blob: b98aa556dd99b51d0ccca2dae1cfcf9bb8ca78f9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
#!/usr/bin/env bash
set -euo pipefail
# @describe Execute the shell command.
# @option --command! The command to execute.
# @env LLM_OUTPUT=/dev/stdout The output path
ROOT_DIR="${LLM_ROOT_DIR:-$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)}"
OUT_PATH="${LLM_OUTPUT:-/dev/stdout}"
# Max bytes per stream to avoid flooding aichat
MAX_BYTES="${LLM_MAX_BYTES:-200000}"
sanitize() {
# Ensures valid UTF-8 output; drops invalid byte sequences
if command -v iconv >/dev/null 2>&1; then
iconv -f UTF-8 -t UTF-8 -c
else
# Fallback: best-effort pass-through
cat
fi
}
main() {
# Truncate output file so each tool call is clean
: > "$OUT_PATH"
# Guard operation (but never hard-fail the tool)
set +e
guard_out="$(mktemp)"
guard_err="$(mktemp)"
"$ROOT_DIR/utils/guard_operation.sh" >"$guard_out" 2>"$guard_err"
guard_rc=$?
set -e
if [[ $guard_rc -ne 0 ]]; then
{
echo "EXIT_CODE: $guard_rc"
echo "STDOUT:"
cat "$guard_out" | sanitize | head -c "$MAX_BYTES"
echo
echo "STDERR:"
cat "$guard_err" | sanitize | head -c "$MAX_BYTES"
echo
echo "ERROR: guard_operation_failed"
} >> "$OUT_PATH"
rm -f "$guard_out" "$guard_err"
exit 0
fi
rm -f "$guard_out" "$guard_err"
# Basic sanity: block meaningless commands (reduces ':' / pasted listings etc.)
cmd="$(printf "%s" "${argc_command:-}" | sed -E 's/^[[:space:]]+|[[:space:]]+$//g')"
if [[ -z "$cmd" || "$cmd" == ":" || "$cmd" == ";" ]]; then
{
echo "EXIT_CODE: 127"
echo "STDOUT:"
echo
echo "STDERR:"
echo "bad_command: empty or meaningless command"
} >> "$OUT_PATH"
exit 0
fi
out_file="$(mktemp)"
err_file="$(mktemp)"
trap 'rm -f "$out_file" "$err_file"' EXIT
# Run command (do not let failures exit the tool)
set +e
bash -lc "$cmd" >"$out_file" 2>"$err_file"
rc=$?
set -e
{
echo "EXIT_CODE: $rc"
echo "STDOUT:"
cat "$out_file" | sanitize | head -c "$MAX_BYTES"
echo
echo "STDERR:"
cat "$err_file" | sanitize | head -c "$MAX_BYTES"
echo
} >> "$OUT_PATH"
# Always succeed from tool perspective, but communicate real rc in output
exit 0
}
eval "$(argc --argc-eval "$0" "$@")"
main
|
