safehands-pharos 1.4.0 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (124) hide show
  1. package/README.md +174 -63
  2. package/dist/cli.d.ts +5 -5
  3. package/dist/cli.d.ts.map +1 -1
  4. package/dist/cli.js +126 -124
  5. package/dist/cli.js.map +1 -1
  6. package/dist/demo.d.ts +1 -1
  7. package/dist/demo.js +171 -171
  8. package/dist/index.d.ts +2 -2
  9. package/dist/index.d.ts.map +1 -1
  10. package/dist/index.js +73 -65
  11. package/dist/index.js.map +1 -1
  12. package/dist/init.d.ts +1 -1
  13. package/dist/init.js +65 -65
  14. package/dist/lib/constants.d.ts +303 -291
  15. package/dist/lib/constants.d.ts.map +1 -1
  16. package/dist/lib/constants.js +302 -292
  17. package/dist/lib/constants.js.map +1 -1
  18. package/dist/lib/dodoApi.d.ts +78 -78
  19. package/dist/lib/dodoApi.js +196 -196
  20. package/dist/lib/envLoader.d.ts +2 -0
  21. package/dist/lib/envLoader.d.ts.map +1 -0
  22. package/dist/lib/envLoader.js +44 -0
  23. package/dist/lib/envLoader.js.map +1 -0
  24. package/dist/lib/http.d.ts +14 -14
  25. package/dist/lib/http.js +118 -118
  26. package/dist/lib/pharosClient.d.ts +58 -58
  27. package/dist/lib/pharosClient.js +63 -63
  28. package/dist/lib/policy/actionPolicyEngine.d.ts +53 -53
  29. package/dist/lib/policy/actionPolicyEngine.js +212 -212
  30. package/dist/lib/riskEngine.d.ts +26 -26
  31. package/dist/lib/riskEngine.d.ts.map +1 -1
  32. package/dist/lib/riskEngine.js +288 -283
  33. package/dist/lib/riskEngine.js.map +1 -1
  34. package/dist/lib/signer/index.d.ts +24 -24
  35. package/dist/lib/signer/index.js +88 -88
  36. package/dist/lib/testDodoLive.d.ts +1 -1
  37. package/dist/lib/testDodoLive.js +104 -104
  38. package/dist/lib/testLiveSafehands.d.ts +1 -1
  39. package/dist/lib/testLiveSafehands.js +92 -92
  40. package/dist/lib/testRpcLive.d.ts +1 -1
  41. package/dist/lib/testRpcLive.js +88 -88
  42. package/dist/lib/testTools.js +397 -398
  43. package/dist/lib/testX402Live.d.ts +1 -1
  44. package/dist/lib/testX402Live.js +159 -159
  45. package/dist/lib/toolResponse.d.ts +25 -25
  46. package/dist/lib/toolResponse.js +53 -53
  47. package/dist/lib/wallet/index.d.ts +37 -37
  48. package/dist/lib/wallet/index.js +128 -128
  49. package/dist/scripts/checkDeploy.d.ts +1 -1
  50. package/dist/scripts/checkDeploy.js +24 -24
  51. package/dist/scripts/deployRegistry.d.ts +1 -1
  52. package/dist/scripts/deployRegistry.js +100 -100
  53. package/dist/scripts/testRegistry.d.ts +1 -1
  54. package/dist/scripts/testRegistry.js +43 -43
  55. package/dist/tools/approveToken.d.ts +45 -45
  56. package/dist/tools/approveToken.js +85 -85
  57. package/dist/tools/assessRisk.d.ts +79 -79
  58. package/dist/tools/assessRisk.js +104 -104
  59. package/dist/tools/checkAllowance.d.ts +43 -43
  60. package/dist/tools/checkAllowance.js +56 -56
  61. package/dist/tools/checkTokenSecurity.d.ts +46 -46
  62. package/dist/tools/checkTokenSecurity.js +95 -95
  63. package/dist/tools/createAgentWallet.d.ts +28 -26
  64. package/dist/tools/createAgentWallet.d.ts.map +1 -1
  65. package/dist/tools/createAgentWallet.js +82 -58
  66. package/dist/tools/createAgentWallet.js.map +1 -1
  67. package/dist/tools/estimateGas.d.ts +79 -79
  68. package/dist/tools/estimateGas.js +124 -124
  69. package/dist/tools/executeSwap.d.ts +61 -61
  70. package/dist/tools/executeSwap.js +141 -141
  71. package/dist/tools/explainRisk.d.ts +29 -29
  72. package/dist/tools/explainRisk.js +32 -32
  73. package/dist/tools/getAgentWallet.d.ts +21 -21
  74. package/dist/tools/getAgentWallet.js +27 -27
  75. package/dist/tools/getAgentWalletBalance.d.ts +11 -11
  76. package/dist/tools/getAgentWalletBalance.js +70 -70
  77. package/dist/tools/getExecutionHistory.d.ts +49 -49
  78. package/dist/tools/getExecutionHistory.js +154 -154
  79. package/dist/tools/getGasPrice.d.ts +43 -43
  80. package/dist/tools/getGasPrice.js +59 -59
  81. package/dist/tools/getPoolInfo.d.ts +75 -75
  82. package/dist/tools/getPoolInfo.js +137 -137
  83. package/dist/tools/getTokenPrice.d.ts +113 -113
  84. package/dist/tools/getTokenPrice.js +117 -117
  85. package/dist/tools/getTransactionStatus.d.ts +43 -43
  86. package/dist/tools/getTransactionStatus.js +59 -59
  87. package/dist/tools/getWalletBalance.d.ts +68 -68
  88. package/dist/tools/getWalletBalance.js +87 -87
  89. package/dist/tools/publishRiskScore.d.ts +63 -63
  90. package/dist/tools/publishRiskScore.js +88 -88
  91. package/dist/tools/queryRiskRegistry.d.ts +38 -38
  92. package/dist/tools/queryRiskRegistry.js +55 -55
  93. package/dist/tools/safehandsPreflightCheck.d.ts +77 -77
  94. package/dist/tools/safehandsPreflightCheck.js +47 -47
  95. package/dist/tools/safehandsRiskReport.d.ts +81 -81
  96. package/dist/tools/safehandsRiskReport.js +28 -28
  97. package/dist/tools/safehandsSafeExecute.d.ts +20 -20
  98. package/dist/tools/safehandsSafeExecute.js +81 -81
  99. package/dist/tools/safehandsWalletHealth.d.ts +14 -14
  100. package/dist/tools/safehandsWalletHealth.js +103 -103
  101. package/dist/tools/safehandsX402Preflight.d.ts +26 -26
  102. package/dist/tools/safehandsX402Preflight.js +65 -65
  103. package/dist/tools/sendPayment.d.ts +57 -57
  104. package/dist/tools/sendPayment.js +117 -117
  105. package/dist/tools/simulateTransaction.d.ts +60 -60
  106. package/dist/tools/simulateTransaction.js +83 -83
  107. package/dist/tools/tokenRegistryStatus.d.ts +26 -26
  108. package/dist/tools/tokenRegistryStatus.js +96 -96
  109. package/dist/tools/x402PayAndFetch.d.ts +81 -81
  110. package/dist/tools/x402PayAndFetch.js +152 -152
  111. package/dist/x402Server.d.ts +1 -1
  112. package/dist/x402Server.js +300 -252
  113. package/dist/x402Server.js.map +1 -1
  114. package/package.json +6 -16
  115. package/examples/dashboard/index.html +0 -337
  116. package/examples/pharos-skill-engine/SKILL.safehands.md +0 -85
  117. package/examples/pharos-skill-engine/assets/safehands/example-actions.json +0 -49
  118. package/examples/pharos-skill-engine/assets/safehands/policy-defaults.json +0 -11
  119. package/examples/pharos-skill-engine/references/safehands.md +0 -345
  120. package/examples/scenario-hack.ts +0 -38
  121. package/skill/SKILL.md +0 -133
  122. package/skill/assets/safehands/example-actions.json +0 -49
  123. package/skill/assets/safehands/policy-defaults.json +0 -11
  124. package/skill/references/safehands.md +0 -345
@@ -1,104 +1,104 @@
1
- // ─── Tool: safehands_wallet_health ─────────────────────────────────────
2
- // Checks whether an AI agent wallet is ready for guarded testnet actions.
3
- // ───────────────────────────────────────────────────────────────────────
4
- import { z } from "zod";
5
- import { formatEther, formatUnits } from "viem";
6
- import { publicClient } from "../lib/pharosClient.js";
7
- import { ERC20_ABI, USDC_ADDRESS, CHAIN_ID, PHAROS_ENVIRONMENT, IS_MAINNET, MAX_X402_PAYMENT_USDC } from "../lib/constants.js";
8
- import { ok, classifyExternalError } from "../lib/toolResponse.js";
9
- import { getSigner, isSignerFailure } from "../lib/signer/index.js";
10
- import { walletStore } from "../lib/wallet/index.js";
11
- export const safehandsWalletHealthSchema = z.object({
12
- agentId: z.string().optional().describe("Managed testnet wallet agentId"),
13
- walletAddress: z.string().optional().describe("Explicit wallet address for read-only health checks"),
14
- });
15
- export async function handleSafeHandsWalletHealth(raw) {
16
- const input = safehandsWalletHealthSchema.parse(raw);
17
- const managedWallet = input.agentId ? await walletStore.get(input.agentId) : null;
18
- const signer = await getSigner(input.agentId);
19
- const signerAvailable = !isSignerFailure(signer);
20
- const address = signerAvailable ? signer.address : (input.walletAddress || managedWallet?.address);
21
- const base = {
22
- environment: PHAROS_ENVIRONMENT,
23
- chainId: CHAIN_ID,
24
- isMainnet: IS_MAINNET,
25
- walletMode: process.env.WALLET_MODE || "none",
26
- writeToolsEnabled: process.env.WRITE_TOOLS_ENABLED === "true",
27
- signerAvailable,
28
- signerMode: signerAvailable ? signer.mode : null,
29
- signerError: signerAvailable ? null : signer.error,
30
- managedWalletExists: Boolean(managedWallet),
31
- address: address || null,
32
- };
33
- if (!address) {
34
- return ok({
35
- ...base,
36
- status: "NOT_READY",
37
- readiness: {
38
- canReadBalances: false,
39
- canPayGas: false,
40
- canPayX402: false,
41
- canExecuteWrites: false,
42
- },
43
- requiredActions: ["Create a managed testnet wallet or provide WALLET_MODE=env with a testnet PRIVATE_KEY."],
44
- source: "safehands_wallet_health",
45
- });
46
- }
47
- try {
48
- const [phrsRaw, usdcRaw] = await Promise.all([
49
- publicClient.getBalance({ address: address }),
50
- publicClient.readContract({
51
- address: USDC_ADDRESS,
52
- abi: ERC20_ABI,
53
- functionName: "balanceOf",
54
- args: [address],
55
- }),
56
- ]);
57
- const phrs = formatEther(phrsRaw);
58
- const usdc = formatUnits(usdcRaw, 6);
59
- const canPayGas = parseFloat(phrs) > 0.001;
60
- const canPayX402 = parseFloat(usdc) >= Number(MAX_X402_PAYMENT_USDC);
61
- const canExecuteWrites = signerAvailable && canPayGas && process.env.WRITE_TOOLS_ENABLED === "true";
62
- return ok({
63
- ...base,
64
- status: canExecuteWrites ? "READY" : signerAvailable ? "DEGRADED" : "NOT_READY",
65
- balances: {
66
- PHRS: { value: phrs, unit: "PHRS", decimals: 18 },
67
- USDC: { value: usdc, unit: "USDC", decimals: 6, tokenAddress: USDC_ADDRESS },
68
- },
69
- readiness: {
70
- canReadBalances: true,
71
- canPayGas,
72
- canPayX402,
73
- canExecuteWrites,
74
- },
75
- dailySpendStatus: {
76
- implemented: false,
77
- note: "Daily spend accounting is config-ready but not persisted in this MVP.",
78
- },
79
- requiredActions: [
80
- ...(canPayGas ? [] : ["Fund wallet with testnet PHRS for gas."]),
81
- ...(canPayX402 ? [] : [`Fund wallet with at least ${MAX_X402_PAYMENT_USDC} testnet USDC for x402 payments.`]),
82
- ...(process.env.WRITE_TOOLS_ENABLED === "true" ? [] : ["Set WRITE_TOOLS_ENABLED=true only when intentionally executing trusted testnet actions."]),
83
- ],
84
- source: "safehands_wallet_health",
85
- });
86
- }
87
- catch (err) {
88
- const rpc = classifyExternalError("pharos_rpc", err);
89
- return ok({
90
- ...base,
91
- status: "DEGRADED",
92
- readiness: {
93
- canReadBalances: false,
94
- canPayGas: "unknown",
95
- canPayX402: "unknown",
96
- canExecuteWrites: false,
97
- },
98
- rpcError: rpc.error,
99
- requiredActions: ["Retry RPC balance checks later or configure PHAROS_RPC_URL."],
100
- source: "safehands_wallet_health",
101
- });
102
- }
103
- }
1
+ // ─── Tool: safehands_wallet_health ─────────────────────────────────────
2
+ // Checks whether an AI agent wallet is ready for guarded testnet actions.
3
+ // ───────────────────────────────────────────────────────────────────────
4
+ import { z } from "zod";
5
+ import { formatEther, formatUnits } from "viem";
6
+ import { publicClient } from "../lib/pharosClient.js";
7
+ import { ERC20_ABI, USDC_ADDRESS, CHAIN_ID, PHAROS_ENVIRONMENT, IS_MAINNET, MAX_X402_PAYMENT_USDC } from "../lib/constants.js";
8
+ import { ok, classifyExternalError } from "../lib/toolResponse.js";
9
+ import { getSigner, isSignerFailure } from "../lib/signer/index.js";
10
+ import { walletStore } from "../lib/wallet/index.js";
11
+ export const safehandsWalletHealthSchema = z.object({
12
+ agentId: z.string().optional().describe("Managed testnet wallet agentId"),
13
+ walletAddress: z.string().optional().describe("Explicit wallet address for read-only health checks"),
14
+ });
15
+ export async function handleSafeHandsWalletHealth(raw) {
16
+ const input = safehandsWalletHealthSchema.parse(raw);
17
+ const managedWallet = input.agentId ? await walletStore.get(input.agentId) : null;
18
+ const signer = await getSigner(input.agentId);
19
+ const signerAvailable = !isSignerFailure(signer);
20
+ const address = signerAvailable ? signer.address : (input.walletAddress || managedWallet?.address);
21
+ const base = {
22
+ environment: PHAROS_ENVIRONMENT,
23
+ chainId: CHAIN_ID,
24
+ isMainnet: IS_MAINNET,
25
+ walletMode: process.env.WALLET_MODE || "none",
26
+ writeToolsEnabled: process.env.WRITE_TOOLS_ENABLED === "true",
27
+ signerAvailable,
28
+ signerMode: signerAvailable ? signer.mode : null,
29
+ signerError: signerAvailable ? null : signer.error,
30
+ managedWalletExists: Boolean(managedWallet),
31
+ address: address || null,
32
+ };
33
+ if (!address) {
34
+ return ok({
35
+ ...base,
36
+ status: "NOT_READY",
37
+ readiness: {
38
+ canReadBalances: false,
39
+ canPayGas: false,
40
+ canPayX402: false,
41
+ canExecuteWrites: false,
42
+ },
43
+ requiredActions: ["Create a managed testnet wallet or provide WALLET_MODE=env with a testnet PRIVATE_KEY."],
44
+ source: "safehands_wallet_health",
45
+ });
46
+ }
47
+ try {
48
+ const [phrsRaw, usdcRaw] = await Promise.all([
49
+ publicClient.getBalance({ address: address }),
50
+ publicClient.readContract({
51
+ address: USDC_ADDRESS,
52
+ abi: ERC20_ABI,
53
+ functionName: "balanceOf",
54
+ args: [address],
55
+ }),
56
+ ]);
57
+ const phrs = formatEther(phrsRaw);
58
+ const usdc = formatUnits(usdcRaw, 6);
59
+ const canPayGas = parseFloat(phrs) > 0.001;
60
+ const canPayX402 = parseFloat(usdc) >= Number(MAX_X402_PAYMENT_USDC);
61
+ const canExecuteWrites = signerAvailable && canPayGas && process.env.WRITE_TOOLS_ENABLED === "true";
62
+ return ok({
63
+ ...base,
64
+ status: canExecuteWrites ? "READY" : signerAvailable ? "DEGRADED" : "NOT_READY",
65
+ balances: {
66
+ PHRS: { value: phrs, unit: "PHRS", decimals: 18 },
67
+ USDC: { value: usdc, unit: "USDC", decimals: 6, tokenAddress: USDC_ADDRESS },
68
+ },
69
+ readiness: {
70
+ canReadBalances: true,
71
+ canPayGas,
72
+ canPayX402,
73
+ canExecuteWrites,
74
+ },
75
+ dailySpendStatus: {
76
+ implemented: false,
77
+ note: "Daily spend accounting is config-ready but not persisted in this MVP.",
78
+ },
79
+ requiredActions: [
80
+ ...(canPayGas ? [] : ["Fund wallet with testnet PHRS for gas."]),
81
+ ...(canPayX402 ? [] : [`Fund wallet with at least ${MAX_X402_PAYMENT_USDC} testnet USDC for x402 payments.`]),
82
+ ...(process.env.WRITE_TOOLS_ENABLED === "true" ? [] : ["Set WRITE_TOOLS_ENABLED=true only when intentionally executing trusted testnet actions."]),
83
+ ],
84
+ source: "safehands_wallet_health",
85
+ });
86
+ }
87
+ catch (err) {
88
+ const rpc = classifyExternalError("pharos_rpc", err);
89
+ return ok({
90
+ ...base,
91
+ status: "DEGRADED",
92
+ readiness: {
93
+ canReadBalances: false,
94
+ canPayGas: "unknown",
95
+ canPayX402: "unknown",
96
+ canExecuteWrites: false,
97
+ },
98
+ rpcError: rpc.error,
99
+ requiredActions: ["Retry RPC balance checks later or configure PHAROS_RPC_URL."],
100
+ source: "safehands_wallet_health",
101
+ });
102
+ }
103
+ }
104
104
  //# sourceMappingURL=safehandsWalletHealth.js.map
@@ -1,27 +1,27 @@
1
- import { z } from "zod";
2
- import { type ToolResponse } from "../lib/toolResponse.js";
3
- export declare const safehandsX402PreflightSchema: z.ZodObject<{
4
- url: z.ZodString;
5
- method: z.ZodDefault<z.ZodOptional<z.ZodEnum<["GET", "POST", "PUT", "DELETE"]>>>;
6
- paymentAmountUsdc: z.ZodDefault<z.ZodOptional<z.ZodString>>;
7
- paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
8
- agentId: z.ZodOptional<z.ZodString>;
9
- probeEndpoint: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
10
- }, "strip", z.ZodTypeAny, {
11
- url: string;
12
- paymentAmountUsdc: string;
13
- paymentTokenAddress: string;
14
- method: "GET" | "POST" | "PUT" | "DELETE";
15
- probeEndpoint: boolean;
16
- agentId?: string | undefined;
17
- }, {
18
- url: string;
19
- paymentAmountUsdc?: string | undefined;
20
- paymentTokenAddress?: string | undefined;
21
- method?: "GET" | "POST" | "PUT" | "DELETE" | undefined;
22
- agentId?: string | undefined;
23
- probeEndpoint?: boolean | undefined;
24
- }>;
25
- export type SafeHandsX402PreflightInput = z.input<typeof safehandsX402PreflightSchema>;
26
- export declare function handleSafeHandsX402Preflight(raw: SafeHandsX402PreflightInput): Promise<ToolResponse<unknown>>;
1
+ import { z } from "zod";
2
+ import { type ToolResponse } from "../lib/toolResponse.js";
3
+ export declare const safehandsX402PreflightSchema: z.ZodObject<{
4
+ url: z.ZodString;
5
+ method: z.ZodDefault<z.ZodOptional<z.ZodEnum<["GET", "POST", "PUT", "DELETE"]>>>;
6
+ paymentAmountUsdc: z.ZodDefault<z.ZodOptional<z.ZodString>>;
7
+ paymentTokenAddress: z.ZodDefault<z.ZodOptional<z.ZodString>>;
8
+ agentId: z.ZodOptional<z.ZodString>;
9
+ probeEndpoint: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
10
+ }, "strip", z.ZodTypeAny, {
11
+ url: string;
12
+ paymentAmountUsdc: string;
13
+ paymentTokenAddress: string;
14
+ method: "GET" | "POST" | "PUT" | "DELETE";
15
+ probeEndpoint: boolean;
16
+ agentId?: string | undefined;
17
+ }, {
18
+ url: string;
19
+ paymentAmountUsdc?: string | undefined;
20
+ paymentTokenAddress?: string | undefined;
21
+ method?: "GET" | "POST" | "PUT" | "DELETE" | undefined;
22
+ agentId?: string | undefined;
23
+ probeEndpoint?: boolean | undefined;
24
+ }>;
25
+ export type SafeHandsX402PreflightInput = z.input<typeof safehandsX402PreflightSchema>;
26
+ export declare function handleSafeHandsX402Preflight(raw: SafeHandsX402PreflightInput): Promise<ToolResponse<unknown>>;
27
27
  //# sourceMappingURL=safehandsX402Preflight.d.ts.map
@@ -1,66 +1,66 @@
1
- // ─── Tool: safehands_x402_preflight ────────────────────────────────────
2
- // Checks whether an x402 paid resource is safe before payment signing.
3
- // ───────────────────────────────────────────────────────────────────────
4
- import { z } from "zod";
5
- import { ok, fail } from "../lib/toolResponse.js";
6
- import { assertSafeFetchUrl, fetchWithTimeoutAndRetry } from "../lib/http.js";
7
- import { CHAIN_ID, PHAROS_ENVIRONMENT, MAX_X402_PAYMENT_USDC, X402_PAYMENT_TOKEN_ADDRESS } from "../lib/constants.js";
8
- import { evaluateActionPolicy } from "../lib/policy/actionPolicyEngine.js";
9
- import { getSigner, isSignerFailure } from "../lib/signer/index.js";
10
- export const safehandsX402PreflightSchema = z.object({
11
- url: z.string(),
12
- method: z.enum(["GET", "POST", "PUT", "DELETE"]).optional().default("GET"),
13
- paymentAmountUsdc: z.string().optional().default("0.001"),
14
- paymentTokenAddress: z.string().optional().default(X402_PAYMENT_TOKEN_ADDRESS),
15
- agentId: z.string().optional(),
16
- probeEndpoint: z.boolean().optional().default(false),
17
- });
18
- export async function handleSafeHandsX402Preflight(raw) {
19
- const input = safehandsX402PreflightSchema.parse(raw);
20
- try {
21
- await assertSafeFetchUrl(input.url);
22
- }
23
- catch (err) {
24
- return fail("SSRF_BLOCKED", err instanceof Error ? err.message.replace(/^SSRF_BLOCKED:\s*/, "") : String(err), false, "safehands_x402_preflight");
25
- }
26
- let detectedStatus = null;
27
- let paymentRequired = "unknown";
28
- if (input.probeEndpoint) {
29
- try {
30
- const res = await fetchWithTimeoutAndRetry(input.url, { method: input.method, timeoutMs: 7_500, retries: 0 });
31
- detectedStatus = res.status;
32
- paymentRequired = res.status === 402;
33
- }
34
- catch {
35
- paymentRequired = "unknown";
36
- }
37
- }
38
- const signer = await getSigner(input.agentId, { purpose: "x402" });
39
- const signerAvailable = !isSignerFailure(signer);
40
- const policy = evaluateActionPolicy({
41
- actionType: "x402_pay_and_fetch",
42
- url: input.url,
43
- paymentAmountUsdc: input.paymentAmountUsdc,
44
- paymentTokenAddress: input.paymentTokenAddress,
45
- signerAvailable,
46
- requiresSigner: paymentRequired === true,
47
- chainId: CHAIN_ID,
48
- environment: PHAROS_ENVIRONMENT,
49
- isMainnet: false,
50
- });
51
- return ok({
52
- ...policy,
53
- url: input.url,
54
- method: input.method,
55
- paymentAmountUsdc: input.paymentAmountUsdc,
56
- maxPaymentUsdc: MAX_X402_PAYMENT_USDC,
57
- paymentTokenAddress: input.paymentTokenAddress,
58
- signerAvailable,
59
- signerMode: signerAvailable ? signer.mode : null,
60
- signerError: signerAvailable ? null : signer.error,
61
- probe: { enabled: input.probeEndpoint, status: detectedStatus, paymentRequired },
62
- testnetPayment: true,
63
- source: "safehands_x402_preflight",
64
- });
65
- }
1
+ // ─── Tool: safehands_x402_preflight ────────────────────────────────────
2
+ // Checks whether an x402 paid resource is safe before payment signing.
3
+ // ───────────────────────────────────────────────────────────────────────
4
+ import { z } from "zod";
5
+ import { ok, fail } from "../lib/toolResponse.js";
6
+ import { assertSafeFetchUrl, fetchWithTimeoutAndRetry } from "../lib/http.js";
7
+ import { CHAIN_ID, PHAROS_ENVIRONMENT, MAX_X402_PAYMENT_USDC, X402_PAYMENT_TOKEN_ADDRESS } from "../lib/constants.js";
8
+ import { evaluateActionPolicy } from "../lib/policy/actionPolicyEngine.js";
9
+ import { getSigner, isSignerFailure } from "../lib/signer/index.js";
10
+ export const safehandsX402PreflightSchema = z.object({
11
+ url: z.string(),
12
+ method: z.enum(["GET", "POST", "PUT", "DELETE"]).optional().default("GET"),
13
+ paymentAmountUsdc: z.string().optional().default("0.001"),
14
+ paymentTokenAddress: z.string().optional().default(X402_PAYMENT_TOKEN_ADDRESS),
15
+ agentId: z.string().optional(),
16
+ probeEndpoint: z.boolean().optional().default(false),
17
+ });
18
+ export async function handleSafeHandsX402Preflight(raw) {
19
+ const input = safehandsX402PreflightSchema.parse(raw);
20
+ try {
21
+ await assertSafeFetchUrl(input.url);
22
+ }
23
+ catch (err) {
24
+ return fail("SSRF_BLOCKED", err instanceof Error ? err.message.replace(/^SSRF_BLOCKED:\s*/, "") : String(err), false, "safehands_x402_preflight");
25
+ }
26
+ let detectedStatus = null;
27
+ let paymentRequired = "unknown";
28
+ if (input.probeEndpoint) {
29
+ try {
30
+ const res = await fetchWithTimeoutAndRetry(input.url, { method: input.method, timeoutMs: 7_500, retries: 0 });
31
+ detectedStatus = res.status;
32
+ paymentRequired = res.status === 402;
33
+ }
34
+ catch {
35
+ paymentRequired = "unknown";
36
+ }
37
+ }
38
+ const signer = await getSigner(input.agentId, { purpose: "x402" });
39
+ const signerAvailable = !isSignerFailure(signer);
40
+ const policy = evaluateActionPolicy({
41
+ actionType: "x402_pay_and_fetch",
42
+ url: input.url,
43
+ paymentAmountUsdc: input.paymentAmountUsdc,
44
+ paymentTokenAddress: input.paymentTokenAddress,
45
+ signerAvailable,
46
+ requiresSigner: paymentRequired === true,
47
+ chainId: CHAIN_ID,
48
+ environment: PHAROS_ENVIRONMENT,
49
+ isMainnet: false,
50
+ });
51
+ return ok({
52
+ ...policy,
53
+ url: input.url,
54
+ method: input.method,
55
+ paymentAmountUsdc: input.paymentAmountUsdc,
56
+ maxPaymentUsdc: MAX_X402_PAYMENT_USDC,
57
+ paymentTokenAddress: input.paymentTokenAddress,
58
+ signerAvailable,
59
+ signerMode: signerAvailable ? signer.mode : null,
60
+ signerError: signerAvailable ? null : signer.error,
61
+ probe: { enabled: input.probeEndpoint, status: detectedStatus, paymentRequired },
62
+ testnetPayment: true,
63
+ source: "safehands_x402_preflight",
64
+ });
65
+ }
66
66
  //# sourceMappingURL=safehandsX402Preflight.js.map
@@ -1,58 +1,58 @@
1
- import { z } from "zod";
2
- export declare const sendPaymentSchema: z.ZodObject<{
3
- toAddress: z.ZodString;
4
- amount: z.ZodString;
5
- memo: z.ZodOptional<z.ZodString>;
6
- agentId: z.ZodOptional<z.ZodString>;
7
- }, "strip", z.ZodTypeAny, {
8
- amount: string;
9
- toAddress: string;
10
- agentId?: string | undefined;
11
- memo?: string | undefined;
12
- }, {
13
- amount: string;
14
- toAddress: string;
15
- agentId?: string | undefined;
16
- memo?: string | undefined;
17
- }>;
18
- export type SendPaymentInput = z.input<typeof sendPaymentSchema>;
19
- export declare const sendPaymentTool: {
20
- name: string;
21
- description: string;
22
- inputSchema: z.ZodObject<{
23
- toAddress: z.ZodString;
24
- amount: z.ZodString;
25
- memo: z.ZodOptional<z.ZodString>;
26
- agentId: z.ZodOptional<z.ZodString>;
27
- }, "strip", z.ZodTypeAny, {
28
- amount: string;
29
- toAddress: string;
30
- agentId?: string | undefined;
31
- memo?: string | undefined;
32
- }, {
33
- amount: string;
34
- toAddress: string;
35
- agentId?: string | undefined;
36
- memo?: string | undefined;
37
- }>;
38
- };
39
- export declare function handleSendPayment(raw: SendPaymentInput): Promise<import("../lib/toolResponse.js").ToolFailure | import("../lib/toolResponse.js").ToolSuccess<{
40
- txHash: `0x${string}`;
41
- explorerUrl: string;
42
- amountSent: string;
43
- signerMode: import("../lib/signer/index.js").SignerMode;
44
- walletAddress: `0x${string}`;
45
- gasUsed: string;
46
- validation: {
47
- addressValid: boolean;
48
- balanceSufficient: boolean;
49
- warnings: string[];
50
- };
51
- policy: import("../lib/policy/actionPolicyEngine.js").ActionPolicyResult;
52
- riskAssessment: {
53
- riskScore: number;
54
- wasBlocked: boolean;
55
- };
56
- source: string;
57
- }>>;
1
+ import { z } from "zod";
2
+ export declare const sendPaymentSchema: z.ZodObject<{
3
+ toAddress: z.ZodString;
4
+ amount: z.ZodString;
5
+ memo: z.ZodOptional<z.ZodString>;
6
+ agentId: z.ZodOptional<z.ZodString>;
7
+ }, "strip", z.ZodTypeAny, {
8
+ amount: string;
9
+ toAddress: string;
10
+ agentId?: string | undefined;
11
+ memo?: string | undefined;
12
+ }, {
13
+ amount: string;
14
+ toAddress: string;
15
+ agentId?: string | undefined;
16
+ memo?: string | undefined;
17
+ }>;
18
+ export type SendPaymentInput = z.input<typeof sendPaymentSchema>;
19
+ export declare const sendPaymentTool: {
20
+ name: string;
21
+ description: string;
22
+ inputSchema: z.ZodObject<{
23
+ toAddress: z.ZodString;
24
+ amount: z.ZodString;
25
+ memo: z.ZodOptional<z.ZodString>;
26
+ agentId: z.ZodOptional<z.ZodString>;
27
+ }, "strip", z.ZodTypeAny, {
28
+ amount: string;
29
+ toAddress: string;
30
+ agentId?: string | undefined;
31
+ memo?: string | undefined;
32
+ }, {
33
+ amount: string;
34
+ toAddress: string;
35
+ agentId?: string | undefined;
36
+ memo?: string | undefined;
37
+ }>;
38
+ };
39
+ export declare function handleSendPayment(raw: SendPaymentInput): Promise<import("../lib/toolResponse.js").ToolFailure | import("../lib/toolResponse.js").ToolSuccess<{
40
+ txHash: `0x${string}`;
41
+ explorerUrl: string;
42
+ amountSent: string;
43
+ signerMode: import("../lib/signer/index.js").SignerMode;
44
+ walletAddress: `0x${string}`;
45
+ gasUsed: string;
46
+ validation: {
47
+ addressValid: boolean;
48
+ balanceSufficient: boolean;
49
+ warnings: string[];
50
+ };
51
+ policy: import("../lib/policy/actionPolicyEngine.js").ActionPolicyResult;
52
+ riskAssessment: {
53
+ riskScore: number;
54
+ wasBlocked: boolean;
55
+ };
56
+ source: string;
57
+ }>>;
58
58
  //# sourceMappingURL=sendPayment.d.ts.map