localtools

package
v0.28.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2026 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Overview

Package localtools provides tools that fire around chain execution: approval gates and host-side helpers.

Index

Constants

View Source 
const DenyMessage = "User denied the operation. Please ask for clarification or try a different, less destructive approach."
View Source 
const LocalFSToolsName = "local_fs"
View Source 
const WebToolsName = "webtools"

WebToolsName is the namespace under which all web_* verb tools are exposed and the key used to look up tools_policies entries.

Variables

View Source 
var (

	// ErrMCPSessionUnavailable indicates the pool could not establish an MCP session.
	ErrMCPSessionUnavailable = errors.New("mcp session unavailable")
	// ErrMCPToolCallFailed indicates the transport-level MCP tool call failed.
	ErrMCPToolCallFailed = errors.New("mcp tool call failed")
	// ErrMCPListToolsFailed indicates the transport-level MCP list-tools call failed.
	ErrMCPListToolsFailed = errors.New("mcp list-tools failed")
	// ErrMCPOAuthNotAuthenticated indicates the server needs `contenox mcp auth`.
	ErrMCPOAuthNotAuthenticated = errors.New("mcp oauth not authenticated")
	// ErrOAuthNotAuthenticated is kept as a backwards-compatible alias.
	ErrOAuthNotAuthenticated = ErrMCPOAuthNotAuthenticated
)
View Source 
var ErrOutputBudgetExceeded = errors.New("local_shell: command output exceeded the remaining context budget")

Functions

func IsApprovalPending 

func IsApprovalPending() bool

IsApprovalPending reports whether at least one HITL approval is awaiting a human response. UI layers can poll this to suppress activity indicators.

func NewEchoTools 

func NewEchoTools() taskengine.ToolsRepo

NewEchoTools creates a new instance of EchoTools.

func NewLocalExecTools 

func NewLocalExecTools(opts ...LocalExecOption) taskengine.ToolsRepo

NewLocalExecTools creates a new LocalExecTools with the given options.

func NewLocalExecToolsWith 

func NewLocalExecToolsWith(runner CommandRunner, opts ...LocalExecOption) taskengine.ToolsRepo

func NewLocalFSTools 

func NewLocalFSTools(allowedDir string, db libdb.DBManager) taskengine.ToolsRepo

NewLocalFSTools creates a new instance of LocalFSTools. db may be nil; when nil, the read-before-write guard degrades to a no-op (used by tests and callers without a DB).

func NewLocalFSToolsWith 

func NewLocalFSToolsWith(allowedDir string, db libdb.DBManager, io FileIO, name string, cwdResolver func(context.Context) string) taskengine.ToolsRepo

func NewPrint 

func NewPrint(tracker libtracker.ActivityTracker) taskengine.ToolsRepo

NewPrint creates a new Print instance

func NewSSHTools 

func NewSSHTools(options ...SSHOption) (taskengine.ToolsRepo, error)

NewSSHTools creates a new SSH tools with secure defaults

func NewWebCaller 

func NewWebCaller(tracker libtracker.ActivityTracker, options ...WebtoolsOption) taskengine.ToolsRepo

NewWebCaller creates a new WebCaller. Pass nil for tracker to disable tracing; the constructor swaps it for a NoopTracker so the call sites stay uniform.

func RunOAuthFlow 

func RunOAuthFlow(ctx context.Context, o2cfg *oauth2.Config, oauthCfg *MCPOAuthConfig, meta *mcpoauth.ServerMetadata) (*oauth2.Token, error)

RunOAuthFlow performs the full PKCE authorization code flow interactively: opens a browser at the authorization URL, waits for the callback, and exchanges the code for a token set. It is also used by the `mcp auth` CLI command when re-authenticating.

Types

type AskApproval 

type AskApproval func(ctx context.Context, req hitlservice.ApprovalRequest) (bool, error)

AskApproval is the callback the HITLWrapper calls to request human review. Implementations must block until the human decides, then return (true, nil) to approve or (false, nil) to deny. Returning an error propagates it to the chain.

type CommandRunner 

type CommandRunner interface {
	Run(ctx context.Context, spec CommandSpec, stdout, stderr io.Writer) (exitCode int, err error)
}

func NewOSCommandRunner 

func NewOSCommandRunner() CommandRunner

func NewOSCommandRunnerWithShell added in v0.28.4 

func NewOSCommandRunnerWithShell(shell PlatformShell) CommandRunner

type CommandSpec 

type CommandSpec struct {
	Command  string
	Args     []string
	Cwd      string
	Timeout  time.Duration
	UseShell bool
	Shell    PlatformShell
	Stdin    string
}

type EchoTools 

type EchoTools struct{}

EchoTools is a simple tools that echoes back the input arguments.

func (*EchoTools) Exec 

func (e *EchoTools) Exec(ctx context.Context, startTime time.Time, input any, debug bool, toolsCall *taskengine.ToolsCall) (any, taskengine.DataType, error)

Exec handles execution by echoing the input arguments.

func (*EchoTools) GetSchemasForSupportedTools 

func (e *EchoTools) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

GetSchemasForSupportedTools returns OpenAPI schemas for supported tools.

func (*EchoTools) GetToolsForToolsByName 

func (e *EchoTools) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

GetToolsForToolsByName returns tools exposed by this tools.

func (*EchoTools) Supports 

func (e *EchoTools) Supports(ctx context.Context) ([]string, error)

Supports returns the tools types supported by this tools.

type FileIO 

type FileIO interface {
	ReadFile(ctx context.Context, path string) ([]byte, error)
	WriteFile(ctx context.Context, path string, data []byte) error
}

func NewOSFileIO 

func NewOSFileIO() FileIO

type FsWriteResult 

type FsWriteResult struct {
	Path    string `json:"path"`
	OldText string `json:"old_text"`
	NewText string `json:"new_text"`
	Written bool   `json:"written"`
}

type HITLWrapper 

type HITLWrapper struct {
	// contains filtered or unexported fields
}

HITLWrapper is a decorator around any ToolsRepo that intercepts configured tool calls and requests human approval before delegating to the inner tools.

Tool calls whose policy action is ActionAllow pass through instantly. ActionDeny returns a soft denial string so the LLM can propose an alternative. ActionApprove calls Ask and blocks until the human decides.

func NewHITLWrapper 

func NewHITLWrapper(inner taskengine.ToolsRepo, ask AskApproval, policy hitlservice.PolicyEvaluator, tracker libtracker.ActivityTracker) *HITLWrapper

func (*HITLWrapper) Exec 

func (h *HITLWrapper) Exec(
	ctx context.Context,
	startTime time.Time,
	input any,
	debug bool,
	tools *taskengine.ToolsCall,
) (any, taskengine.DataType, error)

Exec implements taskengine.ToolsRepo.

func (*HITLWrapper) GetSchemasForSupportedTools 

func (h *HITLWrapper) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

GetSchemasForSupportedTools delegates to the inner repo.

func (*HITLWrapper) GetToolsForToolsByName 

func (h *HITLWrapper) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

GetToolsForToolsByName delegates to the inner repo.

func (*HITLWrapper) Supports 

func (h *HITLWrapper) Supports(ctx context.Context) ([]string, error)

Supports delegates to the inner repo.

type HostKeyVerifier 

type HostKeyVerifier struct {
	// contains filtered or unexported fields
}

HostKeyVerifier handles host key verification

func NewHostKeyVerifier 

func NewHostKeyVerifier(knownHostsFile string, strict bool) (*HostKeyVerifier, error)

NewHostKeyVerifier creates a new host key verifier

func (*HostKeyVerifier) AddKnownHost 

func (v *HostKeyVerifier) AddKnownHost(host, key string)

AddKnownHost adds a custom known host key

func (*HostKeyVerifier) VerifyHostKey 

func (v *HostKeyVerifier) VerifyHostKey(hostname string, remote net.Addr, key ssh.PublicKey) error

VerifyHostKey implements ssh.HostKeyCallback

type LocalExecOption 

type LocalExecOption func(*LocalExecTools)

LocalExecOption configures LocalExecTools.

func WithLocalExecAllowedCommands 

func WithLocalExecAllowedCommands(commands []string) LocalExecOption

WithLocalExecAllowedCommands restricts execution to these executable names/paths.

func WithLocalExecAllowedDir 

func WithLocalExecAllowedDir(dir string) LocalExecOption

WithLocalExecAllowedDir restricts execution to scripts/binaries under this directory.

func WithLocalExecDeniedCommands 

func WithLocalExecDeniedCommands(commands []string) LocalExecOption

WithLocalExecDeniedCommands forbids these executable basenames or paths (checked before allowlist).

func WithLocalExecShell added in v0.28.4 

func WithLocalExecShell(shell PlatformShell) LocalExecOption

WithLocalExecShell sets the detected platform shell used for shell:true calls and for tool schema descriptions.

func WithLocalExecTimeout 

func WithLocalExecTimeout(d time.Duration) LocalExecOption

WithLocalExecTimeout sets the default execution timeout.

type LocalExecResult 

type LocalExecResult struct {
	ExitCode        int     `json:"exit_code"`
	Stdout          string  `json:"stdout"`
	Stderr          string  `json:"stderr"`
	Success         bool    `json:"success"`
	Error           string  `json:"error,omitempty"`
	DurationSeconds float64 `json:"duration_seconds"`
	Command         string  `json:"command,omitempty"`
	Shell           string  `json:"shell,omitempty"`
	OS              string  `json:"os,omitempty"`
}

LocalExecResult is the structured result returned by the local_shell tools.

type LocalExecTools 

type LocalExecTools struct {
	// contains filtered or unexported fields
}

LocalExecTools runs commands on the local host (same machine as the process). It is opt-in and can be restricted by an allowlist and optional denylist. Enable via -enable-local-exec.

func (*LocalExecTools) Exec 

func (h *LocalExecTools) Exec(ctx context.Context, startTime time.Time, input any, debug bool, tools *taskengine.ToolsCall) (any, taskengine.DataType, error)

Exec implements taskengine.ToolsRepo. Input is passed as stdin to the command when it is a string or when map contains "stdin". When invoked from execute_tool_calls, tools.Args may be nil and the command comes from input (e.g. {"command":"ls"}). Args (when set): command (required), args (optional space-separated), cwd, timeout, shell (default false).

func (*LocalExecTools) GetSchemasForSupportedTools 

func (h *LocalExecTools) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

GetSchemasForSupportedTools implements taskengine.ToolsWithSchema.

func (*LocalExecTools) GetToolsForToolsByName 

func (h *LocalExecTools) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

GetToolsForToolsByName implements taskengine.ToolsWithSchema. Chain-level policy (allowed/denied commands, allowed dir) is read from ctx via ToolsArgsFromContext when present, falling back to the struct defaults.

func (*LocalExecTools) Supports 

func (h *LocalExecTools) Supports(ctx context.Context) ([]string, error)

Supports implements taskengine.ToolsRegistry.

type LocalFSTools 

type LocalFSTools struct {
	// contains filtered or unexported fields
}

LocalFSTools provides direct filesystem access tools.

The tool tracks its own per-session read history in the local_fs_reads table so that write_file / sed against an existing file can be blocked unless that file has been read first this session. State ownership lives entirely with this tool — the engine never sees the rule.

func (*LocalFSTools) Exec 

func (h *LocalFSTools) Exec(ctx context.Context, startTime time.Time, input any, debug bool, toolsCall *taskengine.ToolsCall) (any, taskengine.DataType, error)

Exec handles filesystem tool execution.

func (*LocalFSTools) GetSchemasForSupportedTools 

func (h *LocalFSTools) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

func (*LocalFSTools) GetToolsForToolsByName 

func (h *LocalFSTools) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

func (*LocalFSTools) Supports 

func (h *LocalFSTools) Supports(ctx context.Context) ([]string, error)

type MCPAuthConfig 

type MCPAuthConfig struct {
	// Type is "bearer" or "" (none).
	Type MCPAuthType

	// Token is a literal bearer token. Prefer APIKeyFromEnv for security.
	Token string

	// APIKeyFromEnv is the name of an environment variable holding the bearer token.
	APIKeyFromEnv string
}

MCPAuthConfig holds auth parameters for connecting to an MCP server.

func (*MCPAuthConfig) ResolveToken 

func (a *MCPAuthConfig) ResolveToken() string

ResolveToken returns the bearer token from literal value or env var.

type MCPAuthType 

type MCPAuthType string

MCPAuthType identifies the auth mechanism for remote MCP servers. 

const (
	MCPAuthNone   MCPAuthType = ""
	MCPAuthBearer MCPAuthType = "bearer"
	MCPAuthOAuth  MCPAuthType = "oauth"
)

type MCPOAuthConfig 

type MCPOAuthConfig struct {
	// ClientName is registered with the authorization server (RFC 7591).
	// Defaults to "contenox".
	ClientName string

	// ClientID is a pre-registered client ID. When empty, dynamic registration
	// (RFC 7591) is attempted using the server's registration endpoint.
	ClientID string

	// ClientSecret is the pre-registered client secret, used for confidential-client
	// flows (token_endpoint_auth_methods_supported includes client_secret_post).
	// Resolved by the caller from an env var; never persisted in clear text outside
	// the caller's environment.
	ClientSecret string

	// Scopes to request during authorization.
	Scopes []string

	// CallbackPort is the localhost port for the redirect URI (default: 49152).
	CallbackPort int

	// TokenStore persists and retrieves OAuth tokens.
	TokenStore mcpoauth.TokenStore

	// OpenBrowser is called with the authorization URL. Defaults to launching
	// the system browser via xdg-open / open.
	OpenBrowser func(url string) error
}

MCPOAuthConfig holds parameters for the OAuth 2.1 PKCE authorization code flow.

func (*MCPOAuthConfig) ResolveCallbackPort 

func (c *MCPOAuthConfig) ResolveCallbackPort() int

ResolveCallbackPort returns CallbackPort or the default.

func (*MCPOAuthConfig) ResolveClientName 

func (c *MCPOAuthConfig) ResolveClientName() string

ResolveClientName returns ClientName or the default.

type MCPServerConfig 

type MCPServerConfig struct {
	// Name is the tools name used in chain JSON, e.g. "filesystem".
	Name string

	// Transport: "stdio" (default), "sse", or "http".
	Transport MCPTransport

	// Stdio transport: Command + Args to spawn.
	Command string
	Args    []string

	// Remote transport: URL of the SSE MCP endpoint.
	URL string

	// Auth for remote transports (optional).
	Auth *MCPAuthConfig

	// OAuth holds parameters for the OAuth 2.1 PKCE flow.
	// Only used when Auth.Type == MCPAuthOAuth.
	OAuth *MCPOAuthConfig

	// ConnectTimeout for the initial handshake (default 30s).
	ConnectTimeout time.Duration

	// MCPSessionID is the persisted session ID to resume (for HTTP/SSE transports).
	MCPSessionID string

	// OnSessionID is a callback fired when the server issues a new session ID.
	OnSessionID func(string)

	// Tracker is the activity tracker for observing MCP pool operations.
	Tracker libtracker.ActivityTracker
}

MCPServerConfig describes a single MCP server connection.

type MCPSessionPool 

type MCPSessionPool struct {
	// contains filtered or unexported fields
}

MCPSessionPool manages a single MCP client session with reconnect support. Mirrors the SSHClientCache pattern: mutex-protected, reconnects on failure.

func NewMCPSessionPool 

func NewMCPSessionPool(cfg MCPServerConfig) *MCPSessionPool

NewMCPSessionPool creates (but does not connect) a session pool for the given config.

func (*MCPSessionPool) CallTool 

func (p *MCPSessionPool) CallTool(ctx context.Context, toolName string, args map[string]any) (any, error)

CallTool calls a tool on the persistent session, reconnecting once if the session appears to have been lost. The pool must be connected first.

func (*MCPSessionPool) Close 

func (p *MCPSessionPool) Close() error

Close terminates the session cleanly.

func (*MCPSessionPool) Connect 

func (p *MCPSessionPool) Connect(ctx context.Context) error

Connect establishes the MCP session. Safe to call multiple times (idempotent).

func (*MCPSessionPool) ListTools 

func (p *MCPSessionPool) ListTools(ctx context.Context) ([]*mcp.Tool, error)

ListTools returns all tools advertised by the MCP server, reconnecting once if the session has been lost.

func (*MCPSessionPool) Reconnect 

func (p *MCPSessionPool) Reconnect(ctx context.Context) error

Reconnect tears down the current session and re-connects. Called automatically by MCPToolsRepo.Exec on transport errors.

func (*MCPSessionPool) Session 

func (p *MCPSessionPool) Session(ctx context.Context) (*mcp.ClientSession, error)

Session returns the active session, connecting lazily if not yet established.

type MCPTransport 

type MCPTransport string

MCPTransport identifies how to connect to an MCP server. 

const (
	MCPTransportStdio MCPTransport = "stdio"
	MCPTransportSSE   MCPTransport = "sse"
	MCPTransportHTTP  MCPTransport = "http"
)

type MockToolsRepo 

type MockToolsRepo struct {
	Calls           []ToolsCallRecord
	ResponseMap     map[string]ToolsResponse
	DefaultResponse ToolsResponse
	ErrorSequence   []error
	// contains filtered or unexported fields
}

MockToolsRepo is a mock implementation of the ToolsProvider interface.

func NewMockToolsRegistry 

func NewMockToolsRegistry() *MockToolsRepo

NewMockToolsRegistry returns a new instance of MockToolsProvider.

func (*MockToolsRepo) CallCount 

func (m *MockToolsRepo) CallCount() int

CallCount returns number of times Exec was called

func (*MockToolsRepo) Exec 

func (m *MockToolsRepo) Exec(
	ctx context.Context,
	startingTime time.Time,
	input any,
	inputType taskengine.DataType,
	transition string,
	args *taskengine.ToolsCall,
) (int, any, taskengine.DataType, string, error)

Exec simulates execution of a tools call.

func (*MockToolsRepo) LastCall 

func (m *MockToolsRepo) LastCall() *ToolsCallRecord

LastCall returns the most recent tools call

func (*MockToolsRepo) Reset 

func (m *MockToolsRepo) Reset()

Reset clears all recorded calls and resets counters

func (*MockToolsRepo) Supports 

func (m *MockToolsRepo) Supports(ctx context.Context) ([]string, error)

func (*MockToolsRepo) WithErrorSequence 

func (m *MockToolsRepo) WithErrorSequence(errors ...error) *MockToolsRepo

WithErrorSequence sets a sequence of errors to return

func (*MockToolsRepo) WithResponse 

func (m *MockToolsRepo) WithResponse(toolsType string, response ToolsResponse) *MockToolsRepo

WithResponse configures a response for a specific tools type

type PlatformShell added in v0.28.4 

type PlatformShell struct {
	OS          string
	Kind        ShellKind
	Command     string
	ArgsPrefix  []string
	DisplayName string
	SyntaxHint  string
}

func DetectPlatformShell added in v0.28.4 

func DetectPlatformShell() PlatformShell

func DetectPlatformShellFor added in v0.28.4 

func DetectPlatformShellFor(goos string, getenv func(string) string, lookPath func(string) (string, error)) PlatformShell

func NewCmdShell added in v0.28.4 

func NewCmdShell(command string) PlatformShell

func NewPowerShellShell added in v0.28.4 

func NewPowerShellShell(command string) PlatformShell

func NewShShell added in v0.28.4 

func NewShShell(command string) PlatformShell

func (PlatformShell) IsSet added in v0.28.4 

func (s PlatformShell) IsSet() bool

func (PlatformShell) ShellModeDescription added in v0.28.4 

func (s PlatformShell) ShellModeDescription() string

func (PlatformShell) Summary added in v0.28.4 

func (s PlatformShell) Summary() string

func (PlatformShell) WithDefaults added in v0.28.4 

func (s PlatformShell) WithDefaults() PlatformShell

func (PlatformShell) WrapCommand added in v0.28.4 

func (s PlatformShell) WrapCommand(command string, args []string) (program string, wrappedArgs []string, script string)

type Print 

type Print struct {
	// contains filtered or unexported fields
}

Print implements a simple tools that returns predefined messages

func (*Print) Exec 

func (h *Print) Exec(ctx context.Context, startTime time.Time, input any, debug bool, toolsCall *taskengine.ToolsCall) (any, taskengine.DataType, error)

func (*Print) GetSchemasForSupportedTools 

func (h *Print) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

GetSchemasForSupportedTools returns OpenAPI schemas for supported tools.

func (*Print) GetToolsForToolsByName 

func (h *Print) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

GetToolsForToolsByName returns tools exposed by this tools.

func (*Print) Supports 

func (h *Print) Supports(ctx context.Context) ([]string, error)

type SSHClientCache 

type SSHClientCache struct {
	// contains filtered or unexported fields
}

SSHClientCache manages SSH connection pooling with thread safety

func NewSSHClientCache 

func NewSSHClientCache() *SSHClientCache

NewSSHClientCache creates a new SSH client cache

func (*SSHClientCache) Clear 

func (c *SSHClientCache) Clear()

Clear closes all connections and clears the cache

func (*SSHClientCache) Get 

func (c *SSHClientCache) Get(key string) (*ssh.Client, bool)

Get retrieves a cached SSH client

func (*SSHClientCache) IsAlive 

func (c *SSHClientCache) IsAlive(key string) bool

IsAlive checks if a cached client is still connected. The read lock is released before the network call so that concurrent Put/Remove calls do not deadlock while SendRequest blocks.

func (*SSHClientCache) Put 

func (c *SSHClientCache) Put(key string, client *ssh.Client, config *ssh.ClientConfig)

Put stores an SSH client in the cache

func (*SSHClientCache) Remove 

func (c *SSHClientCache) Remove(key string)

Remove removes a client from the cache and closes it

type SSHConfig 

type SSHConfig struct {
	Host           string
	Port           int
	User           string
	Password       string
	PrivateKey     string
	PrivateKeyFile string
	Timeout        time.Duration
	HostKey        string // Expected host key for verification
	StrictHostKey  bool   // Whether to require host key verification
}

SSHConfig holds SSH connection parameters

type SSHOption 

type SSHOption func(*SSHTools) error

SSHOption configures the SSHTools

func WithClientCache 

func WithClientCache() SSHOption

WithClientCache enables connection pooling

func WithCustomHostKeyCallback 

func WithCustomHostKeyCallback(callback ssh.HostKeyCallback) SSHOption

WithCustomHostKeyCallback sets a custom host key verification callback

func WithDefaultPort 

func WithDefaultPort(port int) SSHOption

WithDefaultPort sets the default SSH port

func WithDefaultTimeout 

func WithDefaultTimeout(timeout time.Duration) SSHOption

WithDefaultTimeout sets the default connection/command timeout

func WithKnownHostsFile 

func WithKnownHostsFile(path string) SSHOption

WithKnownHostsFile sets the known_hosts file path

func WithStrictHostKey 

func WithStrictHostKey() SSHOption

WithStrictHostKey enables strict host key verification

type SSHResult 

type SSHResult struct {
	ExitCode int     `json:"exit_code"`
	Stdout   string  `json:"stdout"`
	Stderr   string  `json:"stderr"`
	Duration float64 `json:"duration_seconds"`
	Command  string  `json:"command"`
	Host     string  `json:"host"`
	Success  bool    `json:"success"`
	Error    string  `json:"error,omitempty"`
	HostKey  string  `json:"host_key,omitempty"` // Fingerprint of connected host
}

SSHResult holds command execution results

type SSHTools 

type SSHTools struct {
	// contains filtered or unexported fields
}

SSHTools implements SSH remote command execution with proper security

func (*SSHTools) Close 

func (h *SSHTools) Close() error

Close cleans up any resources

func (*SSHTools) Exec 

func (h *SSHTools) Exec(ctx context.Context, startTime time.Time, input any, debug bool, tools *taskengine.ToolsCall) (any, taskengine.DataType, error)

Exec implements the ToolsRepo interface

func (*SSHTools) GetSchemasForSupportedTools 

func (h *SSHTools) GetSchemasForSupportedTools(ctx context.Context) (map[string]*openapi3.T, error)

GetSchemasForSupportedTools returns OpenAPI schemas for supported tools GetSchemasForSupportedTools returns OpenAPI schemas for supported tools

func (*SSHTools) GetToolsForToolsByName 

func (h *SSHTools) GetToolsForToolsByName(ctx context.Context, name string) ([]taskengine.Tool, error)

GetToolsForToolsByName returns tools exposed by this tools

func (*SSHTools) Supports 

func (h *SSHTools) Supports(ctx context.Context) ([]string, error)

Supports returns the tools types supported by this tools

type ShellKind added in v0.28.4 

type ShellKind string
const (
	ShellKindSh         ShellKind = "sh"
	ShellKindPowerShell ShellKind = "powershell"
	ShellKindCmd        ShellKind = "cmd"
)

type ToolsCallRecord 

type ToolsCallRecord struct {
	Args       taskengine.ToolsCall
	Input      any
	InputType  taskengine.DataType
	Transition string
}

type ToolsResponse 

type ToolsResponse struct {
	Status     int
	Output     any
	OutputType taskengine.DataType
	Transition string
}

type WebCaller 

type WebCaller struct {
	// contains filtered or unexported fields
}

WebCaller exposes per-verb HTTP tools (web_get, web_head, web_post, web_put, web_patch, web_delete) under the "webtools" namespace. Each call is gated by tools_policies.webtools (host allow/deny, scheme allowlist, size limits, timeout, retry, redirects), tracked through libtracker, and — for mutating verbs — gated by HITL approval per the default policy.

func (*WebCaller) Exec 

func (h *WebCaller) Exec(ctx context.Context, _ time.Time, input any, _ bool, toolsCall *taskengine.ToolsCall) (any, taskengine.DataType, error)

Exec dispatches to one of the verb-specific handlers based on toolsCall.ToolName.

func (*WebCaller) GetSchemasForSupportedTools 

func (h *WebCaller) GetSchemasForSupportedTools(_ context.Context) (map[string]*openapi3.T, error)

func (*WebCaller) GetToolsForToolsByName 

func (h *WebCaller) GetToolsForToolsByName(_ context.Context, name string) ([]taskengine.Tool, error)

func (*WebCaller) Supports 

func (h *WebCaller) Supports(_ context.Context) ([]string, error)

type WebtoolsOption 

type WebtoolsOption func(*WebCaller)

func WithDefaultHeader 

func WithDefaultHeader(key, value string) WebtoolsOption

func WithHTTPClient 

func WithHTTPClient(client *http.Client) WebtoolsOption

Source Files

View all Source files

Directories

Path Synopsis
Package mcpoauth implements the MCP OAuth 2.1 Authorization Code + PKCE flow for CLI clients.
 Package mcpoauth implements the MCP OAuth 2.1 Authorization Code + PKCE flow for CLI clients.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.