tweek 0.1.0__py3-none-any.whl

tweek/plugins/providers/google.py

@@ -0,0 +1,197 @@
+#!/usr/bin/env python3
+"""
+Tweek Google Gemini Provider Plugin
+
+Handles Google Gemini API format:
+- Endpoint: generativelanguage.googleapis.com
+- Tool calls in functionCall parts
+- GenerateContent API format
+"""
+
+from typing import Optional, List, Dict, Any
+from tweek.plugins.base import LLMProviderPlugin, ToolCall
+
+
+class GoogleProvider(LLMProviderPlugin):
+    """
+    Google Gemini API provider plugin.
+
+    Supports:
+    - GenerateContent API
+    - Function calling
+    - Multi-turn conversations
+    """
+
+    VERSION = "1.0.0"
+    DESCRIPTION = "Google Gemini API provider"
+    AUTHOR = "Tweek"
+    REQUIRES_LICENSE = "free"
+    TAGS = ["provider", "google", "gemini"]
+
+    @property
+    def name(self) -> str:
+        return "google"
+
+    @property
+    def api_hosts(self) -> List[str]:
+        return [
+            "generativelanguage.googleapis.com",
+            "aiplatform.googleapis.com",  # Vertex AI
+        ]
+
+    def extract_tool_calls(self, response: Dict[str, Any]) -> List[ToolCall]:
+        """
+        Extract tool calls from Gemini API response.
+
+        Gemini format:
+        {
+            "candidates": [
+                {
+                    "content": {
+                        "parts": [
+                            {
+                                "functionCall": {
+                                    "name": "tool_name",
+                                    "args": {...}
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+        """
+        tool_calls = []
+
+        candidates = response.get("candidates", [])
+        if not isinstance(candidates, list):
+            return tool_calls
+
+        for idx, candidate in enumerate(candidates):
+            if not isinstance(candidate, dict):
+                continue
+
+            content = candidate.get("content", {})
+            if not isinstance(content, dict):
+                continue
+
+            parts = content.get("parts", [])
+            if not isinstance(parts, list):
+                continue
+
+            for part_idx, part in enumerate(parts):
+                if not isinstance(part, dict):
+                    continue
+
+                function_call = part.get("functionCall")
+                if isinstance(function_call, dict):
+                    tool_calls.append(ToolCall(
+                        id=f"gemini_{idx}_{part_idx}",
+                        name=function_call.get("name", ""),
+                        input=function_call.get("args", {}),
+                        provider=self.name,
+                        raw=function_call,
+                    ))
+
+        return tool_calls
+
+    def extract_content(self, response: Dict[str, Any]) -> str:
+        """
+        Extract text content from Gemini API response.
+        """
+        candidates = response.get("candidates", [])
+        if not isinstance(candidates, list):
+            return ""
+
+        text_parts = []
+        for candidate in candidates:
+            if not isinstance(candidate, dict):
+                continue
+
+            content = candidate.get("content", {})
+            if not isinstance(content, dict):
+                continue
+
+            parts = content.get("parts", [])
+            if not isinstance(parts, list):
+                continue
+
+            for part in parts:
+                if isinstance(part, dict) and "text" in part:
+                    text_parts.append(part["text"])
+
+        return "\n".join(text_parts)
+
+    def extract_messages(self, request: Dict[str, Any]) -> List[Dict[str, Any]]:
+        """
+        Extract messages from Gemini API request.
+
+        Gemini uses 'contents' instead of 'messages'.
+        """
+        contents = request.get("contents", [])
+        if not isinstance(contents, list):
+            return []
+
+        # Convert Gemini format to standard format
+        messages = []
+        for content in contents:
+            if not isinstance(content, dict):
+                continue
+
+            role = content.get("role", "user")
+            parts = content.get("parts", [])
+
+            text_parts = []
+            for part in parts:
+                if isinstance(part, dict) and "text" in part:
+                    text_parts.append(part["text"])
+                elif isinstance(part, str):
+                    text_parts.append(part)
+
+            if text_parts:
+                messages.append({
+                    "role": role,
+                    "content": "\n".join(text_parts)
+                })
+
+        return messages
+
+    def get_system_prompt(self, request: Dict[str, Any]) -> Optional[str]:
+        """Extract system instruction from request."""
+        # Gemini uses systemInstruction
+        system = request.get("systemInstruction")
+        if isinstance(system, dict):
+            parts = system.get("parts", [])
+            text_parts = []
+            for part in parts:
+                if isinstance(part, dict) and "text" in part:
+                    text_parts.append(part["text"])
+            return "\n".join(text_parts) if text_parts else None
+        elif isinstance(system, str):
+            return system
+        return None
+
+    def is_streaming_response(self, response: Dict[str, Any]) -> bool:
+        """Check if response is a streaming chunk."""
+        # Gemini streaming sends candidates with partial content
+        # and includes a 'usageMetadata' only in final chunk
+        return "candidates" in response and "usageMetadata" not in response
+
+    def extract_function_declarations(
+        self,
+        request: Dict[str, Any]
+    ) -> List[Dict[str, Any]]:
+        """
+        Extract function declarations from request.
+
+        Returns the tool definitions from the request.
+        """
+        tools = request.get("tools", [])
+        declarations = []
+
+        for tool in tools:
+            if isinstance(tool, dict):
+                func_decls = tool.get("functionDeclarations", [])
+                declarations.extend(func_decls)
+
+        return declarations

tweek/plugins/providers/openai.py

@@ -0,0 +1,230 @@
+#!/usr/bin/env python3
+"""
+Tweek OpenAI Provider Plugin
+
+Handles OpenAI GPT API format:
+- Endpoint: api.openai.com
+- Tool calls in message.tool_calls array
+- Chat completions API format
+"""
+
+import json
+from typing import Optional, List, Dict, Any
+from tweek.plugins.base import LLMProviderPlugin, ToolCall
+
+
+class OpenAIProvider(LLMProviderPlugin):
+    """
+    OpenAI GPT API provider plugin.
+
+    Supports:
+    - Chat Completions API
+    - Function calling (legacy)
+    - Tool use (current)
+    - Streaming responses
+    """
+
+    VERSION = "1.0.0"
+    DESCRIPTION = "OpenAI GPT API provider"
+    AUTHOR = "Tweek"
+    REQUIRES_LICENSE = "free"
+    TAGS = ["provider", "openai", "gpt"]
+
+    @property
+    def name(self) -> str:
+        return "openai"
+
+    @property
+    def api_hosts(self) -> List[str]:
+        return [
+            "api.openai.com",
+        ]
+
+    def extract_tool_calls(self, response: Dict[str, Any]) -> List[ToolCall]:
+        """
+        Extract tool calls from OpenAI API response.
+
+        OpenAI format:
+        {
+            "choices": [
+                {
+                    "message": {
+                        "tool_calls": [
+                            {
+                                "id": "call_xxx",
+                                "type": "function",
+                                "function": {
+                                    "name": "tool_name",
+                                    "arguments": "{...}"  # JSON string
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+        """
+        tool_calls = []
+
+        choices = response.get("choices", [])
+        if not isinstance(choices, list):
+            return tool_calls
+
+        for choice in choices:
+            if not isinstance(choice, dict):
+                continue
+
+            message = choice.get("message", {})
+            if not isinstance(message, dict):
+                continue
+
+            # Handle tool_calls (current format)
+            for tc in message.get("tool_calls", []):
+                if not isinstance(tc, dict):
+                    continue
+
+                func = tc.get("function", {})
+                if not isinstance(func, dict):
+                    continue
+
+                # Parse arguments JSON
+                args_str = func.get("arguments", "{}")
+                try:
+                    args = json.loads(args_str) if isinstance(args_str, str) else args_str
+                except json.JSONDecodeError:
+                    args = {"_raw": args_str}
+
+                tool_calls.append(ToolCall(
+                    id=tc.get("id", ""),
+                    name=func.get("name", ""),
+                    input=args if isinstance(args, dict) else {"_value": args},
+                    provider=self.name,
+                    raw=tc,
+                ))
+
+            # Handle function_call (legacy format)
+            function_call = message.get("function_call")
+            if isinstance(function_call, dict):
+                args_str = function_call.get("arguments", "{}")
+                try:
+                    args = json.loads(args_str) if isinstance(args_str, str) else args_str
+                except json.JSONDecodeError:
+                    args = {"_raw": args_str}
+
+                tool_calls.append(ToolCall(
+                    id="function_call",
+                    name=function_call.get("name", ""),
+                    input=args if isinstance(args, dict) else {"_value": args},
+                    provider=self.name,
+                    raw=function_call,
+                ))
+
+        return tool_calls
+
+    def extract_content(self, response: Dict[str, Any]) -> str:
+        """
+        Extract text content from OpenAI API response.
+        """
+        choices = response.get("choices", [])
+        if not isinstance(choices, list) or not choices:
+            return ""
+
+        content_parts = []
+        for choice in choices:
+            if not isinstance(choice, dict):
+                continue
+
+            message = choice.get("message", {})
+            if isinstance(message, dict):
+                content = message.get("content")
+                if isinstance(content, str):
+                    content_parts.append(content)
+
+        return "\n".join(content_parts)
+
+    def extract_messages(self, request: Dict[str, Any]) -> List[Dict[str, Any]]:
+        """
+        Extract messages from OpenAI API request.
+        """
+        return request.get("messages", [])
+
+    def get_system_prompt(self, request: Dict[str, Any]) -> Optional[str]:
+        """Extract system prompt from request."""
+        messages = request.get("messages", [])
+        for msg in messages:
+            if isinstance(msg, dict) and msg.get("role") == "system":
+                content = msg.get("content")
+                if isinstance(content, str):
+                    return content
+                elif isinstance(content, list):
+                    # Handle content array format
+                    parts = []
+                    for part in content:
+                        if isinstance(part, dict) and part.get("type") == "text":
+                            parts.append(part.get("text", ""))
+                    return "\n".join(parts)
+        return None
+
+    def is_streaming_response(self, response: Dict[str, Any]) -> bool:
+        """Check if response is a streaming chunk."""
+        # Streaming responses have 'object': 'chat.completion.chunk'
+        return response.get("object") == "chat.completion.chunk"
+
+    def extract_streaming_tool_calls(
+        self,
+        chunks: List[Dict[str, Any]]
+    ) -> List[ToolCall]:
+        """
+        Extract tool calls from streaming chunks.
+
+        Reassembles tool calls from delta chunks.
+        """
+        tool_calls: Dict[int, Dict[str, Any]] = {}
+
+        for chunk in chunks:
+            choices = chunk.get("choices", [])
+            for choice in choices:
+                if not isinstance(choice, dict):
+                    continue
+
+                delta = choice.get("delta", {})
+                if not isinstance(delta, dict):
+                    continue
+
+                for tc in delta.get("tool_calls", []):
+                    if not isinstance(tc, dict):
+                        continue
+
+                    index = tc.get("index", 0)
+
+                    if index not in tool_calls:
+                        tool_calls[index] = {
+                            "id": tc.get("id", ""),
+                            "name": "",
+                            "arguments": "",
+                        }
+
+                    func = tc.get("function", {})
+                    if isinstance(func, dict):
+                        if func.get("name"):
+                            tool_calls[index]["name"] = func["name"]
+                        if func.get("arguments"):
+                            tool_calls[index]["arguments"] += func["arguments"]
+
+        # Convert to ToolCall objects
+        result = []
+        for index in sorted(tool_calls.keys()):
+            tc_data = tool_calls[index]
+            try:
+                args = json.loads(tc_data["arguments"]) if tc_data["arguments"] else {}
+            except json.JSONDecodeError:
+                args = {"_raw": tc_data["arguments"]}
+
+            result.append(ToolCall(
+                id=tc_data["id"],
+                name=tc_data["name"],
+                input=args,
+                provider=self.name,
+            ))
+
+        return result

tweek/plugins/scope.py

@@ -0,0 +1,130 @@
+#!/usr/bin/env python3
+"""
+Plugin Scoping System
+
+Allows plugins to be scoped to specific tools, skills, projects, tiers,
+and scan directions. Plugins without a scope run globally (default behavior).
+
+Example scope config:
+    scope:
+      tools: [Bash, WebFetch, Write]
+      skills: [email-search, patient-records]
+      projects: ["/Users/me/healthcare-app"]
+      tiers: [risky, dangerous]
+      directions: [input, output]
+"""
+
+from dataclasses import dataclass, field
+from typing import Optional, List, Dict, Any
+import logging
+
+from tweek.screening.context import ScreeningContext
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class PluginScope:
+    """
+    Defines when a plugin should be active.
+
+    Each field is a filter. None means "match everything" (no restriction).
+    When a field is set, the context must match at least one value in the list.
+
+    All non-None fields must match for the scope to match (AND logic).
+    Within a field, any value can match (OR logic).
+    """
+    tools: Optional[List[str]] = None
+    skills: Optional[List[str]] = None
+    projects: Optional[List[str]] = None
+    tiers: Optional[List[str]] = None
+    directions: Optional[List[str]] = None
+
+    def matches(self, context: ScreeningContext) -> bool:
+        """
+        Check if this plugin should run given the context.
+
+        Returns True if all specified scope filters match the context.
+        Unset filters (None) always match.
+
+        Args:
+            context: The current screening context
+
+        Returns:
+            True if the plugin should be active for this context
+        """
+        # Tools: If specified, tool_name must be in the list
+        if self.tools is not None:
+            if context.tool_name not in self.tools:
+                return False
+
+        # Skills: If specified, context must have a matching skill_name
+        # If skill_name is None in context, we don't filter by skill
+        # (avoids blocking when skill info isn't available)
+        if self.skills is not None:
+            if context.skill_name is not None and context.skill_name not in self.skills:
+                return False
+
+        # Projects: If specified, working_dir must be under one of the project paths
+        if self.projects is not None:
+            if not any(
+                context.working_dir.startswith(p)
+                for p in self.projects
+            ):
+                return False
+
+        # Tiers: If specified, effective tier must match
+        if self.tiers is not None:
+            if context.tier not in self.tiers:
+                return False
+
+        return True
+
+    def to_dict(self) -> Dict[str, Any]:
+        """Convert to dictionary for serialization."""
+        result = {}
+        if self.tools is not None:
+            result["tools"] = self.tools
+        if self.skills is not None:
+            result["skills"] = self.skills
+        if self.projects is not None:
+            result["projects"] = self.projects
+        if self.tiers is not None:
+            result["tiers"] = self.tiers
+        if self.directions is not None:
+            result["directions"] = self.directions
+        return result
+
+    @classmethod
+    def from_dict(cls, data: Dict[str, Any]) -> "PluginScope":
+        """Create a PluginScope from a dictionary (e.g., from config YAML)."""
+        return cls(
+            tools=data.get("tools"),
+            skills=data.get("skills"),
+            projects=data.get("projects"),
+            tiers=data.get("tiers"),
+            directions=data.get("directions"),
+        )
+
+    @property
+    def is_global(self) -> bool:
+        """Returns True if this scope has no restrictions (matches everything)."""
+        return all(
+            v is None
+            for v in [self.tools, self.skills, self.projects, self.tiers, self.directions]
+        )
+
+    def describe(self) -> str:
+        """Human-readable description of the scope."""
+        parts = []
+        if self.tools is not None:
+            parts.append(f"Tools: {', '.join(self.tools)}")
+        if self.skills is not None:
+            parts.append(f"Skills: {', '.join(self.skills)}")
+        if self.projects is not None:
+            parts.append(f"Projects: {', '.join(self.projects)}")
+        if self.tiers is not None:
+            parts.append(f"Tiers: {', '.join(self.tiers)}")
+        if self.directions is not None:
+            parts.append(f"Directions: {', '.join(self.directions)}")
+        return " | ".join(parts) if parts else "Global (no restrictions)"

tweek/plugins/screening/__init__.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+"""
+Tweek Screening Plugins
+
+Screening plugins provide security analysis methods:
+- RateLimiter: Detect burst patterns and abuse
+- PatternMatcher: Regex-based pattern matching
+- LLMReviewer: Semantic analysis using LLM
+- SessionAnalyzer: Cross-turn anomaly detection
+
+License tiers:
+- FREE: PatternMatcher (basic patterns)
+- PRO: RateLimiter, LLMReviewer, SessionAnalyzer
+"""
+
+from tweek.plugins.screening.rate_limiter import RateLimiterPlugin
+from tweek.plugins.screening.pattern_matcher import PatternMatcherPlugin
+from tweek.plugins.screening.llm_reviewer import LLMReviewerPlugin
+from tweek.plugins.screening.session_analyzer import SessionAnalyzerPlugin
+
+__all__ = [
+    "RateLimiterPlugin",
+    "PatternMatcherPlugin",
+    "LLMReviewerPlugin",
+    "SessionAnalyzerPlugin",
+]