whale-code 6.4.0

package/dist/server/lib/ssrf-guard.js

@@ -0,0 +1,240 @@
+// server/lib/ssrf-guard.ts — Shared SSRF validation with DNS resolve-then-check
+//
+// Used by workflow steps (webhook_out, custom), email attachments, and any other
+// user-controlled URL fetching. Centralizes all IP blocking logic in one place.
+import { resolve as dnsResolve } from "node:dns/promises";
+// Private/internal IPv4 ranges
+const PRIVATE_IPV4_RANGES = [
+    /^127\./, // Loopback
+    /^10\./, // RFC 1918
+    /^172\.(1[6-9]|2\d|3[01])\./, // RFC 1918
+    /^192\.168\./, // RFC 1918
+    /^169\.254\./, // Link-local / cloud metadata
+    /^0\./, // "This" network
+    /^100\.(6[4-9]|[7-9]\d|1[0-1]\d|12[0-7])\./, // CGNAT (RFC 6598)
+    /^198\.18\./, // Benchmarking (RFC 2544)
+];
+// IPv6-mapped IPv4 patterns
+// Dotted decimal form: ::ffff:127.0.0.1
+const IPV6_MAPPED_V4 = /^::ffff:(\d+\.\d+\.\d+\.\d+)$/i;
+// Hex form (URL parser normalizes to this): ::ffff:7f00:1
+const IPV6_MAPPED_V4_HEX = /^::ffff:([0-9a-f]{1,4}):([0-9a-f]{1,4})$/i;
+// Private/internal IPv6 ranges
+const PRIVATE_IPV6_PATTERNS = [
+    /^::1$/, // Loopback
+    /^fe80:/i, // Link-local
+    /^fc00:/i, // Unique local
+    /^fd/i, // Unique local
+    /^::$/, // Unspecified address
+];
+const BLOCKED_HOSTS = new Set([
+    "localhost",
+    "0.0.0.0",
+    "metadata.google.internal",
+    "metadata.internal",
+]);
+const BLOCKED_TLDS = [".internal", ".local", ".localhost"];
+/**
+ * P0 FIX: Normalize alternative IP encodings to standard dotted-decimal.
+ * Catches bypass attempts via decimal, hex, octal, and mixed representations:
+ *   - Decimal:  2130706433        → 127.0.0.1
+ *   - Hex:      0x7f000001        → 127.0.0.1
+ *   - Octal:    0177.0.0.01       → 127.0.0.1
+ *   - Mixed:    0x7f.0.0.1        → 127.0.0.1
+ *   - Leading zeros: 0127.0.0.01  → 87.0.0.1 (octal interpretation)
+ *
+ * Returns the normalized dotted-decimal string, or null if not a recognizable IP.
+ */
+function normalizeIp(input) {
+    const cleaned = input.trim();
+    // Case 1: Pure decimal integer (e.g. 2130706433 = 127.0.0.1)
+    if (/^\d{1,10}$/.test(cleaned) && !cleaned.startsWith("0")) {
+        const num = parseInt(cleaned, 10);
+        if (num >= 0 && num <= 0xffffffff) {
+            return `${(num >>> 24) & 0xff}.${(num >>> 16) & 0xff}.${(num >>> 8) & 0xff}.${num & 0xff}`;
+        }
+    }
+    // Case 2: Pure hex integer (e.g. 0x7f000001)
+    if (/^0x[0-9a-f]+$/i.test(cleaned)) {
+        const num = parseInt(cleaned, 16);
+        if (num >= 0 && num <= 0xffffffff) {
+            return `${(num >>> 24) & 0xff}.${(num >>> 16) & 0xff}.${(num >>> 8) & 0xff}.${num & 0xff}`;
+        }
+    }
+    // Case 3: Dotted form with octal/hex/decimal octets (e.g. 0177.0.0.01, 0x7f.0.0.1)
+    const parts = cleaned.split(".");
+    if (parts.length === 4) {
+        const octets = [];
+        for (const part of parts) {
+            let val;
+            if (/^0x[0-9a-f]+$/i.test(part)) {
+                // Hex octet
+                val = parseInt(part, 16);
+            }
+            else if (/^0\d+$/.test(part)) {
+                // Octal octet (leading zero)
+                val = parseInt(part, 8);
+            }
+            else if (/^\d+$/.test(part)) {
+                // Decimal octet
+                val = parseInt(part, 10);
+            }
+            else {
+                return null; // Not a valid octet
+            }
+            if (isNaN(val) || val < 0 || val > 255)
+                return null;
+            octets.push(val);
+        }
+        return octets.join(".");
+    }
+    return null;
+}
+/**
+ * Check if an IP address is in a private/internal range.
+ * P0 FIX: Now normalizes alternative IP encodings before checking.
+ */
+function isPrivateIp(ip) {
+    // Strip brackets from IPv6
+    const cleaned = ip.replace(/^\[|\]$/g, "");
+    // Check IPv6-mapped IPv4 — dotted decimal form (::ffff:x.x.x.x)
+    const mapped = cleaned.match(IPV6_MAPPED_V4);
+    if (mapped) {
+        const v4 = mapped[1];
+        const normalized = normalizeIp(v4) || v4;
+        return PRIVATE_IPV4_RANGES.some((r) => r.test(normalized));
+    }
+    // Check IPv6-mapped IPv4 — hex form (::ffff:7f00:1, as normalized by URL parser)
+    const mappedHex = cleaned.match(IPV6_MAPPED_V4_HEX);
+    if (mappedHex) {
+        const hi = parseInt(mappedHex[1], 16);
+        const lo = parseInt(mappedHex[2], 16);
+        const v4 = `${(hi >> 8) & 0xff}.${hi & 0xff}.${(lo >> 8) & 0xff}.${lo & 0xff}`;
+        return PRIVATE_IPV4_RANGES.some((r) => r.test(v4));
+    }
+    // P0 FIX: Normalize alternative encodings (decimal, hex, octal, mixed)
+    const normalized = normalizeIp(cleaned);
+    if (normalized) {
+        return PRIVATE_IPV4_RANGES.some((r) => r.test(normalized));
+    }
+    // Check plain IPv4 (standard dotted decimal — no leading zeros)
+    if (/^\d+\.\d+\.\d+\.\d+$/.test(cleaned)) {
+        return PRIVATE_IPV4_RANGES.some((r) => r.test(cleaned));
+    }
+    // Check IPv6
+    return PRIVATE_IPV6_PATTERNS.some((r) => r.test(cleaned));
+}
+/**
+ * Check if a hostname looks like a direct IP address (v4, v6, or alternative encoding).
+ * Used to decide whether DNS failure should block or allow.
+ */
+function looksLikeIp(host) {
+    const cleaned = host.replace(/^\[|\]$/g, "");
+    // Standard dotted decimal
+    if (/^\d+\.\d+\.\d+\.\d+$/.test(cleaned))
+        return true;
+    // Pure decimal integer
+    if (/^\d{1,10}$/.test(cleaned))
+        return true;
+    // Hex integer
+    if (/^0x[0-9a-f]+$/i.test(cleaned))
+        return true;
+    // Dotted with octal/hex octets
+    if (/^[\d.x]+$/i.test(cleaned) && cleaned.split(".").length === 4)
+        return true;
+    // IPv6 (contains colons)
+    if (cleaned.includes(":"))
+        return true;
+    return false;
+}
+/**
+ * Validate a URL is safe to fetch (not targeting internal/private addresses).
+ * Does basic hostname checks first, then resolves DNS to catch rebinding attacks.
+ *
+ * @returns null if safe, or a string error message if blocked.
+ */
+export async function validateUrl(urlStr) {
+    let u;
+    try {
+        u = new URL(urlStr);
+    }
+    catch {
+        return "Malformed URL";
+    }
+    // Block non-HTTP(S) schemes
+    if (u.protocol !== "http:" && u.protocol !== "https:") {
+        return `Blocked scheme: ${u.protocol}`;
+    }
+    const host = u.hostname.toLowerCase();
+    // Block known internal hostnames
+    if (BLOCKED_HOSTS.has(host)) {
+        return "URL targets a blocked internal host";
+    }
+    // Block internal TLDs
+    for (const tld of BLOCKED_TLDS) {
+        if (host.endsWith(tld)) {
+            return "URL targets a blocked internal domain";
+        }
+    }
+    // Block .fly.dev (our own infrastructure)
+    if (host.endsWith(".fly.dev")) {
+        return "URL targets internal infrastructure";
+    }
+    // Block bare IPs that resolve to private ranges (including alternative encodings)
+    if (isPrivateIp(host)) {
+        return "URL targets a private/internal IP address";
+    }
+    // DNS resolve-then-check: catch DNS rebinding attacks
+    try {
+        const addresses = await dnsResolve(host);
+        for (const addr of addresses) {
+            if (isPrivateIp(addr)) {
+                return `DNS resolved to private address: ${addr}`;
+            }
+        }
+    }
+    catch {
+        // P0 FIX: DNS resolution failed — only allow through if host is already a
+        // validated direct IP (which was checked above). If it's a hostname that
+        // failed DNS, block it: we can't verify where it points.
+        if (!looksLikeIp(host)) {
+            return "DNS resolution failed — cannot verify target is safe";
+        }
+        // Direct IP that passed isPrivateIp check above — safe to proceed
+    }
+    return null;
+}
+/**
+ * Synchronous fast-path check (no DNS resolution).
+ * Use this when you can't await, or for backward compatibility.
+ * For full protection (including DNS rebinding), use validateUrl().
+ */
+export function isBlockedUrl(urlStr) {
+    try {
+        const u = new URL(urlStr);
+        const host = u.hostname.toLowerCase();
+        if (BLOCKED_HOSTS.has(host) || host === "127.0.0.1" || host === "::1" || host === "[::1]")
+            return true;
+        if (PRIVATE_IPV4_RANGES.some((r) => r.test(host)))
+            return true;
+        if (PRIVATE_IPV6_PATTERNS.some((r) => r.test(host.replace(/^\[|\]$/g, ""))))
+            return true;
+        // P0 FIX: Check alternative IP encodings (decimal, hex, octal)
+        if (isPrivateIp(host))
+            return true;
+        if (host === "169.254.169.254")
+            return true;
+        for (const tld of BLOCKED_TLDS) {
+            if (host.endsWith(tld))
+                return true;
+        }
+        if (host.endsWith(".fly.dev"))
+            return true;
+        if (u.protocol !== "http:" && u.protocol !== "https:")
+            return true;
+        return false;
+    }
+    catch {
+        return true;
+    }
+}

package/dist/server/lib/supabase-client.d.ts

@@ -0,0 +1,7 @@
+import { type SupabaseClient } from "@supabase/supabase-js";
+/** Initialize the shared Supabase client (call once at startup) */
+export declare function initSupabase(url: string, serviceRoleKey: string): void;
+/** Get the shared service role Supabase client (singleton, retry-enabled) */
+export declare function getServiceClient(): SupabaseClient;
+/** Create a user-scoped client (for RLS context) — uses retry fetch */
+export declare function createUserClient(url: string, anonKey: string, token: string): SupabaseClient;

package/dist/server/lib/supabase-client.js

@@ -0,0 +1,78 @@
+// lib/supabase-client.ts — Resilient Supabase client with retry logic
+// Fixes intermittent 520 errors from Cloudflare by retrying failed requests
+// and reusing client instances instead of creating new ones per request.
+import { createClient } from "@supabase/supabase-js";
+const MAX_RETRIES = 3;
+const INITIAL_BACKOFF_MS = 500;
+const MAX_BACKOFF_MS = 5_000;
+/** Custom fetch with retry for 5xx errors (Cloudflare 520/522/524) */
+function createRetryFetch(maxRetries = MAX_RETRIES) {
+    return async (input, init) => {
+        let lastError = null;
+        for (let attempt = 0; attempt <= maxRetries; attempt++) {
+            try {
+                const res = await fetch(input, {
+                    ...init,
+                    // Keep connection alive to reduce TCP handshake overhead
+                    keepalive: true,
+                });
+                // Retry on 5xx errors (Cloudflare 520 = origin error, 522 = timeout, 524 = timeout)
+                if (res.status >= 500 && attempt < maxRetries) {
+                    const backoff = Math.min(INITIAL_BACKOFF_MS * Math.pow(2, attempt), MAX_BACKOFF_MS);
+                    console.warn(`[supabase] ${res.status} on ${typeof input === 'string' ? input.split('?')[0] : 'request'}, retry ${attempt + 1}/${maxRetries} in ${backoff}ms`);
+                    await new Promise(r => setTimeout(r, backoff));
+                    continue;
+                }
+                return res;
+            }
+            catch (err) {
+                lastError = err;
+                // Retry on network errors (ECONNRESET, ETIMEDOUT, etc.)
+                if (attempt < maxRetries) {
+                    const backoff = Math.min(INITIAL_BACKOFF_MS * Math.pow(2, attempt), MAX_BACKOFF_MS);
+                    console.warn(`[supabase] Network error: ${lastError.message}, retry ${attempt + 1}/${maxRetries} in ${backoff}ms`);
+                    await new Promise(r => setTimeout(r, backoff));
+                    continue;
+                }
+            }
+        }
+        throw lastError || new Error("Supabase request failed after retries");
+    };
+}
+// Singleton service role client — reused across all requests
+let _serviceClient = null;
+let _supabaseUrl = "";
+let _serviceRoleKey = "";
+/** Initialize the shared Supabase client (call once at startup) */
+export function initSupabase(url, serviceRoleKey) {
+    _supabaseUrl = url;
+    _serviceRoleKey = serviceRoleKey;
+    _serviceClient = null; // Reset on re-init
+}
+/** Get the shared service role Supabase client (singleton, retry-enabled) */
+export function getServiceClient() {
+    if (!_serviceClient) {
+        if (!_supabaseUrl || !_serviceRoleKey) {
+            throw new Error("Supabase not initialized. Call initSupabase() first.");
+        }
+        _serviceClient = createClient(_supabaseUrl, _serviceRoleKey, {
+            global: {
+                fetch: createRetryFetch(),
+            },
+            auth: {
+                autoRefreshToken: false,
+                persistSession: false,
+            },
+        });
+    }
+    return _serviceClient;
+}
+/** Create a user-scoped client (for RLS context) — uses retry fetch */
+export function createUserClient(url, anonKey, token) {
+    return createClient(url, anonKey, {
+        global: {
+            headers: { Authorization: `Bearer ${token}` },
+            fetch: createRetryFetch(2), // Fewer retries for user requests
+        },
+    });
+}

package/dist/server/lib/template-resolver.d.ts

@@ -0,0 +1,31 @@
+export interface TemplateContext {
+    steps: Record<string, {
+        output?: unknown;
+        status?: string;
+        duration_ms?: number;
+    }>;
+    trigger: Record<string, unknown>;
+    input?: unknown;
+    env?: Record<string, unknown>;
+    workflow?: Record<string, unknown>;
+    run?: Record<string, unknown>;
+}
+/**
+ * Recursively resolve templates in any JSON-compatible value.
+ * - Strings: resolve {{...}} patterns
+ * - Objects: recurse into values
+ * - Arrays: recurse into elements
+ * - Primitives: return as-is
+ */
+export declare function resolveTemplate(value: unknown, ctx: TemplateContext, depth?: number): unknown;
+/**
+ * Evaluate a simple condition expression.
+ * Supports: ==, !=, >, <, >=, <=, contains, !contains, exists, !exists
+ * Templates in the expression are resolved first.
+ *
+ * Examples:
+ *   "{{steps.check.output.count}} > 10"
+ *   "{{steps.fetch.output.status}} == 'active'"
+ *   "{{trigger.type}} != 'test'"
+ */
+export declare function evaluateCondition(expression: string, ctx: TemplateContext): boolean;

package/dist/server/lib/template-resolver.js

@@ -0,0 +1,215 @@
+// server/lib/template-resolver.ts — Resolves {{steps.X.output.Y}} and {{trigger.field}} templates
+//
+// Used by workflow engine to flow data between steps.
+// Extends the fillTemplate() pattern from utils.ts with workflow-specific contexts.
+const TEMPLATE_REGEX = /\{\{([^}]+)\}\}/g;
+/** Block prototype pollution / traversal attacks */
+const BLOCKED_PROPS = new Set([
+    "__proto__", "constructor", "prototype",
+    "__defineGetter__", "__defineSetter__",
+    "__lookupGetter__", "__lookupSetter__",
+]);
+/**
+ * Safely walk a dot-path into an object, blocking dangerous property names.
+ */
+function walkPath(value, parts, startIndex) {
+    let current = value;
+    for (let i = startIndex; i < parts.length; i++) {
+        if (current === null || current === undefined)
+            return undefined;
+        if (typeof current !== "object")
+            return undefined;
+        if (BLOCKED_PROPS.has(parts[i]))
+            return undefined; // Block prototype traversal
+        current = current[parts[i]];
+    }
+    return current;
+}
+/**
+ * Resolve a single template expression like "steps.check.output.count" against the context.
+ * Returns the resolved value, or undefined if the path doesn't exist.
+ */
+function resolveExpression(expr, ctx) {
+    const trimmed = expr.trim();
+    // Built-in variables
+    if (trimmed === "now")
+        return new Date().toISOString();
+    if (trimmed === "today")
+        return new Date().toISOString().slice(0, 10);
+    if (trimmed === "timestamp")
+        return Date.now();
+    // Navigate the dot path
+    const parts = trimmed.split(".");
+    const root = parts[0];
+    let value;
+    if (root === "steps" && parts.length >= 2) {
+        const stepKey = parts[1];
+        const stepData = ctx.steps[stepKey];
+        if (!stepData)
+            return undefined;
+        value = walkPath(stepData, parts, 2);
+    }
+    else if (root === "trigger") {
+        value = walkPath(ctx.trigger, parts, 1);
+    }
+    else if (root === "input") {
+        value = walkPath(ctx.input, parts, 1);
+    }
+    else if (root === "workflow" && ctx.workflow) {
+        value = walkPath(ctx.workflow, parts, 1);
+    }
+    else if (root === "run" && ctx.run) {
+        value = walkPath(ctx.run, parts, 1);
+    }
+    else if (root === "env" && ctx.env) {
+        // P0 FIX: Only allow explicitly whitelisted env keys — never expose process.env
+        const ALLOWED_ENV_KEYS = new Set(["APP_URL", "APP_NAME", "NODE_ENV"]);
+        if (parts.length >= 2 && !ALLOWED_ENV_KEYS.has(parts[1]))
+            return undefined;
+        value = walkPath(ctx.env, parts, 1);
+    }
+    else {
+        return undefined;
+    }
+    return value;
+}
+/**
+ * Resolve all {{...}} placeholders in a string.
+ * If the entire string is a single template AND the resolved value is not a string,
+ * return the raw value (preserving numbers, objects, arrays, booleans).
+ */
+function resolveString(template, ctx) {
+    // Check if the entire string is a single template expression
+    const singleMatch = template.match(/^\{\{([^}]+)\}\}$/);
+    if (singleMatch) {
+        const resolved = resolveExpression(singleMatch[1], ctx);
+        return resolved !== undefined ? resolved : template;
+    }
+    // Multiple templates or mixed text — string interpolation
+    return template.replace(TEMPLATE_REGEX, (match, expr) => {
+        const resolved = resolveExpression(expr, ctx);
+        if (resolved === undefined)
+            return match;
+        if (typeof resolved === "object" && resolved !== null)
+            return JSON.stringify(resolved);
+        return String(resolved);
+    });
+}
+/**
+ * Recursively resolve templates in any JSON-compatible value.
+ * - Strings: resolve {{...}} patterns
+ * - Objects: recurse into values
+ * - Arrays: recurse into elements
+ * - Primitives: return as-is
+ */
+export function resolveTemplate(value, ctx, depth = 0) {
+    // Guard against infinite recursion from circular or deeply nested structures
+    if (depth > 20)
+        return value;
+    if (typeof value === "string") {
+        return resolveString(value, ctx);
+    }
+    if (Array.isArray(value)) {
+        return value.map((item) => resolveTemplate(item, ctx, depth + 1));
+    }
+    if (value !== null && typeof value === "object") {
+        const resolved = {};
+        for (const [k, v] of Object.entries(value)) {
+            resolved[k] = resolveTemplate(v, ctx, depth + 1);
+        }
+        return resolved;
+    }
+    return value;
+}
+/**
+ * Evaluate a simple condition expression.
+ * Supports: ==, !=, >, <, >=, <=, contains, !contains, exists, !exists
+ * Templates in the expression are resolved first.
+ *
+ * Examples:
+ *   "{{steps.check.output.count}} > 10"
+ *   "{{steps.fetch.output.status}} == 'active'"
+ *   "{{trigger.type}} != 'test'"
+ */
+export function evaluateCondition(expression, ctx) {
+    // Resolve all templates in the expression first
+    const resolved = resolveString(expression, ctx);
+    const expr = typeof resolved === 'object' && resolved !== null
+        ? JSON.stringify(resolved)
+        : String(resolved);
+    // exists / !exists checks
+    if (expr.includes(" exists")) {
+        const parts = expr.split(/\s+exists/);
+        const val = parts[0].trim();
+        const isNegated = expression.trim().startsWith("!");
+        const exists = val !== "" && val !== "undefined" && val !== "null" && !val.includes("{{");
+        return isNegated ? !exists : exists;
+    }
+    // P1 FIX: Use regex-based matching with word boundaries to prevent data containing
+    // operator strings (e.g., "value >= 10" in a field) from being misinterpreted
+    const operatorPatterns = [
+        [/\s!==\s/, "!=="],
+        [/\s===\s/, "==="],
+        [/\s!=\s/, "!="],
+        [/\s==\s/, "=="],
+        [/\s>=\s/, ">="],
+        [/\s<=\s/, "<="],
+        [/\s>\s/, ">"],
+        [/\s<\s/, "<"],
+        [/\scontains\s/, "contains"],
+        [/\s!contains\s/, "!contains"],
+    ];
+    for (const [pattern, op] of operatorPatterns) {
+        // Use the LAST match: resolved template data (left side) may contain
+        // operator-like strings, but the actual operator is the rightmost one.
+        const globalRe = new RegExp(pattern.source, "g");
+        let lastMatch = null;
+        let m;
+        while ((m = globalRe.exec(expr)) !== null)
+            lastMatch = m;
+        if (!lastMatch || lastMatch.index === undefined)
+            continue;
+        let left = expr.substring(0, lastMatch.index).trim();
+        let right = expr.substring(lastMatch.index + lastMatch[0].length).trim();
+        // Strip quotes from right side
+        if ((right.startsWith("'") && right.endsWith("'")) || (right.startsWith('"') && right.endsWith('"'))) {
+            right = right.slice(1, -1);
+        }
+        if ((left.startsWith("'") && left.endsWith("'")) || (left.startsWith('"') && left.endsWith('"'))) {
+            left = left.slice(1, -1);
+        }
+        const numLeft = Number(left);
+        const numRight = Number(right);
+        const bothNumeric = !isNaN(numLeft) && !isNaN(numRight) && left !== "" && right !== "";
+        switch (op.trim()) {
+            case "===":
+            case "==":
+                return bothNumeric ? numLeft === numRight : left === right;
+            case "!==":
+            case "!=":
+                return bothNumeric ? numLeft !== numRight : left !== right;
+            case ">":
+                return bothNumeric ? numLeft > numRight : left > right;
+            case "<":
+                return bothNumeric ? numLeft < numRight : left < right;
+            case ">=":
+                return bothNumeric ? numLeft >= numRight : left >= right;
+            case "<=":
+                return bothNumeric ? numLeft <= numRight : left <= right;
+            case "contains":
+                return left.includes(right);
+            case "!contains":
+                return !left.includes(right);
+        }
+    }
+    // Truthy/falsy check — if expression resolved to a value
+    if (expr === "true" || expr === "1")
+        return true;
+    if (expr === "false" || expr === "0" || expr === "" || expr === "null" || expr === "undefined")
+        return false;
+    // If there are still unresolved templates, condition is false
+    if (expr.includes("{{"))
+        return false;
+    // Non-empty string is truthy
+    return expr.length > 0;
+}

package/dist/server/lib/utils.d.ts

@@ -0,0 +1,16 @@
+/** Escape characters that could manipulate PostgREST/ILIKE filter syntax.
+ * Escapes ILIKE wildcards (%, _) and backslashes, plus strips commas and parens
+ * that could manipulate PostgREST operators. */
+export declare function sanitizeFilterValue(val: string): string;
+/** Group array items by a key, returning counts */
+export declare function groupBy(arr: Record<string, unknown>[], key: string): Record<string, number>;
+/** Escape a value for CSV output */
+export declare function escapeCSV(val: unknown): string;
+/** Fill {{key}} placeholders in a template string */
+export declare function fillTemplate(template: string, data: Record<string, unknown>): string;
+/** Extract concise metrics from tool results for audit logging (never full payloads). */
+export declare function summarizeResult(toolName: string, action: string | undefined, data: unknown): Record<string, unknown>;
+/** Timeout wrapper for tool execution with AbortSignal support.
+ * Creates an AbortController, races the promise against a timeout,
+ * and aborts the signal on timeout so underlying work (fetch etc.) can cancel. */
+export declare function withTimeout<T>(promiseOrFactory: Promise<T> | ((signal: AbortSignal) => Promise<T>), ms: number, name: string): Promise<T>;