teamcast 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +654 -0
- package/dist/application/build-generated-files.d.ts +8 -0
- package/dist/application/build-generated-files.d.ts.map +1 -0
- package/dist/application/build-generated-files.js +16 -0
- package/dist/application/build-generated-files.js.map +1 -0
- package/dist/application/team.d.ts +27 -0
- package/dist/application/team.d.ts.map +1 -0
- package/dist/application/team.js +203 -0
- package/dist/application/team.js.map +1 -0
- package/dist/application/validate-team.d.ts +32 -0
- package/dist/application/validate-team.d.ts.map +1 -0
- package/dist/application/validate-team.js +132 -0
- package/dist/application/validate-team.js.map +1 -0
- package/dist/cli/diff.d.ts +3 -0
- package/dist/cli/diff.d.ts.map +1 -0
- package/dist/cli/diff.js +57 -0
- package/dist/cli/diff.js.map +1 -0
- package/dist/cli/explain.d.ts +3 -0
- package/dist/cli/explain.d.ts.map +1 -0
- package/dist/cli/explain.js +29 -0
- package/dist/cli/explain.js.map +1 -0
- package/dist/cli/generate.d.ts +3 -0
- package/dist/cli/generate.d.ts.map +1 -0
- package/dist/cli/generate.js +68 -0
- package/dist/cli/generate.js.map +1 -0
- package/dist/cli/import.d.ts +3 -0
- package/dist/cli/import.d.ts.map +1 -0
- package/dist/cli/import.js +93 -0
- package/dist/cli/import.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +19 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/cli/init.d.ts +3 -0
- package/dist/cli/init.d.ts.map +1 -0
- package/dist/cli/init.js +155 -0
- package/dist/cli/init.js.map +1 -0
- package/dist/cli/manage.d.ts +3 -0
- package/dist/cli/manage.d.ts.map +1 -0
- package/dist/cli/manage.js +350 -0
- package/dist/cli/manage.js.map +1 -0
- package/dist/cli/manifest-validation.d.ts +13 -0
- package/dist/cli/manifest-validation.d.ts.map +1 -0
- package/dist/cli/manifest-validation.js +38 -0
- package/dist/cli/manifest-validation.js.map +1 -0
- package/dist/cli/reset.d.ts +3 -0
- package/dist/cli/reset.d.ts.map +1 -0
- package/dist/cli/reset.js +116 -0
- package/dist/cli/reset.js.map +1 -0
- package/dist/cli/validate.d.ts +3 -0
- package/dist/cli/validate.d.ts.map +1 -0
- package/dist/cli/validate.js +48 -0
- package/dist/cli/validate.js.map +1 -0
- package/dist/components/agent-fragments.d.ts +15 -0
- package/dist/components/agent-fragments.d.ts.map +1 -0
- package/dist/components/agent-fragments.js +163 -0
- package/dist/components/agent-fragments.js.map +1 -0
- package/dist/components/policy-fragments.d.ts +5 -0
- package/dist/components/policy-fragments.d.ts.map +1 -0
- package/dist/components/policy-fragments.js +125 -0
- package/dist/components/policy-fragments.js.map +1 -0
- package/dist/core/assertions.d.ts +28 -0
- package/dist/core/assertions.d.ts.map +1 -0
- package/dist/core/assertions.js +11 -0
- package/dist/core/assertions.js.map +1 -0
- package/dist/core/guards.d.ts +11 -0
- package/dist/core/guards.d.ts.map +1 -0
- package/dist/core/guards.js +20 -0
- package/dist/core/guards.js.map +1 -0
- package/dist/core/index.d.ts +9 -0
- package/dist/core/index.d.ts.map +1 -0
- package/dist/core/index.js +9 -0
- package/dist/core/index.js.map +1 -0
- package/dist/core/instructions.d.ts +10 -0
- package/dist/core/instructions.d.ts.map +1 -0
- package/dist/core/instructions.js +33 -0
- package/dist/core/instructions.js.map +1 -0
- package/dist/core/permissions.d.ts +10 -0
- package/dist/core/permissions.d.ts.map +1 -0
- package/dist/core/permissions.js +67 -0
- package/dist/core/permissions.js.map +1 -0
- package/dist/core/policy-evaluator.d.ts +5 -0
- package/dist/core/policy-evaluator.d.ts.map +1 -0
- package/dist/core/policy-evaluator.js +161 -0
- package/dist/core/policy-evaluator.js.map +1 -0
- package/dist/core/skill-resolver.d.ts +8 -0
- package/dist/core/skill-resolver.d.ts.map +1 -0
- package/dist/core/skill-resolver.js +17 -0
- package/dist/core/skill-resolver.js.map +1 -0
- package/dist/core/skills.d.ts +4 -0
- package/dist/core/skills.d.ts.map +1 -0
- package/dist/core/skills.js +14 -0
- package/dist/core/skills.js.map +1 -0
- package/dist/core/types.d.ts +117 -0
- package/dist/core/types.d.ts.map +1 -0
- package/dist/core/types.js +6 -0
- package/dist/core/types.js.map +1 -0
- package/dist/detector/index.d.ts +7 -0
- package/dist/detector/index.d.ts.map +1 -0
- package/dist/detector/index.js +57 -0
- package/dist/detector/index.js.map +1 -0
- package/dist/diff/index.d.ts +10 -0
- package/dist/diff/index.d.ts.map +1 -0
- package/dist/diff/index.js +26 -0
- package/dist/diff/index.js.map +1 -0
- package/dist/explainer/index.d.ts +3 -0
- package/dist/explainer/index.d.ts.map +1 -0
- package/dist/explainer/index.js +85 -0
- package/dist/explainer/index.js.map +1 -0
- package/dist/generator/file-policies.d.ts +2 -0
- package/dist/generator/file-policies.d.ts.map +1 -0
- package/dist/generator/file-policies.js +4 -0
- package/dist/generator/file-policies.js.map +1 -0
- package/dist/generator/index.d.ts +5 -0
- package/dist/generator/index.d.ts.map +1 -0
- package/dist/generator/index.js +10 -0
- package/dist/generator/index.js.map +1 -0
- package/dist/generator/renderers/agent-md.d.ts +5 -0
- package/dist/generator/renderers/agent-md.d.ts.map +1 -0
- package/dist/generator/renderers/agent-md.js +66 -0
- package/dist/generator/renderers/agent-md.js.map +1 -0
- package/dist/generator/renderers/agents-md.d.ts +4 -0
- package/dist/generator/renderers/agents-md.d.ts.map +1 -0
- package/dist/generator/renderers/agents-md.js +86 -0
- package/dist/generator/renderers/agents-md.js.map +1 -0
- package/dist/generator/renderers/claude-md.d.ts +4 -0
- package/dist/generator/renderers/claude-md.d.ts.map +1 -0
- package/dist/generator/renderers/claude-md.js +68 -0
- package/dist/generator/renderers/claude-md.js.map +1 -0
- package/dist/generator/renderers/codex-config.d.ts +4 -0
- package/dist/generator/renderers/codex-config.d.ts.map +1 -0
- package/dist/generator/renderers/codex-config.js +145 -0
- package/dist/generator/renderers/codex-config.js.map +1 -0
- package/dist/generator/renderers/codex-skill-md.d.ts +4 -0
- package/dist/generator/renderers/codex-skill-md.d.ts.map +1 -0
- package/dist/generator/renderers/codex-skill-md.js +47 -0
- package/dist/generator/renderers/codex-skill-md.js.map +1 -0
- package/dist/generator/renderers/settings-json.d.ts +5 -0
- package/dist/generator/renderers/settings-json.d.ts.map +1 -0
- package/dist/generator/renderers/settings-json.js +100 -0
- package/dist/generator/renderers/settings-json.js.map +1 -0
- package/dist/generator/renderers/skill-md.d.ts +4 -0
- package/dist/generator/renderers/skill-md.d.ts.map +1 -0
- package/dist/generator/renderers/skill-md.js +44 -0
- package/dist/generator/renderers/skill-md.js.map +1 -0
- package/dist/generator/state.d.ts +14 -0
- package/dist/generator/state.d.ts.map +1 -0
- package/dist/generator/state.js +76 -0
- package/dist/generator/state.js.map +1 -0
- package/dist/generator/targets/claude.d.ts +3 -0
- package/dist/generator/targets/claude.d.ts.map +1 -0
- package/dist/generator/targets/claude.js +24 -0
- package/dist/generator/targets/claude.js.map +1 -0
- package/dist/generator/targets/codex.d.ts +3 -0
- package/dist/generator/targets/codex.d.ts.map +1 -0
- package/dist/generator/targets/codex.js +19 -0
- package/dist/generator/targets/codex.js.map +1 -0
- package/dist/generator/targets/index.d.ts +4 -0
- package/dist/generator/targets/index.d.ts.map +1 -0
- package/dist/generator/targets/index.js +10 -0
- package/dist/generator/targets/index.js.map +1 -0
- package/dist/generator/targets/types.d.ts +8 -0
- package/dist/generator/targets/types.d.ts.map +1 -0
- package/dist/generator/targets/types.js +2 -0
- package/dist/generator/targets/types.js.map +1 -0
- package/dist/generator/types.d.ts +11 -0
- package/dist/generator/types.d.ts.map +1 -0
- package/dist/generator/types.js +2 -0
- package/dist/generator/types.js.map +1 -0
- package/dist/generator/writer.d.ts +5 -0
- package/dist/generator/writer.d.ts.map +1 -0
- package/dist/generator/writer.js +14 -0
- package/dist/generator/writer.js.map +1 -0
- package/dist/importer/index.d.ts +12 -0
- package/dist/importer/index.d.ts.map +1 -0
- package/dist/importer/index.js +295 -0
- package/dist/importer/index.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +25 -0
- package/dist/index.js.map +1 -0
- package/dist/manifest/compat.d.ts +6 -0
- package/dist/manifest/compat.d.ts.map +1 -0
- package/dist/manifest/compat.js +56 -0
- package/dist/manifest/compat.js.map +1 -0
- package/dist/manifest/defaults.d.ts +4 -0
- package/dist/manifest/defaults.d.ts.map +1 -0
- package/dist/manifest/defaults.js +28 -0
- package/dist/manifest/defaults.js.map +1 -0
- package/dist/manifest/normalize.d.ts +14 -0
- package/dist/manifest/normalize.d.ts.map +1 -0
- package/dist/manifest/normalize.js +353 -0
- package/dist/manifest/normalize.js.map +1 -0
- package/dist/manifest/reader.d.ts +7 -0
- package/dist/manifest/reader.d.ts.map +1 -0
- package/dist/manifest/reader.js +36 -0
- package/dist/manifest/reader.js.map +1 -0
- package/dist/manifest/schema-validator.d.ts +13 -0
- package/dist/manifest/schema-validator.d.ts.map +1 -0
- package/dist/manifest/schema-validator.js +33 -0
- package/dist/manifest/schema-validator.js.map +1 -0
- package/dist/manifest/types.d.ts +150 -0
- package/dist/manifest/types.d.ts.map +1 -0
- package/dist/manifest/types.js +4 -0
- package/dist/manifest/types.js.map +1 -0
- package/dist/manifest/writer.d.ts +3 -0
- package/dist/manifest/writer.d.ts.map +1 -0
- package/dist/manifest/writer.js +10 -0
- package/dist/manifest/writer.js.map +1 -0
- package/dist/presets/index.d.ts +6 -0
- package/dist/presets/index.d.ts.map +1 -0
- package/dist/presets/index.js +56 -0
- package/dist/presets/index.js.map +1 -0
- package/dist/presets/types.d.ts +12 -0
- package/dist/presets/types.d.ts.map +1 -0
- package/dist/presets/types.js +2 -0
- package/dist/presets/types.js.map +1 -0
- package/dist/renderers/claude/agent-md.d.ts +5 -0
- package/dist/renderers/claude/agent-md.d.ts.map +1 -0
- package/dist/renderers/claude/agent-md.js +45 -0
- package/dist/renderers/claude/agent-md.js.map +1 -0
- package/dist/renderers/claude/docs.d.ts +5 -0
- package/dist/renderers/claude/docs.d.ts.map +1 -0
- package/dist/renderers/claude/docs.js +155 -0
- package/dist/renderers/claude/docs.js.map +1 -0
- package/dist/renderers/claude/index.d.ts +5 -0
- package/dist/renderers/claude/index.d.ts.map +1 -0
- package/dist/renderers/claude/index.js +23 -0
- package/dist/renderers/claude/index.js.map +1 -0
- package/dist/renderers/claude/policy-mapper.d.ts +10 -0
- package/dist/renderers/claude/policy-mapper.d.ts.map +1 -0
- package/dist/renderers/claude/policy-mapper.js +40 -0
- package/dist/renderers/claude/policy-mapper.js.map +1 -0
- package/dist/renderers/claude/settings.d.ts +5 -0
- package/dist/renderers/claude/settings.d.ts.map +1 -0
- package/dist/renderers/claude/settings.js +77 -0
- package/dist/renderers/claude/settings.js.map +1 -0
- package/dist/renderers/claude/skill-map.d.ts +16 -0
- package/dist/renderers/claude/skill-map.d.ts.map +1 -0
- package/dist/renderers/claude/skill-map.js +39 -0
- package/dist/renderers/claude/skill-map.js.map +1 -0
- package/dist/renderers/claude/skill-md.d.ts +4 -0
- package/dist/renderers/claude/skill-md.d.ts.map +1 -0
- package/dist/renderers/claude/skill-md.js +35 -0
- package/dist/renderers/claude/skill-md.js.map +1 -0
- package/dist/renderers/claude/tools.d.ts +4 -0
- package/dist/renderers/claude/tools.d.ts.map +1 -0
- package/dist/renderers/claude/tools.js +12 -0
- package/dist/renderers/claude/tools.js.map +1 -0
- package/dist/renderers/index.d.ts +3 -0
- package/dist/renderers/index.d.ts.map +1 -0
- package/dist/renderers/index.js +2 -0
- package/dist/renderers/index.js.map +1 -0
- package/dist/renderers/types.d.ts +12 -0
- package/dist/renderers/types.d.ts.map +1 -0
- package/dist/renderers/types.js +2 -0
- package/dist/renderers/types.js.map +1 -0
- package/dist/team-templates/policies.d.ts +4 -0
- package/dist/team-templates/policies.d.ts.map +1 -0
- package/dist/team-templates/policies.js +69 -0
- package/dist/team-templates/policies.js.map +1 -0
- package/dist/team-templates/presets.d.ts +6 -0
- package/dist/team-templates/presets.d.ts.map +1 -0
- package/dist/team-templates/presets.js +14 -0
- package/dist/team-templates/presets.js.map +1 -0
- package/dist/team-templates/roles.d.ts +22 -0
- package/dist/team-templates/roles.d.ts.map +1 -0
- package/dist/team-templates/roles.js +117 -0
- package/dist/team-templates/roles.js.map +1 -0
- package/dist/types/manifest.d.ts +11 -0
- package/dist/types/manifest.d.ts.map +1 -0
- package/dist/types/manifest.js +16 -0
- package/dist/types/manifest.js.map +1 -0
- package/dist/utils/chalk-helpers.d.ts +18 -0
- package/dist/utils/chalk-helpers.d.ts.map +1 -0
- package/dist/utils/chalk-helpers.js +51 -0
- package/dist/utils/chalk-helpers.js.map +1 -0
- package/dist/utils/prompts.d.ts +28 -0
- package/dist/utils/prompts.d.ts.map +1 -0
- package/dist/utils/prompts.js +51 -0
- package/dist/utils/prompts.js.map +1 -0
- package/dist/validator/checks/handoff-graph.d.ts +5 -0
- package/dist/validator/checks/handoff-graph.d.ts.map +1 -0
- package/dist/validator/checks/handoff-graph.js +65 -0
- package/dist/validator/checks/handoff-graph.js.map +1 -0
- package/dist/validator/checks/instruction-blocks.d.ts +5 -0
- package/dist/validator/checks/instruction-blocks.d.ts.map +1 -0
- package/dist/validator/checks/instruction-blocks.js +45 -0
- package/dist/validator/checks/instruction-blocks.js.map +1 -0
- package/dist/validator/checks/role-warnings.d.ts +5 -0
- package/dist/validator/checks/role-warnings.d.ts.map +1 -0
- package/dist/validator/checks/role-warnings.js +50 -0
- package/dist/validator/checks/role-warnings.js.map +1 -0
- package/dist/validator/checks/security-baseline.d.ts +3 -0
- package/dist/validator/checks/security-baseline.d.ts.map +1 -0
- package/dist/validator/checks/security-baseline.js +73 -0
- package/dist/validator/checks/security-baseline.js.map +1 -0
- package/dist/validator/checks/tool-conflicts.d.ts +5 -0
- package/dist/validator/checks/tool-conflicts.d.ts.map +1 -0
- package/dist/validator/checks/tool-conflicts.js +33 -0
- package/dist/validator/checks/tool-conflicts.js.map +1 -0
- package/dist/validator/index.d.ts +5 -0
- package/dist/validator/index.d.ts.map +1 -0
- package/dist/validator/index.js +28 -0
- package/dist/validator/index.js.map +1 -0
- package/dist/validator/reporter.d.ts +4 -0
- package/dist/validator/reporter.d.ts.map +1 -0
- package/dist/validator/reporter.js +76 -0
- package/dist/validator/reporter.js.map +1 -0
- package/dist/validator/types.d.ts +10 -0
- package/dist/validator/types.d.ts.map +1 -0
- package/dist/validator/types.js +2 -0
- package/dist/validator/types.js.map +1 -0
- package/dist/wizard/index.d.ts +7 -0
- package/dist/wizard/index.d.ts.map +1 -0
- package/dist/wizard/index.js +57 -0
- package/dist/wizard/index.js.map +1 -0
- package/dist/wizard/steps/agent-customization.d.ts +5 -0
- package/dist/wizard/steps/agent-customization.d.ts.map +1 -0
- package/dist/wizard/steps/agent-customization.js +68 -0
- package/dist/wizard/steps/agent-customization.js.map +1 -0
- package/dist/wizard/steps/confirm-generate.d.ts +3 -0
- package/dist/wizard/steps/confirm-generate.d.ts.map +1 -0
- package/dist/wizard/steps/confirm-generate.js +19 -0
- package/dist/wizard/steps/confirm-generate.js.map +1 -0
- package/dist/wizard/steps/custom-team.d.ts +3 -0
- package/dist/wizard/steps/custom-team.d.ts.map +1 -0
- package/dist/wizard/steps/custom-team.js +17 -0
- package/dist/wizard/steps/custom-team.js.map +1 -0
- package/dist/wizard/steps/project-context.d.ts +6 -0
- package/dist/wizard/steps/project-context.d.ts.map +1 -0
- package/dist/wizard/steps/project-context.js +24 -0
- package/dist/wizard/steps/project-context.js.map +1 -0
- package/dist/wizard/steps/team-selection.d.ts +5 -0
- package/dist/wizard/steps/team-selection.d.ts.map +1 -0
- package/dist/wizard/steps/team-selection.js +44 -0
- package/dist/wizard/steps/team-selection.js.map +1 -0
- package/package.json +56 -0
- package/schema/teamcast.schema.json +580 -0
- package/templates/presets/feature-team.yaml +77 -0
- package/templates/presets/research-and-build.yaml +69 -0
- package/templates/presets/secure-dev.yaml +93 -0
- package/templates/presets/solo-dev.yaml +32 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-fragments.js","sourceRoot":"","sources":["../../src/components/policy-fragments.ts"],"names":[],"mappings":"AAgBA,MAAM,gBAAgB,GAA6C;IACjE,eAAe,EAAE;QACf,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,kBAAkB,CAAC;SAC5B;KACF;IACD,gBAAgB,EAAE;QAChB,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,OAAO,CAAC;SACjB;KACF;IACD,gBAAgB,EAAE;QAChB,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,UAAU,CAAC;SACpB;KACF;IACD,iBAAiB,EAAE;QACjB,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,WAAW,CAAC;SACrB;KACF;IACD,WAAW,EAAE;QACX,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,cAAc,CAAC;SACxB;KACF;IACD,iBAAiB,EAAE;QACjB,WAAW,EAAE;YACX,KAAK,EAAE,CAAC,gBAAgB,CAAC;SAC1B;KACF;IACD,cAAc,EAAE;QACd,WAAW,EAAE;YACX,GAAG,EAAE,CAAC,UAAU,CAAC;SAClB;KACF;IACD,wBAAwB,EAAE;QACxB,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,mBAAmB,CAAC;SAC5B;KACF;IACD,wBAAwB,EAAE;QACxB,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,WAAW,CAAC;SACpB;KACF;IACD,mBAAmB,EAAE;QACnB,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,cAAc,CAAC;SACvB;KACF;IACD,gBAAgB,EAAE;QAChB,WAAW,EAAE;YACX,IAAI,EAAE,CAAC,WAAW,CAAC;SACpB;KACF;IACD,iBAAiB,EAAE;QACjB,OAAO,EAAE;YACP,OAAO,EAAE,IAAI;YACb,aAAa,EAAE,IAAI;SACpB;KACF;CACF,CAAC;AAEF,SAAS,WAAW,CAAI,IAAqB,EAAE,KAAsB;IACnE,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC;IACnD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC9D,CAAC;AAED,SAAS,aAAa,CAAC,IAAkB,EAAE,KAAmB;IAC5D,OAAO;QACL,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,WAAW;YAChD,CAAC,CAAC;gBACE,KAAK,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE,KAAK,CAAC;gBACrE,GAAG,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,GAAG,CAAC;gBAC/D,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,EAAE,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC;gBAClE,WAAW,EAAE,KAAK,CAAC,WAAW,EAAE,WAAW,IAAI,IAAI,CAAC,WAAW,EAAE,WAAW;gBAC5E,QAAQ,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,KAAK,CAAC,WAAW,EAAE,QAAQ;oBACjE,CAAC,CAAC;wBACE,KAAK,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,CAAC,WAAW,EAAE,QAAQ,EAAE,KAAK,CAAC;wBACzF,GAAG,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC,WAAW,EAAE,QAAQ,EAAE,GAAG,CAAC;wBACnF,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,CAAC;qBACvF;oBACH,CAAC,CAAC,SAAS;aACd;YACH,CAAC,CAAC,SAAS;QACb,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO;YACpC,CAAC,CAAC;gBACE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,OAAO,EAAE,OAAO;gBACxD,aAAa,EAAE,KAAK,CAAC,OAAO,EAAE,aAAa,IAAI,IAAI,CAAC,OAAO,EAAE,aAAa;gBAC1E,gBAAgB,EAAE,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,gBAAgB,EAAE,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC;gBAC9F,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,IAAI,KAAK,CAAC,OAAO,EAAE,OAAO;oBACtD,CAAC,CAAC;wBACE,gBAAgB,EAAE,WAAW,CAC3B,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,gBAAgB,EACvC,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,gBAAgB,CACzC;wBACD,iBAAiB,EACf,KAAK,CAAC,OAAO,EAAE,OAAO,EAAE,iBAAiB,IAAI,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,iBAAiB;qBACxF;oBACH,CAAC,CAAC,SAAS;aACd;YACH,CAAC,CAAC,SAAS;QACb,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK;YAC9B,CAAC,CAAC;gBACE,UAAU,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC;gBACnF,WAAW,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,WAAW,IAAI,EAAE,CAAC,CAAC;gBACtF,YAAY,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,YAAY,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,YAAY,IAAI,EAAE,CAAC,CAAC;aAC1F;YACH,CAAC,CAAC,SAAS;QACb,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO;YACpC,CAAC,CAAC;gBACE,cAAc,EAAE,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,EAAE,KAAK,CAAC,OAAO,EAAE,cAAc,CAAC;aACzF;YACH,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,OAAO,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAyB,CAAC;AAC/D,CAAC;AAED,MAAM,UAAU,4BAA4B,CAC1C,SAA2C,EAC3C,YAA0B,EAAE;IAE5B,MAAM,QAAQ,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,MAAM,CAAe,CAAC,GAAG,EAAE,YAAY,EAAE,EAAE;QAC5E,MAAM,QAAQ,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,4BAA4B,YAAY,GAAG,CAAC,CAAC;QAC/D,CAAC;QAED,OAAO,aAAa,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACtC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,OAAO,aAAa,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AAC5C,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import type { AgentSkill } from './skills.js';
|
|
2
|
+
import type { InstructionBlockKind } from './instructions.js';
|
|
3
|
+
export type PolicyAssertion = {
|
|
4
|
+
rule: 'require_sandbox_with_execute';
|
|
5
|
+
} | {
|
|
6
|
+
rule: 'forbid_skill_combination';
|
|
7
|
+
skills: AgentSkill[];
|
|
8
|
+
} | {
|
|
9
|
+
rule: 'require_skill';
|
|
10
|
+
skill: AgentSkill;
|
|
11
|
+
} | {
|
|
12
|
+
rule: 'deny_skill_for_role';
|
|
13
|
+
agent: string;
|
|
14
|
+
skill: AgentSkill;
|
|
15
|
+
} | {
|
|
16
|
+
rule: 'max_agents';
|
|
17
|
+
count: number;
|
|
18
|
+
} | {
|
|
19
|
+
rule: 'require_instruction_block';
|
|
20
|
+
kind: InstructionBlockKind;
|
|
21
|
+
} | {
|
|
22
|
+
rule: 'require_delegation_chain';
|
|
23
|
+
} | {
|
|
24
|
+
rule: 'no_unrestricted_execute';
|
|
25
|
+
};
|
|
26
|
+
export declare const ASSERTION_RULES: readonly ["require_sandbox_with_execute", "forbid_skill_combination", "require_skill", "deny_skill_for_role", "max_agents", "require_instruction_block", "require_delegation_chain", "no_unrestricted_execute"];
|
|
27
|
+
export type AssertionRule = typeof ASSERTION_RULES[number];
|
|
28
|
+
//# sourceMappingURL=assertions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assertions.d.ts","sourceRoot":"","sources":["../../src/core/assertions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAE9D,MAAM,MAAM,eAAe,GACvB;IAAE,IAAI,EAAE,8BAA8B,CAAA;CAAE,GACxC;IAAE,IAAI,EAAE,0BAA0B,CAAC;IAAC,MAAM,EAAE,UAAU,EAAE,CAAA;CAAE,GAC1D;IAAE,IAAI,EAAE,eAAe,CAAC;IAAC,KAAK,EAAE,UAAU,CAAA;CAAE,GAC5C;IAAE,IAAI,EAAE,qBAAqB,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,UAAU,CAAA;CAAE,GACjE;IAAE,IAAI,EAAE,YAAY,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GACrC;IAAE,IAAI,EAAE,2BAA2B,CAAC;IAAC,IAAI,EAAE,oBAAoB,CAAA;CAAE,GACjE;IAAE,IAAI,EAAE,0BAA0B,CAAA;CAAE,GACpC;IAAE,IAAI,EAAE,yBAAyB,CAAA;CAAE,CAAC;AAExC,eAAO,MAAM,eAAe,iNASlB,CAAC;AAEX,MAAM,MAAM,aAAa,GAAG,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export const ASSERTION_RULES = [
|
|
2
|
+
'require_sandbox_with_execute',
|
|
3
|
+
'forbid_skill_combination',
|
|
4
|
+
'require_skill',
|
|
5
|
+
'deny_skill_for_role',
|
|
6
|
+
'max_agents',
|
|
7
|
+
'require_instruction_block',
|
|
8
|
+
'require_delegation_chain',
|
|
9
|
+
'no_unrestricted_execute',
|
|
10
|
+
];
|
|
11
|
+
//# sourceMappingURL=assertions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assertions.js","sourceRoot":"","sources":["../../src/core/assertions.ts"],"names":[],"mappings":"AAaA,MAAM,CAAC,MAAM,eAAe,GAAG;IAC7B,8BAA8B;IAC9B,0BAA0B;IAC1B,eAAe;IACf,qBAAqB;IACrB,YAAY;IACZ,2BAA2B;IAC3B,0BAA0B;IAC1B,yBAAyB;CACjB,CAAC"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { CoreTeam } from './types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Type guard: checks whether the given value is a normalized CoreTeam
|
|
4
|
+
* (as opposed to a raw TeamCastManifest from YAML).
|
|
5
|
+
*
|
|
6
|
+
* The distinguishing feature of CoreTeam is that each agent entry carries
|
|
7
|
+
* a `runtime` block, which is only present after full normalization and
|
|
8
|
+
* preset resolution. Raw manifests loaded from YAML never have this field.
|
|
9
|
+
*/
|
|
10
|
+
export declare function isCoreTeam(value: unknown): value is CoreTeam;
|
|
11
|
+
//# sourceMappingURL=guards.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guards.d.ts","sourceRoot":"","sources":["../../src/core/guards.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE3C;;;;;;;GAOG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,QAAQ,CAO5D"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Type guard: checks whether the given value is a normalized CoreTeam
|
|
3
|
+
* (as opposed to a raw TeamCastManifest from YAML).
|
|
4
|
+
*
|
|
5
|
+
* The distinguishing feature of CoreTeam is that each agent entry carries
|
|
6
|
+
* a `runtime` block, which is only present after full normalization and
|
|
7
|
+
* preset resolution. Raw manifests loaded from YAML never have this field.
|
|
8
|
+
*/
|
|
9
|
+
export function isCoreTeam(value) {
|
|
10
|
+
if (value === null || typeof value !== 'object')
|
|
11
|
+
return false;
|
|
12
|
+
const obj = value;
|
|
13
|
+
if (!obj.agents || typeof obj.agents !== 'object')
|
|
14
|
+
return false;
|
|
15
|
+
const firstAgent = Object.values(obj.agents)[0];
|
|
16
|
+
if (!firstAgent || typeof firstAgent !== 'object')
|
|
17
|
+
return false;
|
|
18
|
+
return 'runtime' in firstAgent;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=guards.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guards.js","sourceRoot":"","sources":["../../src/core/guards.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,MAAM,UAAU,UAAU,CAAC,KAAc;IACvC,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9D,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChE,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,MAAiC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3E,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChE,OAAO,SAAS,IAAK,UAAsC,CAAC;AAC9D,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export * from './types.js';
|
|
2
|
+
export * from './skills.js';
|
|
3
|
+
export * from './instructions.js';
|
|
4
|
+
export * from './assertions.js';
|
|
5
|
+
export * from './guards.js';
|
|
6
|
+
export * from './permissions.js';
|
|
7
|
+
export * from './skill-resolver.js';
|
|
8
|
+
export { evaluatePolicyAssertions } from './policy-evaluator.js';
|
|
9
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,qBAAqB,CAAC;AACpC,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export * from './types.js';
|
|
2
|
+
export * from './skills.js';
|
|
3
|
+
export * from './instructions.js';
|
|
4
|
+
export * from './assertions.js';
|
|
5
|
+
export * from './guards.js';
|
|
6
|
+
export * from './permissions.js';
|
|
7
|
+
export * from './skill-resolver.js';
|
|
8
|
+
export { evaluatePolicyAssertions } from './policy-evaluator.js';
|
|
9
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,aAAa,CAAC;AAC5B,cAAc,mBAAmB,CAAC;AAClC,cAAc,iBAAiB,CAAC;AAChC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC;AACjC,cAAc,qBAAqB,CAAC;AACpC,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
export type InstructionBlockKind = 'behavior' | 'workflow' | 'safety' | 'style' | 'delegation';
|
|
2
|
+
export interface InstructionBlock {
|
|
3
|
+
kind: InstructionBlockKind;
|
|
4
|
+
title?: string;
|
|
5
|
+
content: string;
|
|
6
|
+
}
|
|
7
|
+
export declare const INSTRUCTION_BLOCK_KINDS: InstructionBlockKind[];
|
|
8
|
+
export declare function normalizeInstructionBlocks(blocks: InstructionBlock[] | undefined): InstructionBlock[];
|
|
9
|
+
export declare function renderInstructionBlocks(blocks: InstructionBlock[] | undefined): string | undefined;
|
|
10
|
+
//# sourceMappingURL=instructions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"instructions.d.ts","sourceRoot":"","sources":["../../src/core/instructions.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAC5B,UAAU,GACV,UAAU,GACV,QAAQ,GACR,OAAO,GACP,YAAY,CAAC;AAEjB,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,oBAAoB,CAAC;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,eAAO,MAAM,uBAAuB,EAAE,oBAAoB,EAMzD,CAAC;AAEF,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,gBAAgB,EAAE,GAAG,SAAS,GAAG,gBAAgB,EAAE,CAUrG;AAED,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,gBAAgB,EAAE,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAclG"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
export const INSTRUCTION_BLOCK_KINDS = [
|
|
2
|
+
'behavior',
|
|
3
|
+
'workflow',
|
|
4
|
+
'safety',
|
|
5
|
+
'style',
|
|
6
|
+
'delegation',
|
|
7
|
+
];
|
|
8
|
+
export function normalizeInstructionBlocks(blocks) {
|
|
9
|
+
if (!blocks?.length)
|
|
10
|
+
return [];
|
|
11
|
+
return blocks
|
|
12
|
+
.map((block) => ({
|
|
13
|
+
kind: block.kind,
|
|
14
|
+
title: block.title?.trim() || undefined,
|
|
15
|
+
content: block.content.trim(),
|
|
16
|
+
}))
|
|
17
|
+
.filter((block) => block.content.length > 0);
|
|
18
|
+
}
|
|
19
|
+
export function renderInstructionBlocks(blocks) {
|
|
20
|
+
const normalized = normalizeInstructionBlocks(blocks);
|
|
21
|
+
if (normalized.length === 0)
|
|
22
|
+
return undefined;
|
|
23
|
+
return normalized
|
|
24
|
+
.map((block) => {
|
|
25
|
+
if (!block.title) {
|
|
26
|
+
return block.content;
|
|
27
|
+
}
|
|
28
|
+
return `## ${block.title}\n\n${block.content}`;
|
|
29
|
+
})
|
|
30
|
+
.join('\n\n')
|
|
31
|
+
.trim();
|
|
32
|
+
}
|
|
33
|
+
//# sourceMappingURL=instructions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"instructions.js","sourceRoot":"","sources":["../../src/core/instructions.ts"],"names":[],"mappings":"AAaA,MAAM,CAAC,MAAM,uBAAuB,GAA2B;IAC7D,UAAU;IACV,UAAU;IACV,QAAQ;IACR,OAAO;IACP,YAAY;CACb,CAAC;AAEF,MAAM,UAAU,0BAA0B,CAAC,MAAsC;IAC/E,IAAI,CAAC,MAAM,EAAE,MAAM;QAAE,OAAO,EAAE,CAAC;IAE/B,OAAO,MAAM;SACV,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACf,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,SAAS;QACvC,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE;KAC9B,CAAC,CAAC;SACF,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAAsC;IAC5E,MAAM,UAAU,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAE9C,OAAO,UAAU;SACd,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC,OAAO,CAAC;QACvB,CAAC;QAED,OAAO,MAAM,KAAK,CAAC,KAAK,OAAO,KAAK,CAAC,OAAO,EAAE,CAAC;IACjD,CAAC,CAAC;SACD,IAAI,CAAC,MAAM,CAAC;SACZ,IAAI,EAAE,CAAC;AACZ,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { AbstractPermission } from './types.js';
|
|
2
|
+
export declare const ABSTRACT_PERMISSIONS: AbstractPermission[];
|
|
3
|
+
type PermissionBucket = 'allow' | 'ask' | 'deny';
|
|
4
|
+
export declare function isAbstractPermission(value: string): value is AbstractPermission;
|
|
5
|
+
export declare function normalizePermissionTokens(tokens: string[] | undefined, bucket: PermissionBucket): {
|
|
6
|
+
abstract: AbstractPermission[] | undefined;
|
|
7
|
+
raw: string[] | undefined;
|
|
8
|
+
};
|
|
9
|
+
export {};
|
|
10
|
+
//# sourceMappingURL=permissions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/core/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAErD,eAAO,MAAM,oBAAoB,EAAE,kBAAkB,EAYpD,CAAC;AAEF,KAAK,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;AA8BjD,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,kBAAkB,CAE/E;AAED,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,MAAM,EAAE,GAAG,SAAS,EAC5B,MAAM,EAAE,gBAAgB,GACvB;IAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,SAAS,CAAC;IAAC,GAAG,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;CAAE,CA2B3E"}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
export const ABSTRACT_PERMISSIONS = [
|
|
2
|
+
'project.commands',
|
|
3
|
+
'tests',
|
|
4
|
+
'git.read',
|
|
5
|
+
'git.write',
|
|
6
|
+
'package.exec',
|
|
7
|
+
'security.audit',
|
|
8
|
+
'git.push',
|
|
9
|
+
'destructive-shell',
|
|
10
|
+
'downloads',
|
|
11
|
+
'dynamic-exec',
|
|
12
|
+
'env.write',
|
|
13
|
+
];
|
|
14
|
+
const LEGACY_PERMISSION_RULE_MAP = {
|
|
15
|
+
allow: {
|
|
16
|
+
'Bash(npm run *)': 'project.commands',
|
|
17
|
+
'Bash(npm run)': 'project.commands',
|
|
18
|
+
'Bash(npm test *)': 'tests',
|
|
19
|
+
'Bash(npm test)': 'tests',
|
|
20
|
+
'Bash(git status)': 'git.read',
|
|
21
|
+
'Bash(git diff *)': 'git.read',
|
|
22
|
+
'Bash(git add *)': 'git.write',
|
|
23
|
+
'Bash(git commit *)': 'git.write',
|
|
24
|
+
'Bash(npx *)': 'package.exec',
|
|
25
|
+
'Bash(npm audit)': 'security.audit',
|
|
26
|
+
},
|
|
27
|
+
ask: {
|
|
28
|
+
'Bash(git push *)': 'git.push',
|
|
29
|
+
},
|
|
30
|
+
deny: {
|
|
31
|
+
'Bash(rm -rf *)': 'destructive-shell',
|
|
32
|
+
'Bash(git push --force *)': 'destructive-shell',
|
|
33
|
+
'Bash(curl *)': 'downloads',
|
|
34
|
+
'Bash(wget *)': 'downloads',
|
|
35
|
+
'Bash(eval *)': 'dynamic-exec',
|
|
36
|
+
'Bash(exec *)': 'dynamic-exec',
|
|
37
|
+
'Write(.env*)': 'env.write',
|
|
38
|
+
'Edit(.env*)': 'env.write',
|
|
39
|
+
},
|
|
40
|
+
};
|
|
41
|
+
export function isAbstractPermission(value) {
|
|
42
|
+
return ABSTRACT_PERMISSIONS.includes(value);
|
|
43
|
+
}
|
|
44
|
+
export function normalizePermissionTokens(tokens, bucket) {
|
|
45
|
+
if (!tokens?.length) {
|
|
46
|
+
return { abstract: undefined, raw: undefined };
|
|
47
|
+
}
|
|
48
|
+
const abstract = new Set();
|
|
49
|
+
const raw = new Set();
|
|
50
|
+
for (const token of tokens) {
|
|
51
|
+
if (isAbstractPermission(token)) {
|
|
52
|
+
abstract.add(token);
|
|
53
|
+
continue;
|
|
54
|
+
}
|
|
55
|
+
const mapped = LEGACY_PERMISSION_RULE_MAP[bucket][token];
|
|
56
|
+
if (mapped) {
|
|
57
|
+
abstract.add(mapped);
|
|
58
|
+
continue;
|
|
59
|
+
}
|
|
60
|
+
raw.add(token);
|
|
61
|
+
}
|
|
62
|
+
return {
|
|
63
|
+
abstract: abstract.size > 0 ? [...abstract] : undefined,
|
|
64
|
+
raw: raw.size > 0 ? [...raw] : undefined,
|
|
65
|
+
};
|
|
66
|
+
}
|
|
67
|
+
//# sourceMappingURL=permissions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/core/permissions.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,oBAAoB,GAAyB;IACxD,kBAAkB;IAClB,OAAO;IACP,UAAU;IACV,WAAW;IACX,cAAc;IACd,gBAAgB;IAChB,UAAU;IACV,mBAAmB;IACnB,WAAW;IACX,cAAc;IACd,WAAW;CACZ,CAAC;AAIF,MAAM,0BAA0B,GAAiE;IAC/F,KAAK,EAAE;QACL,iBAAiB,EAAE,kBAAkB;QACrC,eAAe,EAAE,kBAAkB;QACnC,kBAAkB,EAAE,OAAO;QAC3B,gBAAgB,EAAE,OAAO;QACzB,kBAAkB,EAAE,UAAU;QAC9B,kBAAkB,EAAE,UAAU;QAC9B,iBAAiB,EAAE,WAAW;QAC9B,oBAAoB,EAAE,WAAW;QACjC,aAAa,EAAE,cAAc;QAC7B,iBAAiB,EAAE,gBAAgB;KACpC;IACD,GAAG,EAAE;QACH,kBAAkB,EAAE,UAAU;KAC/B;IACD,IAAI,EAAE;QACJ,gBAAgB,EAAE,mBAAmB;QACrC,0BAA0B,EAAE,mBAAmB;QAC/C,cAAc,EAAE,WAAW;QAC3B,cAAc,EAAE,WAAW;QAC3B,cAAc,EAAE,cAAc;QAC9B,cAAc,EAAE,cAAc;QAC9B,cAAc,EAAE,WAAW;QAC3B,aAAa,EAAE,WAAW;KAC3B;CACF,CAAC;AAEF,MAAM,UAAU,oBAAoB,CAAC,KAAa;IAChD,OAAO,oBAAoB,CAAC,QAAQ,CAAC,KAA2B,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,MAA4B,EAC5B,MAAwB;IAExB,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;QACpB,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;IACjD,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAE9B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,oBAAoB,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACpB,SAAS;QACX,CAAC;QAED,MAAM,MAAM,GAAG,0BAA0B,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC;QACzD,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACrB,SAAS;QACX,CAAC;QAED,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;QACvD,GAAG,EAAE,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;KACzC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { CoreTeam } from './types.js';
|
|
2
|
+
import type { ValidationResult } from '../validator/types.js';
|
|
3
|
+
import { type SkillToolMap } from './skill-resolver.js';
|
|
4
|
+
export declare function evaluatePolicyAssertions(team: CoreTeam, skillMap: SkillToolMap): ValidationResult[];
|
|
5
|
+
//# sourceMappingURL=policy-evaluator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-evaluator.d.ts","sourceRoot":"","sources":["../../src/core/policy-evaluator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAa,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAI9D,OAAO,EAA+B,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAErF,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,GAAG,gBAAgB,EAAE,CASnG"}
|
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
import { agentHasSkill, expandSkills } from './skill-resolver.js';
|
|
2
|
+
export function evaluatePolicyAssertions(team, skillMap) {
|
|
3
|
+
const assertions = team.policies?.assertions ?? [];
|
|
4
|
+
const results = [];
|
|
5
|
+
for (const assertion of assertions) {
|
|
6
|
+
results.push(...evaluateOne(assertion, team, skillMap));
|
|
7
|
+
}
|
|
8
|
+
return results;
|
|
9
|
+
}
|
|
10
|
+
function evaluateOne(assertion, team, skillMap) {
|
|
11
|
+
switch (assertion.rule) {
|
|
12
|
+
case 'require_sandbox_with_execute':
|
|
13
|
+
return checkRequireSandboxWithExecute(team, skillMap);
|
|
14
|
+
case 'forbid_skill_combination':
|
|
15
|
+
return checkForbidSkillCombination(assertion.skills, team, skillMap);
|
|
16
|
+
case 'require_skill':
|
|
17
|
+
return checkRequireSkill(assertion.skill, team, skillMap);
|
|
18
|
+
case 'deny_skill_for_role':
|
|
19
|
+
return checkDenySkillForRole(assertion.agent, assertion.skill, team, skillMap);
|
|
20
|
+
case 'max_agents':
|
|
21
|
+
return checkMaxAgents(assertion.count, team);
|
|
22
|
+
case 'require_instruction_block':
|
|
23
|
+
return checkRequireInstructionBlock(assertion.kind, team);
|
|
24
|
+
case 'require_delegation_chain':
|
|
25
|
+
return checkRequireDelegationChain(team, skillMap);
|
|
26
|
+
case 'no_unrestricted_execute':
|
|
27
|
+
return checkNoUnrestrictedExecute(team, skillMap);
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
function checkRequireSandboxWithExecute(team, skillMap) {
|
|
31
|
+
const results = [];
|
|
32
|
+
for (const agent of Object.values(team.agents)) {
|
|
33
|
+
if (agentHasSkill(agent.runtime.tools ?? [], 'execute', skillMap)) {
|
|
34
|
+
if (team.policies?.sandbox?.enabled !== true) {
|
|
35
|
+
results.push({
|
|
36
|
+
severity: 'error',
|
|
37
|
+
category: 'policy',
|
|
38
|
+
message: `Agent "${agent.id}" uses Bash but sandbox is not enabled (require_sandbox_with_execute).`,
|
|
39
|
+
agent: agent.id,
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
return results;
|
|
45
|
+
}
|
|
46
|
+
function checkForbidSkillCombination(skills, team, skillMap) {
|
|
47
|
+
const results = [];
|
|
48
|
+
const expandedPerSkill = skills.map((skill) => expandSkills([skill], skillMap));
|
|
49
|
+
for (const agent of Object.values(team.agents)) {
|
|
50
|
+
const agentTools = agent.runtime.tools ?? [];
|
|
51
|
+
const hasAll = expandedPerSkill.every((toolsForSkill) => toolsForSkill.some((tool) => agentTools.includes(tool)));
|
|
52
|
+
if (hasAll) {
|
|
53
|
+
results.push({
|
|
54
|
+
severity: 'error',
|
|
55
|
+
category: 'policy',
|
|
56
|
+
message: `Agent "${agent.id}" has forbidden skill combination: [${skills.join(', ')}].`,
|
|
57
|
+
agent: agent.id,
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
return results;
|
|
62
|
+
}
|
|
63
|
+
function checkRequireSkill(skill, team, skillMap) {
|
|
64
|
+
const results = [];
|
|
65
|
+
const requiredTools = expandSkills([skill], skillMap);
|
|
66
|
+
for (const agent of Object.values(team.agents)) {
|
|
67
|
+
const agentTools = agent.runtime.tools ?? [];
|
|
68
|
+
const hasAny = requiredTools.some((tool) => agentTools.includes(tool));
|
|
69
|
+
if (!hasAny) {
|
|
70
|
+
results.push({
|
|
71
|
+
severity: 'error',
|
|
72
|
+
category: 'policy',
|
|
73
|
+
message: `Agent "${agent.id}" is missing required skill "${skill}" (require_skill).`,
|
|
74
|
+
agent: agent.id,
|
|
75
|
+
});
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
return results;
|
|
79
|
+
}
|
|
80
|
+
function checkDenySkillForRole(agentName, skill, team, skillMap) {
|
|
81
|
+
const results = [];
|
|
82
|
+
const agent = team.agents[agentName];
|
|
83
|
+
if (!agent)
|
|
84
|
+
return results;
|
|
85
|
+
const deniedTools = expandSkills([skill], skillMap);
|
|
86
|
+
const agentTools = agent.runtime.tools ?? [];
|
|
87
|
+
const hasForbidden = deniedTools.some((tool) => agentTools.includes(tool));
|
|
88
|
+
if (hasForbidden) {
|
|
89
|
+
results.push({
|
|
90
|
+
severity: 'error',
|
|
91
|
+
category: 'policy',
|
|
92
|
+
message: `Agent "${agentName}" has denied skill "${skill}" (deny_skill_for_role).`,
|
|
93
|
+
agent: agentName,
|
|
94
|
+
});
|
|
95
|
+
}
|
|
96
|
+
return results;
|
|
97
|
+
}
|
|
98
|
+
function checkMaxAgents(count, team) {
|
|
99
|
+
const agentCount = Object.keys(team.agents).length;
|
|
100
|
+
if (agentCount > count) {
|
|
101
|
+
return [
|
|
102
|
+
{
|
|
103
|
+
severity: 'error',
|
|
104
|
+
category: 'policy',
|
|
105
|
+
message: `Team has ${agentCount} agents but max_agents is ${count}.`,
|
|
106
|
+
},
|
|
107
|
+
];
|
|
108
|
+
}
|
|
109
|
+
return [];
|
|
110
|
+
}
|
|
111
|
+
function checkRequireInstructionBlock(kind, team) {
|
|
112
|
+
const results = [];
|
|
113
|
+
for (const agent of Object.values(team.agents)) {
|
|
114
|
+
const hasBlock = agent.instructions.some((block) => block.kind === kind);
|
|
115
|
+
if (!hasBlock) {
|
|
116
|
+
results.push({
|
|
117
|
+
severity: 'error',
|
|
118
|
+
category: 'policy',
|
|
119
|
+
message: `Agent "${agent.id}" is missing required instruction block of kind "${kind}" (require_instruction_block).`,
|
|
120
|
+
agent: agent.id,
|
|
121
|
+
});
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
return results;
|
|
125
|
+
}
|
|
126
|
+
function checkRequireDelegationChain(team, skillMap) {
|
|
127
|
+
const results = [];
|
|
128
|
+
for (const agent of Object.values(team.agents)) {
|
|
129
|
+
if (agentHasSkill(agent.runtime.tools ?? [], 'delegate', skillMap)) {
|
|
130
|
+
const hasHandoffs = (agent.metadata?.handoffs?.length ?? 0) > 0;
|
|
131
|
+
if (!hasHandoffs) {
|
|
132
|
+
results.push({
|
|
133
|
+
severity: 'warning',
|
|
134
|
+
category: 'policy',
|
|
135
|
+
message: `Agent "${agent.id}" has delegation capability (Agent tool) but no handoffs defined (require_delegation_chain).`,
|
|
136
|
+
agent: agent.id,
|
|
137
|
+
});
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
return results;
|
|
142
|
+
}
|
|
143
|
+
function checkNoUnrestrictedExecute(team, skillMap) {
|
|
144
|
+
const results = [];
|
|
145
|
+
const sandboxEnabled = team.policies?.sandbox?.enabled === true;
|
|
146
|
+
for (const agent of Object.values(team.agents)) {
|
|
147
|
+
if (agentHasSkill(agent.runtime.tools ?? [], 'execute', skillMap)) {
|
|
148
|
+
const hasDisallowedTools = (agent.runtime.disallowedTools?.length ?? 0) > 0;
|
|
149
|
+
if (!sandboxEnabled && !hasDisallowedTools) {
|
|
150
|
+
results.push({
|
|
151
|
+
severity: 'error',
|
|
152
|
+
category: 'policy',
|
|
153
|
+
message: `Agent "${agent.id}" has unrestricted execute (Bash) without sandbox or disallowed tools (no_unrestricted_execute).`,
|
|
154
|
+
agent: agent.id,
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
return results;
|
|
160
|
+
}
|
|
161
|
+
//# sourceMappingURL=policy-evaluator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-evaluator.js","sourceRoot":"","sources":["../../src/core/policy-evaluator.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,YAAY,EAAqB,MAAM,qBAAqB,CAAC;AAErF,MAAM,UAAU,wBAAwB,CAAC,IAAc,EAAE,QAAsB;IAC7E,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,IAAI,EAAE,CAAC;IACnD,MAAM,OAAO,GAAuB,EAAE,CAAC;IAEvC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,WAAW,CAAC,SAA0B,EAAE,IAAc,EAAE,QAAsB;IACrF,QAAQ,SAAS,CAAC,IAAI,EAAE,CAAC;QACvB,KAAK,8BAA8B;YACjC,OAAO,8BAA8B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACxD,KAAK,0BAA0B;YAC7B,OAAO,2BAA2B,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QACvE,KAAK,eAAe;YAClB,OAAO,iBAAiB,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QAC5D,KAAK,qBAAqB;YACxB,OAAO,qBAAqB,CAAC,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QACjF,KAAK,YAAY;YACf,OAAO,cAAc,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC/C,KAAK,2BAA2B;YAC9B,OAAO,4BAA4B,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC5D,KAAK,0BAA0B;YAC7B,OAAO,2BAA2B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACrD,KAAK,yBAAyB;YAC5B,OAAO,0BAA0B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACtD,CAAC;AACH,CAAC;AAED,SAAS,8BAA8B,CAAC,IAAc,EAAE,QAAsB;IAC5E,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,IAAI,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,CAAC;YAClE,IAAI,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,KAAK,IAAI,EAAE,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,OAAO;oBACjB,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,wEAAwE;oBACnG,KAAK,EAAE,KAAK,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,2BAA2B,CAAC,MAAoB,EAAE,IAAc,EAAE,QAAsB;IAC/F,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAEhF,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,aAAa,EAAE,EAAE,CACtD,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CACxD,CAAC;QACF,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,uCAAuC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;gBACvF,KAAK,EAAE,KAAK,CAAC,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB,EAAE,IAAc,EAAE,QAAsB;IAClF,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,aAAa,GAAG,YAAY,CAAC,CAAC,KAAK,CAAC,EAAE,QAAQ,CAAC,CAAC;IAEtD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,gCAAgC,KAAK,oBAAoB;gBACpF,KAAK,EAAE,KAAK,CAAC,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,qBAAqB,CAAC,SAAiB,EAAE,KAAiB,EAAE,IAAc,EAAE,QAAsB;IACzG,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,KAAK,GAA0B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC5D,IAAI,CAAC,KAAK;QAAE,OAAO,OAAO,CAAC;IAE3B,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,KAAK,CAAC,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,CAAC;IAC7C,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3E,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC;YACX,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,QAAQ;YAClB,OAAO,EAAE,UAAU,SAAS,uBAAuB,KAAK,0BAA0B;YAClF,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,cAAc,CAAC,KAAa,EAAE,IAAc;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;IACnD,IAAI,UAAU,GAAG,KAAK,EAAE,CAAC;QACvB,OAAO;YACL;gBACE,QAAQ,EAAE,OAAO;gBACjB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,YAAY,UAAU,6BAA6B,KAAK,GAAG;aACrE;SACF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,4BAA4B,CAAC,IAA0B,EAAE,IAAc;IAC9E,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,MAAM,QAAQ,GAAG,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QACzE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,OAAO;gBACjB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,oDAAoD,IAAI,gCAAgC;gBACnH,KAAK,EAAE,KAAK,CAAC,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,2BAA2B,CAAC,IAAc,EAAE,QAAsB;IACzE,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,IAAI,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,CAAC;YACnE,MAAM,WAAW,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAChE,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,SAAS;oBACnB,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,8FAA8F;oBACzH,KAAK,EAAE,KAAK,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,0BAA0B,CAAC,IAAc,EAAE,QAAsB;IACxE,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,KAAK,IAAI,CAAC;IAEhE,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/C,IAAI,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,EAAE,SAAS,EAAE,QAAQ,CAAC,EAAE,CAAC;YAClE,MAAM,kBAAkB,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAC5E,IAAI,CAAC,cAAc,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,OAAO;oBACjB,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,UAAU,KAAK,CAAC,EAAE,kGAAkG;oBAC7H,KAAK,EAAE,KAAK,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { AgentSkill } from './skills.js';
|
|
2
|
+
/** A skill-to-tool mapping provided by a renderer */
|
|
3
|
+
export type SkillToolMap = Record<AgentSkill, string[]>;
|
|
4
|
+
/** Expand abstract skills to platform tools using the provided mapping */
|
|
5
|
+
export declare function expandSkills(skills: AgentSkill[], mapping: SkillToolMap): string[];
|
|
6
|
+
/** Check if an agent (by its resolved tools) has a specific skill */
|
|
7
|
+
export declare function agentHasSkill(agentTools: string[], skill: AgentSkill, mapping: SkillToolMap): boolean;
|
|
8
|
+
//# sourceMappingURL=skill-resolver.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skill-resolver.d.ts","sourceRoot":"","sources":["../../src/core/skill-resolver.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C,qDAAqD;AACrD,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC,CAAC;AAExD,0EAA0E;AAC1E,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,OAAO,EAAE,YAAY,GAAG,MAAM,EAAE,CAOlF;AAED,qEAAqE;AACrE,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,YAAY,GAAG,OAAO,CAGrG"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/** Expand abstract skills to platform tools using the provided mapping */
|
|
2
|
+
export function expandSkills(skills, mapping) {
|
|
3
|
+
const toolSet = new Set();
|
|
4
|
+
for (const skill of skills) {
|
|
5
|
+
const tools = mapping[skill];
|
|
6
|
+
if (tools)
|
|
7
|
+
for (const tool of tools)
|
|
8
|
+
toolSet.add(tool);
|
|
9
|
+
}
|
|
10
|
+
return [...toolSet];
|
|
11
|
+
}
|
|
12
|
+
/** Check if an agent (by its resolved tools) has a specific skill */
|
|
13
|
+
export function agentHasSkill(agentTools, skill, mapping) {
|
|
14
|
+
const requiredTools = mapping[skill];
|
|
15
|
+
return requiredTools.length > 0 && requiredTools.some((t) => agentTools.includes(t));
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=skill-resolver.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skill-resolver.js","sourceRoot":"","sources":["../../src/core/skill-resolver.ts"],"names":[],"mappings":"AAKA,0EAA0E;AAC1E,MAAM,UAAU,YAAY,CAAC,MAAoB,EAAE,OAAqB;IACtE,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC7B,IAAI,KAAK;YAAE,KAAK,MAAM,IAAI,IAAI,KAAK;gBAAE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC;AACtB,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,aAAa,CAAC,UAAoB,EAAE,KAAiB,EAAE,OAAqB;IAC1F,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IACrC,OAAO,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AACvF,CAAC"}
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
export declare const AGENT_SKILLS: readonly ["read_files", "write_files", "execute", "search", "web", "delegate", "interact", "notebook"];
|
|
2
|
+
export type AgentSkill = typeof AGENT_SKILLS[number];
|
|
3
|
+
export declare function isAgentSkill(value: string): value is AgentSkill;
|
|
4
|
+
//# sourceMappingURL=skills.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skills.d.ts","sourceRoot":"","sources":["../../src/core/skills.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY,wGASf,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC;AAErD,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,UAAU,CAE/D"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
export const AGENT_SKILLS = [
|
|
2
|
+
'read_files',
|
|
3
|
+
'write_files',
|
|
4
|
+
'execute',
|
|
5
|
+
'search',
|
|
6
|
+
'web',
|
|
7
|
+
'delegate',
|
|
8
|
+
'interact',
|
|
9
|
+
'notebook',
|
|
10
|
+
];
|
|
11
|
+
export function isAgentSkill(value) {
|
|
12
|
+
return AGENT_SKILLS.includes(value);
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=skills.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skills.js","sourceRoot":"","sources":["../../src/core/skills.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,YAAY;IACZ,aAAa;IACb,SAAS;IACT,QAAQ;IACR,KAAK;IACL,UAAU;IACV,UAAU;IACV,UAAU;CACF,CAAC;AAIX,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,OAAQ,YAAkC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC7D,CAAC"}
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
import type { InstructionBlock } from './instructions.js';
|
|
2
|
+
import type { PolicyAssertion } from './assertions.js';
|
|
3
|
+
export type ModelAlias = 'sonnet' | 'haiku' | 'opus' | 'inherit' | string;
|
|
4
|
+
export type PermissionMode = 'default' | 'acceptEdits' | 'bypassPermissions' | 'plan' | 'dontAsk';
|
|
5
|
+
export type AbstractPermission = 'project.commands' | 'tests' | 'git.read' | 'git.write' | 'package.exec' | 'security.audit' | 'git.push' | 'destructive-shell' | 'downloads' | 'dynamic-exec' | 'env.write';
|
|
6
|
+
export interface McpServerConfig {
|
|
7
|
+
type?: string;
|
|
8
|
+
command?: string;
|
|
9
|
+
args?: string[];
|
|
10
|
+
env?: Record<string, string>;
|
|
11
|
+
url?: string;
|
|
12
|
+
headers?: Record<string, string>;
|
|
13
|
+
[key: string]: unknown;
|
|
14
|
+
}
|
|
15
|
+
export interface HookEntry {
|
|
16
|
+
matcher: string;
|
|
17
|
+
command: string;
|
|
18
|
+
}
|
|
19
|
+
export interface AgentRuntime {
|
|
20
|
+
/** Effective model identifier after preset and default resolution. */
|
|
21
|
+
model?: ModelAlias;
|
|
22
|
+
/**
|
|
23
|
+
* Allowed tools. Uses string[] to keep the core platform-agnostic.
|
|
24
|
+
* The Claude renderer layer casts these to CanonicalTool as needed.
|
|
25
|
+
*/
|
|
26
|
+
tools?: string[];
|
|
27
|
+
/**
|
|
28
|
+
* Disallowed tools. Uses string[] to keep the core platform-agnostic.
|
|
29
|
+
*/
|
|
30
|
+
disallowedTools?: string[];
|
|
31
|
+
/**
|
|
32
|
+
* Skill documentation references (free-form strings, e.g. 'test-first').
|
|
33
|
+
* These are distinct from AgentSkill abstract capability values, which appear
|
|
34
|
+
* in the tools[] array and get expanded to CanonicalTool[] during normalization.
|
|
35
|
+
* Named skillDocs to disambiguate from AgentSkill abstract capabilities.
|
|
36
|
+
*/
|
|
37
|
+
skillDocs?: string[];
|
|
38
|
+
maxTurns?: number;
|
|
39
|
+
mcpServers?: McpServerConfig[];
|
|
40
|
+
permissionMode?: PermissionMode;
|
|
41
|
+
background?: boolean;
|
|
42
|
+
}
|
|
43
|
+
export interface AgentMetadata {
|
|
44
|
+
handoffs?: string[];
|
|
45
|
+
role?: string;
|
|
46
|
+
template?: string;
|
|
47
|
+
}
|
|
48
|
+
export interface CoreAgent {
|
|
49
|
+
id: string;
|
|
50
|
+
description: string;
|
|
51
|
+
runtime: AgentRuntime;
|
|
52
|
+
instructions: InstructionBlock[];
|
|
53
|
+
metadata?: AgentMetadata;
|
|
54
|
+
}
|
|
55
|
+
export interface PermissionsConfig {
|
|
56
|
+
allow?: AbstractPermission[];
|
|
57
|
+
ask?: AbstractPermission[];
|
|
58
|
+
deny?: AbstractPermission[];
|
|
59
|
+
defaultMode?: 'default' | 'acceptEdits';
|
|
60
|
+
rawRules?: {
|
|
61
|
+
allow?: string[];
|
|
62
|
+
ask?: string[];
|
|
63
|
+
deny?: string[];
|
|
64
|
+
};
|
|
65
|
+
}
|
|
66
|
+
export interface SandboxConfig {
|
|
67
|
+
enabled?: boolean;
|
|
68
|
+
autoAllowBash?: boolean;
|
|
69
|
+
excludedCommands?: string[];
|
|
70
|
+
network?: {
|
|
71
|
+
allowUnixSockets?: string[];
|
|
72
|
+
allowLocalBinding?: boolean;
|
|
73
|
+
};
|
|
74
|
+
}
|
|
75
|
+
export interface TeamPolicies {
|
|
76
|
+
permissions?: PermissionsConfig;
|
|
77
|
+
sandbox?: SandboxConfig;
|
|
78
|
+
hooks?: {
|
|
79
|
+
preToolUse?: HookEntry[];
|
|
80
|
+
postToolUse?: HookEntry[];
|
|
81
|
+
notification?: HookEntry[];
|
|
82
|
+
};
|
|
83
|
+
network?: {
|
|
84
|
+
allowedDomains?: string[];
|
|
85
|
+
};
|
|
86
|
+
assertions?: PolicyAssertion[];
|
|
87
|
+
}
|
|
88
|
+
export interface TeamSettings {
|
|
89
|
+
defaultModel?: ModelAlias;
|
|
90
|
+
generateDocs?: boolean;
|
|
91
|
+
generateLocalSettings?: boolean;
|
|
92
|
+
}
|
|
93
|
+
export interface PresetMetadata {
|
|
94
|
+
author?: string;
|
|
95
|
+
tags?: string[];
|
|
96
|
+
minVersion?: string;
|
|
97
|
+
}
|
|
98
|
+
export interface ProjectConfig {
|
|
99
|
+
name: string;
|
|
100
|
+
preset?: string;
|
|
101
|
+
description?: string;
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* A fully-normalized team manifest used internally after all
|
|
105
|
+
* legacy-format coercion, default application, and preset resolution.
|
|
106
|
+
* Agents carry a `runtime` block, which distinguishes this type from
|
|
107
|
+
* the raw `TeamCastManifest` loaded directly from YAML.
|
|
108
|
+
*/
|
|
109
|
+
export interface CoreTeam {
|
|
110
|
+
version: '1' | '2';
|
|
111
|
+
project: ProjectConfig;
|
|
112
|
+
agents: Record<string, CoreAgent>;
|
|
113
|
+
policies?: TeamPolicies;
|
|
114
|
+
settings?: TeamSettings;
|
|
115
|
+
presetMeta?: PresetMetadata;
|
|
116
|
+
}
|
|
117
|
+
//# sourceMappingURL=types.d.ts.map
|