squidclaw 2.6.0 → 2.8.0

package/lib/channels/telegram/bot.js

@@ -208,7 +208,8 @@ export class TelegramManager {
     const chatId = contactId.replace('tg_', '');
     const { readFileSync } = await import('fs');
     const buffer = readFileSync(filePath);
-    await botInfo.bot.api.sendDocument(chatId, new InputFile(buffer, fileName || 'file'), {
+    const { InputFile: IF } = await import("grammy");
+    await botInfo.bot.api.sendDocument(chatId, new IF(buffer, fileName || 'file'), {
       caption: caption || '',
     });
     logger.info('telegram', 'Sent document: ' + fileName);

package/lib/engine.js

@@ -228,6 +228,28 @@ export class SquidclawEngine {
       if (pending.c > 0) console.log(`  ⏰ Reminders: ${pending.c} pending`);
     } catch {}
 
+    // Nodes (Paired Devices)
+    try {
+      const { NodeManager } = await import('./features/nodes.js');
+      this.nodeManager = new NodeManager(this);
+      await this.nodeManager.startServer(9501);
+      const nodeCount = this.nodeManager.list('*').length;
+      if (nodeCount > 0) console.log('  📡 Nodes: ' + nodeCount + ' registered');
+      else console.log('  📡 Nodes: ws://0.0.0.0:9501');
+    } catch (err) { logger.error('engine', 'Nodes init failed: ' + err.message); }
+
+    // Sandbox
+    try {
+      const { Sandbox } = await import('./features/sandbox.js');
+      this.sandbox = new Sandbox({
+        timeout: 15000,
+        maxMemory: 64,
+        maxFiles: 100,
+      });
+      // Cleanup old files every hour
+      setInterval(() => this.sandbox.cleanup(), 3600000);
+    } catch (err) { logger.error('engine', 'Sandbox init failed: ' + err.message); }
+
     // Plugins
     try {
       const { PluginManager } = await import('./features/plugins.js');

package/lib/features/nodes.js

@@ -0,0 +1,315 @@
+/**
+ * 🦑 Nodes — Paired Devices
+ * Connect phones, PCs, servers, IoT devices
+ * Real-time control via WebSocket
+ * 
+ * Pairing: token-based (generate token → enter on device)
+ * Communication: WebSocket (ws://host:9501)
+ * Commands: camera, screen, location, run, notify, status
+ */
+
+import { logger } from '../core/logger.js';
+import crypto from 'crypto';
+import { getHome } from '../core/config.js';
+
+export class NodeManager {
+  constructor(engine) {
+    this.engine = engine;
+    this.nodes = new Map();      // nodeId -> { info, ws, status, lastSeen }
+    this.pendingPairs = new Map(); // token -> { agentId, createdAt, name }
+    this.wsServer = null;
+    this._initDb();
+  }
+
+  _initDb() {
+    this.engine.storage.db.exec(`
+      CREATE TABLE IF NOT EXISTS nodes (
+        id TEXT PRIMARY KEY,
+        agent_id TEXT NOT NULL,
+        name TEXT NOT NULL,
+        type TEXT DEFAULT 'generic',
+        platform TEXT DEFAULT 'unknown',
+        capabilities TEXT DEFAULT '[]',
+        paired_at TEXT DEFAULT (datetime('now')),
+        last_seen TEXT,
+        status TEXT DEFAULT 'offline',
+        metadata TEXT DEFAULT '{}'
+      )
+    `);
+  }
+
+  // ── WebSocket Server ──
+
+  async startServer(port = 9501) {
+    try {
+      const { WebSocketServer } = await import('ws');
+      
+      this.wsServer = new WebSocketServer({ port, path: '/nodes' });
+      
+      this.wsServer.on('connection', (ws, req) => {
+        let nodeId = null;
+        
+        ws.on('message', (data) => {
+          try {
+            const msg = JSON.parse(data.toString());
+            this._handleMessage(ws, msg).then(id => {
+              if (id) nodeId = id;
+            });
+          } catch (err) {
+            ws.send(JSON.stringify({ type: 'error', message: 'Invalid message' }));
+          }
+        });
+
+        ws.on('close', () => {
+          if (nodeId) {
+            const node = this.nodes.get(nodeId);
+            if (node) {
+              node.status = 'offline';
+              node.ws = null;
+              this.engine.storage.db.prepare("UPDATE nodes SET status = 'offline' WHERE id = ?").run(nodeId);
+              logger.info('nodes', `Node disconnected: ${node.info?.name || nodeId}`);
+            }
+          }
+        });
+
+        ws.on('error', () => {});
+        
+        // Send hello
+        ws.send(JSON.stringify({ type: 'hello', message: 'Squidclaw Node Server 🦑' }));
+      });
+
+      // Load existing nodes from DB
+      const dbNodes = this.engine.storage.db.prepare('SELECT * FROM nodes').all();
+      for (const n of dbNodes) {
+        this.nodes.set(n.id, {
+          info: n,
+          ws: null,
+          status: 'offline',
+          lastSeen: n.last_seen,
+          pendingCommands: new Map(),
+        });
+      }
+
+      logger.info('nodes', `WebSocket server on port ${port} (${dbNodes.length} registered nodes)`);
+      return true;
+    } catch (err) {
+      logger.error('nodes', `Server failed: ${err.message}`);
+      return false;
+    }
+  }
+
+  // ── Message Handler ──
+
+  async _handleMessage(ws, msg) {
+    const { type } = msg;
+
+    // Pairing
+    if (type === 'pair') {
+      return this._handlePair(ws, msg);
+    }
+
+    // Auth (reconnect with nodeId)
+    if (type === 'auth') {
+      const node = this.nodes.get(msg.nodeId);
+      if (!node) {
+        ws.send(JSON.stringify({ type: 'error', message: 'Unknown node' }));
+        return null;
+      }
+      node.ws = ws;
+      node.status = 'online';
+      node.lastSeen = new Date().toISOString();
+      this.engine.storage.db.prepare("UPDATE nodes SET status = 'online', last_seen = datetime('now') WHERE id = ?").run(msg.nodeId);
+      ws.send(JSON.stringify({ type: 'auth_ok', nodeId: msg.nodeId }));
+      logger.info('nodes', `Node reconnected: ${node.info.name}`);
+      return msg.nodeId;
+    }
+
+    // Command response
+    if (type === 'response') {
+      const node = this.nodes.get(msg.nodeId);
+      if (node) {
+        const pending = node.pendingCommands?.get(msg.commandId);
+        if (pending) {
+          pending.resolve(msg.data);
+          node.pendingCommands.delete(msg.commandId);
+        }
+      }
+      return msg.nodeId;
+    }
+
+    // Status update
+    if (type === 'status') {
+      const node = this.nodes.get(msg.nodeId);
+      if (node) {
+        node.lastSeen = new Date().toISOString();
+        if (msg.data) {
+          node.info = { ...node.info, ...msg.data };
+        }
+        this.engine.storage.db.prepare("UPDATE nodes SET last_seen = datetime('now') WHERE id = ?").run(msg.nodeId);
+      }
+      return msg.nodeId;
+    }
+
+    return null;
+  }
+
+  // ── Pairing ──
+
+  _handlePair(ws, msg) {
+    const token = msg.token;
+    const pending = this.pendingPairs.get(token);
+
+    if (!pending) {
+      ws.send(JSON.stringify({ type: 'pair_error', message: 'Invalid or expired token' }));
+      return null;
+    }
+
+    const nodeId = 'node_' + crypto.randomBytes(4).toString('hex');
+
+    // Register node
+    const info = {
+      id: nodeId,
+      agent_id: pending.agentId,
+      name: pending.name || msg.name || 'Device',
+      type: msg.deviceType || 'generic',
+      platform: msg.platform || 'unknown',
+      capabilities: JSON.stringify(msg.capabilities || []),
+    };
+
+    this.engine.storage.db.prepare(
+      'INSERT INTO nodes (id, agent_id, name, type, platform, capabilities, status) VALUES (?, ?, ?, ?, ?, ?, ?)'
+    ).run(info.id, info.agent_id, info.name, info.type, info.platform, info.capabilities, 'online');
+
+    this.nodes.set(nodeId, {
+      info,
+      ws,
+      status: 'online',
+      lastSeen: new Date().toISOString(),
+      pendingCommands: new Map(),
+    });
+
+    this.pendingPairs.delete(token);
+
+    ws.send(JSON.stringify({ type: 'paired', nodeId, name: info.name }));
+    logger.info('nodes', `New node paired: ${info.name} (${nodeId}) type=${info.type}`);
+
+    return nodeId;
+  }
+
+  // ── Generate pairing token ──
+
+  generatePairToken(agentId, name = 'Device') {
+    const token = crypto.randomBytes(3).toString('hex').toUpperCase(); // 6-char code
+    this.pendingPairs.set(token, {
+      agentId,
+      name,
+      createdAt: Date.now(),
+    });
+
+    // Expire after 5 minutes
+    setTimeout(() => this.pendingPairs.delete(token), 300000);
+
+    return token;
+  }
+
+  // ── Send command to node ──
+
+  async sendCommand(nodeId, command, data = {}, timeout = 30000) {
+    const node = this.nodes.get(nodeId);
+    if (!node) throw new Error('Node not found: ' + nodeId);
+    if (!node.ws || node.status !== 'online') throw new Error('Node offline: ' + (node.info?.name || nodeId));
+
+    const commandId = 'cmd_' + Date.now().toString(36);
+
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        node.pendingCommands?.delete(commandId);
+        reject(new Error('Command timeout'));
+      }, timeout);
+
+      node.pendingCommands = node.pendingCommands || new Map();
+      node.pendingCommands.set(commandId, {
+        resolve: (data) => { clearTimeout(timer); resolve(data); },
+      });
+
+      node.ws.send(JSON.stringify({
+        type: 'command',
+        commandId,
+        command,
+        data,
+      }));
+    });
+  }
+
+  // ── High-level commands ──
+
+  async camera(nodeId, options = {}) {
+    return this.sendCommand(nodeId, 'camera', {
+      facing: options.facing || 'back',
+      ...options,
+    });
+  }
+
+  async screenshot(nodeId) {
+    return this.sendCommand(nodeId, 'screenshot');
+  }
+
+  async location(nodeId) {
+    return this.sendCommand(nodeId, 'location');
+  }
+
+  async notify(nodeId, title, body) {
+    return this.sendCommand(nodeId, 'notify', { title, body });
+  }
+
+  async run(nodeId, command) {
+    return this.sendCommand(nodeId, 'run', { command }, 60000);
+  }
+
+  async screenRecord(nodeId, durationMs = 10000) {
+    return this.sendCommand(nodeId, 'screen_record', { durationMs }, durationMs + 10000);
+  }
+
+  // ── List/Status ──
+
+  list(agentId) {
+    return this.engine.storage.db.prepare(
+      'SELECT * FROM nodes WHERE agent_id = ? ORDER BY name'
+    ).all(agentId).map(n => {
+      const live = this.nodes.get(n.id);
+      return {
+        ...n,
+        capabilities: JSON.parse(n.capabilities || '[]'),
+        status: live?.status || 'offline',
+        lastSeen: live?.lastSeen || n.last_seen,
+      };
+    });
+  }
+
+  getNode(nodeId) {
+    const db = this.engine.storage.db.prepare('SELECT * FROM nodes WHERE id = ?').get(nodeId);
+    if (!db) return null;
+    const live = this.nodes.get(nodeId);
+    return { ...db, status: live?.status || 'offline', capabilities: JSON.parse(db.capabilities || '[]') };
+  }
+
+  removeNode(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (node?.ws) {
+      node.ws.send(JSON.stringify({ type: 'unpaired' }));
+      node.ws.close();
+    }
+    this.nodes.delete(nodeId);
+    this.engine.storage.db.prepare('DELETE FROM nodes WHERE id = ?').run(nodeId);
+    logger.info('nodes', `Removed node: ${nodeId}`);
+  }
+
+  // ── Cleanup ──
+
+  stop() {
+    if (this.wsServer) {
+      this.wsServer.close();
+      logger.info('nodes', 'WebSocket server stopped');
+    }
+  }
+}

package/lib/features/sandbox.js

@@ -0,0 +1,299 @@
+/**
+ * 🦑 Proper Sandbox
+ * Isolated code execution with resource limits
+ * - VM isolation (vm module)
+ * - CPU timeout
+ * - Memory limits
+ * - File system jail
+ * - Network restrictions
+ * - Safe eval for user code
+ */
+
+import { logger } from '../core/logger.js';
+import { mkdirSync, writeFileSync, readFileSync, existsSync, readdirSync, statSync, unlinkSync } from 'fs';
+import { join, resolve } from 'path';
+import { execSync, spawn } from 'child_process';
+import vm from 'vm';
+
+export class Sandbox {
+  constructor(options = {}) {
+    this.jailDir = options.jailDir || '/tmp/squidclaw-sandbox';
+    this.timeout = options.timeout || 10000;      // 10s default
+    this.maxMemory = options.maxMemory || 64;      // 64MB
+    this.maxFileSize = options.maxFileSize || 1024 * 1024; // 1MB
+    this.maxFiles = options.maxFiles || 50;
+    this.maxOutputSize = options.maxOutputSize || 50000; // 50KB
+    this.allowNetwork = options.allowNetwork || false;
+    
+    mkdirSync(this.jailDir, { recursive: true });
+
+    // Blocked patterns for shell commands
+    this.blockedCommands = [
+      /rm\s+(-rf?|--recursive)\s+\//, /mkfs/, /dd\s+if=/, /:\(\)\{/, 
+      /chmod\s+777\s+\//, /chown\s.*\//, /passwd/, /userdel/, /useradd/,
+      /shutdown/, /reboot/, /halt/, /poweroff/,
+      /iptables/, /ufw\s/, /firewall/,
+      /wget.*\|.*sh/, /curl.*\|.*sh/, /eval\s*\(/, // download & execute
+      /\/etc\/shadow/, /\/etc\/passwd/,
+      /ssh\s/, /scp\s/, /rsync\s/,  // no remote access
+      /npm\s+install\s+-g/, /pip\s+install/,  // no global installs
+      /systemctl/, /service\s/,  // no service control
+    ];
+  }
+
+  // ── JavaScript VM Execution ──
+
+  evalJS(code, context = {}) {
+    const sandbox = {
+      console: {
+        log: (...args) => { output.push(args.map(String).join(' ')); },
+        error: (...args) => { output.push('ERROR: ' + args.map(String).join(' ')); },
+        warn: (...args) => { output.push('WARN: ' + args.map(String).join(' ')); },
+      },
+      Math, Date, JSON, parseInt, parseFloat, isNaN, isFinite,
+      String, Number, Boolean, Array, Object, Map, Set, RegExp,
+      setTimeout: undefined, setInterval: undefined, // blocked
+      fetch: undefined, // blocked unless allowNetwork
+      require: undefined, // blocked
+      process: { env: {} }, // sanitized
+      Buffer: undefined, // blocked
+      ...context,
+    };
+
+    const output = [];
+
+    try {
+      const vmContext = vm.createContext(sandbox, {
+        codeGeneration: { strings: false, wasm: false },
+      });
+
+      const script = new vm.Script(code, {
+        timeout: this.timeout,
+        filename: 'sandbox.js',
+      });
+
+      const result = script.runInContext(vmContext, {
+        timeout: this.timeout,
+        breakOnSigint: true,
+      });
+
+      if (result !== undefined && !output.length) {
+        output.push(String(result));
+      }
+
+      const finalOutput = output.join('\n').slice(0, this.maxOutputSize);
+      logger.info('sandbox', `JS eval OK (${code.length} chars)`);
+      return { success: true, output: finalOutput, type: 'javascript' };
+
+    } catch (err) {
+      const errMsg = err.code === 'ERR_SCRIPT_EXECUTION_TIMEOUT' 
+        ? 'Execution timeout (' + (this.timeout / 1000) + 's limit)'
+        : err.message;
+      return { success: false, error: errMsg, output: output.join('\n'), type: 'javascript' };
+    }
+  }
+
+  // ── Python Execution (process-isolated) ──
+
+  async runPython(code, options = {}) {
+    const filename = 'run_' + Date.now() + '.py';
+    const filepath = join(this.jailDir, filename);
+    const timeout = options.timeout || this.timeout;
+
+    // Safety: wrap in resource limits
+    const wrappedCode = `
+import sys, os, signal
+signal.alarm(${Math.ceil(timeout / 1000)})
+sys.path = ['.']
+os.chdir('${this.jailDir}')
+${code}
+`;
+
+    writeFileSync(filepath, wrappedCode);
+
+    try {
+      const result = await this._execProcess('python3', [filepath], {
+        timeout,
+        cwd: this.jailDir,
+        maxOutput: this.maxOutputSize,
+      });
+      return { ...result, type: 'python' };
+    } finally {
+      try { unlinkSync(filepath); } catch {}
+    }
+  }
+
+  // ── Shell Execution (sandboxed) ──
+
+  async runShell(command, options = {}) {
+    // Security check
+    for (const pattern of this.blockedCommands) {
+      if (pattern.test(command)) {
+        return { success: false, error: 'Blocked: dangerous command pattern', type: 'shell' };
+      }
+    }
+
+    const timeout = options.timeout || this.timeout;
+
+    try {
+      const output = execSync(command, {
+        cwd: options.cwd || this.jailDir,
+        timeout,
+        maxBuffer: this.maxOutputSize,
+        encoding: 'utf8',
+        env: {
+          PATH: '/usr/local/bin:/usr/bin:/bin',
+          HOME: this.jailDir,
+          LANG: 'en_US.UTF-8',
+          // No AWS keys, no tokens, no secrets
+        },
+      });
+
+      logger.info('sandbox', `Shell OK: ${command.slice(0, 50)}`);
+      return { success: true, output: output.trim().slice(0, this.maxOutputSize), type: 'shell' };
+    } catch (err) {
+      return {
+        success: false,
+        output: (err.stdout || '').trim().slice(0, 5000),
+        error: (err.stderr || err.message).trim().slice(0, 5000),
+        exitCode: err.status || 1,
+        type: 'shell',
+      };
+    }
+  }
+
+  // ── File System (jailed) ──
+
+  writeFile(name, content) {
+    const safePath = this._safePath(name);
+    
+    if (content.length > this.maxFileSize) {
+      throw new Error('File too large: ' + (content.length / 1024).toFixed(0) + 'KB (max ' + (this.maxFileSize / 1024) + 'KB)');
+    }
+
+    const fileCount = this._countFiles();
+    if (fileCount >= this.maxFiles) {
+      throw new Error('Too many files in sandbox (max ' + this.maxFiles + ')');
+    }
+
+    const dir = resolve(safePath, '..');
+    mkdirSync(dir, { recursive: true });
+    writeFileSync(safePath, content);
+    return { path: safePath, size: content.length };
+  }
+
+  readFile(name) {
+    const safePath = this._safePath(name);
+    if (!existsSync(safePath)) throw new Error('File not found: ' + name);
+    
+    const stat = statSync(safePath);
+    if (stat.size > this.maxFileSize) throw new Error('File too large to read');
+    
+    return readFileSync(safePath, 'utf8');
+  }
+
+  listFiles(subdir = '.') {
+    const safePath = this._safePath(subdir);
+    if (!existsSync(safePath)) return [];
+    
+    return readdirSync(safePath, { withFileTypes: true }).map(d => ({
+      name: d.name,
+      type: d.isDirectory() ? 'dir' : 'file',
+      size: d.isFile() ? statSync(join(safePath, d.name)).size : 0,
+    }));
+  }
+
+  deleteFile(name) {
+    const safePath = this._safePath(name);
+    if (existsSync(safePath)) unlinkSync(safePath);
+  }
+
+  // ── Cleanup ──
+
+  cleanup() {
+    try {
+      execSync(`find ${this.jailDir} -type f -mmin +60 -delete 2>/dev/null`, { timeout: 5000 });
+      logger.info('sandbox', 'Cleaned old files');
+    } catch {}
+  }
+
+  // ── Stats ──
+
+  getStats() {
+    const files = this._countFiles();
+    let totalSize = 0;
+    try {
+      const output = execSync(`du -sb ${this.jailDir} 2>/dev/null`, { encoding: 'utf8' });
+      totalSize = parseInt(output.split('\t')[0]) || 0;
+    } catch {}
+
+    return {
+      files,
+      maxFiles: this.maxFiles,
+      totalSize,
+      maxFileSize: this.maxFileSize,
+      timeout: this.timeout,
+      maxMemory: this.maxMemory,
+      jailDir: this.jailDir,
+      allowNetwork: this.allowNetwork,
+    };
+  }
+
+  // ── Internal ──
+
+  _safePath(name) {
+    const resolved = resolve(this.jailDir, name);
+    if (!resolved.startsWith(this.jailDir)) {
+      throw new Error('Path traversal blocked');
+    }
+    return resolved;
+  }
+
+  _countFiles() {
+    try {
+      const output = execSync(`find ${this.jailDir} -type f | wc -l`, { encoding: 'utf8', timeout: 3000 });
+      return parseInt(output.trim()) || 0;
+    } catch { return 0; }
+  }
+
+  async _execProcess(cmd, args, options = {}) {
+    return new Promise((resolve) => {
+      let stdout = '';
+      let stderr = '';
+      const timeout = options.timeout || this.timeout;
+      const maxOutput = options.maxOutput || this.maxOutputSize;
+
+      const proc = spawn(cmd, args, {
+        cwd: options.cwd || this.jailDir,
+        timeout,
+        env: {
+          PATH: '/usr/local/bin:/usr/bin:/bin',
+          HOME: this.jailDir,
+          LANG: 'en_US.UTF-8',
+        },
+      });
+
+      const timer = setTimeout(() => {
+        proc.kill('SIGKILL');
+        resolve({ success: false, error: 'Timeout (' + (timeout / 1000) + 's)', output: stdout.slice(0, maxOutput) });
+      }, timeout);
+
+      proc.stdout.on('data', d => { stdout += d; if (stdout.length > maxOutput) proc.kill(); });
+      proc.stderr.on('data', d => { stderr += d; });
+
+      proc.on('close', (code) => {
+        clearTimeout(timer);
+        if (code === 0) {
+          resolve({ success: true, output: stdout.trim().slice(0, maxOutput) });
+        } else {
+          resolve({ success: false, output: stdout.trim().slice(0, 5000), error: stderr.trim().slice(0, 5000), exitCode: code });
+        }
+      });
+
+      proc.on('error', (err) => {
+        clearTimeout(timer);
+        resolve({ success: false, error: err.message });
+      });
+    });
+  }
+}

package/lib/middleware/commands.js

@@ -145,6 +145,96 @@ export async function commandsMiddleware(ctx, next) {
     return;
   }
 
+  if (cmd === '/nodes' || cmd === '/devices') {
+    if (!ctx.engine.nodeManager) { await ctx.reply('❌ Nodes not available'); return; }
+    const args = msg.split(/\s+/).slice(1);
+    const sub = args[0];
+
+    if (!sub || sub === 'list') {
+      const nodes = ctx.engine.nodeManager.list(ctx.agentId);
+      if (nodes.length === 0) {
+        await ctx.reply('📡 No paired devices\n\nUse /nodes pair <name> to add one');
+        return;
+      }
+      const lines = nodes.map(n =>
+        (n.status === 'online' ? '🟢' : '🔴') + ' *' + n.name + '* (' + n.type + ')\n   ' + n.platform + ' · ' + n.id
+      );
+      await ctx.reply('📡 *Paired Devices*\n\n' + lines.join('\n\n'));
+      return;
+    }
+
+    if (sub === 'pair') {
+      const name = args.slice(1).join(' ') || 'My Device';
+      const token = ctx.engine.nodeManager.generatePairToken(ctx.agentId, name);
+      await ctx.reply('📡 *Pair: ' + name + '*\n\nCode: `' + token + '`\n\nEnter this on the device.\nExpires in 5 minutes.\n\nWebSocket: ws://' + (ctx.engine.config.api?.host || '0.0.0.0') + ':9501/nodes');
+      return;
+    }
+
+    if (sub === 'remove') {
+      const id = args[1];
+      if (!id) { await ctx.reply('Usage: /nodes remove <id>'); return; }
+      ctx.engine.nodeManager.removeNode(id);
+      await ctx.reply('✅ Device removed');
+      return;
+    }
+
+    if (sub === 'notify') {
+      const id = args[1];
+      const message = args.slice(2).join(' ');
+      if (!id || !message) { await ctx.reply('Usage: /nodes notify <id> <message>'); return; }
+      try {
+        await ctx.engine.nodeManager.notify(id, 'Squidclaw', message);
+        await ctx.reply('📨 Notification sent');
+      } catch (err) { await ctx.reply('❌ ' + err.message); }
+      return;
+    }
+
+    await ctx.reply('📡 *Node Commands*\n\n/nodes — list devices\n/nodes pair <name> — generate pairing code\n/nodes remove <id> — unpair\n/nodes notify <id> <msg> — send notification');
+    return;
+  }
+
+  if (cmd === '/sandbox') {
+    if (!ctx.engine.sandbox) { await ctx.reply('❌ Sandbox not available'); return; }
+    const args = msg.slice(9).trim();
+    
+    if (!args || args === 'stats') {
+      const stats = ctx.engine.sandbox.getStats();
+      await ctx.reply('🔒 *Sandbox*\n\n📁 Files: ' + stats.files + '/' + stats.maxFiles + '\n💾 Size: ' + (stats.totalSize / 1024).toFixed(0) + ' KB\n⏱️ Timeout: ' + (stats.timeout / 1000) + 's\n🧠 Max memory: ' + stats.maxMemory + ' MB\n🌐 Network: ' + (stats.allowNetwork ? '✅' : '🚫'));
+      return;
+    }
+    
+    if (args === 'files') {
+      const files = ctx.engine.sandbox.listFiles();
+      if (files.length === 0) { await ctx.reply('📁 Sandbox is empty'); return; }
+      const lines = files.map(f => (f.type === 'dir' ? '📁 ' : '📄 ') + f.name + (f.size ? ' (' + (f.size / 1024).toFixed(1) + ' KB)' : ''));
+      await ctx.reply('📁 *Sandbox Files*\n\n' + lines.join('\n'));
+      return;
+    }
+    
+    if (args === 'clean') {
+      ctx.engine.sandbox.cleanup();
+      await ctx.reply('🧹 Sandbox cleaned');
+      return;
+    }
+    
+    if (args.startsWith('js ')) {
+      const code = args.slice(3);
+      const result = ctx.engine.sandbox.evalJS(code);
+      await ctx.reply(result.success ? '```\n' + (result.output || '(no output)') + '\n```' : '❌ ' + result.error);
+      return;
+    }
+    
+    if (args.startsWith('py ')) {
+      const code = args.slice(3);
+      const result = await ctx.engine.sandbox.runPython(code);
+      await ctx.reply(result.success ? '```\n' + (result.output || '(no output)') + '\n```' : '❌ ' + (result.error || 'Failed'));
+      return;
+    }
+
+    await ctx.reply('🔒 *Sandbox Commands*\n\n/sandbox — stats\n/sandbox files — list files\n/sandbox clean — remove old files\n/sandbox js <code> — run JavaScript\n/sandbox py <code> — run Python');
+    return;
+  }
+
   if (cmd === '/plugins' || cmd === '/plugin') {
     if (!ctx.engine.plugins) { await ctx.reply('❌ Plugin system not available'); return; }
     const args = msg.split(/\s+/).slice(1);

package/lib/tools/router.js

@@ -169,6 +169,30 @@ export class ToolRouter {
       '---TOOL:handoff:reason---',
       'Transfer the conversation to a human agent. Use when you cannot help further.');
 
+    tools.push('', '### Pair Device',
+      '---TOOL:node_pair:device name---',
+      'Generate a pairing code for a new device (phone, PC, server).',
+      '', '### List Devices',
+      '---TOOL:node_list:all---',
+      'Show all paired devices and their status.',
+      '', '### Send to Device',
+      '---TOOL:node_cmd:node_id|command|data---',
+      'Send a command to a paired device. Commands: camera, screenshot, location, notify, run.',
+      'Example: ---TOOL:node_cmd:node_abc123|notify|Meeting in 5 minutes!---',
+      '', '### Device Camera',
+      '---TOOL:node_camera:node_id---',
+      'Take a photo from a paired device camera.',
+      '', '### Device Location',
+      '---TOOL:node_location:node_id---',
+      'Get GPS location of a paired device.');
+
+    tools.push('', '### Run JavaScript (Sandboxed)',
+      '---TOOL:js:console.log(2 + 2)---',
+      'Execute JavaScript in a secure VM sandbox. No network, no filesystem, no require. Safe for math, logic, data processing.',
+      '', '### Sandbox Info',
+      '---TOOL:sandbox_info:stats---',
+      'Show sandbox stats (files, size, limits).');
+
     tools.push('', '### Run Command',
       '---TOOL:exec:ls -la---',
       'Execute a shell command. Output is returned. Sandboxed for safety.',
@@ -611,10 +635,15 @@ export class ToolRouter {
         case 'exec':
         case 'shell':
         case 'run': {
-          const { ShellTool } = await import('./shell.js');
-          const sh = new ShellTool();
-          const result = sh.exec(toolArg);
-          toolResult = result.error ? 'Error: ' + result.error : result.output || '(no output)';
+          if (this._engine?.sandbox) {
+            const result = await this._engine.sandbox.runShell(toolArg);
+            toolResult = result.success ? (result.output || '(no output)') : 'Error: ' + (result.error || 'Unknown');
+          } else {
+            const { ShellTool } = await import('./shell.js');
+            const sh = new ShellTool();
+            const result = sh.exec(toolArg);
+            toolResult = result.error ? 'Error: ' + result.error : result.output || '(no output)';
+          }
           break;
         }
         case 'readfile': {
@@ -643,14 +672,95 @@ export class ToolRouter {
           toolResult = result.error || result.files.map(f => (f.type === 'dir' ? '📁 ' : '📄 ') + f.name).join('\n');
           break;
         }
+        case 'js':
+        case 'javascript':
+        case 'eval': {
+          if (this._engine?.sandbox) {
+            const result = this._engine.sandbox.evalJS(toolArg);
+            toolResult = result.success ? (result.output || '(no output)') : 'Error: ' + (result.error || 'Unknown');
+          } else {
+            toolResult = 'Sandbox not available';
+          }
+          break;
+        }
         case 'python':
         case 'py': {
-          const { ShellTool } = await import('./shell.js');
-          const sh = new ShellTool();
-          // Write Python script then execute
-          sh.writeFile('_run.py', toolArg);
-          const result = sh.exec('python3 _run.py');
-          toolResult = result.error ? 'Error: ' + result.error : result.output || '(no output)';
+          if (this._engine?.sandbox) {
+            const result = await this._engine.sandbox.runPython(toolArg);
+            toolResult = result.success ? (result.output || '(no output)') : 'Error: ' + (result.error || 'Unknown');
+          } else {
+            const { ShellTool } = await import('./shell.js');
+            const sh = new ShellTool();
+            sh.writeFile('_run.py', toolArg);
+            const result = sh.exec('python3 _run.py');
+            toolResult = result.error ? 'Error: ' + result.error : result.output || '(no output)';
+          }
+          break;
+        }
+        case 'node_pair': {
+          if (!this._engine?.nodeManager) { toolResult = 'Nodes not available'; break; }
+          const token = this._engine.nodeManager.generatePairToken(agentId, toolArg || 'Device');
+          toolResult = '📡 Pairing code: *' + token + '*\n\nEnter this code on the device to pair.\nExpires in 5 minutes.\n\nConnect to: ws://<server>:9501/nodes';
+          break;
+        }
+        case 'node_list': {
+          if (!this._engine?.nodeManager) { toolResult = 'Nodes not available'; break; }
+          const nodes = this._engine.nodeManager.list(agentId);
+          if (nodes.length === 0) { toolResult = 'No paired devices. Use node_pair to add one.'; break; }
+          toolResult = nodes.map(n =>
+            (n.status === 'online' ? '🟢' : '🔴') + ' ' + n.name + ' (' + n.type + ')\n   ID: ' + n.id + '\n   Platform: ' + n.platform + '\n   Last seen: ' + (n.lastSeen || 'never')
+          ).join('\n\n');
+          break;
+        }
+        case 'node_cmd': {
+          if (!this._engine?.nodeManager) { toolResult = 'Nodes not available'; break; }
+          try {
+            const parts = toolArg.split('|').map(p => p.trim());
+            const [nodeId, command, ...dataParts] = parts;
+            const data = dataParts.join('|');
+            
+            if (command === 'notify') {
+              await this._engine.nodeManager.notify(nodeId, 'Squidclaw', data);
+              toolResult = '📨 Notification sent to device';
+            } else if (command === 'run') {
+              const result = await this._engine.nodeManager.run(nodeId, data);
+              toolResult = 'Output: ' + JSON.stringify(result);
+            } else {
+              const result = await this._engine.nodeManager.sendCommand(nodeId, command, { data });
+              toolResult = JSON.stringify(result);
+            }
+          } catch (err) { toolResult = 'Failed: ' + err.message; }
+          break;
+        }
+        case 'node_camera': {
+          if (!this._engine?.nodeManager) { toolResult = 'Nodes not available'; break; }
+          try {
+            const result = await this._engine.nodeManager.camera(toolArg.trim());
+            toolResult = 'Camera captured: ' + JSON.stringify(result);
+          } catch (err) { toolResult = 'Failed: ' + err.message; }
+          break;
+        }
+        case 'node_location': {
+          if (!this._engine?.nodeManager) { toolResult = 'Nodes not available'; break; }
+          try {
+            const result = await this._engine.nodeManager.location(toolArg.trim());
+            toolResult = 'Location: ' + JSON.stringify(result);
+          } catch (err) { toolResult = 'Failed: ' + err.message; }
+          break;
+        }
+        case 'sandbox_info': {
+          if (this._engine?.sandbox) {
+            const stats = this._engine.sandbox.getStats();
+            toolResult = '🔒 Sandbox Stats:\n' +
+              '📁 Files: ' + stats.files + '/' + stats.maxFiles + '\n' +
+              '💾 Size: ' + (stats.totalSize / 1024).toFixed(0) + ' KB\n' +
+              '⏱️ Timeout: ' + (stats.timeout / 1000) + 's\n' +
+              '🧠 Max memory: ' + stats.maxMemory + ' MB\n' +
+              '🌐 Network: ' + (stats.allowNetwork ? 'allowed' : 'blocked') + '\n' +
+              '📂 Jail: ' + stats.jailDir;
+          } else {
+            toolResult = 'Sandbox not available';
+          }
           break;
         }
         case 'spawn': {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "squidclaw",
-  "version": "2.6.0",
+  "version": "2.8.0",
   "description": "🦑 AI agent platform — human-like agents for WhatsApp, Telegram & more",
   "main": "lib/engine.js",
   "bin": {
@@ -56,6 +56,7 @@
     "qrcode-terminal": "^0.12.0",
     "sharp": "^0.34.5",
     "undici": "^7.22.0",
+    "ws": "^8.19.0",
     "yaml": "^2.8.2",
     "zod": "^4.3.6"
   }