filePath, "utf-8");
-            frontmatter = parseFrontmatter(raw);
-        }
-        catch {
-            // ignore malformed
-        }
-        entries.push({
-            skill,
-            frontmatter,
-            metadata: resolveSkillMetadata(frontmatter),
-            invocation: resolveSkillInvocationPolicy(frontmatter),
-        });
-    }
-    return entries;
-}
-/**
- * Filter skill entries by a name-based filter list.
- * If filter is undefined or empty, returns all entries.
- */
-export function filterSkillEntries(entries, skillFilter) {
-    if (!skillFilter || skillFilter.length === 0)
-        return entries;
-    const normalized = new Set(skillFilter.map((s) => s.trim().toLowerCase()).filter(Boolean));
-    if (normalized.size === 0)
-        return [];
-    return entries.filter((e) => normalized.has(e.skill.name.toLowerCase()));
-}
-/**
- * Build a system-prompt-embeddable skill snapshot.
- * Applies count and character limits from the provided config.
- */
-export function buildSkillSnapshot(entries, limits, skillFilter) {
-    const resolved = resolveLimits(limits);
-    const filtered = filterSkillEntries(entries, skillFilter);
-    // Truncate by count first
-    let promptSkills = filtered.slice(0, Math.max(0, resolved.maxSkillsInPrompt));
-    // Format function for prompt
-    const formatForPrompt = (skills) => {
-        if (skills.length === 0)
-            return "";
-        const lines = [];
-        for (const entry of skills) {
-            const s = entry.skill;
-            const meta = entry.metadata;
-            const desc = s.description ? ` — ${s.description}` : "";
-            const env = s.primaryEnv ? ` [${s.primaryEnv}]` : "";
-            const emoji = meta?.emoji ? `${meta.emoji} ` : "";
-            lines.push(`- ${emoji}**${s.name}**${env}${desc}`);
-            // Compact path with ~ prefix
-            lines.push(`  File: ${s.filePath}`);
-        }
-        return lines.join("\n");
-    };
-    // Truncate by character budget via binary search
-    let prompt = formatForPrompt(promptSkills);
-    if (prompt.length > resolved.maxSkillsPromptChars) {
-        let lo = 0;
-        let hi = promptSkills.length;
-        while (lo < hi) {
-            const mid = Math.ceil((lo + hi) / 2);
-            const candidate = formatForPrompt(promptSkills.slice(0, mid));
-            if (candidate.length <= resolved.maxSkillsPromptChars) {
-                lo = mid;
-            }
-            else {
-                hi = mid - 1;
-            }
-        }
-        promptSkills = promptSkills.slice(0, lo);
-        prompt = formatForPrompt(promptSkills);
-    }
-    return {
-        prompt,
-        skills: promptSkills.map((e) => ({
-            name: e.skill.name,
-            primaryEnv: e.skill.primaryEnv,
-            requiredEnv: e.skill.requiredEnv,
-        })),
-        skillFilter,
-    };
-}

package/dist/skills/skill-source.d.ts

@@ -1,119 +0,0 @@
-import type { SkillScanSummary } from "./skill-types.js";
-/**
- * Trust level for a skill based on its origin.
- * Higher trust = fewer restrictions.
- */
-export type TrustLevel = "builtin" | "verified" | "community" | "unknown";
-/**
- * Result of a skill security scan decision.
- */
-export type ScanVerdict = "pass" | "quarantine" | "reject";
-/**
- * A resolved skill source descriptor.
- */
-export interface SkillSourceDescriptor {
-    /** Source type. */
-    kind: "bundled" | "github" | "npm" | "local" | "tap";
-    /** Human-readable identifier, e.g. "github:user/repo" or "npm:@scope/pkg". */
-    identifier: string;
-    /** Trust level derived from source type + verification status. */
-    trust: TrustLevel;
-    /** Version constraint (semver or tag). */
-    version?: string;
-}
-/**
- * Result of fetching a skill from a remote source.
- */
-export interface SkillFetchResult {
-    /** Local directory where fetched content was placed. */
-    quarantineDir: string;
-    /** Manifest metadata if found. */
-    name?: string;
-    version?: string;
-}
-/**
- * Dependencies for the skill fetch step.
- * Consumers inject actual HTTP/git/npm implementations.
- */
-export interface SkillFetchDeps {
-    /**
-     * Download / clone / extract a skill from its source into a quarantine dir.
-     * Must NOT place content in the final install location.
-     */
-    fetch(source: SkillSourceDescriptor, quarantineDir: string): Promise<SkillFetchResult>;
-}
-/**
- * Dependencies for the skill storage step.
- * Manages the local skill directory and registry.
- */
-export interface SkillStorageDeps {
-    /** Root directory for installed skills (e.g. ~/.xiaozhiclaw/skills/). */
-    skillsDir: string;
-    /** Registry subdirectory (e.g. ~/.xiaozhiclaw/skills/.registry/). */
-    registryDir: string;
-    /** Move content from quarantine to final location. */
-    moveToInstallDir(quarantineDir: string, skillName: string): Promise<string>;
-    /** Remove an installed skill directory. */
-    removeSkill(skillName: string): Promise<void>;
-    /** Read the registry lock file. */
-    readLockfile(): Promise<SkillLockfile>;
-    /** Write the registry lock file. */
-    writeLockfile(lockfile: SkillLockfile): Promise<void>;
-}
-/**
- * Single entry in the skill lockfile.
- */
-export interface SkillLockEntry {
-    name: string;
-    source: SkillSourceDescriptor;
-    installedAt: string;
-    scanVerdict: ScanVerdict;
-    scanSummary?: SkillScanSummary;
-    /** Integrity hash of the SKILL.md content (sha256). */
-    integrity?: string;
-}
-/**
- * Complete lockfile for all installed skills.
- */
-export interface SkillLockfile {
-    version: 1;
-    entries: Record<string, SkillLockEntry>;
-}
-/**
- * Result of a skill install operation.
- */
-export interface SkillInstallResult {
-    success: boolean;
-    name: string;
-    installDir?: string;
-    verdict: ScanVerdict;
-    scanSummary?: SkillScanSummary;
-    error?: string;
-}
-/**
- * Orchestrate the full install pipeline:
- * Fetch → Quarantine → Scan → Validate → Move → Lock
- *
- * This function is pure orchestration — actual I/O is delegated to deps.
- */
-export declare function installSkill(params: {
-    source: SkillSourceDescriptor;
-    fetchDeps: SkillFetchDeps;
-    storageDeps: SkillStorageDeps;
-    scanSkillDir: (dir: string) => Promise<SkillScanSummary>;
-    quarantineDir: string;
-}): Promise<SkillInstallResult>;
-/**
- * Uninstall a skill: remove from disk + update lockfile.
- */
-export declare function uninstallSkill(params: {
-    skillName: string;
-    storageDeps: SkillStorageDeps;
-}): Promise<{
-    success: boolean;
-    error?: string;
-}>;
-/**
- * Create an empty lockfile.
- */
-export declare function createEmptyLockfile(): SkillLockfile;