seclaw 0.1.9 → 0.1.10

package/dist/runtime/agent.js

@@ -251,7 +251,7 @@ function truncateToolResult(text) {
 }
 
 // telegram.ts
-import { readFileSync as readFileSync5, writeFileSync as writeFileSync2, mkdirSync as mkdirSync2, existsSync as existsSync5 } from "fs";
+import { readFileSync as readFileSync5, writeFileSync as writeFileSync3, mkdirSync as mkdirSync2, existsSync as existsSync5 } from "fs";
 import { resolve as resolve4, dirname } from "path";
 
 // tools.ts
@@ -342,7 +342,8 @@ async function initTools(config2) {
   };
   const advancedTools = [
     createTriggerScheduleTool(config2, ctx),
-    createScheduleActionTool(config2)
+    createScheduleActionTool(config2),
+    createConnectIntegrationTool(config2, ctx)
   ];
   for (const t of advancedTools) {
     allTools.push(t.definition);
@@ -548,6 +549,7 @@ function createBuiltinTools(config2) {
         const delay = Math.min(Math.max(args.delay_seconds || 0, 0), 3600);
         if (!chatId) return "Error: no chat_id provided.";
         const confirmId = `confirm_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
+        console.log(`[confirm] Created: ${confirmId} | action: ${onApprove.substring(0, 60)}`);
         pendingConfirmations.set(confirmId, {
           chatId,
           onApprove,
@@ -1018,6 +1020,85 @@ function createScheduleActionTool(config2) {
     }
   };
 }
+function createConnectIntegrationTool(config2, ctx) {
+  return {
+    definition: {
+      name: "connect_integration",
+      description: "Connect a new integration (Twitter, Reddit, YouTube, Tavily, Gmail, etc.) via OAuth. Returns an authorization URL that the user must open to grant access. Call this when you need an integration that isn't connected yet. After the user completes authorization, their tools become available automatically.",
+      inputSchema: {
+        type: "object",
+        properties: {
+          integration_key: {
+            type: "string",
+            description: "Integration to connect. Available: " + Object.entries(INTEGRATIONS).map(([k, v]) => `${k} (${v.hint})`).join(", ")
+          }
+        },
+        required: ["integration_key"]
+      }
+    },
+    execute: async (_name, args) => {
+      const key = args.integration_key;
+      const apiKey = config2.composioApiKey;
+      if (!apiKey) {
+        return "Error: Composio API key is not configured. Set COMPOSIO_API_KEY in .env";
+      }
+      const integration = INTEGRATIONS[key];
+      if (!integration) {
+        const available = Object.keys(INTEGRATIONS).join(", ");
+        return `Unknown integration "${key}". Available: ${available}`;
+      }
+      try {
+        const activeConnections = await getActiveConnections(apiKey);
+        if (activeConnections.has(integration.app)) {
+          await ctx.reloadComposio();
+          return `${integration.name} is already connected. Tools have been reloaded.`;
+        }
+        const configRes = await composioFetch(apiKey, `/auth_configs?appName=${integration.app}`);
+        const matchingConfig = (configRes.items || []).find(
+          (c) => c.toolkit?.slug === integration.app
+        );
+        let authConfigId;
+        if (matchingConfig) {
+          authConfigId = matchingConfig.id;
+        } else {
+          const created = await composioFetch(apiKey, "/auth_configs", {
+            method: "POST",
+            body: JSON.stringify({ toolkit: { slug: integration.app } })
+          });
+          authConfigId = created.auth_config?.id ?? created.id;
+        }
+        const entityId = config2.composioUserId || "default";
+        const connection = await composioFetch(apiKey, "/connected_accounts", {
+          method: "POST",
+          body: JSON.stringify({
+            auth_config: { id: authConfigId },
+            connection: { entity_id: entityId }
+          })
+        });
+        const redirectUrl = connection.redirect_url || connection.redirect_uri;
+        if (redirectUrl) {
+          console.log(`[connect_integration] ${integration.name} OAuth URL generated`);
+          return `Authorization link for ${integration.name}:
+${redirectUrl}
+
+The user needs to open this link, sign in, and grant access. After completing authorization, send any message and the new tools will be loaded automatically.`;
+        }
+        return `Could not generate authorization URL for ${integration.name}. The Composio API did not return a redirect URL.`;
+      } catch (err) {
+        const msg = err.message;
+        console.error(`[connect_integration] Error: ${msg}`);
+        if (msg.includes("DefaultAuthConfigNotFound") || msg.includes("auth config not found")) {
+          return `${integration.name} does not support one-click OAuth authorization. It requires an API key to be configured manually. The user should add their ${integration.name} API key in the .env file and restart the agent. Do NOT attempt to use execute_command or any workaround.`;
+        }
+        if (msg.includes("NoAuthApp") || msg.includes("does not require authentication")) {
+          await ctx.reloadComposio();
+          return `${integration.name} does not require authentication \u2014 its tools should be available directly. Tools have been reloaded. Try using the ${integration.name} tools now. If no tools are available for ${integration.name}, tell the user this integration is not yet configured in Composio. Do NOT use execute_command or curl as a workaround.`;
+        }
+        return `Failed to connect ${integration.name}: ${msg}. Do NOT fall back to execute_command.`;
+      }
+    }
+  };
+}
 
 // scheduler.ts
 import { Inngest } from "inngest";
@@ -1026,7 +1107,7 @@ import { readFileSync as readFileSync4, existsSync as existsSync4 } from "fs";
 import { resolve as resolve3 } from "path";
 
 // config.ts
-import { readFileSync as readFileSync3, existsSync as existsSync3 } from "fs";
+import { readFileSync as readFileSync3, writeFileSync as writeFileSync2, existsSync as existsSync3 } from "fs";
 import { resolve as resolve2 } from "path";
 var WORKSPACE = process.env.WORKSPACE_PATH || "/workspace";
 var BASE_PROMPT = `You are a personal AI assistant running on seclaw. You have multiple capabilities installed \u2014 use the right one based on the user's request.
@@ -1062,19 +1143,28 @@ function loadConfig() {
   };
 }
 function loadSystemPrompt() {
-  const installedPath = resolve2(WORKSPACE, "config", "installed.json");
+  return reloadSystemPrompt(WORKSPACE);
+}
+function reloadSystemPrompt(workspace) {
+  const installedPath = resolve2(workspace, "config", "installed.json");
   if (existsSync3(installedPath)) {
     try {
       const installed = JSON.parse(readFileSync3(installedPath, "utf-8"));
       if (installed.capabilities && installed.capabilities.length > 0) {
-        return composeCapabilityPrompt(installed.capabilities);
+        const active = installed.active || "auto";
+        if (active === "auto") {
+          return composeCapabilityPrompt(installed.capabilities);
+        }
+        const base = installed.capabilities[0];
+        const caps = base === active ? [active] : [base, active];
+        return composeCapabilityPrompt(caps);
       }
     } catch (err) {
       console.error(`[config] Failed to parse installed.json: ${err.message}`);
     }
   }
   const paths = [
-    resolve2(WORKSPACE, "config", "system-prompt.md"),
+    resolve2(workspace, "config", "system-prompt.md"),
     "/templates/system-prompt.md"
   ];
   for (const p of paths) {
@@ -1086,6 +1176,28 @@ function loadSystemPrompt() {
 Always be concise in Telegram messages. Use bullet points.
 Detect the user's language and respond in the same language.`;
 }
+function getActiveMode(workspace) {
+  const installedPath = resolve2(workspace, "config", "installed.json");
+  if (!existsSync3(installedPath)) return "auto";
+  try {
+    const installed = JSON.parse(readFileSync3(installedPath, "utf-8"));
+    return installed.active || "auto";
+  } catch {
+    return "auto";
+  }
+}
+function setActiveMode(workspace, active) {
+  const installedPath = resolve2(workspace, "config", "installed.json");
+  if (!existsSync3(installedPath)) return;
+  try {
+    const installed = JSON.parse(readFileSync3(installedPath, "utf-8"));
+    installed.active = active;
+    writeFileSync2(installedPath, JSON.stringify(installed, null, 2) + "\n");
+    console.log(`[config] Active mode set to: ${active}`);
+  } catch (err) {
+    console.error(`[config] Failed to update installed.json: ${err.message}`);
+  }
+}
 function composeCapabilityPrompt(capabilities) {
   const sections = [];
   for (const id of capabilities) {
@@ -1290,6 +1402,10 @@ async function handleWebhook(req, res, config2, toolCtx2, inngestClient) {
       const confirmId = data.replace(/^confirm_(yes|no):/, "");
       const msgId = callback.message?.message_id;
       await handleConfirmation(chatId2, msgId, confirmId, isApprove, config2, toolCtx2);
+    } else if (data.startsWith("cap_switch:")) {
+      const capId = data.replace("cap_switch:", "");
+      const msgId = callback.message?.message_id;
+      await handleSwitchCallback(chatId2, msgId, capId, config2);
     }
     return;
   }
@@ -1315,6 +1431,10 @@ async function handleWebhook(req, res, config2, toolCtx2, inngestClient) {
     await handleCapabilities(chatId, config2);
     return;
   }
+  if (userText.startsWith("/switch")) {
+    await handleSwitch(chatId, config2);
+    return;
+  }
   try {
     const history = loadHistory(chatId, config2.workspace);
     const augmented = `[chat_id: ${chatId}, user: ${userName}]
@@ -1401,12 +1521,17 @@ function loadHistory(chatId, workspace) {
 function saveHistory(chatId, workspace, messages) {
   const p = historyPath(chatId, workspace);
   mkdirSync2(dirname(p), { recursive: true });
-  writeFileSync2(p, JSON.stringify(messages.slice(-MAX_HISTORY), null, 2));
+  writeFileSync3(p, JSON.stringify(messages.slice(-MAX_HISTORY), null, 2));
 }
 var INTEGRATIONS = {
   gmail: { name: "Gmail", app: "gmail", hint: "email" },
   drive: { name: "Google Drive", app: "googledrive", hint: "files" },
   calendar: { name: "Google Calendar", app: "googlecalendar", hint: "events" },
+  twitter: { name: "X (Twitter)", app: "twitter", hint: "tweets, leads, monitoring" },
+  reddit: { name: "Reddit", app: "reddit", hint: "subreddits, posts" },
+  youtube: { name: "YouTube", app: "youtube", hint: "channels, videos" },
+  tavily: { name: "Tavily", app: "tavily", hint: "web search" },
+  hackernews: { name: "Hacker News", app: "hackernews", hint: "tech news, stories" },
   notion: { name: "Notion", app: "notion", hint: "notes, databases" },
   github: { name: "GitHub", app: "github", hint: "repos, issues" },
   slack: { name: "Slack", app: "slack", hint: "messaging" },
@@ -1758,7 +1883,7 @@ async function handleScheduleToggle(chatId, msgId, scheduleId, config2) {
     return;
   }
   entry.enabled = entry.enabled === false ? true : false;
-  writeFileSync2(loc.filePath, JSON.stringify(data, null, 2) + "\n");
+  writeFileSync3(loc.filePath, JSON.stringify(data, null, 2) + "\n");
   const state = entry.enabled ? "enabled" : "disabled";
   const icon = entry.enabled ? "\u2705" : "\u23F8\uFE0F";
   if (msgId) await removeButtons(config2.telegramToken, chatId, msgId, `${icon} ${scheduleId} \u2014 ${state}`);
@@ -1836,7 +1961,7 @@ async function handleScheduleDeleteExecute(chatId, msgId, scheduleId, config2) {
   }
   const removed = data.schedules.splice(idx, 1)[0];
   delete data.actions[removed.action];
-  writeFileSync2(loc.filePath, JSON.stringify(data, null, 2) + "\n");
+  writeFileSync3(loc.filePath, JSON.stringify(data, null, 2) + "\n");
   if (msgId) await removeButtons(config2.telegramToken, chatId, msgId, `Deleted: ${scheduleId}`);
   console.log(`[schedules] ${scheduleId} deleted`);
 }
@@ -1893,6 +2018,56 @@ async function handleCapabilities(chatId, config2) {
 ${lines.join("\n")}`
   );
 }
+async function handleSwitch(chatId, config2) {
+  const capabilities = loadInstalledCapabilities(config2.workspace);
+  const activeMode = getActiveMode(config2.workspace);
+  if (capabilities.length <= 1) {
+    await sendMessage(
+      config2.telegramToken,
+      chatId,
+      "Only one capability installed. Add more templates to use /switch.\n\nBrowse templates: seclawai.com/templates"
+    );
+    return;
+  }
+  const keyboard = [];
+  const autoLabel = activeMode === "auto" ? "\u2705 Auto (All Capabilities)" : "\u{1F504} Auto (All Capabilities)";
+  keyboard.push([{ text: autoLabel, callback_data: "cap_switch:auto" }]);
+  const capButtons = [];
+  for (const capId of capabilities) {
+    const displayName = capId.split("-").map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ");
+    const icon = activeMode === capId ? "\u2705" : "\u25CB";
+    capButtons.push({ text: `${icon} ${displayName}`, callback_data: `cap_switch:${capId}` });
+  }
+  for (let i = 0; i < capButtons.length; i += 2) {
+    keyboard.push(capButtons.slice(i, i + 2));
+  }
+  let statusText = "*Agent Mode*\n\n";
+  if (activeMode === "auto") {
+    statusText += `Current: *Auto* \u2014 all ${capabilities.length} capabilities active
+`;
+    statusText += "The agent uses the right capability based on your message.";
+  } else {
+    const activeName = activeMode.split("-").map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ");
+    statusText += `Current: *${activeName}* (focus mode)
+`;
+    statusText += "Only this capability + base is active.";
+  }
+  await sendMessageWithButtons(config2.telegramToken, chatId, statusText, keyboard);
+}
+async function handleSwitchCallback(chatId, msgId, capId, config2) {
+  const capabilities = loadInstalledCapabilities(config2.workspace);
+  if (capId !== "auto" && !capabilities.includes(capId)) {
+    await sendMessage(config2.telegramToken, chatId, `Capability "${capId}" is not installed.`);
+    return;
+  }
+  setActiveMode(config2.workspace, capId);
+  config2.systemPrompt = reloadSystemPrompt(config2.workspace);
+  if (msgId) {
+    const label = capId === "auto" ? `\u2705 Switched to *Auto* \u2014 all capabilities active` : `\u2705 Switched to *${capId.split("-").map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ")}*`;
+    await removeButtons(config2.telegramToken, chatId, msgId, label);
+  }
+  console.log(`[switch] Mode changed to: ${capId}`);
+}
 async function sendMessageWithButtons(token, chatId, text, keyboard) {
   if (!token || !chatId) return;
   try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "seclaw",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "description": "Secure autonomous AI agents in 60 seconds",
   "type": "module",
   "bin": {