seclaw-agent 0.1.0

package/dist/agent/docker_sandbox.js

@@ -0,0 +1,239 @@
+"use strict";
+/**
+ * Docker sandbox
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DockerSandbox = void 0;
+const child_process_1 = require("child_process");
+const child_process_2 = require("child_process");
+const path = __importStar(require("path"));
+const uuid_1 = require("uuid");
+const logger_1 = __importDefault(require("../utils/logger"));
+class DockerSandbox {
+    image;
+    containerName;
+    workspaceHost;
+    workspaceContainer;
+    workspaceReadOnly;
+    extraMounts;
+    extraEnv;
+    memoryLimit;
+    network;
+    snapshotEnabled;
+    snapshotMax;
+    containerId = null;
+    constructor(opts = {}) {
+        this.image = opts.image ?? "ubuntu:22.04";
+        this.containerName = opts.containerName ?? `seclaw-${(0, uuid_1.v4)().replace(/-/g, "").slice(0, 8)}`;
+        this.workspaceHost = opts.workspaceHost;
+        this.workspaceContainer = opts.workspaceContainer ?? "/workspace";
+        this.workspaceReadOnly = opts.workspaceReadOnly ?? true;
+        this.extraMounts = opts.extraMounts ?? [];
+        this.extraEnv = opts.extraEnv ?? {};
+        this.memoryLimit = opts.memoryLimit;
+        this.network = opts.network ?? "bridge";
+        this.snapshotEnabled = opts.snapshotEnabled ?? true;
+        this.snapshotMax = opts.snapshotMax ?? 10;
+    }
+    get isRunning() {
+        return this.containerId !== null;
+    }
+    start() {
+        const inspect = (0, child_process_1.spawnSync)("docker", ["inspect", "--format", "{{.State.Status}}", this.containerName], { encoding: "utf-8" });
+        if (inspect.status === 0) {
+            const status = inspect.stdout.trim();
+            if (status === "running") {
+                const idRes = (0, child_process_1.spawnSync)("docker", ["inspect", "--format", "{{.Id}}", this.containerName], { encoding: "utf-8" });
+                this.containerId = idRes.stdout.trim();
+                logger_1.default.info(`Docker sandbox reused (already running): ${this.containerName} (${this.containerId.slice(0, 12)})`);
+                return;
+            }
+            else {
+                const restart = (0, child_process_1.spawnSync)("docker", ["start", this.containerName], { encoding: "utf-8" });
+                if (restart.status === 0) {
+                    const idRes = (0, child_process_1.spawnSync)("docker", ["inspect", "--format", "{{.Id}}", this.containerName], { encoding: "utf-8" });
+                    this.containerId = idRes.stdout.trim();
+                    logger_1.default.info(`Docker sandbox restarted: ${this.containerName} (${this.containerId.slice(0, 12)})`);
+                    return;
+                }
+                (0, child_process_1.spawnSync)("docker", ["rm", "-f", this.containerName], { encoding: "utf-8" });
+            }
+        }
+        const cmd = ["run", "-d", "--name", this.containerName, "--network", this.network];
+        if (this.workspaceHost) {
+            const resolved = path.resolve(this.workspaceHost);
+            const mode = this.workspaceReadOnly ? "ro" : "rw";
+            cmd.push("-v", `${resolved}:${this.workspaceContainer}:${mode}`);
+        }
+        for (const mount of this.extraMounts)
+            cmd.push("-v", mount);
+        for (const [k, v] of Object.entries(this.extraEnv))
+            cmd.push("-e", `${k}=${v}`);
+        if (this.memoryLimit)
+            cmd.push("-m", this.memoryLimit);
+        cmd.push(this.image, "sleep", "infinity");
+        const result = (0, child_process_1.spawnSync)("docker", cmd, { encoding: "utf-8" });
+        if (result.status !== 0) {
+            throw new Error(`Failed to start Docker sandbox '${this.containerName}': ${result.stderr?.trim()}`);
+        }
+        this.containerId = result.stdout.trim();
+        logger_1.default.info(`Docker sandbox created: ${this.containerName} (${this.containerId.slice(0, 12)})`);
+    }
+    stop() {
+        if (!this.containerId)
+            return;
+        (0, child_process_1.spawnSync)("docker", ["stop", this.containerName], { encoding: "utf-8" });
+        logger_1.default.info(`Docker sandbox stopped (preserved): ${this.containerName}`);
+        this.containerId = null;
+    }
+    destroy() {
+        (0, child_process_1.spawnSync)("docker", ["rm", "-f", this.containerName], { encoding: "utf-8" });
+        logger_1.default.info(`Docker sandbox destroyed: ${this.containerName}`);
+        this.containerId = null;
+    }
+    buildRunCmd(imageOverride) {
+        const image = imageOverride ?? this.image;
+        const cmd = ["docker", "run", "-d", "--name", this.containerName, "--network", this.network];
+        if (this.workspaceHost) {
+            const resolved = path.resolve(this.workspaceHost);
+            const mode = this.workspaceReadOnly ? "ro" : "rw";
+            cmd.push("-v", `${resolved}:${this.workspaceContainer}:${mode}`);
+        }
+        for (const mount of this.extraMounts)
+            cmd.push("-v", mount);
+        for (const [k, v] of Object.entries(this.extraEnv))
+            cmd.push("-e", `${k}=${v}`);
+        if (this.memoryLimit)
+            cmd.push("-m", this.memoryLimit);
+        cmd.push(image, "sleep", "infinity");
+        return cmd;
+    }
+    async exec(command, workingDir, timeout = 60) {
+        if (!this.containerId)
+            throw new Error("Docker sandbox is not running");
+        const wdContainer = workingDir ? this.hostToContainer(workingDir) : this.workspaceContainer;
+        const dockerCmd = ["docker", "exec", "-w", wdContainer, this.containerName, "sh", "-c", command];
+        return new Promise((resolve) => {
+            const child = (0, child_process_2.spawn)(dockerCmd[0], dockerCmd.slice(1), { stdio: ["ignore", "pipe", "pipe"] });
+            let stdout = "";
+            let stderr = "";
+            child.stdout.on("data", (d) => (stdout += d.toString("utf-8")));
+            child.stderr.on("data", (d) => (stderr += d.toString("utf-8")));
+            const timer = setTimeout(() => {
+                child.kill();
+                resolve(["", `Command timed out after ${timeout}s`, 1]);
+            }, timeout * 1000);
+            child.on("close", (code) => {
+                clearTimeout(timer);
+                resolve([stdout, stderr, code ?? 0]);
+            });
+        });
+    }
+    async execWithStdin(command, stdinData, workingDir, timeout = 60) {
+        if (!this.containerId)
+            throw new Error("Docker sandbox is not running");
+        const wdContainer = workingDir ? this.hostToContainer(workingDir) : this.workspaceContainer;
+        const dockerCmd = ["docker", "exec", "-i", "-w", wdContainer, this.containerName, "sh", "-c", command];
+        return new Promise((resolve) => {
+            const child = (0, child_process_2.spawn)(dockerCmd[0], dockerCmd.slice(1), { stdio: ["pipe", "pipe", "pipe"] });
+            let stdout = "";
+            let stderr = "";
+            child.stdout.on("data", (d) => (stdout += d.toString("utf-8")));
+            child.stderr.on("data", (d) => (stderr += d.toString("utf-8")));
+            const timer = setTimeout(() => {
+                child.kill();
+                resolve(["", `Command timed out after ${timeout}s`, 1]);
+            }, timeout * 1000);
+            child.on("close", (code) => {
+                clearTimeout(timer);
+                resolve([stdout, stderr, code ?? 0]);
+            });
+            child.stdin.write(stdinData);
+            child.stdin.end();
+        });
+    }
+    hostToContainer(hostPath) {
+        let resolved;
+        try {
+            resolved = path.resolve(hostPath.replace(/^~/, process.env["HOME"] ?? "~"));
+        }
+        catch {
+            return hostPath;
+        }
+        if (this.workspaceHost) {
+            const hostWs = path.resolve(this.workspaceHost);
+            if (resolved === hostWs)
+                return this.workspaceContainer;
+            if (resolved.startsWith(hostWs + path.sep) || resolved.startsWith(hostWs + "/")) {
+                return this.workspaceContainer + resolved.slice(hostWs.length);
+            }
+        }
+        for (const mount of this.extraMounts) {
+            const parts = mount.split(":");
+            if (parts.length < 2)
+                continue;
+            let mntHost;
+            try {
+                mntHost = path.resolve(parts[0].replace(/^~/, process.env["HOME"] ?? "~"));
+            }
+            catch {
+                continue;
+            }
+            const mntContainer = parts[1];
+            if (resolved === mntHost)
+                return mntContainer;
+            if (resolved.startsWith(mntHost + "/"))
+                return mntContainer + resolved.slice(mntHost.length);
+        }
+        return hostPath;
+    }
+    containerToHost(containerPath) {
+        if (!this.workspaceHost)
+            return containerPath;
+        const wc = this.workspaceContainer;
+        const hostWs = path.resolve(this.workspaceHost);
+        if (containerPath === wc)
+            return hostWs;
+        if (containerPath.startsWith(wc + "/"))
+            return hostWs + containerPath.slice(wc.length);
+        return containerPath;
+    }
+}
+exports.DockerSandbox = DockerSandbox;
+//# sourceMappingURL=docker_sandbox.js.map

package/dist/agent/docker_sandbox.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"docker_sandbox.js","sourceRoot":"","sources":["../../src/agent/docker_sandbox.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAoD;AACpD,iDAAsC;AACtC,2CAA6B;AAE7B,+BAAoC;AACpC,6DAAqC;AAgBrC,MAAa,aAAa;IACxB,KAAK,CAAS;IACd,aAAa,CAAS;IACtB,aAAa,CAAU;IACvB,kBAAkB,CAAS;IAC3B,iBAAiB,CAAU;IAC3B,WAAW,CAAW;IACtB,QAAQ,CAAyB;IACjC,WAAW,CAAU;IACrB,OAAO,CAAS;IAChB,eAAe,CAAU;IACzB,WAAW,CAAS;IAEZ,WAAW,GAAkB,IAAI,CAAC;IAE1C,YAAY,OAA6B,EAAE;QACzC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,cAAc,CAAC;QAC1C,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,IAAI,UAAU,IAAA,SAAM,GAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QAC9F,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;QACxC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,IAAI,YAAY,CAAC;QAClE,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC;QACxD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC;QAC1C,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC;QACxC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC;QACpD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC;IAC5C,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,WAAW,KAAK,IAAI,CAAC;IACnC,CAAC;IAED,KAAK;QACH,MAAM,OAAO,GAAG,IAAA,yBAAS,EACvB,QAAQ,EACR,CAAC,SAAS,EAAE,UAAU,EAAE,mBAAmB,EAAE,IAAI,CAAC,aAAa,CAAC,EAChE,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB,CAAC;QAEF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACrC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gBACzB,MAAM,KAAK,GAAG,IAAA,yBAAS,EACrB,QAAQ,EACR,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,EACtD,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB,CAAC;gBACF,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACvC,gBAAM,CAAC,IAAI,CAAC,4CAA4C,IAAI,CAAC,aAAa,KAAK,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjH,OAAO;YACT,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;gBAC1F,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACzB,MAAM,KAAK,GAAG,IAAA,yBAAS,EACrB,QAAQ,EACR,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,EACtD,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB,CAAC;oBACF,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;oBACvC,gBAAM,CAAC,IAAI,CAAC,6BAA6B,IAAI,CAAC,aAAa,KAAK,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;oBAClG,OAAO;gBACT,CAAC;gBACD,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;QAED,MAAM,GAAG,GAAa,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAE7F,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAClD,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,QAAQ,IAAI,IAAI,CAAC,kBAAkB,IAAI,IAAI,EAAE,CAAC,CAAC;QACnE,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC5D,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChF,IAAI,IAAI,CAAC,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;QAE1C,MAAM,MAAM,GAAG,IAAA,yBAAS,EAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAC/D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,mCAAmC,IAAI,CAAC,aAAa,MAAM,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;QACtG,CAAC;QACD,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACxC,gBAAM,CAAC,IAAI,CAAC,2BAA2B,IAAI,CAAC,aAAa,KAAK,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAClG,CAAC;IAED,IAAI;QACF,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO;QAC9B,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACzE,gBAAM,CAAC,IAAI,CAAC,uCAAuC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QACzE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;IAED,OAAO;QACL,IAAA,yBAAS,EAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QAC7E,gBAAM,CAAC,IAAI,CAAC,6BAA6B,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAC/D,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;IAED,WAAW,CAAC,aAAsB;QAChC,MAAM,KAAK,GAAG,aAAa,IAAI,IAAI,CAAC,KAAK,CAAC;QAC1C,MAAM,GAAG,GAAG,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7F,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAClD,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,QAAQ,IAAI,IAAI,CAAC,kBAAkB,IAAI,IAAI,EAAE,CAAC,CAAC;QACnE,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC5D,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChF,IAAI,IAAI,CAAC,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;QACrC,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,IAAI,CACR,OAAe,EACf,UAAmB,EACnB,OAAO,GAAG,EAAE;QAEZ,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAExE,MAAM,WAAW,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAC5F,MAAM,SAAS,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAEjG,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,KAAK,GAAG,IAAA,qBAAK,EAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;YAC7F,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAEhB,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YACxE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAExE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,KAAK,CAAC,IAAI,EAAE,CAAC;gBACb,OAAO,CAAC,CAAC,EAAE,EAAE,2BAA2B,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC;YAEnB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACvC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,aAAa,CACjB,OAAe,EACf,SAAiB,EACjB,UAAmB,EACnB,OAAO,GAAG,EAAE;QAEZ,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAExE,MAAM,WAAW,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAC5F,MAAM,SAAS,GAAG,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAEvG,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,KAAK,GAAG,IAAA,qBAAK,EAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;YAC3F,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAEhB,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YACxE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAExE,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,KAAK,CAAC,IAAI,EAAE,CAAC;gBACb,OAAO,CAAC,CAAC,EAAE,EAAE,2BAA2B,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC;YAEnB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACzB,YAAY,CAAC,KAAK,CAAC,CAAC;gBACpB,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YACvC,CAAC,CAAC,CAAC;YAEH,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAC7B,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;QACpB,CAAC,CAAC,CAAC;IACL,CAAC;IAED,eAAe,CAAC,QAAgB;QAC9B,IAAI,QAAgB,CAAC;QACrB,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;QAC9E,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAChD,IAAI,QAAQ,KAAK,MAAM;gBAAE,OAAO,IAAI,CAAC,kBAAkB,CAAC;YACxD,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC;gBAChF,OAAO,IAAI,CAAC,kBAAkB,GAAG,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;gBAAE,SAAS;YAC/B,IAAI,OAAe,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;YAC7E,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,QAAQ,KAAK,OAAO;gBAAE,OAAO,YAAY,CAAC;YAC9C,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,GAAG,GAAG,CAAC;gBAAE,OAAO,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC/F,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,eAAe,CAAC,aAAqB;QACnC,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO,aAAa,CAAC;QAC9C,MAAM,EAAE,GAAG,IAAI,CAAC,kBAAkB,CAAC;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAChD,IAAI,aAAa,KAAK,EAAE;YAAE,OAAO,MAAM,CAAC;QACxC,IAAI,aAAa,CAAC,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC;YAAE,OAAO,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC;QACvF,OAAO,aAAa,CAAC;IACvB,CAAC;CACF;AA3ND,sCA2NC"}

package/dist/agent/loop.d.ts

@@ -0,0 +1,86 @@
+/**
+ * Agent loop - TypeScript port of seclaw/agent/loop.py
+ */
+import { MessageBus } from "../bus/queue";
+import { InboundMessage, OutboundMessage } from "../bus/events";
+import type { LLMProvider } from "../providers/base";
+import { SessionManager } from "../session/manager";
+import type { DockerSandbox } from "./docker_sandbox";
+import type { CronService } from "../cron/service";
+export interface ExecToolConfig {
+    timeout?: number;
+}
+export interface SecurityConfig {
+    inputValidationEnabled?: boolean;
+    outputValidationEnabled?: boolean;
+    postExecutionAuditEnabled?: boolean;
+    executionLogEnabled?: boolean;
+    executionLogStep?: number;
+    prohibitedCommands?: string[];
+    dockerSandbox?: {
+        snapshotMinIntervalSeconds?: number;
+    };
+}
+export interface AgentLoopOptions {
+    bus: MessageBus;
+    provider: LLMProvider;
+    workspace: string;
+    model?: string;
+    maxIterations?: number;
+    temperature?: number;
+    maxTokens?: number;
+    memoryWindow?: number;
+    braveApiKey?: string;
+    execConfig?: ExecToolConfig;
+    cronService?: CronService | null;
+    restrictToWorkspace?: boolean;
+    sessionManager?: SessionManager;
+    dockerSandbox?: DockerSandbox | null;
+    securityConfig?: SecurityConfig;
+    onReady?: () => void;
+}
+export declare class AgentLoop {
+    private bus;
+    private provider;
+    private workspace;
+    private model;
+    private maxIterations;
+    private temperature;
+    private maxTokens;
+    private memoryWindow;
+    private braveApiKey?;
+    private execConfig;
+    private cronService?;
+    private restrictToWorkspace;
+    private dockerSandbox?;
+    private securityConfig;
+    private onReady?;
+    private readySignaled;
+    private readyPromise;
+    private resolveReady;
+    private context;
+    private sessions;
+    private tools;
+    private subagents;
+    private running;
+    private security;
+    private dockerSnapshot;
+    constructor(opts: AgentLoopOptions);
+    private _registerDefaultTools;
+    private _setToolContext;
+    run(): Promise<void>;
+    stop(): void;
+    private _signalReady;
+    waitUntilReady(timeoutMs?: number): Promise<void>;
+    private _secondsSinceLastUserMessage;
+    private _isToolOutputSummary;
+    private _llmSummarizeToolOutput;
+    private _appendToolResultWithIncrementalCompression;
+    private _takeSnapshotIfEnabled;
+    private _buildConfirmationMessage;
+    _processMessage(msg: InboundMessage, sessionKeyOverride?: string): Promise<OutboundMessage | null>;
+    private _processSystemMessage;
+    private _consolidateMemory;
+    processDirect(content: string, sessionKey?: string, channel?: string, chatId?: string): Promise<string>;
+}
+//# sourceMappingURL=loop.d.ts.map

package/dist/agent/loop.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"loop.d.ts","sourceRoot":"","sources":["../../src/agent/loop.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,cAAc,EAAE,eAAe,EAAwE,MAAM,eAAe,CAAC;AACtI,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAWrD,OAAO,EAAE,cAAc,EAAqF,MAAM,oBAAoB,CAAC;AACvI,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAQnD,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,aAAa,CAAC,EAAE;QACd,0BAA0B,CAAC,EAAE,MAAM,CAAC;KACrC,CAAC;CACH;AAED,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE,UAAU,CAAC;IAChB,QAAQ,EAAE,WAAW,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,cAAc,CAAC;IAC5B,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IACjC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,CAAC;IACrC,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;CACtB;AAED,qBAAa,SAAS;IACpB,OAAO,CAAC,GAAG,CAAa;IACxB,OAAO,CAAC,QAAQ,CAAc;IAC9B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,WAAW,CAAC,CAAS;IAC7B,OAAO,CAAC,UAAU,CAAiB;IACnC,OAAO,CAAC,WAAW,CAAC,CAAqB;IACzC,OAAO,CAAC,mBAAmB,CAAU;IACrC,OAAO,CAAC,aAAa,CAAC,CAAuB;IAC7C,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,OAAO,CAAC,CAAa;IAC7B,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,YAAY,CAAgB;IACpC,OAAO,CAAC,YAAY,CAAc;IAElC,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,QAAQ,CAAiB;IACjC,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,SAAS,CAAkB;IACnC,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,QAAQ,CAAqB;IACrC,OAAO,CAAC,cAAc,CAAsC;gBAEhD,IAAI,EAAE,gBAAgB;IA4ElC,OAAO,CAAC,qBAAqB;IAmC7B,OAAO,CAAC,eAAe;IAWjB,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC;IA6C1B,IAAI,IAAI,IAAI;IAKZ,OAAO,CAAC,YAAY;IAcd,cAAc,CAAC,SAAS,SAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBlD,OAAO,CAAC,4BAA4B;IAkBpC,OAAO,CAAC,oBAAoB;YAId,uBAAuB;YA6BvB,2CAA2C;YAkB3C,sBAAsB;YA0CtB,yBAAyB;IAwEjC,eAAe,CACnB,GAAG,EAAE,cAAc,EACnB,kBAAkB,CAAC,EAAE,MAAM,GAC1B,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;YAuUpB,qBAAqB;YA+DrB,kBAAkB;IA8E1B,aAAa,CACjB,OAAO,EAAE,MAAM,EACf,UAAU,SAAe,EACzB,OAAO,SAAQ,EACf,MAAM,SAAW,GAChB,OAAO,CAAC,MAAM,CAAC;CAKnB"}