work-agent 0.1.0

package/lib/pinyin.ts

@@ -0,0 +1,13 @@
+import { pinyin } from 'pinyin-pro';
+
+export function toDirName(displayName: string, username: string): string {
+  const py = pinyin(displayName, { pattern: 'pinyin', toneType: 'none', separator: '' });
+  const cleanedPy = py.replace(/\s+/g, '').toLowerCase();
+  const random = Math.random().toString(36).substring(2, 6);
+  return `${cleanedPy}-${username}`;
+}
+
+export function toPinyin(name: string): string {
+  const py = pinyin(name, { pattern: 'pinyin', toneType: 'none', separator: '' });
+  return py.replace(/\s+/g, '').toLowerCase();
+}

package/lib/recommendation.ts

@@ -0,0 +1,227 @@
+/**
+ * 推荐服务
+ *
+ * 基于使用统计和上下文为用户推荐合适的Skill */
+
+import { listMarketSkills } from './market-db';
+import { getUserSkills, getSkillUsageStats } from './db';
+
+let marketSkillsCache: any[] | null = null;
+let marketSkillsCacheTime = 0;
+const MARKET_CACHE_TTL = 60000; // 1 minute cache
+
+async function getMarketSkillsFromRemote(): Promise<any[]> {
+	try {
+		const { getMarketClient } = await import('./market-client');
+		const client = getMarketClient();
+
+		if (!client.isRemoteEnabled()) {
+			return [];
+		}
+
+		const result = await client.searchSkills({ status: 'approved', limit: 50 });
+		return result.skills;
+	} catch (error) {
+		console.warn('[recommendation] Failed to fetch from remote:', error);
+		return [];
+	}
+}
+
+function getApprovedSkills(): any[] {
+	const now = Date.now();
+
+	if (marketSkillsCache && (now - marketSkillsCacheTime) < MARKET_CACHE_TTL) {
+		return marketSkillsCache;
+	}
+
+	const { skills } = listMarketSkills({ status: 'approved', limit: 50 });
+	marketSkillsCache = skills;
+	marketSkillsCacheTime = now;
+
+	return skills;
+}
+
+export interface RecommendedSkill {
+	name: string;
+	displayName?: string;
+	description?: string;
+	score: number;
+	reason: string;
+}
+
+/**
+ * 基于上下文的推荐
+ *
+ * @param userQuery 用户的查询内容
+ * @param userId 用户ID
+ * @returns 推荐的Skill列表
+ */
+export function recommendForContext(
+	userQuery: string,
+	userId: string
+): RecommendedSkill[] {
+	// 获取用户已安装的Skill
+	const userSkills = getUserSkills(userId);
+	const installedSkills = new Set(userSkills.map(s => s.skillName));
+
+	// 获取所有市场Skill（只获取已审核通过的）
+	const marketSkills = getApprovedSkills();
+
+	// 基于查询关键词匹配
+	const queryLower = userQuery.toLowerCase();
+	const keywords: Record<string, string[]> = {
+		'k8s-ops': ['k8s', 'kubernetes', 'kubectl', 'pod', 'deployment', 'service', 'ingress'],
+		'docker': ['docker', 'container', '镜像', '容器'],
+		'git': ['git', 'commit', 'branch', 'merge', 'pull', 'push'],
+		'nginx': ['nginx', '反向代理', '负载均衡'],
+		'database': ['mysql', 'postgres', 'mongodb', 'redis', '数据库'],
+		'api': ['api', 'rest', 'http', '请求'],
+	};
+
+	const recommendations: RecommendedSkill[] = [];
+
+	for (const skill of marketSkills) {
+		// 跳过已安装的Skill
+		if (installedSkills.has(skill.name)) {
+			continue;
+		}
+
+		let matchScore = 0;
+		let reason = '';
+
+		// 匹配关键词
+		const skillKeywords = keywords[skill.name] || [];
+		for (const keyword of skillKeywords) {
+			if (queryLower.includes(keyword)) {
+				matchScore += 10;
+				reason = `与"${keyword}"相关`;
+			}
+		}
+
+		// 匹配名称和描述
+		const nameAndDesc = `${skill.name} ${skill.displayName || ''} ${skill.description || ''}`.toLowerCase();
+		for (const keyword of skillKeywords) {
+			if (nameAndDesc.includes(keyword)) {
+				matchScore += 5;
+			}
+		}
+
+		// 考虑热门度
+		const stats = getSkillUsageStats(skill.name);
+		if (stats.total > 0) {
+			matchScore += Math.min(5, stats.total); // 最多加5分
+		}
+
+		if (matchScore > 0) {
+			recommendations.push({
+				name: skill.name,
+				displayName: skill.displayName,
+				description: skill.description,
+				score: matchScore,
+				reason: reason || '热门Skill推荐',
+			});
+		}
+	}
+
+	// 按分数排序，返回前5个
+	return recommendations
+		.sort((a, b) => b.score - a.score)
+		.slice(0, 5);
+}
+
+/**
+ * 获取个性化推荐
+ *
+ * 基于用户历史使用习惯推荐
+ */
+export function getPersonalizedRecommendations(
+	userId: string,
+	limit: number = 5
+): RecommendedSkill[] {
+	// 获取用户已安装的Skill
+	const userSkills = getUserSkills(userId);
+	const installedSkills = new Set(userSkills.map(s => s.skillName));
+
+	// 获取用户使用最多的Skill
+	const mostUsed = [...userSkills]
+		.sort((a, b) => b.useCount - a.useCount)
+		.slice(0, 3);
+
+	// 获取这些Skill的关键词
+	const usedSkillNames = mostUsed.map(s => s.skillName);
+
+	// 获取市场Skill
+	const marketSkills = getApprovedSkills();
+
+	const recommendations: RecommendedSkill[] = [];
+
+	for (const skill of marketSkills) {
+		if (installedSkills.has(skill.name)) {
+			continue;
+		}
+
+		let score = 0;
+		let reason = '';
+
+		// 如果使用了类似的Skill，给予更高分数
+		for (const usedSkill of usedSkillNames) {
+			if (skill.name.includes(usedSkill.split('-')[0]) ||
+				usedSkill.includes(skill.name.split('-')[0])) {
+				score += 15;
+				reason = '基于您常用的Skill类型';
+			}
+		}
+
+		// 考虑评分
+		if (skill.ratingAvg >= 4) {
+			score += 5;
+		}
+
+		// 考虑下载量
+		if (skill.downloadCount > 10) {
+			score += 3;
+		}
+
+		if (score > 0) {
+			recommendations.push({
+				name: skill.name,
+				displayName: skill.displayName,
+				description: skill.description,
+				score,
+				reason: reason || '热门且高评分',
+			});
+		}
+	}
+
+	return recommendations
+		.sort((a, b) => b.score - a.score)
+		.slice(0, limit);
+}
+
+/**
+ * 获取热门推荐
+ *
+ * 基于下载量和评分
+ */
+export function getPopularSkills(limit: number = 10): RecommendedSkill[] {
+	const { skills: marketSkills } = listMarketSkills({
+		status: 'approved',
+		orderBy: 'downloads',
+		limit,
+	});
+
+	return marketSkills.map(skill => {
+		// 计算综合分数
+		const score = (skill.downloadCount * 0.5) + (Number(skill.ratingAvg) * skill.ratingCount * 2);
+
+		return {
+			name: skill.name,
+			displayName: skill.displayName,
+			description: skill.description,
+			score,
+			reason: `下载${skill.downloadCount}次，评分${Number(skill.ratingAvg).toFixed(1)}`,
+		};
+	})
+		.sort((a, b) => b.score - a.score)
+		.slice(0, limit);
+}

package/lib/risk-estimator.ts

@@ -0,0 +1,350 @@
+/**
+ * Risk Estimator
+ * 
+ * Estimates risk level for commands based on:
+ * 1. System-wide high-risk configurations (highest priority)
+ * 2. Skill-specific risk configurations
+ * 
+ * Priority: system_critical > system_high > skill_high > system_medium > skill_medium > skill_low
+ */
+
+import { existsSync, readFileSync } from 'fs';
+import { join } from 'path';
+
+export type RiskLevel = 'low' | 'medium' | 'high' | 'critical';
+
+interface SystemRiskConfig {
+  version: string;
+  description: string;
+  priority: string;
+  highRiskCommands: {
+    bash: {
+      patterns: Array<{
+        pattern: string;
+        level: RiskLevel;
+        description: string;
+      }>;
+      requireApproval: boolean;
+      blockOnCritical: boolean;
+    };
+    kubectl: {
+      verbs: Record<string, {
+        level: RiskLevel;
+        requireApproval: boolean;
+        description: string;
+      }>;
+      dangerousResources: string[];
+      requireApproval: boolean;
+    };
+    docker: {
+      patterns: Array<{
+        pattern: string;
+        level: RiskLevel;
+        description: string;
+      }>;
+      requireApproval: boolean;
+    };
+    git: {
+      patterns: Array<{
+        pattern: string;
+        level: RiskLevel;
+        description: string;
+      }>;
+      requireApproval: boolean;
+    };
+  };
+  generalRules: {
+    requireApprovalOnHighRisk: boolean;
+    blockOnCritical: boolean;
+    logAllCommands: boolean;
+    timeout: Record<RiskLevel, number>;
+  };
+}
+
+interface SkillRiskConfig {
+  default: RiskLevel;
+  overrides: Record<string, RiskLevel>;
+}
+
+interface RiskAssessment {
+  riskLevel: RiskLevel;
+  requiresApproval: boolean;
+  shouldBlock: boolean;
+  reason: string;
+  matchedPattern?: string;
+  skillName?: string;
+  commandType?: string;
+}
+
+let systemConfig: SystemRiskConfig | null = null;
+
+function loadSystemConfig(): SystemRiskConfig {
+  if (systemConfig) return systemConfig;
+  
+  const configPath = join(process.cwd(), '.pi', 'system-commands.json');
+  if (existsSync(configPath)) {
+    try {
+      const content = readFileSync(configPath, 'utf-8');
+      systemConfig = JSON.parse(content) as SystemRiskConfig;
+      return systemConfig;
+    } catch (error) {
+      console.error('Failed to load system risk config:', error);
+    }
+  }
+  
+  // Return default config if file not found
+  return getDefaultSystemConfig();
+}
+
+function getDefaultSystemConfig(): SystemRiskConfig {
+  return {
+    version: '1.0',
+    description: 'Default system risk configuration',
+    priority: 'highest',
+    highRiskCommands: {
+      bash: {
+        patterns: [
+          { pattern: 'rm -rf', level: 'critical', description: 'Force recursive delete' },
+        ],
+        requireApproval: true,
+        blockOnCritical: true,
+      },
+      kubectl: {
+        verbs: {
+          delete: { level: 'high', requireApproval: true, description: 'Delete resources' },
+          scale: { level: 'high', requireApproval: true, description: 'Scale resources' },
+          patch: { level: 'high', requireApproval: true, description: 'Patch resources' },
+          replace: { level: 'high', requireApproval: true, description: 'Replace resources' },
+        },
+        dangerousResources: ['all', 'pods', 'deployments', 'services'],
+        requireApproval: true,
+      },
+      docker: {
+        patterns: [],
+        requireApproval: true,
+      },
+      git: {
+        patterns: [],
+        requireApproval: false,
+      },
+    },
+    generalRules: {
+      requireApprovalOnHighRisk: true,
+      blockOnCritical: true,
+      logAllCommands: true,
+      timeout: {
+        low: 30000,
+        medium: 60000,
+        high: 120000,
+        critical: 5000,
+      },
+    },
+  };
+}
+
+function getSkillRiskConfig(skillName: string): SkillRiskConfig {
+  const skillConfigPath = join(process.cwd(), '.pi', 'skills', skillName, 'SKILL.json');
+  
+  if (existsSync(skillConfigPath)) {
+    try {
+      const content = readFileSync(skillConfigPath, 'utf-8');
+      const config = JSON.parse(content);
+      return {
+        default: config.riskConfig?.default || 'low',
+        overrides: config.riskConfig?.overrides || {},
+      };
+    } catch (error) {
+      console.error(`Failed to load skill risk config for ${skillName}:`, error);
+    }
+  }
+  
+  return {
+    default: 'low',
+    overrides: {},
+  };
+}
+
+export function estimateRisk(
+  command: string,
+  skillName?: string
+): RiskAssessment {
+  const trimmedCommand = command.trim();
+  const config = loadSystemConfig();
+  
+  // Detect command type
+  const commandType = detectCommandType(trimmedCommand);
+  
+  // 1. Check system-level patterns first (highest priority)
+  const systemAssessment = checkSystemPatterns(trimmedCommand, commandType, config);
+  if (systemAssessment) {
+    return systemAssessment;
+  }
+  
+  // 2. Check skill-level configurations
+  if (skillName) {
+    const skillConfig = getSkillRiskConfig(skillName);
+    const skillAssessment = checkSkillPatterns(trimmedCommand, skillConfig, skillName, commandType);
+    if (skillAssessment) {
+      return skillAssessment;
+    }
+  }
+  
+  // 3. Default to low risk if no patterns match
+  return {
+    riskLevel: 'low',
+    requiresApproval: false,
+    shouldBlock: false,
+    reason: 'Default: No risk patterns matched',
+    commandType,
+  };
+}
+
+function detectCommandType(command: string): string {
+  const trimmed = command.toLowerCase().trim();
+  
+  if (trimmed.startsWith('kubectl')) return 'kubectl';
+  if (trimmed.startsWith('docker')) return 'docker';
+  if (trimmed.startsWith('git')) return 'git';
+  if (trimmed.startsWith('npm')) return 'npm';
+  if (trimmed.startsWith('yarn')) return 'yarn';
+  if (trimmed.startsWith('chmod')) return 'chmod';
+  if (trimmed.startsWith('rm')) return 'rm';
+  if (trimmed.startsWith('kill')) return 'kill';
+  
+  return 'bash';
+}
+
+function checkSystemPatterns(
+  command: string,
+  commandType: string,
+  config: SystemRiskConfig
+): RiskAssessment | null {
+  const lowerCommand = command.toLowerCase();
+  
+  // Check bash patterns
+  if (commandType === 'bash' || commandType === 'rm' || commandType === 'chmod' || commandType === 'kill') {
+    for (const pattern of config.highRiskCommands.bash.patterns) {
+      if (lowerCommand.includes(pattern.pattern.toLowerCase())) {
+        return {
+          riskLevel: pattern.level,
+          requiresApproval: pattern.level === 'critical' ? true : config.highRiskCommands.bash.requireApproval,
+          shouldBlock: pattern.level === 'critical' && config.generalRules.blockOnCritical,
+          reason: `System pattern matched: ${pattern.description}`,
+          matchedPattern: pattern.pattern,
+          commandType: 'bash',
+        };
+      }
+    }
+  }
+  
+  // Check kubectl verbs
+  if (commandType === 'kubectl') {
+    const verbs = lowerCommand.match(/kubectl\s+(\w+)/);
+    const verb = verbs?.[1];
+    
+    if (verb && config.highRiskCommands.kubectl.verbs[verb]) {
+      const verbConfig = config.highRiskCommands.kubectl.verbs[verb];
+      return {
+        riskLevel: verbConfig.level,
+        requiresApproval: verbConfig.requireApproval,
+        shouldBlock: false,
+        reason: `Kubectl verb '${verb}': ${verbConfig.description}`,
+        matchedPattern: `kubectl ${verb}`,
+        commandType: 'kubectl',
+      };
+    }
+    
+    // Check for dangerous resources (only for modifying verbs)
+    const modifyingVerbs = ['delete', 'scale', 'patch', 'replace', 'edit', 'exec', 'cp'];
+    if (modifyingVerbs.includes(verb || '') && commandType === 'kubectl') {
+      for (const resource of config.highRiskCommands.kubectl.dangerousResources) {
+        if (lowerCommand.includes(resource)) {
+          return {
+            riskLevel: 'high',
+            requiresApproval: config.highRiskCommands.kubectl.requireApproval,
+            shouldBlock: false,
+            reason: `Dangerous resource: ${resource}`,
+            commandType: 'kubectl',
+          };
+        }
+      }
+    }
+  }
+  
+  // Check docker patterns
+  if (commandType === 'docker') {
+    for (const pattern of config.highRiskCommands.docker.patterns) {
+      if (lowerCommand.includes(pattern.pattern.toLowerCase())) {
+        return {
+          riskLevel: pattern.level,
+          requiresApproval: config.highRiskCommands.docker.requireApproval,
+          shouldBlock: pattern.level === 'critical',
+          reason: `Docker pattern matched: ${pattern.description}`,
+          matchedPattern: pattern.pattern,
+          commandType: 'docker',
+        };
+      }
+    }
+  }
+  
+  // Check git patterns
+  if (commandType === 'git') {
+    for (const pattern of config.highRiskCommands.git.patterns) {
+      if (lowerCommand.includes(pattern.pattern.toLowerCase())) {
+        return {
+          riskLevel: pattern.level,
+          requiresApproval: config.highRiskCommands.git.requireApproval,
+          shouldBlock: false,
+          reason: `Git pattern matched: ${pattern.description}`,
+          matchedPattern: pattern.pattern,
+          commandType: 'git',
+        };
+      }
+    }
+  }
+  
+  return null;
+}
+
+function checkSkillPatterns(
+  command: string,
+  skillConfig: SkillRiskConfig,
+  skillName: string,
+  commandType: string
+): RiskAssessment | null {
+  const lowerCommand = command.toLowerCase();
+  
+  // Check specific overrides first
+  for (const [pattern, level] of Object.entries(skillConfig.overrides)) {
+    if (lowerCommand.includes(pattern.toLowerCase())) {
+      return {
+        riskLevel: level,
+        requiresApproval: level === 'high' || level === 'critical',
+        shouldBlock: level === 'critical',
+        reason: `Skill '${skillName}' pattern matched: ${pattern}`,
+        matchedPattern: pattern,
+        skillName,
+        commandType,
+      };
+    }
+  }
+  
+  // Default to skill's default level
+  return {
+    riskLevel: skillConfig.default,
+    requiresApproval: skillConfig.default === 'high' || skillConfig.default === 'critical',
+    shouldBlock: skillConfig.default === 'critical',
+    reason: `Skill '${skillName}' default risk level`,
+    skillName,
+    commandType,
+  };
+}
+
+export function getTimeoutForRisk(riskLevel: RiskLevel): number {
+  const config = loadSystemConfig();
+  return config.generalRules.timeout[riskLevel] || 30000;
+}
+
+export function reloadSystemConfig(): void {
+  systemConfig = null;
+}