safehands-pharos 1.4.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (124) hide show
  1. package/README.md +174 -63
  2. package/dist/cli.d.ts +5 -5
  3. package/dist/cli.d.ts.map +1 -1
  4. package/dist/cli.js +126 -124
  5. package/dist/cli.js.map +1 -1
  6. package/dist/demo.d.ts +1 -1
  7. package/dist/demo.js +171 -171
  8. package/dist/index.d.ts +2 -2
  9. package/dist/index.d.ts.map +1 -1
  10. package/dist/index.js +73 -65
  11. package/dist/index.js.map +1 -1
  12. package/dist/init.d.ts +1 -1
  13. package/dist/init.js +65 -65
  14. package/dist/lib/constants.d.ts +303 -291
  15. package/dist/lib/constants.d.ts.map +1 -1
  16. package/dist/lib/constants.js +302 -292
  17. package/dist/lib/constants.js.map +1 -1
  18. package/dist/lib/dodoApi.d.ts +78 -78
  19. package/dist/lib/dodoApi.js +196 -196
  20. package/dist/lib/envLoader.d.ts +2 -0
  21. package/dist/lib/envLoader.d.ts.map +1 -0
  22. package/dist/lib/envLoader.js +44 -0
  23. package/dist/lib/envLoader.js.map +1 -0
  24. package/dist/lib/http.d.ts +14 -14
  25. package/dist/lib/http.js +118 -118
  26. package/dist/lib/pharosClient.d.ts +58 -58
  27. package/dist/lib/pharosClient.js +63 -63
  28. package/dist/lib/policy/actionPolicyEngine.d.ts +53 -53
  29. package/dist/lib/policy/actionPolicyEngine.js +212 -212
  30. package/dist/lib/riskEngine.d.ts +26 -26
  31. package/dist/lib/riskEngine.d.ts.map +1 -1
  32. package/dist/lib/riskEngine.js +288 -283
  33. package/dist/lib/riskEngine.js.map +1 -1
  34. package/dist/lib/signer/index.d.ts +24 -24
  35. package/dist/lib/signer/index.js +88 -88
  36. package/dist/lib/testDodoLive.d.ts +1 -1
  37. package/dist/lib/testDodoLive.js +104 -104
  38. package/dist/lib/testLiveSafehands.d.ts +1 -1
  39. package/dist/lib/testLiveSafehands.js +92 -92
  40. package/dist/lib/testRpcLive.d.ts +1 -1
  41. package/dist/lib/testRpcLive.js +88 -88
  42. package/dist/lib/testTools.js +397 -398
  43. package/dist/lib/testX402Live.d.ts +1 -1
  44. package/dist/lib/testX402Live.js +159 -159
  45. package/dist/lib/toolResponse.d.ts +25 -25
  46. package/dist/lib/toolResponse.js +53 -53
  47. package/dist/lib/wallet/index.d.ts +37 -37
  48. package/dist/lib/wallet/index.js +128 -128
  49. package/dist/scripts/checkDeploy.d.ts +1 -1
  50. package/dist/scripts/checkDeploy.js +24 -24
  51. package/dist/scripts/deployRegistry.d.ts +1 -1
  52. package/dist/scripts/deployRegistry.js +100 -100
  53. package/dist/scripts/testRegistry.d.ts +1 -1
  54. package/dist/scripts/testRegistry.js +43 -43
  55. package/dist/tools/approveToken.d.ts +45 -45
  56. package/dist/tools/approveToken.js +85 -85
  57. package/dist/tools/assessRisk.d.ts +79 -79
  58. package/dist/tools/assessRisk.js +104 -104
  59. package/dist/tools/checkAllowance.d.ts +43 -43
  60. package/dist/tools/checkAllowance.js +56 -56
  61. package/dist/tools/checkTokenSecurity.d.ts +46 -46
  62. package/dist/tools/checkTokenSecurity.js +95 -95
  63. package/dist/tools/createAgentWallet.d.ts +28 -26
  64. package/dist/tools/createAgentWallet.d.ts.map +1 -1
  65. package/dist/tools/createAgentWallet.js +82 -58
  66. package/dist/tools/createAgentWallet.js.map +1 -1
  67. package/dist/tools/estimateGas.d.ts +79 -79
  68. package/dist/tools/estimateGas.js +124 -124
  69. package/dist/tools/executeSwap.d.ts +61 -61
  70. package/dist/tools/executeSwap.js +141 -141
  71. package/dist/tools/explainRisk.d.ts +29 -29
  72. package/dist/tools/explainRisk.js +32 -32
  73. package/dist/tools/getAgentWallet.d.ts +21 -21
  74. package/dist/tools/getAgentWallet.js +27 -27
  75. package/dist/tools/getAgentWalletBalance.d.ts +11 -11
  76. package/dist/tools/getAgentWalletBalance.js +70 -70
  77. package/dist/tools/getExecutionHistory.d.ts +49 -49
  78. package/dist/tools/getExecutionHistory.js +154 -154
  79. package/dist/tools/getGasPrice.d.ts +43 -43
  80. package/dist/tools/getGasPrice.js +59 -59
  81. package/dist/tools/getPoolInfo.d.ts +75 -75
  82. package/dist/tools/getPoolInfo.js +137 -137
  83. package/dist/tools/getTokenPrice.d.ts +113 -113
  84. package/dist/tools/getTokenPrice.js +117 -117
  85. package/dist/tools/getTransactionStatus.d.ts +43 -43
  86. package/dist/tools/getTransactionStatus.js +59 -59
  87. package/dist/tools/getWalletBalance.d.ts +68 -68
  88. package/dist/tools/getWalletBalance.js +87 -87
  89. package/dist/tools/publishRiskScore.d.ts +63 -63
  90. package/dist/tools/publishRiskScore.js +88 -88
  91. package/dist/tools/queryRiskRegistry.d.ts +38 -38
  92. package/dist/tools/queryRiskRegistry.js +55 -55
  93. package/dist/tools/safehandsPreflightCheck.d.ts +77 -77
  94. package/dist/tools/safehandsPreflightCheck.js +47 -47
  95. package/dist/tools/safehandsRiskReport.d.ts +81 -81
  96. package/dist/tools/safehandsRiskReport.js +28 -28
  97. package/dist/tools/safehandsSafeExecute.d.ts +20 -20
  98. package/dist/tools/safehandsSafeExecute.js +81 -81
  99. package/dist/tools/safehandsWalletHealth.d.ts +14 -14
  100. package/dist/tools/safehandsWalletHealth.js +103 -103
  101. package/dist/tools/safehandsX402Preflight.d.ts +26 -26
  102. package/dist/tools/safehandsX402Preflight.js +65 -65
  103. package/dist/tools/sendPayment.d.ts +57 -57
  104. package/dist/tools/sendPayment.js +117 -117
  105. package/dist/tools/simulateTransaction.d.ts +60 -60
  106. package/dist/tools/simulateTransaction.js +83 -83
  107. package/dist/tools/tokenRegistryStatus.d.ts +26 -26
  108. package/dist/tools/tokenRegistryStatus.js +96 -96
  109. package/dist/tools/x402PayAndFetch.d.ts +81 -81
  110. package/dist/tools/x402PayAndFetch.js +152 -152
  111. package/dist/x402Server.d.ts +1 -1
  112. package/dist/x402Server.js +300 -252
  113. package/dist/x402Server.js.map +1 -1
  114. package/package.json +6 -16
  115. package/examples/dashboard/index.html +0 -337
  116. package/examples/pharos-skill-engine/SKILL.safehands.md +0 -85
  117. package/examples/pharos-skill-engine/assets/safehands/example-actions.json +0 -49
  118. package/examples/pharos-skill-engine/assets/safehands/policy-defaults.json +0 -11
  119. package/examples/pharos-skill-engine/references/safehands.md +0 -345
  120. package/examples/scenario-hack.ts +0 -38
  121. package/skill/SKILL.md +0 -133
  122. package/skill/assets/safehands/example-actions.json +0 -49
  123. package/skill/assets/safehands/policy-defaults.json +0 -11
  124. package/skill/references/safehands.md +0 -345
@@ -1,82 +1,82 @@
1
- import { z } from "zod";
2
- import { type ToolResponse } from "../lib/toolResponse.js";
3
- export declare const safehandsRiskReportSchema: z.ZodObject<{
4
- actionType: z.ZodEnum<["send_payment", "approve_token", "execute_swap", "x402_pay_and_fetch", "publish_risk_score", "custom_contract_call"]>;
5
- chainId: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
6
- environment: z.ZodDefault<z.ZodOptional<z.ZodString>>;
7
- isMainnet: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
8
- amount: z.ZodOptional<z.ZodString>;
9
- amountUnit: z.ZodOptional<z.ZodEnum<["PHRS", "USDC", "USD", "TOKEN"]>>;
10
- token: z.ZodOptional<z.ZodString>;
11
- tokenAddress: z.ZodOptional<z.ZodString>;
12
- tokenIn: z.ZodOptional<z.ZodString>;
13
- tokenOut: z.ZodOptional<z.ZodString>;
14
- recipient: z.ZodOptional<z.ZodString>;
15
- spender: z.ZodOptional<z.ZodString>;
16
- approvalAmount: z.ZodOptional<z.ZodString>;
17
- approvalToken: z.ZodOptional<z.ZodString>;
18
- approvalUnlimited: z.ZodOptional<z.ZodBoolean>;
19
- url: z.ZodOptional<z.ZodString>;
20
- paymentAmountUsdc: z.ZodOptional<z.ZodString>;
21
- paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
22
- signerAvailable: z.ZodOptional<z.ZodBoolean>;
23
- tokenSecurityStatus: z.ZodOptional<z.ZodEnum<["ok", "unavailable", "unknown"]>>;
24
- recipientVerified: z.ZodOptional<z.ZodBoolean>;
25
- spenderVerified: z.ZodOptional<z.ZodBoolean>;
26
- requiresSigner: z.ZodOptional<z.ZodBoolean>;
27
- } & {
28
- includeChecks: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
29
- }, "strip", z.ZodTypeAny, {
30
- environment: string;
31
- actionType: "send_payment" | "approve_token" | "execute_swap" | "x402_pay_and_fetch" | "publish_risk_score" | "custom_contract_call";
32
- chainId: number;
33
- isMainnet: boolean;
34
- paymentTokenAddress: string;
35
- includeChecks: boolean;
36
- spender?: string | undefined;
37
- amount?: string | undefined;
38
- token?: string | undefined;
39
- tokenAddress?: string | undefined;
40
- amountUnit?: "PHRS" | "USDC" | "USD" | "TOKEN" | undefined;
41
- tokenIn?: string | undefined;
42
- tokenOut?: string | undefined;
43
- recipient?: string | undefined;
44
- approvalAmount?: string | undefined;
45
- approvalToken?: string | undefined;
46
- approvalUnlimited?: boolean | undefined;
47
- url?: string | undefined;
48
- paymentAmountUsdc?: string | undefined;
49
- signerAvailable?: boolean | undefined;
50
- tokenSecurityStatus?: "unknown" | "ok" | "unavailable" | undefined;
51
- recipientVerified?: boolean | undefined;
52
- spenderVerified?: boolean | undefined;
53
- requiresSigner?: boolean | undefined;
54
- }, {
55
- actionType: "send_payment" | "approve_token" | "execute_swap" | "x402_pay_and_fetch" | "publish_risk_score" | "custom_contract_call";
56
- spender?: string | undefined;
57
- amount?: string | undefined;
58
- environment?: string | undefined;
59
- token?: string | undefined;
60
- tokenAddress?: string | undefined;
61
- chainId?: number | undefined;
62
- isMainnet?: boolean | undefined;
63
- amountUnit?: "PHRS" | "USDC" | "USD" | "TOKEN" | undefined;
64
- tokenIn?: string | undefined;
65
- tokenOut?: string | undefined;
66
- recipient?: string | undefined;
67
- approvalAmount?: string | undefined;
68
- approvalToken?: string | undefined;
69
- approvalUnlimited?: boolean | undefined;
70
- url?: string | undefined;
71
- paymentAmountUsdc?: string | undefined;
72
- paymentTokenAddress?: string | undefined;
73
- signerAvailable?: boolean | undefined;
74
- tokenSecurityStatus?: "unknown" | "ok" | "unavailable" | undefined;
75
- recipientVerified?: boolean | undefined;
76
- spenderVerified?: boolean | undefined;
77
- requiresSigner?: boolean | undefined;
78
- includeChecks?: boolean | undefined;
79
- }>;
80
- export type SafeHandsRiskReportInput = z.input<typeof safehandsRiskReportSchema>;
81
- export declare function handleSafeHandsRiskReport(raw: SafeHandsRiskReportInput): Promise<ToolResponse<unknown>>;
1
+ import { z } from "zod";
2
+ import { type ToolResponse } from "../lib/toolResponse.js";
3
+ export declare const safehandsRiskReportSchema: z.ZodObject<{
4
+ actionType: z.ZodEnum<["send_payment", "approve_token", "execute_swap", "x402_pay_and_fetch", "publish_risk_score", "custom_contract_call"]>;
5
+ chainId: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
6
+ environment: z.ZodDefault<z.ZodOptional<z.ZodString>>;
7
+ isMainnet: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
8
+ amount: z.ZodOptional<z.ZodString>;
9
+ amountUnit: z.ZodOptional<z.ZodEnum<["PHRS", "USDC", "USD", "TOKEN"]>>;
10
+ token: z.ZodOptional<z.ZodString>;
11
+ tokenAddress: z.ZodOptional<z.ZodString>;
12
+ tokenIn: z.ZodOptional<z.ZodString>;
13
+ tokenOut: z.ZodOptional<z.ZodString>;
14
+ recipient: z.ZodOptional<z.ZodString>;
15
+ spender: z.ZodOptional<z.ZodString>;
16
+ approvalAmount: z.ZodOptional<z.ZodString>;
17
+ approvalToken: z.ZodOptional<z.ZodString>;
18
+ approvalUnlimited: z.ZodOptional<z.ZodBoolean>;
19
+ url: z.ZodOptional<z.ZodString>;
20
+ paymentAmountUsdc: z.ZodOptional<z.ZodString>;
21
+ paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
22
+ signerAvailable: z.ZodOptional<z.ZodBoolean>;
23
+ tokenSecurityStatus: z.ZodOptional<z.ZodEnum<["ok", "unavailable", "unknown"]>>;
24
+ recipientVerified: z.ZodOptional<z.ZodBoolean>;
25
+ spenderVerified: z.ZodOptional<z.ZodBoolean>;
26
+ requiresSigner: z.ZodOptional<z.ZodBoolean>;
27
+ } & {
28
+ includeChecks: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
29
+ }, "strip", z.ZodTypeAny, {
30
+ environment: string;
31
+ actionType: "send_payment" | "approve_token" | "execute_swap" | "x402_pay_and_fetch" | "publish_risk_score" | "custom_contract_call";
32
+ chainId: number;
33
+ isMainnet: boolean;
34
+ paymentTokenAddress: string;
35
+ includeChecks: boolean;
36
+ spender?: string | undefined;
37
+ amount?: string | undefined;
38
+ token?: string | undefined;
39
+ tokenAddress?: string | undefined;
40
+ amountUnit?: "PHRS" | "USDC" | "USD" | "TOKEN" | undefined;
41
+ tokenIn?: string | undefined;
42
+ tokenOut?: string | undefined;
43
+ recipient?: string | undefined;
44
+ approvalAmount?: string | undefined;
45
+ approvalToken?: string | undefined;
46
+ approvalUnlimited?: boolean | undefined;
47
+ url?: string | undefined;
48
+ paymentAmountUsdc?: string | undefined;
49
+ signerAvailable?: boolean | undefined;
50
+ tokenSecurityStatus?: "unknown" | "ok" | "unavailable" | undefined;
51
+ recipientVerified?: boolean | undefined;
52
+ spenderVerified?: boolean | undefined;
53
+ requiresSigner?: boolean | undefined;
54
+ }, {
55
+ actionType: "send_payment" | "approve_token" | "execute_swap" | "x402_pay_and_fetch" | "publish_risk_score" | "custom_contract_call";
56
+ spender?: string | undefined;
57
+ amount?: string | undefined;
58
+ environment?: string | undefined;
59
+ token?: string | undefined;
60
+ tokenAddress?: string | undefined;
61
+ chainId?: number | undefined;
62
+ isMainnet?: boolean | undefined;
63
+ amountUnit?: "PHRS" | "USDC" | "USD" | "TOKEN" | undefined;
64
+ tokenIn?: string | undefined;
65
+ tokenOut?: string | undefined;
66
+ recipient?: string | undefined;
67
+ approvalAmount?: string | undefined;
68
+ approvalToken?: string | undefined;
69
+ approvalUnlimited?: boolean | undefined;
70
+ url?: string | undefined;
71
+ paymentAmountUsdc?: string | undefined;
72
+ paymentTokenAddress?: string | undefined;
73
+ signerAvailable?: boolean | undefined;
74
+ tokenSecurityStatus?: "unknown" | "ok" | "unavailable" | undefined;
75
+ recipientVerified?: boolean | undefined;
76
+ spenderVerified?: boolean | undefined;
77
+ requiresSigner?: boolean | undefined;
78
+ includeChecks?: boolean | undefined;
79
+ }>;
80
+ export type SafeHandsRiskReportInput = z.input<typeof safehandsRiskReportSchema>;
81
+ export declare function handleSafeHandsRiskReport(raw: SafeHandsRiskReportInput): Promise<ToolResponse<unknown>>;
82
82
  //# sourceMappingURL=safehandsRiskReport.d.ts.map
@@ -1,29 +1,29 @@
1
- // ─── Tool: safehands_risk_report ───────────────────────────────────────
2
- import { z } from "zod";
3
- import { ok } from "../lib/toolResponse.js";
4
- import { explainPolicyResult } from "../lib/policy/actionPolicyEngine.js";
5
- import { handleSafeHandsPreflightCheck, safehandsPreflightCheckSchema } from "./safehandsPreflightCheck.js";
6
- export const safehandsRiskReportSchema = safehandsPreflightCheckSchema.extend({
7
- includeChecks: z.boolean().optional().default(true),
8
- });
9
- export async function handleSafeHandsRiskReport(raw) {
10
- const input = safehandsRiskReportSchema.parse(raw);
11
- const preflight = await handleSafeHandsPreflightCheck(input);
12
- if (!preflight.success)
13
- return preflight;
14
- const data = preflight.data;
15
- return ok({
16
- decision: data.decision,
17
- riskLevel: data.riskLevel,
18
- safeToExecute: data.safeToExecute,
19
- summary: explainPolicyResult(data),
20
- reasons: data.reasons,
21
- requiredActions: data.requiredActions,
22
- checks: input.includeChecks ? data.checks : undefined,
23
- environment: data.environment,
24
- chainId: data.chainId,
25
- isMainnet: data.isMainnet,
26
- source: "safehands_risk_report",
27
- });
28
- }
1
+ // ─── Tool: safehands_risk_report ───────────────────────────────────────
2
+ import { z } from "zod";
3
+ import { ok } from "../lib/toolResponse.js";
4
+ import { explainPolicyResult } from "../lib/policy/actionPolicyEngine.js";
5
+ import { handleSafeHandsPreflightCheck, safehandsPreflightCheckSchema } from "./safehandsPreflightCheck.js";
6
+ export const safehandsRiskReportSchema = safehandsPreflightCheckSchema.extend({
7
+ includeChecks: z.boolean().optional().default(true),
8
+ });
9
+ export async function handleSafeHandsRiskReport(raw) {
10
+ const input = safehandsRiskReportSchema.parse(raw);
11
+ const preflight = await handleSafeHandsPreflightCheck(input);
12
+ if (!preflight.success)
13
+ return preflight;
14
+ const data = preflight.data;
15
+ return ok({
16
+ decision: data.decision,
17
+ riskLevel: data.riskLevel,
18
+ safeToExecute: data.safeToExecute,
19
+ summary: explainPolicyResult(data),
20
+ reasons: data.reasons,
21
+ requiredActions: data.requiredActions,
22
+ checks: input.includeChecks ? data.checks : undefined,
23
+ environment: data.environment,
24
+ chainId: data.chainId,
25
+ isMainnet: data.isMainnet,
26
+ source: "safehands_risk_report",
27
+ });
28
+ }
29
29
  //# sourceMappingURL=safehandsRiskReport.js.map
@@ -1,21 +1,21 @@
1
- import { z } from "zod";
2
- import { type ToolResponse } from "../lib/toolResponse.js";
3
- export declare const safehandsSafeExecuteSchema: z.ZodObject<{
4
- path: z.ZodEnum<["safe_execute_send_payment", "safe_execute_approve_token", "safe_execute_swap", "safe_x402_pay_and_fetch"]>;
5
- execute: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
6
- confirmExecution: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
7
- action: z.ZodRecord<z.ZodString, z.ZodAny>;
8
- }, "strip", z.ZodTypeAny, {
9
- path: "safe_execute_send_payment" | "safe_execute_approve_token" | "safe_execute_swap" | "safe_x402_pay_and_fetch";
10
- execute: boolean;
11
- confirmExecution: boolean;
12
- action: Record<string, any>;
13
- }, {
14
- path: "safe_execute_send_payment" | "safe_execute_approve_token" | "safe_execute_swap" | "safe_x402_pay_and_fetch";
15
- action: Record<string, any>;
16
- execute?: boolean | undefined;
17
- confirmExecution?: boolean | undefined;
18
- }>;
19
- export type SafeHandsSafeExecuteInput = z.input<typeof safehandsSafeExecuteSchema>;
20
- export declare function handleSafeHandsSafeExecute(raw: SafeHandsSafeExecuteInput): Promise<ToolResponse<unknown>>;
1
+ import { z } from "zod";
2
+ import { type ToolResponse } from "../lib/toolResponse.js";
3
+ export declare const safehandsSafeExecuteSchema: z.ZodObject<{
4
+ path: z.ZodEnum<["safe_execute_send_payment", "safe_execute_approve_token", "safe_execute_swap", "safe_x402_pay_and_fetch"]>;
5
+ execute: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
6
+ confirmExecution: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
7
+ action: z.ZodRecord<z.ZodString, z.ZodAny>;
8
+ }, "strip", z.ZodTypeAny, {
9
+ path: "safe_execute_send_payment" | "safe_execute_approve_token" | "safe_execute_swap" | "safe_x402_pay_and_fetch";
10
+ execute: boolean;
11
+ confirmExecution: boolean;
12
+ action: Record<string, any>;
13
+ }, {
14
+ path: "safe_execute_send_payment" | "safe_execute_approve_token" | "safe_execute_swap" | "safe_x402_pay_and_fetch";
15
+ action: Record<string, any>;
16
+ execute?: boolean | undefined;
17
+ confirmExecution?: boolean | undefined;
18
+ }>;
19
+ export type SafeHandsSafeExecuteInput = z.input<typeof safehandsSafeExecuteSchema>;
20
+ export declare function handleSafeHandsSafeExecute(raw: SafeHandsSafeExecuteInput): Promise<ToolResponse<unknown>>;
21
21
  //# sourceMappingURL=safehandsSafeExecute.d.ts.map
@@ -1,82 +1,82 @@
1
- // ─── Tool: safehands_safe_execute ──────────────────────────────────────
2
- // Guarded execution wrapper so AI agents cannot bypass preflight checks.
3
- // ───────────────────────────────────────────────────────────────────────
4
- import { z } from "zod";
5
- import { fail, ok, requireWriteToolsEnabled } from "../lib/toolResponse.js";
6
- import { getSigner, isSignerFailure } from "../lib/signer/index.js";
7
- import { handleSafeHandsPreflightCheck } from "./safehandsPreflightCheck.js";
8
- import { handleSendPayment } from "./sendPayment.js";
9
- import { handleApproveToken } from "./approveToken.js";
10
- import { handleExecuteSwap } from "./executeSwap.js";
11
- import { handleX402PayAndFetch } from "./x402PayAndFetch.js";
12
- export const safehandsSafeExecuteSchema = z.object({
13
- path: z.enum(["safe_execute_send_payment", "safe_execute_approve_token", "safe_execute_swap", "safe_x402_pay_and_fetch"]),
14
- execute: z.boolean().optional().default(false).describe("Must be true to execute. false returns dry-run guarded report only."),
15
- confirmExecution: z.boolean().optional().default(false).describe("Additional explicit runtime confirmation."),
16
- action: z.record(z.any()).describe("Underlying tool input object"),
17
- });
18
- function toPreflight(path, action, signerAvailable) {
19
- if (path === "safe_execute_send_payment") {
20
- return { actionType: "send_payment", amount: String(action.amount || ""), amountUnit: "PHRS", recipient: String(action.toAddress || ""), recipientVerified: false, requiresSigner: true, signerAvailable };
21
- }
22
- if (path === "safe_execute_approve_token") {
23
- return { actionType: "approve_token", approvalAmount: String(action.amount || ""), approvalToken: String(action.token || ""), approvalUnlimited: action.amount === "max", requiresSigner: true, signerAvailable };
24
- }
25
- if (path === "safe_execute_swap") {
26
- return { actionType: "execute_swap", amount: String(action.amountIn || ""), tokenIn: String(action.tokenIn || ""), tokenOut: String(action.tokenOut || ""), requiresSigner: true, signerAvailable };
27
- }
28
- return { actionType: "x402_pay_and_fetch", url: String(action.url || ""), paymentAmountUsdc: String(action.maxPaymentUsdc || "0.001"), requiresSigner: true, signerAvailable };
29
- }
30
- export async function handleSafeHandsSafeExecute(raw) {
31
- const input = safehandsSafeExecuteSchema.parse(raw);
32
- const writeGuard = requireWriteToolsEnabled("safehands_safe_execute");
33
- if (writeGuard)
34
- return writeGuard;
35
- // Resolve actual signer availability so the preflight report is truthful
36
- const purpose = input.path === "safe_x402_pay_and_fetch" ? "x402" : "write";
37
- const agentId = typeof input.action.agentId === "string" ? input.action.agentId : undefined;
38
- const signerResult = await getSigner(agentId, { purpose });
39
- const signerAvailable = !isSignerFailure(signerResult);
40
- const preflight = await handleSafeHandsPreflightCheck(toPreflight(input.path, input.action, signerAvailable));
41
- if (!preflight.success)
42
- return preflight;
43
- const report = preflight.data;
44
- if (report.decision === "BLOCK") {
45
- return ok({
46
- executed: false,
47
- blocked: true,
48
- safetyReport: report,
49
- executionResult: null,
50
- source: "safehands_safe_execute",
51
- });
52
- }
53
- if (report.decision !== "ALLOW") {
54
- return fail(report.decision === "REQUIRE_CONFIRMATION" ? "CONFIRMATION_REQUIRED" : "POLICY_BLOCKED", `SafeHands did not execute because policy decision is ${report.decision}.`, false, "safehands_safe_execute");
55
- }
56
- if (!input.execute || !input.confirmExecution) {
57
- return ok({
58
- executed: false,
59
- dryRun: true,
60
- reason: "Set execute=true and confirmExecution=true to execute this allowed testnet action.",
61
- safetyReport: report,
62
- executionResult: null,
63
- source: "safehands_safe_execute",
64
- });
65
- }
66
- let executionResult;
67
- if (input.path === "safe_execute_send_payment")
68
- executionResult = await handleSendPayment(input.action);
69
- else if (input.path === "safe_execute_approve_token")
70
- executionResult = await handleApproveToken(input.action);
71
- else if (input.path === "safe_execute_swap")
72
- executionResult = await handleExecuteSwap(input.action);
73
- else
74
- executionResult = await handleX402PayAndFetch(input.action);
75
- return ok({
76
- executed: true,
77
- safetyReport: report,
78
- executionResult,
79
- source: "safehands_safe_execute",
80
- });
81
- }
1
+ // ─── Tool: safehands_safe_execute ──────────────────────────────────────
2
+ // Guarded execution wrapper so AI agents cannot bypass preflight checks.
3
+ // ───────────────────────────────────────────────────────────────────────
4
+ import { z } from "zod";
5
+ import { fail, ok, requireWriteToolsEnabled } from "../lib/toolResponse.js";
6
+ import { getSigner, isSignerFailure } from "../lib/signer/index.js";
7
+ import { handleSafeHandsPreflightCheck } from "./safehandsPreflightCheck.js";
8
+ import { handleSendPayment } from "./sendPayment.js";
9
+ import { handleApproveToken } from "./approveToken.js";
10
+ import { handleExecuteSwap } from "./executeSwap.js";
11
+ import { handleX402PayAndFetch } from "./x402PayAndFetch.js";
12
+ export const safehandsSafeExecuteSchema = z.object({
13
+ path: z.enum(["safe_execute_send_payment", "safe_execute_approve_token", "safe_execute_swap", "safe_x402_pay_and_fetch"]),
14
+ execute: z.boolean().optional().default(false).describe("Must be true to execute. false returns dry-run guarded report only."),
15
+ confirmExecution: z.boolean().optional().default(false).describe("Additional explicit runtime confirmation."),
16
+ action: z.record(z.any()).describe("Underlying tool input object"),
17
+ });
18
+ function toPreflight(path, action, signerAvailable) {
19
+ if (path === "safe_execute_send_payment") {
20
+ return { actionType: "send_payment", amount: String(action.amount || ""), amountUnit: "PHRS", recipient: String(action.toAddress || ""), recipientVerified: false, requiresSigner: true, signerAvailable };
21
+ }
22
+ if (path === "safe_execute_approve_token") {
23
+ return { actionType: "approve_token", approvalAmount: String(action.amount || ""), approvalToken: String(action.token || ""), approvalUnlimited: action.amount === "max", requiresSigner: true, signerAvailable };
24
+ }
25
+ if (path === "safe_execute_swap") {
26
+ return { actionType: "execute_swap", amount: String(action.amountIn || ""), tokenIn: String(action.tokenIn || ""), tokenOut: String(action.tokenOut || ""), requiresSigner: true, signerAvailable };
27
+ }
28
+ return { actionType: "x402_pay_and_fetch", url: String(action.url || ""), paymentAmountUsdc: String(action.maxPaymentUsdc || "0.001"), requiresSigner: true, signerAvailable };
29
+ }
30
+ export async function handleSafeHandsSafeExecute(raw) {
31
+ const input = safehandsSafeExecuteSchema.parse(raw);
32
+ const writeGuard = requireWriteToolsEnabled("safehands_safe_execute");
33
+ if (writeGuard)
34
+ return writeGuard;
35
+ // Resolve actual signer availability so the preflight report is truthful
36
+ const purpose = input.path === "safe_x402_pay_and_fetch" ? "x402" : "write";
37
+ const agentId = typeof input.action.agentId === "string" ? input.action.agentId : undefined;
38
+ const signerResult = await getSigner(agentId, { purpose });
39
+ const signerAvailable = !isSignerFailure(signerResult);
40
+ const preflight = await handleSafeHandsPreflightCheck(toPreflight(input.path, input.action, signerAvailable));
41
+ if (!preflight.success)
42
+ return preflight;
43
+ const report = preflight.data;
44
+ if (report.decision === "BLOCK") {
45
+ return ok({
46
+ executed: false,
47
+ blocked: true,
48
+ safetyReport: report,
49
+ executionResult: null,
50
+ source: "safehands_safe_execute",
51
+ });
52
+ }
53
+ if (report.decision !== "ALLOW") {
54
+ return fail(report.decision === "REQUIRE_CONFIRMATION" ? "CONFIRMATION_REQUIRED" : "POLICY_BLOCKED", `SafeHands did not execute because policy decision is ${report.decision}.`, false, "safehands_safe_execute");
55
+ }
56
+ if (!input.execute || !input.confirmExecution) {
57
+ return ok({
58
+ executed: false,
59
+ dryRun: true,
60
+ reason: "Set execute=true and confirmExecution=true to execute this allowed testnet action.",
61
+ safetyReport: report,
62
+ executionResult: null,
63
+ source: "safehands_safe_execute",
64
+ });
65
+ }
66
+ let executionResult;
67
+ if (input.path === "safe_execute_send_payment")
68
+ executionResult = await handleSendPayment(input.action);
69
+ else if (input.path === "safe_execute_approve_token")
70
+ executionResult = await handleApproveToken(input.action);
71
+ else if (input.path === "safe_execute_swap")
72
+ executionResult = await handleExecuteSwap(input.action);
73
+ else
74
+ executionResult = await handleX402PayAndFetch(input.action);
75
+ return ok({
76
+ executed: true,
77
+ safetyReport: report,
78
+ executionResult,
79
+ source: "safehands_safe_execute",
80
+ });
81
+ }
82
82
  //# sourceMappingURL=safehandsSafeExecute.js.map
@@ -1,15 +1,15 @@
1
- import { z } from "zod";
2
- import { type ToolResponse } from "../lib/toolResponse.js";
3
- export declare const safehandsWalletHealthSchema: z.ZodObject<{
4
- agentId: z.ZodOptional<z.ZodString>;
5
- walletAddress: z.ZodOptional<z.ZodString>;
6
- }, "strip", z.ZodTypeAny, {
7
- agentId?: string | undefined;
8
- walletAddress?: string | undefined;
9
- }, {
10
- agentId?: string | undefined;
11
- walletAddress?: string | undefined;
12
- }>;
13
- export type SafeHandsWalletHealthInput = z.input<typeof safehandsWalletHealthSchema>;
14
- export declare function handleSafeHandsWalletHealth(raw: SafeHandsWalletHealthInput): Promise<ToolResponse<unknown>>;
1
+ import { z } from "zod";
2
+ import { type ToolResponse } from "../lib/toolResponse.js";
3
+ export declare const safehandsWalletHealthSchema: z.ZodObject<{
4
+ agentId: z.ZodOptional<z.ZodString>;
5
+ walletAddress: z.ZodOptional<z.ZodString>;
6
+ }, "strip", z.ZodTypeAny, {
7
+ agentId?: string | undefined;
8
+ walletAddress?: string | undefined;
9
+ }, {
10
+ agentId?: string | undefined;
11
+ walletAddress?: string | undefined;
12
+ }>;
13
+ export type SafeHandsWalletHealthInput = z.input<typeof safehandsWalletHealthSchema>;
14
+ export declare function handleSafeHandsWalletHealth(raw: SafeHandsWalletHealthInput): Promise<ToolResponse<unknown>>;
15
15
  //# sourceMappingURL=safehandsWalletHealth.d.ts.map