agentnode-sdk 0.4.1__tar.gz → 0.5.1__tar.gz

{agentnode_sdk-0.4.1 → agentnode_sdk-0.5.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: agentnode-sdk
-Version: 0.4.1
+Version: 0.5.1
 Summary: Python SDK for AgentNode — the open upgrade and discovery infrastructure for AI agents.
 Project-URL: Homepage, https://agentnode.net
 Project-URL: Repository, https://github.com/agentnode-ai/agentnode

agentnode_sdk-0.5.1/agentnode.lock

@@ -0,0 +1,132 @@
+{
+  "lockfile_version": "0.1",
+  "updated_at": "2026-04-24T13:59:54.296881+00:00",
+  "packages": {
+    "word-counter-pack": {
+      "version": "1.0.0",
+      "package_type": "toolpack",
+      "runtime": "python",
+      "entrypoint": "word_counter_pack.tool",
+      "capability_ids": [
+        "data_cleaning"
+      ],
+      "tools": [
+        {
+          "name": "count_words",
+          "entrypoint": "word_counter_pack.tool:count_words"
+        }
+      ],
+      "artifact_hash": "sha256:445388c86aa2b20c3e748f58b2d221548f1f3f71ff5c715a64cdc80966fab03c",
+      "installed_at": "2026-03-18T02:18:53.827396+00:00",
+      "source": "sdk",
+      "trust_level": "trusted",
+      "permissions": {
+        "network_level": "none",
+        "filesystem_level": "none",
+        "code_execution_level": "none",
+        "data_access_level": "input_only",
+        "user_approval_level": "never"
+      }
+    },
+    "pdf-reader-pack": {
+      "version": "1.0.0",
+      "package_type": "toolpack",
+      "runtime": "python",
+      "entrypoint": "pdf_reader_pack.tool",
+      "capability_ids": [
+        "pdf_extraction"
+      ],
+      "tools": [],
+      "artifact_hash": "sha256:4635316cb5f8ee477f41ccad570c3bcd5026fc7cd1fbf402a12df575be54ae20",
+      "installed_at": "2026-04-15T23:53:44.341323+00:00",
+      "source": "sdk",
+      "trust_level": "trusted",
+      "permissions": {
+        "network_level": "none",
+        "filesystem_level": "temp",
+        "code_execution_level": "none",
+        "data_access_level": "input_only",
+        "user_approval_level": "never"
+      },
+      "prompts": [],
+      "resources": [],
+      "connector": null,
+      "agent": null
+    },
+    "web-search-pack": {
+      "version": "1.0.0",
+      "package_type": "toolpack",
+      "runtime": "python",
+      "entrypoint": "web_search_pack.tool",
+      "capability_ids": [
+        "web_search"
+      ],
+      "tools": [],
+      "artifact_hash": "sha256:3e667ba523ceddf6137a1a15f4103d48a59085d1d277750f30addf2758228d12",
+      "installed_at": "2026-04-16T13:48:00.554169+00:00",
+      "source": "sdk",
+      "trust_level": "trusted",
+      "permissions": {
+        "network_level": "restricted",
+        "filesystem_level": "none",
+        "code_execution_level": "none",
+        "data_access_level": "input_only",
+        "user_approval_level": "never"
+      },
+      "prompts": [],
+      "resources": [],
+      "connector": null,
+      "agent": null
+    },
+    "web-design-pack": {
+      "version": "1.0.0",
+      "package_type": "toolpack",
+      "runtime": "python",
+      "entrypoint": "web_design_pack.tool",
+      "capability_ids": [
+        "web_design"
+      ],
+      "tools": [],
+      "artifact_hash": "sha256:bf90bc3e2fb78682bc3df5f53d7a195675c564f0f3ede8dddfce403b59b73525",
+      "installed_at": "2026-04-16T13:48:58.751523+00:00",
+      "source": "sdk",
+      "trust_level": "trusted",
+      "permissions": {
+        "network_level": "none",
+        "filesystem_level": "temp",
+        "code_execution_level": "none",
+        "data_access_level": "input_only",
+        "user_approval_level": "never"
+      },
+      "prompts": [],
+      "resources": [],
+      "connector": null,
+      "agent": null
+    },
+    "csv-analyzer-pack": {
+      "version": "1.0.0",
+      "package_type": "toolpack",
+      "runtime": "python",
+      "entrypoint": "csv_analyzer_pack.tool",
+      "capability_ids": [
+        "csv_analysis"
+      ],
+      "tools": [],
+      "artifact_hash": "sha256:62cfe9be62e97174ab41eff190e356d1c512b11ac88cb566d7c75e5f5e0f8d42",
+      "installed_at": "2026-04-24T13:59:54.295800+00:00",
+      "source": "sdk",
+      "trust_level": "trusted",
+      "permissions": {
+        "network_level": "none",
+        "filesystem_level": "temp",
+        "code_execution_level": "none",
+        "data_access_level": "input_only",
+        "user_approval_level": "never"
+      },
+      "prompts": [],
+      "resources": [],
+      "connector": null,
+      "agent": null
+    }
+  }
+}

{agentnode_sdk-0.4.1 → agentnode_sdk-0.5.1}/agentnode_sdk/__init__.py

@@ -28,6 +28,7 @@ from agentnode_sdk.models import (
     SmartRunResult,
 )
 from agentnode_sdk.compatibility import recommend_model
+from agentnode_sdk.policy import PolicyResult, check_install, check_run
 from agentnode_sdk.runner import run_tool
 from agentnode_sdk.runtime import AgentNodeRuntime
 
@@ -35,7 +36,7 @@ from agentnode_sdk.runtime import AgentNodeRuntime
 Client = AgentNodeClient
 ToolError = AgentNodeToolError
 
-__version__ = "0.4.0"
+__version__ = "0.4.1"
 __all__ = [
     "AgentNode",
     "AsyncAgentNode",
@@ -67,5 +68,8 @@ __all__ = [
     "DetectAndInstallResult",
     "SmartRunResult",
     "AgentNodeRuntime",
+    "PolicyResult",
+    "check_install",
+    "check_run",
     "recommend_model",
 ]

{agentnode_sdk-0.4.1 → agentnode_sdk-0.5.1}/agentnode_sdk/client.py

@@ -89,15 +89,16 @@ class AgentNode:
 
     def __init__(self, api_key: str | None = None, base_url: str = DEFAULT_BASE_URL):
         api_key = api_key or os.environ.get("AGENTNODE_API_KEY")
-        if not api_key:
-            raise ValueError("api_key is required (pass explicitly or set AGENTNODE_API_KEY)")
         # Ensure base_url ends with /v1 for API routing
         base = base_url.rstrip("/")
         if not base.endswith("/v1"):
             base = f"{base}/v1"
+        headers: dict[str, str] = {}
+        if api_key:
+            headers["X-API-Key"] = api_key
         self._client = httpx.Client(
             base_url=base,
-            headers={"X-API-Key": api_key},
+            headers=headers,
             timeout=30,
         )
 
@@ -236,6 +237,38 @@ class AgentNode:
             raise AgentNodeError("UNKNOWN", f"Invalid JSON response: {exc}") from exc
 
 
+def _check_credential_available(provider: str) -> bool:
+    """Check if a credential is available for a provider (env, local file, or API)."""
+    # Check env var
+    env_key = f"AGENTNODE_CRED_{provider.upper().replace('-', '_')}"
+    if os.environ.get(env_key):
+        return True
+    # Check local file
+    try:
+        from agentnode_sdk.credential_store import has_credential
+        if has_credential(provider):
+            return True
+    except Exception:
+        pass
+    # Check if API credentials are configured (session token)
+    if os.environ.get("AGENTNODE_SESSION_TOKEN") and os.environ.get("AGENTNODE_API_URL"):
+        return True
+    return False
+
+
+def _get_package_connector_provider(slug: str, client: "AgentNodeClient") -> str | None:
+    """Get the connector provider from package metadata, if any."""
+    try:
+        meta = client._request("GET", f"/packages/{slug}/install-info")
+        connector = meta.get("connector")
+        if isinstance(connector, dict):
+            return connector.get("provider")
+    except Exception:
+        import logging as _logging
+        _logging.getLogger(__name__).debug("Failed to fetch connector provider for %s", slug, exc_info=True)
+    return None
+
+
 class AgentNodeClient:
     """Extended client returning typed dataclass models. Backward-compatible.
 
@@ -456,6 +489,7 @@ class AgentNodeClient:
             capabilities=caps,
             dependencies=deps,
             permissions=perms,
+            agent=data.get("agent"),
         )
 
     # --- Download ---
@@ -522,11 +556,72 @@ class AgentNodeClient:
         verification_tier = None
         try:
             detail = self._request("GET", f"/packages/{slug}")
-            trust_level = detail.get("trust_level", "unverified")
+            # trust_level lives in publisher.trust_level or blocks.trust.publisher_trust_level,
+            # NOT as a top-level field (which is None/missing in the API response).
+            trust_level = (
+                detail.get("publisher", {}).get("trust_level")
+                or detail.get("blocks", {}).get("trust", {}).get("publisher_trust_level")
+                or "unverified"
+            )
             lv = detail.get("latest_version") or {}
             verification_tier = lv.get("verification_tier")
         except Exception:
-            pass
+            import logging as _logging
+            _logging.getLogger(__name__).warning("Failed to fetch trust info for %s, defaulting to unverified", slug, exc_info=True)
+
+        # 2b. Policy check — authoritative (Phase B: hard enforcement)
+        from agentnode_sdk.policy import check_install as _policy_check_install
+        from agentnode_sdk.policy import audit_decision as _policy_audit
+        policy_entry = {
+            "trust_level": trust_level or "unverified",
+            "permissions": _permissions_to_dict(meta.permissions),
+        }
+        try:
+            decision = _policy_check_install(slug, policy_entry, interactive=True)
+        except Exception as exc:
+            # Policy check itself crashed (bug in policy.py, not config issue).
+            # Translate to a clean deny — never silently proceed.
+            import logging as _logging
+            _logging.getLogger(__name__).warning(
+                "Policy check raised for %s: %s", slug, exc,
+            )
+            return InstallResult(
+                slug=slug,
+                version=meta.version,
+                installed=False,
+                already_installed=False,
+                message=f"Policy check failed: internal error. Install denied.",
+                trust_level=trust_level,
+                verification_tier=verification_tier,
+            )
+        # Audit is best-effort — must never block the policy decision
+        try:
+            _policy_audit(
+                decision, "client_install", slug,
+                trust_level=policy_entry["trust_level"],
+            )
+        except Exception:
+            pass  # Audit write failure is non-fatal
+        if decision.action == "deny":
+            return InstallResult(
+                slug=slug,
+                version=meta.version,
+                installed=False,
+                already_installed=False,
+                message=decision.reason,
+                trust_level=trust_level,
+                verification_tier=verification_tier,
+            )
+        if decision.action == "prompt":
+            return InstallResult(
+                slug=slug,
+                version=meta.version,
+                installed=False,
+                already_installed=False,
+                message=f"Approval required: {decision.reason}",
+                trust_level=trust_level,
+                verification_tier=verification_tier,
+            )
 
         # 3. Trust check
         if require_trusted or require_verified:
@@ -602,6 +697,7 @@ class AgentNodeClient:
             verbose=verbose,
             trust_level=trust_level,
             permissions=_permissions_to_dict(meta.permissions),
+            agent=meta.agent,
         )
 
         return InstallResult(
@@ -625,6 +721,11 @@ class AgentNodeClient:
         require_trusted: bool = False,
         require_verified: bool = False,
         allowed_permissions: list[str] | None = None,
+        # NOTE: Legacy path — require_trusted, require_verified,
+        # allowed_permissions, denied_permissions are pre-policy params.
+        # policy.check_install() is now the Single Source of Truth for
+        # trust and permission decisions. These params remain for backward
+        # compat only. Cleanup sprint: consolidate through policy.py.
         denied_permissions: list[str] | None = None,
     ) -> CanInstallResult:
         """Check whether a package can be installed under given constraints.
@@ -632,6 +733,9 @@ class AgentNodeClient:
         Evaluates trust level, permissions, and deprecation status
         without performing any installation.
 
+        Phase B: delegates trust and permission checks to
+        ``policy.check_install()`` as Single Source of Truth.
+
         Args:
             require_trusted: Require 'trusted' or 'curated' trust level.
             require_verified: Require 'verified', 'trusted', or 'curated'.
@@ -640,7 +744,7 @@ class AgentNodeClient:
         meta = self.get_install_metadata(slug, version)
         pkg = self.get_package(slug)
 
-        # Check deprecation
+        # Check deprecation (install-specific, not policy)
         if pkg.is_deprecated:
             return CanInstallResult(
                 allowed=False,
@@ -651,7 +755,7 @@ class AgentNodeClient:
                 permissions=meta.permissions,
             )
 
-        # Check artifact availability
+        # Check artifact availability (install-specific, not policy)
         if not meta.artifact or not meta.artifact.url:
             return CanInstallResult(
                 allowed=False,
@@ -662,9 +766,7 @@ class AgentNodeClient:
                 permissions=meta.permissions,
             )
 
-        # Check trust — P1-SDK9: canonical default is "unverified",
-        # never "unknown". Everything downstream expects the trust-level
-        # vocabulary from models.py (unverified/verified/trusted/curated).
+        # Fetch trust level — P1-SDK9: canonical default is "unverified"
         trust_level = "unverified"
         try:
             detail = self._request("GET", f"/packages/{slug}")
@@ -672,6 +774,7 @@ class AgentNodeClient:
         except Exception:
             pass
 
+        # Caller-specified trust constraints (require_trusted / require_verified)
         if require_trusted and trust_level not in TRUST_LEVELS_TRUSTED:
             return CanInstallResult(
                 allowed=False,
@@ -692,7 +795,33 @@ class AgentNodeClient:
                 permissions=meta.permissions,
             )
 
-        # Check permissions
+        # Policy check via check_install() — Single Source of Truth
+        from agentnode_sdk.policy import check_install as _policy_check
+        policy_entry = {
+            "trust_level": trust_level,
+            "permissions": _permissions_to_dict(meta.permissions),
+        }
+        decision = _policy_check(slug, policy_entry, interactive=True)
+        if decision.action == "deny":
+            return CanInstallResult(
+                allowed=False,
+                slug=slug,
+                version=meta.version,
+                trust_level=trust_level,
+                reason=decision.reason,
+                permissions=meta.permissions,
+            )
+        if decision.action == "prompt":
+            return CanInstallResult(
+                allowed=False,
+                slug=slug,
+                version=meta.version,
+                trust_level=trust_level,
+                reason=f"Approval required: {decision.reason}",
+                permissions=meta.permissions,
+            )
+
+        # Caller-specified permission deny-list (kept for backward compat)
         if meta.permissions and denied_permissions:
             perm_map = {
                 "network": meta.permissions.network_level,
@@ -786,30 +915,77 @@ class AgentNodeClient:
                 message=f"No packages found for capabilities: {capabilities}",
             )
 
-        # Pick the highest-scored result
-        best = result.results[0]
+        # Check credential availability for auto-install
+        from agentnode_sdk.config import load_config as _load_cfg
+        cfg = _load_cfg()
+        require_creds = cfg.get("credentials", {}).get("require_before_auto_install", True)
+
+        # Filter candidates: skip packages that need credentials we don't have
+        candidates = list(result.results)
+        best = None
+        skipped_for_creds: str | None = None
+
+        for candidate in candidates:
+            # Trust filter
+            if require_trusted and candidate.trust_level not in TRUST_LEVELS_TRUSTED:
+                continue
+            if (
+                not require_trusted
+                and require_verified
+                and candidate.trust_level not in TRUST_LEVELS_VERIFIED
+            ):
+                continue
+
+            # Credential check for auto-install
+            connector_provider = _get_package_connector_provider(candidate.slug, self)
+            if connector_provider and require_creds:
+                if not _check_credential_available(connector_provider):
+                    skipped_for_creds = skipped_for_creds or candidate.slug
+                    import logging as _logging
+                    _logging.getLogger("agentnode.client").info(
+                        "Skipping %s: requires %s credentials (not configured)",
+                        candidate.slug, connector_provider,
+                    )
+                    continue
+            elif connector_provider and not require_creds:
+                import logging as _logging
+                _logging.getLogger("agentnode.client").warning(
+                    "Warning: %s requires %s credentials that are not configured",
+                    candidate.slug, connector_provider,
+                )
 
-        # Trust filter
-        if require_trusted and best.trust_level not in TRUST_LEVELS_TRUSTED:
-            return InstallResult(
-                slug=best.slug,
-                version=best.version,
-                installed=False,
-                already_installed=False,
-                message=f"Best match '{best.slug}' has trust level '{best.trust_level}', but 'trusted' required.",
-            )
+            best = candidate
+            break
 
-        if (
-            not require_trusted
-            and require_verified
-            and best.trust_level not in TRUST_LEVELS_VERIFIED
-        ):
+        if best is None:
+            # All candidates were filtered out
+            if skipped_for_creds:
+                return InstallResult(
+                    slug=skipped_for_creds,
+                    version="",
+                    installed=False,
+                    already_installed=False,
+                    message=(
+                        f"Package {skipped_for_creds} requires credentials that are not configured. "
+                        f"Run `agentnode auth <provider>` first. "
+                        f"No credential-free alternative found for capabilities: {capabilities}"
+                    ),
+                )
+            top = candidates[0] if candidates else None
+            if top:
+                return InstallResult(
+                    slug=top.slug,
+                    version=top.version,
+                    installed=False,
+                    already_installed=False,
+                    message=f"Best match '{top.slug}' has trust level '{top.trust_level}', but policy requirements not met.",
+                )
             return InstallResult(
-                slug=best.slug,
-                version=best.version,
+                slug="",
+                version="",
                 installed=False,
                 already_installed=False,
-                message=f"Best match '{best.slug}' has trust level '{best.trust_level}', but 'verified' required.",
+                message=f"No packages found for capabilities: {capabilities}",
             )
 
         return self.install(best.slug, verbose=verbose)

{agentnode_sdk-0.4.1 → agentnode_sdk-0.5.1}/agentnode_sdk/config.py

@@ -25,6 +25,9 @@ DEFAULTS: dict[str, Any] = {
         "filesystem": "prompt",
         "code_execution": "sandboxed",
     },
+    "credentials": {
+        "require_before_auto_install": True,
+    },
 }
 
 VALID_VALUES: dict[str, tuple[str, ...]] = {
@@ -35,6 +38,7 @@ VALID_VALUES: dict[str, tuple[str, ...]] = {
     "permissions.network": ("allow", "prompt", "deny"),
     "permissions.filesystem": ("allow", "prompt", "deny"),
     "permissions.code_execution": ("sandboxed", "prompt", "deny"),
+    "credentials.require_before_auto_install": ("true", "false"),
 }
 
 
@@ -76,6 +80,10 @@ def _merge_defaults(data: dict) -> dict[str, Any]:
         for k in ("network", "filesystem", "code_execution"):
             if k in data["permissions"]:
                 cfg["permissions"][k] = data["permissions"][k]
+    if isinstance(data.get("credentials"), dict):
+        for k in ("require_before_auto_install",):
+            if k in data["credentials"]:
+                cfg["credentials"][k] = data["credentials"][k]
     return cfg
 
 
@@ -138,7 +146,8 @@ def set_value(cfg: dict[str, Any], key: str, value: str) -> dict[str, Any]:
             f"Allowed: {', '.join(allowed)}"
         )
 
-    actual_value: Any = value.lower() == "true" if key == "trust.allow_unverified" else value.lower()
+    bool_keys = ("trust.allow_unverified", "credentials.require_before_auto_install")
+    actual_value: Any = value.lower() == "true" if key in bool_keys else value.lower()
 
     parts = key.split(".")
     current: Any = cfg