From 996462b6295bb9eae359b0760ead105018324a73 Mon Sep 17 00:00:00 2001
From: Nadeesha Cabral <n@nadeesha.me>
Date: Mon, 9 Dec 2024 14:42:54 +1100
Subject: [PATCH] update

---
 bootstrap-node/src/index.ts | 14 ++++++--------
 bootstrap-node/src/run.ts   |  4 ++--
 2 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/bootstrap-node/src/index.ts b/bootstrap-node/src/index.ts
index e6d94f67..93c8646d 100644
--- a/bootstrap-node/src/index.ts
+++ b/bootstrap-node/src/index.ts
@@ -2,6 +2,7 @@ import { Inferable } from "inferable";
 import { z } from "zod";
 import { execFile } from "child_process";
 import { promisify } from "util";
+import assert from "assert";
 
 const execFilePromise = promisify(execFile);
 
@@ -12,9 +13,9 @@ const client = new Inferable({
 
 client.default.register({
   name: "exec",
-  func: async ({ command, arg }: { command: string; arg?: string }) => {
-    const args = arg ? [arg] : [];
-    const { stdout, stderr } = await execFilePromise(command, args);
+  func: async ({ command, arg }: { command: string; arg: string }) => {
+    assert(arg.startsWith("./"), "can only access paths starting with ./");
+    const { stdout, stderr } = await execFilePromise(command, [arg]);
     return {
       stdout: stdout.trim(),
       stderr: stderr.trim(),
@@ -24,12 +25,9 @@ client.default.register({
   schema: {
     input: z.object({
       command: z
-        .enum(["pwd", "ls", "cat", "echo"]) // This prevents arbitrary commands
+        .enum(["ls", "cat"]) // This prevents arbitrary commands
         .describe("The command to execute"),
-      arg: z
-        .string()
-        .describe("The argument to pass to the command")
-        .optional(),
+      arg: z.string().describe("The argument to pass to the command"),
     }),
   },
 });
diff --git a/bootstrap-node/src/run.ts b/bootstrap-node/src/run.ts
index e419ff61..46010b3d 100644
--- a/bootstrap-node/src/run.ts
+++ b/bootstrap-node/src/run.ts
@@ -15,8 +15,8 @@ const reportSchema = z.object({
 client
   .run({
     initialPrompt: `
-      Iteratively inspect the files at the current directory, and produce a report.
-      You may selectively inspect the contents of files.
+      Iteratively inspect the source code at the current directory, and produce a report.
+      You may selectively inspect the contents of files. You can only access files starting with ./
     `.trim(),
     resultSchema: reportSchema,
   })