skyloom 1.16.2 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -3
- package/dist/cli/loom_chat.d.ts.map +1 -1
- package/dist/cli/loom_chat.js +17 -0
- package/dist/cli/loom_chat.js.map +1 -1
- package/dist/cli/main.js +37 -1
- package/dist/cli/main.js.map +1 -1
- package/dist/core/agent.d.ts +2 -0
- package/dist/core/agent.d.ts.map +1 -1
- package/dist/core/agent.js +21 -5
- package/dist/core/agent.js.map +1 -1
- package/dist/core/bgproc.d.ts +59 -0
- package/dist/core/bgproc.d.ts.map +1 -0
- package/dist/core/bgproc.js +135 -0
- package/dist/core/bgproc.js.map +1 -0
- package/dist/core/commands.d.ts.map +1 -1
- package/dist/core/commands.js +20 -0
- package/dist/core/commands.js.map +1 -1
- package/dist/core/diagnostics.d.ts +39 -0
- package/dist/core/diagnostics.d.ts.map +1 -0
- package/dist/core/diagnostics.js +206 -0
- package/dist/core/diagnostics.js.map +1 -0
- package/dist/core/diff.d.ts +31 -0
- package/dist/core/diff.d.ts.map +1 -0
- package/dist/core/diff.js +82 -0
- package/dist/core/diff.js.map +1 -0
- package/dist/core/envcontext.d.ts +25 -0
- package/dist/core/envcontext.d.ts.map +1 -0
- package/dist/core/envcontext.js +112 -0
- package/dist/core/envcontext.js.map +1 -0
- package/dist/core/factory.d.ts +2 -0
- package/dist/core/factory.d.ts.map +1 -1
- package/dist/core/factory.js +35 -2
- package/dist/core/factory.js.map +1 -1
- package/dist/core/patch.d.ts +59 -0
- package/dist/core/patch.d.ts.map +1 -0
- package/dist/core/patch.js +220 -0
- package/dist/core/patch.js.map +1 -0
- package/dist/core/protocol.d.ts +11 -0
- package/dist/core/protocol.d.ts.map +1 -0
- package/dist/core/protocol.js +39 -0
- package/dist/core/protocol.js.map +1 -0
- package/dist/core/sandbox.d.ts +1 -0
- package/dist/core/sandbox.d.ts.map +1 -1
- package/dist/core/sandbox.js +1 -0
- package/dist/core/sandbox.js.map +1 -1
- package/dist/core/search.d.ts +41 -0
- package/dist/core/search.d.ts.map +1 -0
- package/dist/core/search.js +156 -0
- package/dist/core/search.js.map +1 -0
- package/dist/core/security.d.ts +22 -2
- package/dist/core/security.d.ts.map +1 -1
- package/dist/core/security.js +55 -24
- package/dist/core/security.js.map +1 -1
- package/dist/core/skill.d.ts +4 -0
- package/dist/core/skill.d.ts.map +1 -1
- package/dist/core/skill.js +1 -0
- package/dist/core/skill.js.map +1 -1
- package/dist/core/subagent.d.ts +75 -0
- package/dist/core/subagent.d.ts.map +1 -0
- package/dist/core/subagent.js +287 -0
- package/dist/core/subagent.js.map +1 -0
- package/dist/core/tool.d.ts +23 -1
- package/dist/core/tool.d.ts.map +1 -1
- package/dist/core/tool.js +95 -30
- package/dist/core/tool.js.map +1 -1
- package/dist/plugins/loader.d.ts +49 -8
- package/dist/plugins/loader.d.ts.map +1 -1
- package/dist/plugins/loader.js +129 -16
- package/dist/plugins/loader.js.map +1 -1
- package/dist/tools/builtin.d.ts.map +1 -1
- package/dist/tools/builtin.js +183 -17
- package/dist/tools/builtin.js.map +1 -1
- package/dist/tools/spawn.d.ts +23 -0
- package/dist/tools/spawn.d.ts.map +1 -0
- package/dist/tools/spawn.js +77 -0
- package/dist/tools/spawn.js.map +1 -0
- package/docs/OPTIMIZATION_PLAN.md +21 -4
- package/package.json +1 -1
- package/src/cli/loom_chat.ts +11 -0
- package/src/cli/main.ts +31 -1
- package/src/core/agent.ts +20 -5
- package/src/core/bgproc.ts +153 -0
- package/src/core/commands.ts +20 -0
- package/src/core/diagnostics.ts +178 -0
- package/src/core/diff.ts +98 -0
- package/src/core/envcontext.ts +79 -0
- package/src/core/factory.ts +31 -2
- package/src/core/patch.ts +176 -0
- package/src/core/protocol.ts +36 -0
- package/src/core/sandbox.ts +1 -1
- package/src/core/search.ts +138 -0
- package/src/core/security.ts +63 -21
- package/src/core/skill.ts +1 -1
- package/src/core/subagent.ts +272 -0
- package/src/core/tool.ts +101 -31
- package/src/plugins/loader.ts +145 -18
- package/src/tools/builtin.ts +167 -17
- package/src/tools/spawn.ts +92 -0
- package/tests/bgproc.test.ts +65 -0
- package/tests/diagnostics.test.ts +86 -0
- package/tests/edit_diff.test.ts +102 -0
- package/tests/envcontext.test.ts +67 -0
- package/tests/patch.test.ts +128 -0
- package/tests/plugins.test.ts +84 -0
- package/tests/protocol.test.ts +27 -0
- package/tests/search.test.ts +87 -0
- package/tests/security.test.ts +87 -0
- package/tests/subagent.test.ts +211 -0
- package/tests/tool.test.ts +120 -0
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Code search — a dependency-light, cross-platform engine for "find where X is
|
|
3
|
+
* used and read it in context". Backs the code_search tool and is the fallback
|
|
4
|
+
* for grep when ripgrep/grep aren't installed (common on Windows), so search
|
|
5
|
+
* never silently returns nothing just because a binary is missing.
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
import * as fs from 'fs';
|
|
9
|
+
import * as path from 'path';
|
|
10
|
+
import { globSync } from 'glob';
|
|
11
|
+
|
|
12
|
+
export interface SearchOptions {
|
|
13
|
+
pattern: string;
|
|
14
|
+
/** Root directory to search (default: cwd). */
|
|
15
|
+
root?: string;
|
|
16
|
+
/** Glob to restrict files (e.g. "**\/*.ts"). Default: all files. */
|
|
17
|
+
glob?: string;
|
|
18
|
+
/** Case-insensitive match (default false). */
|
|
19
|
+
ignoreCase?: boolean;
|
|
20
|
+
/** Treat pattern as a regular expression (default true). */
|
|
21
|
+
regex?: boolean;
|
|
22
|
+
/** Lines of context around each match (default 0). */
|
|
23
|
+
context?: number;
|
|
24
|
+
/** Cap on total matches returned (default 200). */
|
|
25
|
+
maxResults?: number;
|
|
26
|
+
/** Skip files larger than this many bytes (default 2 MiB). */
|
|
27
|
+
maxFileBytes?: number;
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
export interface SearchMatch {
|
|
31
|
+
file: string; // relative to root
|
|
32
|
+
line: number; // 1-based
|
|
33
|
+
text: string;
|
|
34
|
+
before?: string[];
|
|
35
|
+
after?: string[];
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
export interface SearchResult {
|
|
39
|
+
matches: SearchMatch[];
|
|
40
|
+
filesScanned: number;
|
|
41
|
+
truncated: boolean;
|
|
42
|
+
error?: string;
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
/** Directories never worth searching — vendored, generated, or VCS internals. */
|
|
46
|
+
const DEFAULT_IGNORES = [
|
|
47
|
+
'**/node_modules/**', '**/.git/**', '**/dist/**', '**/build/**',
|
|
48
|
+
'**/coverage/**', '**/.next/**', '**/out/**', '**/.cache/**',
|
|
49
|
+
'**/vendor/**', '**/.venv/**', '**/__pycache__/**',
|
|
50
|
+
];
|
|
51
|
+
|
|
52
|
+
function looksBinary(buf: Buffer): boolean {
|
|
53
|
+
const n = Math.min(buf.length, 8000);
|
|
54
|
+
for (let i = 0; i < n; i++) if (buf[i] === 0) return true; // NUL byte ⇒ binary
|
|
55
|
+
return false;
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
/** Pure-JS recursive code search. No external process required. */
|
|
59
|
+
export function searchCode(opts: SearchOptions): SearchResult {
|
|
60
|
+
const root = path.resolve(opts.root || process.cwd());
|
|
61
|
+
const maxResults = opts.maxResults ?? 200;
|
|
62
|
+
const maxFileBytes = opts.maxFileBytes ?? 2 * 1024 * 1024;
|
|
63
|
+
const context = Math.max(0, opts.context ?? 0);
|
|
64
|
+
|
|
65
|
+
let matcher: (line: string) => boolean;
|
|
66
|
+
if (opts.regex === false) {
|
|
67
|
+
const needle = opts.ignoreCase ? opts.pattern.toLowerCase() : opts.pattern;
|
|
68
|
+
matcher = (line) => (opts.ignoreCase ? line.toLowerCase() : line).includes(needle);
|
|
69
|
+
} else {
|
|
70
|
+
let re: RegExp;
|
|
71
|
+
try {
|
|
72
|
+
re = new RegExp(opts.pattern, opts.ignoreCase ? 'i' : '');
|
|
73
|
+
} catch (e) {
|
|
74
|
+
return { matches: [], filesScanned: 0, truncated: false, error: `invalid regex: ${e}` };
|
|
75
|
+
}
|
|
76
|
+
matcher = (line) => re.test(line);
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
let files: string[];
|
|
80
|
+
try {
|
|
81
|
+
files = globSync(opts.glob || '**/*', {
|
|
82
|
+
cwd: root, nodir: true, dot: false, ignore: DEFAULT_IGNORES,
|
|
83
|
+
});
|
|
84
|
+
} catch (e) {
|
|
85
|
+
return { matches: [], filesScanned: 0, truncated: false, error: `glob failed: ${e}` };
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
const matches: SearchMatch[] = [];
|
|
89
|
+
let filesScanned = 0;
|
|
90
|
+
let truncated = false;
|
|
91
|
+
|
|
92
|
+
for (const rel of files) {
|
|
93
|
+
if (matches.length >= maxResults) { truncated = true; break; }
|
|
94
|
+
const abs = path.join(root, rel);
|
|
95
|
+
let buf: Buffer;
|
|
96
|
+
try {
|
|
97
|
+
const stat = fs.statSync(abs);
|
|
98
|
+
if (stat.size > maxFileBytes) continue;
|
|
99
|
+
buf = fs.readFileSync(abs);
|
|
100
|
+
} catch { continue; }
|
|
101
|
+
if (looksBinary(buf)) continue;
|
|
102
|
+
|
|
103
|
+
filesScanned++;
|
|
104
|
+
const lines = buf.toString('utf8').split('\n');
|
|
105
|
+
for (let i = 0; i < lines.length; i++) {
|
|
106
|
+
if (!matcher(lines[i])) continue;
|
|
107
|
+
const m: SearchMatch = { file: rel.split(path.sep).join('/'), line: i + 1, text: lines[i] };
|
|
108
|
+
if (context > 0) {
|
|
109
|
+
m.before = lines.slice(Math.max(0, i - context), i);
|
|
110
|
+
m.after = lines.slice(i + 1, i + 1 + context);
|
|
111
|
+
}
|
|
112
|
+
matches.push(m);
|
|
113
|
+
if (matches.length >= maxResults) { truncated = true; break; }
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
|
|
117
|
+
return { matches, filesScanned, truncated };
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
/** Render a SearchResult as ripgrep-style `file:line:text` (with context). */
|
|
121
|
+
export function formatSearchResult(res: SearchResult): string {
|
|
122
|
+
if (res.error) return `Search error: ${res.error}`;
|
|
123
|
+
if (res.matches.length === 0) return 'No matches found.';
|
|
124
|
+
const out: string[] = [];
|
|
125
|
+
let lastFile = '';
|
|
126
|
+
for (const m of res.matches) {
|
|
127
|
+
if (m.file !== lastFile) { if (out.length) out.push(''); lastFile = m.file; }
|
|
128
|
+
for (let k = 0; k < (m.before?.length || 0); k++) {
|
|
129
|
+
out.push(`${m.file}:${m.line - (m.before!.length - k)}- ${m.before![k]}`);
|
|
130
|
+
}
|
|
131
|
+
out.push(`${m.file}:${m.line}: ${m.text}`);
|
|
132
|
+
for (let k = 0; k < (m.after?.length || 0); k++) {
|
|
133
|
+
out.push(`${m.file}:${m.line + k + 1}- ${m.after![k]}`);
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
if (res.truncated) out.push(`\n…[results truncated at ${res.matches.length} matches — narrow the pattern or glob]`);
|
|
137
|
+
return out.join('\n');
|
|
138
|
+
}
|
package/src/core/security.ts
CHANGED
|
@@ -77,6 +77,7 @@ const TOOL_DANGER_MAP: Record<string, DangerLevel> = {
|
|
|
77
77
|
|
|
78
78
|
write_file: DangerLevel.LOW,
|
|
79
79
|
edit_file: DangerLevel.LOW,
|
|
80
|
+
apply_patch: DangerLevel.LOW,
|
|
80
81
|
copy_file: DangerLevel.LOW,
|
|
81
82
|
move_file: DangerLevel.LOW,
|
|
82
83
|
make_directory: DangerLevel.LOW,
|
|
@@ -137,20 +138,75 @@ export interface AuditEntry {
|
|
|
137
138
|
/* ═══════════════════════════════════════
|
|
138
139
|
Security context — per-session security state
|
|
139
140
|
═══════════════════════════════════════ */
|
|
141
|
+
/**
|
|
142
|
+
* Permission modes (Claude Code parity):
|
|
143
|
+
* - strict deny every non-SAFE tool (read-only-ish lockdown)
|
|
144
|
+
* - interactive ask before every non-SAFE tool ("default")
|
|
145
|
+
* - auto allow LOW, ask MEDIUM/HIGH, deny CRITICAL
|
|
146
|
+
* - acceptEdits auto-accept file-edit tools, otherwise behave like auto
|
|
147
|
+
* - bypass allow everything except red-line patterns ("yolo")
|
|
148
|
+
*/
|
|
149
|
+
export type ApprovalMode = "auto" | "interactive" | "strict" | "acceptEdits" | "bypass";
|
|
150
|
+
export type Decision = "allow" | "ask" | "deny";
|
|
151
|
+
|
|
152
|
+
/** User-facing aliases → canonical permission mode (for /perm and config). */
|
|
153
|
+
export const PERMISSION_MODE_ALIASES: Record<string, ApprovalMode> = {
|
|
154
|
+
default: "interactive",
|
|
155
|
+
interactive: "interactive",
|
|
156
|
+
ask: "interactive",
|
|
157
|
+
auto: "auto",
|
|
158
|
+
accept: "acceptEdits",
|
|
159
|
+
acceptedits: "acceptEdits",
|
|
160
|
+
edits: "acceptEdits",
|
|
161
|
+
strict: "strict",
|
|
162
|
+
readonly: "strict",
|
|
163
|
+
bypass: "bypass",
|
|
164
|
+
yolo: "bypass",
|
|
165
|
+
};
|
|
166
|
+
|
|
167
|
+
/** Tools that mutate the filesystem — the ones acceptEdits waves through. */
|
|
168
|
+
const EDIT_TOOL_RE = /^(write_|edit_|append_|replace_|create_|make_|copy_|move_|delete_)|^apply_patch$/;
|
|
169
|
+
export function isEditTool(toolName: string): boolean { return EDIT_TOOL_RE.test(toolName); }
|
|
170
|
+
|
|
171
|
+
/**
|
|
172
|
+
* Pure permission decision (red-line is gated separately, before this). Keeps
|
|
173
|
+
* the ask/allow/deny semantics in one testable place across all modes.
|
|
174
|
+
*/
|
|
175
|
+
export function decideApproval(level: DangerLevel, mode: ApprovalMode, toolName: string): Decision {
|
|
176
|
+
if (level === DangerLevel.SAFE) return "allow";
|
|
177
|
+
switch (mode) {
|
|
178
|
+
case "bypass": return "allow";
|
|
179
|
+
case "strict": return "deny";
|
|
180
|
+
case "interactive": return "ask";
|
|
181
|
+
case "acceptEdits":
|
|
182
|
+
if (level === DangerLevel.CRITICAL) return "deny";
|
|
183
|
+
if (isEditTool(toolName)) return "allow";
|
|
184
|
+
return level <= DangerLevel.LOW ? "allow" : "ask";
|
|
185
|
+
case "auto":
|
|
186
|
+
default:
|
|
187
|
+
if (level <= DangerLevel.LOW) return "allow";
|
|
188
|
+
if (level === DangerLevel.CRITICAL) return "deny";
|
|
189
|
+
return "ask";
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
|
|
140
193
|
export class SecurityContext {
|
|
141
194
|
public auditLog: AuditEntry[] = [];
|
|
142
195
|
public deniedCount = 0;
|
|
143
196
|
public autoApprovedCount = 0;
|
|
144
197
|
public manualApprovedCount = 0;
|
|
145
|
-
public approvalMode:
|
|
198
|
+
public approvalMode: ApprovalMode = "auto";
|
|
146
199
|
|
|
147
200
|
private approvalCallback: ((tool: string, args: Record<string, any>, level: DangerLevel) => Promise<boolean>) | null = null;
|
|
148
201
|
|
|
149
|
-
constructor(opts?: { mode?:
|
|
202
|
+
constructor(opts?: { mode?: ApprovalMode; onApprove?: (tool: string, args: Record<string, any>, level: DangerLevel) => Promise<boolean> }) {
|
|
150
203
|
if (opts?.mode) this.approvalMode = opts.mode;
|
|
151
204
|
if (opts?.onApprove) this.approvalCallback = opts.onApprove;
|
|
152
205
|
}
|
|
153
206
|
|
|
207
|
+
/** Switch the active permission mode at runtime. */
|
|
208
|
+
setMode(mode: ApprovalMode): void { this.approvalMode = mode; }
|
|
209
|
+
|
|
154
210
|
/** Get the danger level for a tool. Defaults to SAFE for unknown tools. */
|
|
155
211
|
getDangerLevel(toolName: string): DangerLevel {
|
|
156
212
|
return TOOL_DANGER_MAP[toolName] ?? DangerLevel.SAFE;
|
|
@@ -180,27 +236,13 @@ export class SecurityContext {
|
|
|
180
236
|
return [false, redline];
|
|
181
237
|
}
|
|
182
238
|
|
|
183
|
-
|
|
184
|
-
if (
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
if (this.approvalMode === "strict") {
|
|
188
|
-
return [false, `Strict mode: tool '${toolName}' (level ${level}) requires manual approval`];
|
|
189
|
-
}
|
|
190
|
-
|
|
191
|
-
// Auto mode — allow LOW, prompt for MEDIUM+, deny CRITICAL
|
|
192
|
-
if (this.approvalMode === "auto") {
|
|
193
|
-
if (level <= DangerLevel.LOW) return [true, "auto-low"];
|
|
194
|
-
if (level === DangerLevel.CRITICAL) return [false, `CRITICAL tool '${toolName}' requires explicit human approval`];
|
|
195
|
-
// MEDIUM/HIGH with auto mode => need callback
|
|
196
|
-
if (this.approvalCallback) {
|
|
197
|
-
const approved = await this.approvalCallback(toolName, args, level);
|
|
198
|
-
return [approved, approved ? "user-approved" : "user-denied"];
|
|
199
|
-
}
|
|
200
|
-
return [true, "auto-med"]; // no callback → auto-allow but log
|
|
239
|
+
const decision = decideApproval(level, this.approvalMode, toolName);
|
|
240
|
+
if (decision === "allow") return [true, level === DangerLevel.SAFE ? "safe" : `${this.approvalMode}-allow`];
|
|
241
|
+
if (decision === "deny") {
|
|
242
|
+
return [false, `${this.approvalMode} mode: tool '${toolName}' (level ${level}) requires approval / is blocked`];
|
|
201
243
|
}
|
|
202
244
|
|
|
203
|
-
//
|
|
245
|
+
// decision === "ask" — defer to the interactive callback if present.
|
|
204
246
|
if (this.approvalCallback) {
|
|
205
247
|
const approved = await this.approvalCallback(toolName, args, level);
|
|
206
248
|
return [approved, approved ? "user-approved" : "user-denied"];
|
package/src/core/skill.ts
CHANGED
|
@@ -210,7 +210,7 @@ function parseFrontmatter(text: string): { fm: Record<string, any>; body: string
|
|
|
210
210
|
/**
|
|
211
211
|
* Normalize a Claude Code tool name into sky's registry name.
|
|
212
212
|
*/
|
|
213
|
-
function normalizeClaudeToolName(raw: string): string {
|
|
213
|
+
export function normalizeClaudeToolName(raw: string): string {
|
|
214
214
|
let s = raw.trim();
|
|
215
215
|
if (!s) return s;
|
|
216
216
|
// Strip permission scoping: Bash(ls *) -> Bash
|
|
@@ -0,0 +1,272 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Subagents — general-purpose, user-definable agents spawned with an ISOLATED
|
|
3
|
+
* context to handle one focused, self-contained task (the `spawn_agent` tool).
|
|
4
|
+
*
|
|
5
|
+
* This mirrors Claude Code's Task tool / opencode subagents: an orchestrator
|
|
6
|
+
* spins up a child agent that has its own fresh memory and a (optionally
|
|
7
|
+
* restricted) tool set, runs it to completion, and gets back only the child's
|
|
8
|
+
* final report — keeping the parent's context clean.
|
|
9
|
+
*
|
|
10
|
+
* Definitions come from three places (later wins on name collision):
|
|
11
|
+
* 1. built-in: general-purpose, explore
|
|
12
|
+
* 2. user: ~/.claude/agents/ (Claude Code compatible), ~/.skyloom/agents/
|
|
13
|
+
* 3. project: <cwd>/.claude/agents/, <cwd>/.sky/agents/
|
|
14
|
+
*
|
|
15
|
+
* Each file is `<root>/<name>.md` with Claude Code compatible YAML frontmatter
|
|
16
|
+
* (name / description / tools / model). The body is the subagent's system
|
|
17
|
+
* prompt. `tools` accepts Claude names (Read, Grep, Bash…) — they're aliased to
|
|
18
|
+
* sky's registry names. Omitting `tools` grants the full inherited tool set.
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
import * as fs from 'fs';
|
|
22
|
+
import * as os from 'os';
|
|
23
|
+
import * as path from 'path';
|
|
24
|
+
import { parse as parseYaml } from 'yaml';
|
|
25
|
+
|
|
26
|
+
import { BaseAgent } from './agent';
|
|
27
|
+
import type { MessageBus } from './bus';
|
|
28
|
+
import { LLMClient } from './llm';
|
|
29
|
+
import { ToolRegistry } from './tool';
|
|
30
|
+
import { SkillRegistry } from './skill';
|
|
31
|
+
import { normalizeClaudeToolName } from './skill';
|
|
32
|
+
import { getLogger } from './logger';
|
|
33
|
+
|
|
34
|
+
const log = getLogger('subagent');
|
|
35
|
+
|
|
36
|
+
export interface SubagentDefinition {
|
|
37
|
+
/** Identifier used as `agent_type` in the spawn_agent tool. */
|
|
38
|
+
name: string;
|
|
39
|
+
/** One-line summary — shown to the orchestrator to choose the right subagent. */
|
|
40
|
+
description: string;
|
|
41
|
+
/** The subagent's system prompt (markdown body of the definition file). */
|
|
42
|
+
systemPrompt: string;
|
|
43
|
+
/** Allowlist of tool names; `null` means inherit the full tool set. */
|
|
44
|
+
tools: string[] | null;
|
|
45
|
+
/** Optional model override (else the spawning agent's default model). */
|
|
46
|
+
model?: string;
|
|
47
|
+
/** Where this definition came from: 'builtin' or an absolute file path. */
|
|
48
|
+
source: string;
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
/** Read-only tools for the `explore` subagent — search/read, never mutate. */
|
|
52
|
+
export const READ_ONLY_TOOLS = [
|
|
53
|
+
'read_file', 'list_directory', 'tree', 'file_search', 'code_search', 'grep',
|
|
54
|
+
'web_search', 'fetch_page', 'http_get',
|
|
55
|
+
'git_status', 'git_diff', 'git_log',
|
|
56
|
+
'system_info',
|
|
57
|
+
];
|
|
58
|
+
|
|
59
|
+
const BUILTIN_DEFS: SubagentDefinition[] = [
|
|
60
|
+
{
|
|
61
|
+
name: 'general-purpose',
|
|
62
|
+
description: '通用子智能体 — 研究复杂问题、搜索代码、执行多步任务。当你不确定一两次能否定位答案时,把搜索/调研整段交给它。',
|
|
63
|
+
systemPrompt:
|
|
64
|
+
'你是一个通用子智能体,擅长把一个目标拆成步骤并用工具逐一推进:搜索、阅读、分析、必要时修改,然后汇报。' +
|
|
65
|
+
'独立完成任务,不要反问;遇到歧义就合理假设并说明。最终回复要完整自洽 —— 编排者只看得到这一条。',
|
|
66
|
+
tools: null,
|
|
67
|
+
source: 'builtin',
|
|
68
|
+
},
|
|
69
|
+
{
|
|
70
|
+
name: 'explore',
|
|
71
|
+
description: '只读探索子智能体 — 在大量文件/目录中做广度搜索,只读不写。需要"扫一遍代码库定位某物"且只要结论时用它。',
|
|
72
|
+
systemPrompt:
|
|
73
|
+
'你是一个只读探索子智能体。你的工作是在代码库/网络中快速定位信息并给出结论,绝不修改任何文件。' +
|
|
74
|
+
'优先用 grep / code_search / file_search / tree 做广度扫描,读取关键片段而非整文件。' +
|
|
75
|
+
'汇报时给出精确的文件路径与行号(file_path:line),以及一段简明结论。',
|
|
76
|
+
tools: READ_ONLY_TOOLS,
|
|
77
|
+
source: 'builtin',
|
|
78
|
+
},
|
|
79
|
+
];
|
|
80
|
+
|
|
81
|
+
/** User/project subagent definition roots, lowest precedence first. */
|
|
82
|
+
export function subagentDirs(cwd: string = process.cwd()): string[] {
|
|
83
|
+
return [
|
|
84
|
+
path.join(os.homedir(), '.claude', 'agents'),
|
|
85
|
+
path.join(os.homedir(), '.skyloom', 'agents'),
|
|
86
|
+
path.join(cwd, '.claude', 'agents'),
|
|
87
|
+
path.join(cwd, '.sky', 'agents'),
|
|
88
|
+
];
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
function parseToolsField(raw: unknown): string[] | null {
|
|
92
|
+
let list: string[] | null = null;
|
|
93
|
+
if (Array.isArray(raw)) {
|
|
94
|
+
list = raw.filter((t): t is string => typeof t === 'string');
|
|
95
|
+
} else if (typeof raw === 'string') {
|
|
96
|
+
const trimmed = raw.trim();
|
|
97
|
+
if (!trimmed || trimmed === '*' || trimmed.toLowerCase() === 'all') return null;
|
|
98
|
+
list = trimmed.split(',').map((t) => t.trim()).filter(Boolean);
|
|
99
|
+
} else {
|
|
100
|
+
return null; // omitted → inherit all
|
|
101
|
+
}
|
|
102
|
+
if (!list || list.length === 0) return null;
|
|
103
|
+
// Normalize Claude names → sky names, dedupe preserving order
|
|
104
|
+
const seen = new Set<string>();
|
|
105
|
+
const out: string[] = [];
|
|
106
|
+
for (const t of list.map(normalizeClaudeToolName)) {
|
|
107
|
+
if (!seen.has(t)) { seen.add(t); out.push(t); }
|
|
108
|
+
}
|
|
109
|
+
return out;
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
/** Parse a single `<name>.md` subagent definition file. */
|
|
113
|
+
export function parseSubagentFile(filePath: string): SubagentDefinition | null {
|
|
114
|
+
let text: string;
|
|
115
|
+
try {
|
|
116
|
+
text = fs.readFileSync(filePath, 'utf8');
|
|
117
|
+
} catch {
|
|
118
|
+
return null;
|
|
119
|
+
}
|
|
120
|
+
let fm: Record<string, any> = {};
|
|
121
|
+
let body = text;
|
|
122
|
+
const m = text.match(/^---\s*\n(.*?)\n---\s*\n?(.*)/s);
|
|
123
|
+
if (m) {
|
|
124
|
+
try { fm = parseYaml(m[1]) || {}; } catch { fm = {}; }
|
|
125
|
+
body = m[2];
|
|
126
|
+
}
|
|
127
|
+
const fileBase = path.basename(filePath).replace(/\.md$/i, '');
|
|
128
|
+
const name = (typeof fm.name === 'string' && fm.name.trim()) ? fm.name.trim() : fileBase;
|
|
129
|
+
if (!name) return null;
|
|
130
|
+
const description = (typeof fm.description === 'string' && fm.description.trim())
|
|
131
|
+
? fm.description.trim()
|
|
132
|
+
: `自定义子智能体 ${name}`;
|
|
133
|
+
const model = (typeof fm.model === 'string' && fm.model.trim()) ? fm.model.trim() : undefined;
|
|
134
|
+
return {
|
|
135
|
+
name,
|
|
136
|
+
description,
|
|
137
|
+
systemPrompt: body.trim() || `你是 ${name} 子智能体。${description}`,
|
|
138
|
+
tools: parseToolsField(fm.tools),
|
|
139
|
+
model,
|
|
140
|
+
source: filePath,
|
|
141
|
+
};
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
/**
|
|
145
|
+
* Load all subagent definitions: built-ins overlaid by user then project files.
|
|
146
|
+
* Cheap enough to call per spawn so edits to definition files apply live.
|
|
147
|
+
*/
|
|
148
|
+
export function loadSubagentDefinitions(cwd: string = process.cwd()): Map<string, SubagentDefinition> {
|
|
149
|
+
const map = new Map<string, SubagentDefinition>();
|
|
150
|
+
for (const d of BUILTIN_DEFS) map.set(d.name, d);
|
|
151
|
+
|
|
152
|
+
for (const dir of subagentDirs(cwd)) {
|
|
153
|
+
let entries: string[];
|
|
154
|
+
try {
|
|
155
|
+
if (!fs.existsSync(dir)) continue;
|
|
156
|
+
entries = fs.readdirSync(dir);
|
|
157
|
+
} catch { continue; }
|
|
158
|
+
for (const entry of entries) {
|
|
159
|
+
if (!entry.toLowerCase().endsWith('.md')) continue;
|
|
160
|
+
const def = parseSubagentFile(path.join(dir, entry));
|
|
161
|
+
if (def) map.set(def.name, def);
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
return map;
|
|
165
|
+
}
|
|
166
|
+
|
|
167
|
+
/**
|
|
168
|
+
* A generic agent built from a SubagentDefinition. Reuses the full BaseAgent
|
|
169
|
+
* reasoning loop but supplies its own identity block (the team-persona block
|
|
170
|
+
* would crash for a non-team name).
|
|
171
|
+
*/
|
|
172
|
+
export class GenericSubagent extends BaseAgent {
|
|
173
|
+
private _subDef: SubagentDefinition;
|
|
174
|
+
|
|
175
|
+
constructor(
|
|
176
|
+
def: SubagentDefinition,
|
|
177
|
+
config: any,
|
|
178
|
+
llm: LLMClient,
|
|
179
|
+
bus: MessageBus,
|
|
180
|
+
toolRegistry: ToolRegistry,
|
|
181
|
+
skillRegistry: SkillRegistry,
|
|
182
|
+
runtimeName: string,
|
|
183
|
+
) {
|
|
184
|
+
super(config, llm, bus, toolRegistry, skillRegistry);
|
|
185
|
+
this.name = runtimeName;
|
|
186
|
+
this.displayName = def.name;
|
|
187
|
+
this.emoji = '◇';
|
|
188
|
+
this.specialty = def.description;
|
|
189
|
+
this.systemPrompt = def.systemPrompt;
|
|
190
|
+
this._subDef = def;
|
|
191
|
+
}
|
|
192
|
+
|
|
193
|
+
protected runtimeIdentityBlock(): string {
|
|
194
|
+
const lang = (this.config as any).llm?.language || 'zh';
|
|
195
|
+
if (lang === 'en') {
|
|
196
|
+
return `\n\n## Who You Are\nYou are the **${this._subDef.name}** subagent — ${this._subDef.description}\nYou run in an ISOLATED context spawned by an orchestrator for one focused, self-contained task. The orchestrator sees ONLY your final message, never your intermediate steps. So your final message must be a COMPLETE, self-contained report: what you found, what you did, and concrete results (file paths, code, answers). Be thorough; do not ask follow-up questions — make reasonable assumptions and act.`;
|
|
197
|
+
}
|
|
198
|
+
return `\n\n## 你是谁\n你是 **${this._subDef.name}** 子智能体 —— ${this._subDef.description}\n你运行在编排者派生的**隔离上下文**中,负责一个聚焦、自洽的任务。编排者只能看到你的最终回复,看不到任何中间步骤。因此你的最终回复必须是一份**完整、自洽的报告**:你发现了什么、做了什么、以及具体结果(文件路径、代码、答案)。要彻底;不要反问,合理假设后直接行动。`;
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
let _spawnSeq = 0;
|
|
203
|
+
|
|
204
|
+
/**
|
|
205
|
+
* Run a subagent to completion in an isolated context and return its final
|
|
206
|
+
* report. Creates an ephemeral on-disk memory in a temp dir and removes it
|
|
207
|
+
* afterward, so nothing leaks into the parent agent or the user's ~/.skyloom.
|
|
208
|
+
*/
|
|
209
|
+
export async function runSubagent(opts: {
|
|
210
|
+
def: SubagentDefinition;
|
|
211
|
+
task: string;
|
|
212
|
+
config: any;
|
|
213
|
+
llm: LLMClient;
|
|
214
|
+
bus: MessageBus;
|
|
215
|
+
baseToolRegistry: ToolRegistry;
|
|
216
|
+
baseSkillRegistry: SkillRegistry;
|
|
217
|
+
onStatus?: ((status: string) => void) | null;
|
|
218
|
+
}): Promise<string> {
|
|
219
|
+
const { def, task, config, llm, bus, baseToolRegistry, baseSkillRegistry, onStatus } = opts;
|
|
220
|
+
|
|
221
|
+
const safe = def.name.replace(/[^A-Za-z0-9_-]/g, '_').slice(0, 24) || 'sub';
|
|
222
|
+
const runtimeName = `sub-${safe}-${Date.now().toString(36)}-${(_spawnSeq++).toString(36)}`;
|
|
223
|
+
|
|
224
|
+
// Filtered tool registry (allowlist), never carrying spawn_agent (no recursion).
|
|
225
|
+
const reg = new ToolRegistry();
|
|
226
|
+
reg.merge(baseToolRegistry);
|
|
227
|
+
if (def.tools !== null) {
|
|
228
|
+
const allow = new Set(def.tools);
|
|
229
|
+
for (const n of reg.listNames()) {
|
|
230
|
+
if (!allow.has(n)) reg.unregister(n);
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
reg.unregister('spawn_agent');
|
|
234
|
+
reg.unregister('delegate_to');
|
|
235
|
+
|
|
236
|
+
const skills = new SkillRegistry();
|
|
237
|
+
skills.merge(baseSkillRegistry);
|
|
238
|
+
|
|
239
|
+
let tmpDir: string;
|
|
240
|
+
try {
|
|
241
|
+
tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'sky-sub-'));
|
|
242
|
+
} catch (e) {
|
|
243
|
+
return `[spawn_agent error] could not create isolated workspace: ${e}`;
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
const subConfig = {
|
|
247
|
+
...config,
|
|
248
|
+
agents: {
|
|
249
|
+
...(config?.agents || {}),
|
|
250
|
+
[runtimeName]: def.model ? { model: def.model } : {},
|
|
251
|
+
},
|
|
252
|
+
memory: {
|
|
253
|
+
...(config?.memory || {}),
|
|
254
|
+
dbPath: path.join(tmpDir, 'mem'),
|
|
255
|
+
},
|
|
256
|
+
};
|
|
257
|
+
|
|
258
|
+
const agent = new GenericSubagent(def, subConfig, llm, bus, reg, skills, runtimeName);
|
|
259
|
+
|
|
260
|
+
try {
|
|
261
|
+
await agent.init();
|
|
262
|
+
if (onStatus) onStatus(`spawn ${def.name}…`);
|
|
263
|
+
const report = await agent.chat(task, onStatus || undefined);
|
|
264
|
+
return report || '(subagent produced no output)';
|
|
265
|
+
} catch (e) {
|
|
266
|
+
log.warn('subagent_run_failed', { agent: def.name, error: String(e) });
|
|
267
|
+
return `[spawn_agent error] subagent '${def.name}' failed: ${e}`;
|
|
268
|
+
} finally {
|
|
269
|
+
try { await agent.close(); } catch { /* ignore */ }
|
|
270
|
+
try { fs.rmSync(tmpDir, { recursive: true, force: true }); } catch { /* ignore */ }
|
|
271
|
+
}
|
|
272
|
+
}
|