push.rocks/smartagent
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(deno): Add Deno tool and smartdeno integration; export and register DenoTool; update docs and tests

Browse Source
This commit is contained in:
Jürgen Kunz
2025-12-02 12:11:31 +00:00
parent b9e8174f23
commit cf6d7163be
10 changed files with 373 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
readme.md
View File

@@ -19,26 +19,33 @@ This design ensures safe tool use through AI-based policy evaluation rather than
## Architecture
```
User Task + Guardian Policy Prompt
|
+---------------------------------------+
| DualAgentOrchestrator |
| |
| +--------+ +------------+ |
| | Driver |-------> | Guardian | |
| | Agent | tool | Agent | |
| | | call | | |
| | Reason |<--------| Evaluate | |
| | + Plan | approve | against | |
| +--------+ /reject | policy | |
| | +feedback+-----------+ |
| v (if approved) |
| +-----------------------------------+|
| | Standard Tools ||
| | Filesystem | HTTP | Shell | Browser|
| +-----------------------------------+|
+---------------------------------------+
```mermaid
flowchart TB
subgraph Input
Task["User Task"]
Policy["Guardian Policy Prompt"]
end
subgraph Orchestrator["DualAgentOrchestrator"]
Driver["Driver Agent<br/><i>Reason + Plan</i>"]
Guardian["Guardian Agent<br/><i>Evaluate against policy</i>"]
Driver -->|"tool call proposal"| Guardian
Guardian -->|"approve / reject + feedback"| Driver
end
subgraph Tools["Standard Tools"]
FS["Filesystem"]
HTTP["HTTP"]
Shell["Shell"]
Browser["Browser"]
Deno["Deno"]
end
Task --> Orchestrator
Policy --> Guardian
Driver -->|"execute<br/>(if approved)"| Tools
Tools -->|"result"| Driver
```
## Quick Start
@@ -139,6 +146,46 @@ Web page interaction using `@push.rocks/smartbrowser` (Puppeteer-based).
</tool_call>
```
### DenoTool
Execute TypeScript/JavaScript code in a sandboxed Deno environment using `@push.rocks/smartdeno`.
**Actions**: `execute`, `executeWithResult`
**Permissions**: `all`, `env`, `ffi`, `hrtime`, `net`, `read`, `run`, `sys`, `write`
By default, code runs fully sandboxed with no permissions. Permissions must be explicitly requested.
```typescript
// Simple code execution
<tool_call>
<tool>deno</tool>
<action>execute</action>
<params>{"code": "console.log('Hello from Deno!')"}</params>
<reasoning>Running a simple script to verify the environment</reasoning>
</tool_call>
// Code with network permission
<tool_call>
<tool>deno</tool>
<action>execute</action>
<params>{
"code": "const resp = await fetch('https://api.example.com/data'); console.log(await resp.json());",
"permissions": ["net"]
}</params>
<reasoning>Fetching data from API using Deno's fetch</reasoning>
</tool_call>
// Execute and parse JSON result
<tool_call>
<tool>deno</tool>
<action>executeWithResult</action>
<params>{
"code": "const result = { sum: 2 + 2, date: new Date().toISOString() }; console.log(JSON.stringify(result));"
}</params>
<reasoning>Computing values and returning structured data</reasoning>
</tool_call>
```
## Guardian Policy Examples
### Strict Security Policy
@@ -174,6 +221,27 @@ Always verify:
`;
```
### Deno Code Execution Policy
```typescript
const denoPolicy = `
DENO CODE EXECUTION POLICY:
- ONLY allow 'read' permission for files within the workspace
- REJECT 'all' permission unless explicitly justified for the task
- REJECT 'run' permission (subprocess execution) without specific justification
- REJECT code that attempts to:
- Access credentials or environment secrets (even with 'env' permission)
- Make network requests to internal/private IP ranges
- Write to system directories
- FLAG obfuscated or encoded code (base64, eval with dynamic strings)
- Prefer sandboxed execution (no permissions) when possible
When evaluating code:
- Review the actual code content, not just permissions
- Consider what data the code could exfiltrate
- Verify network endpoints are legitimate public APIs
`;
```
## Configuration Options
```typescript