chore: import upstream snapshot with attribution
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled

This commit is contained in:
wehub-resource-sync
2026-07-13 13:20:55 +08:00
commit d25d482dc2
13754 changed files with 4996608 additions and 0 deletions
+104
View File
@@ -0,0 +1,104 @@
import type {
OnePasswordCreateItemParams,
OnePasswordCreateItemResponse,
} from '@/tools/onepassword/types'
import { FULL_ITEM_OUTPUTS, transformFullItem } from '@/tools/onepassword/utils'
import type { ToolConfig } from '@/tools/types'
export const createItemTool: ToolConfig<
OnePasswordCreateItemParams,
OnePasswordCreateItemResponse
> = {
id: 'onepassword_create_item',
name: '1Password Create Item',
description: 'Create a new item in a vault',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID to create the item in',
},
category: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description:
'Item category (e.g., LOGIN, PASSWORD, API_CREDENTIAL, SECURE_NOTE, SERVER, DATABASE)',
},
title: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'Item title',
},
tags: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'Comma-separated list of tags',
},
fields: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description:
'JSON array of field objects (e.g., [{"label":"username","value":"admin","type":"STRING","purpose":"USERNAME"}]). "purpose" is honored in Connect Server mode; in Service Account mode 1Password infers it from the field label/type instead.',
},
},
request: {
url: '/api/tools/onepassword/create-item',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
category: params.category,
title: params.title,
tags: params.tags,
fields: params.fields,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: transformFullItem({}), error: data.error }
}
return {
success: true,
output: transformFullItem(data),
}
},
outputs: FULL_ITEM_OUTPUTS,
}
+84
View File
@@ -0,0 +1,84 @@
import type {
OnePasswordDeleteItemParams,
OnePasswordDeleteItemResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const deleteItemTool: ToolConfig<
OnePasswordDeleteItemParams,
OnePasswordDeleteItemResponse
> = {
id: 'onepassword_delete_item',
name: '1Password Delete Item',
description: 'Delete an item from a vault',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
itemId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The item UUID to delete',
},
},
request: {
url: '/api/tools/onepassword/delete-item',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
itemId: params.itemId,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: { success: false }, error: data.error }
}
return {
success: true,
output: {
success: true,
},
}
},
outputs: {
success: { type: 'boolean', description: 'Whether the item was successfully deleted' },
},
}
+78
View File
@@ -0,0 +1,78 @@
import type {
OnePasswordGetItemParams,
OnePasswordGetItemResponse,
} from '@/tools/onepassword/types'
import { FULL_ITEM_OUTPUTS, transformFullItem } from '@/tools/onepassword/utils'
import type { ToolConfig } from '@/tools/types'
export const getItemTool: ToolConfig<OnePasswordGetItemParams, OnePasswordGetItemResponse> = {
id: 'onepassword_get_item',
name: '1Password Get Item',
description: 'Get full details of an item including all fields and secrets',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
itemId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The item UUID to retrieve',
},
},
request: {
url: '/api/tools/onepassword/get-item',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
itemId: params.itemId,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: transformFullItem({}), error: data.error }
}
return {
success: true,
output: transformFullItem(data),
}
},
outputs: FULL_ITEM_OUTPUTS,
}
+103
View File
@@ -0,0 +1,103 @@
import type {
OnePasswordGetItemFileParams,
OnePasswordGetItemFileResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const getItemFileTool: ToolConfig<
OnePasswordGetItemFileParams,
OnePasswordGetItemFileResponse
> = {
id: 'onepassword_get_item_file',
name: '1Password Get Item File',
description: 'Download the content of a file attached to an item',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
itemId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The item UUID the file is attached to',
},
fileId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The file ID (from the item\'s "files" array, e.g. via Get Item)',
},
},
request: {
url: '/api/tools/onepassword/get-item-file',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
itemId: params.itemId,
fileId: params.fileId,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return {
success: false,
output: { file: { name: '', mimeType: '', data: '', size: 0 } },
error: data.error,
}
}
return {
success: true,
output: {
file: {
name: data.file.name,
mimeType: data.file.mimeType,
data: data.file.data,
size: data.file.size,
},
},
}
},
outputs: {
file: {
type: 'file',
description: 'Downloaded file attachment',
},
},
}
+107
View File
@@ -0,0 +1,107 @@
import type {
OnePasswordGetVaultParams,
OnePasswordGetVaultResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const getVaultTool: ToolConfig<OnePasswordGetVaultParams, OnePasswordGetVaultResponse> = {
id: 'onepassword_get_vault',
name: '1Password Get Vault',
description: 'Get details of a specific vault by ID',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
},
request: {
url: '/api/tools/onepassword/get-vault',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return {
success: false,
output: {
id: '',
name: '',
description: null,
attributeVersion: 0,
contentVersion: 0,
items: 0,
type: '',
createdAt: null,
updatedAt: null,
},
error: data.error,
}
}
return {
success: true,
output: {
id: data.id ?? null,
name: data.name ?? null,
description: data.description ?? null,
attributeVersion: data.attributeVersion ?? 0,
contentVersion: data.contentVersion ?? 0,
items: data.items ?? 0,
type: data.type ?? null,
createdAt: data.createdAt ?? null,
updatedAt: data.updatedAt ?? null,
},
}
},
outputs: {
id: { type: 'string', description: 'Vault ID' },
name: { type: 'string', description: 'Vault name' },
description: { type: 'string', description: 'Vault description', optional: true },
attributeVersion: { type: 'number', description: 'Vault attribute version' },
contentVersion: { type: 'number', description: 'Vault content version' },
items: { type: 'number', description: 'Number of items in the vault' },
type: {
type: 'string',
description: 'Vault type (USER_CREATED, PERSONAL, or EVERYONE)',
},
createdAt: { type: 'string', description: 'Creation timestamp', optional: true },
updatedAt: { type: 'string', description: 'Last update timestamp', optional: true },
},
}
+23
View File
@@ -0,0 +1,23 @@
import { createItemTool } from '@/tools/onepassword/create_item'
import { deleteItemTool } from '@/tools/onepassword/delete_item'
import { getItemTool } from '@/tools/onepassword/get_item'
import { getItemFileTool } from '@/tools/onepassword/get_item_file'
import { getVaultTool } from '@/tools/onepassword/get_vault'
import { listItemsTool } from '@/tools/onepassword/list_items'
import { listVaultsTool } from '@/tools/onepassword/list_vaults'
import { replaceItemTool } from '@/tools/onepassword/replace_item'
import { resolveSecretTool } from '@/tools/onepassword/resolve_secret'
import { updateItemTool } from '@/tools/onepassword/update_item'
export * from '@/tools/onepassword/types'
export const onepasswordCreateItemTool = createItemTool
export const onepasswordDeleteItemTool = deleteItemTool
export const onepasswordGetItemTool = getItemTool
export const onepasswordGetItemFileTool = getItemFileTool
export const onepasswordGetVaultTool = getVaultTool
export const onepasswordListItemsTool = listItemsTool
export const onepasswordListVaultsTool = listVaultsTool
export const onepasswordReplaceItemTool = replaceItemTool
export const onepasswordResolveSecretTool = resolveSecretTool
export const onepasswordUpdateItemTool = updateItemTool
+141
View File
@@ -0,0 +1,141 @@
import type {
OnePasswordListItemsParams,
OnePasswordListItemsResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const listItemsTool: ToolConfig<OnePasswordListItemsParams, OnePasswordListItemsResponse> = {
id: 'onepassword_list_items',
name: '1Password List Items',
description: 'List items in a vault. Returns summaries without field values.',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID to list items from',
},
filter: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'SCIM filter expression (e.g., title eq "API Key" or tag eq "production")',
},
},
request: {
url: '/api/tools/onepassword/list-items',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
filter: params.filter,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: { items: [] }, error: data.error }
}
const items = Array.isArray(data) ? data : [data]
return {
success: true,
output: {
items: items.map((item: any) => ({
id: item.id ?? null,
title: item.title ?? null,
vault: item.vault ?? null,
category: item.category ?? null,
urls: (item.urls ?? []).map((url: any) => ({
href: url.href ?? null,
label: url.label ?? null,
primary: url.primary ?? false,
})),
favorite: item.favorite ?? false,
tags: item.tags ?? [],
version: item.version ?? 0,
state: item.state ?? null,
createdAt: item.createdAt ?? null,
updatedAt: item.updatedAt ?? null,
lastEditedBy: item.lastEditedBy ?? null,
})),
},
}
},
outputs: {
items: {
type: 'array',
description: 'List of items in the vault (summaries without field values)',
items: {
type: 'object',
properties: {
id: { type: 'string', description: 'Item ID' },
title: { type: 'string', description: 'Item title' },
vault: {
type: 'object',
description: 'Vault reference',
properties: {
id: { type: 'string', description: 'Vault ID' },
},
},
category: { type: 'string', description: 'Item category (e.g., LOGIN, API_CREDENTIAL)' },
urls: {
type: 'array',
description: 'URLs associated with the item',
optional: true,
items: {
type: 'object',
properties: {
href: { type: 'string', description: 'URL' },
label: { type: 'string', description: 'URL label', optional: true },
primary: { type: 'boolean', description: 'Whether this is the primary URL' },
},
},
},
favorite: { type: 'boolean', description: 'Whether the item is favorited' },
tags: { type: 'array', description: 'Item tags' },
version: { type: 'number', description: 'Item version number' },
state: {
type: 'string',
description: 'Item state (ARCHIVED, or absent/null when active)',
optional: true,
},
createdAt: { type: 'string', description: 'Creation timestamp', optional: true },
updatedAt: { type: 'string', description: 'Last update timestamp', optional: true },
lastEditedBy: { type: 'string', description: 'ID of the last editor', optional: true },
},
},
},
},
}
+108
View File
@@ -0,0 +1,108 @@
import type {
OnePasswordListVaultsParams,
OnePasswordListVaultsResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const listVaultsTool: ToolConfig<
OnePasswordListVaultsParams,
OnePasswordListVaultsResponse
> = {
id: 'onepassword_list_vaults',
name: '1Password List Vaults',
description: 'List all vaults accessible by the Connect token or Service Account',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
filter: {
type: 'string',
required: false,
visibility: 'user-or-llm',
description: 'SCIM filter expression (e.g., name eq "My Vault")',
},
},
request: {
url: '/api/tools/onepassword/list-vaults',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
filter: params.filter,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: { vaults: [] }, error: data.error }
}
const vaults = Array.isArray(data) ? data : [data]
return {
success: true,
output: {
vaults: vaults.map((vault: any) => ({
id: vault.id ?? null,
name: vault.name ?? null,
description: vault.description ?? null,
attributeVersion: vault.attributeVersion ?? 0,
contentVersion: vault.contentVersion ?? 0,
items: vault.items ?? 0,
type: vault.type ?? null,
createdAt: vault.createdAt ?? null,
updatedAt: vault.updatedAt ?? null,
})),
},
}
},
outputs: {
vaults: {
type: 'array',
description: 'List of accessible vaults',
items: {
type: 'object',
properties: {
id: { type: 'string', description: 'Vault ID' },
name: { type: 'string', description: 'Vault name' },
description: { type: 'string', description: 'Vault description', optional: true },
attributeVersion: { type: 'number', description: 'Vault attribute version' },
contentVersion: { type: 'number', description: 'Vault content version' },
items: { type: 'number', description: 'Number of items in the vault' },
type: {
type: 'string',
description: 'Vault type (USER_CREATED, PERSONAL, or EVERYONE)',
},
createdAt: { type: 'string', description: 'Creation timestamp', optional: true },
updatedAt: { type: 'string', description: 'Last update timestamp', optional: true },
},
},
},
},
}
@@ -0,0 +1,89 @@
import type {
OnePasswordReplaceItemParams,
OnePasswordReplaceItemResponse,
} from '@/tools/onepassword/types'
import { FULL_ITEM_OUTPUTS, transformFullItem } from '@/tools/onepassword/utils'
import type { ToolConfig } from '@/tools/types'
export const replaceItemTool: ToolConfig<
OnePasswordReplaceItemParams,
OnePasswordReplaceItemResponse
> = {
id: 'onepassword_replace_item',
name: '1Password Replace Item',
description: 'Replace an entire item with new data (full update)',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
itemId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The item UUID to replace',
},
item: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description:
'JSON object representing the full item (e.g., {"vault":{"id":"..."},"category":"LOGIN","title":"My Item","fields":[...]})',
},
},
request: {
url: '/api/tools/onepassword/replace-item',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
itemId: params.itemId,
item: params.item,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: transformFullItem({}), error: data.error }
}
return {
success: true,
output: transformFullItem(data),
}
},
outputs: FULL_ITEM_OUTPUTS,
}
@@ -0,0 +1,67 @@
import type {
OnePasswordResolveSecretParams,
OnePasswordResolveSecretResponse,
} from '@/tools/onepassword/types'
import type { ToolConfig } from '@/tools/types'
export const resolveSecretTool: ToolConfig<
OnePasswordResolveSecretParams,
OnePasswordResolveSecretResponse
> = {
id: 'onepassword_resolve_secret',
name: '1Password Resolve Secret',
description:
'Resolve a secret reference (op://vault/item/field) to its value. Service Account mode only.',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: must be "service_account" for this operation',
},
serviceAccountToken: {
type: 'string',
required: true,
visibility: 'user-only',
description: '1Password Service Account token',
},
secretReference: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description:
'Secret reference URI (e.g., op://vault-name/item-name/field-name or op://vault-name/item-name/section-name/field-name)',
},
},
request: {
url: '/api/tools/onepassword/resolve-secret',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode ?? 'service_account',
serviceAccountToken: params.serviceAccountToken,
secretReference: params.secretReference,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: { value: '', reference: '' }, error: data.error }
}
return {
success: true,
output: {
value: data.value ?? '',
reference: data.reference ?? '',
},
}
},
outputs: {
value: { type: 'string', description: 'The resolved secret value' },
reference: { type: 'string', description: 'The original secret reference URI' },
},
}
+182
View File
@@ -0,0 +1,182 @@
import type { ToolResponse } from '@/tools/types'
/** Base params shared by all 1Password tools (credential fields). */
interface OnePasswordBaseParams {
connectionMode?: 'service_account' | 'connect'
serviceAccountToken?: string
apiKey?: string
serverUrl?: string
}
export interface OnePasswordListVaultsParams extends OnePasswordBaseParams {
filter?: string
}
export interface OnePasswordGetVaultParams extends OnePasswordBaseParams {
vaultId: string
}
export interface OnePasswordListItemsParams extends OnePasswordBaseParams {
vaultId: string
filter?: string
}
export interface OnePasswordGetItemParams extends OnePasswordBaseParams {
vaultId: string
itemId: string
}
export interface OnePasswordCreateItemParams extends OnePasswordBaseParams {
vaultId: string
category: string
title?: string
tags?: string
fields?: string
}
export interface OnePasswordUpdateItemParams extends OnePasswordBaseParams {
vaultId: string
itemId: string
operations: string
}
export interface OnePasswordReplaceItemParams extends OnePasswordBaseParams {
vaultId: string
itemId: string
item: string
}
export interface OnePasswordDeleteItemParams extends OnePasswordBaseParams {
vaultId: string
itemId: string
}
export interface OnePasswordGetItemFileParams extends OnePasswordBaseParams {
vaultId: string
itemId: string
fileId: string
}
export interface OnePasswordResolveSecretParams extends OnePasswordBaseParams {
secretReference: string
}
export interface OnePasswordListVaultsResponse extends ToolResponse {
output: {
vaults: Array<{
id: string
name: string
description: string | null
attributeVersion: number
contentVersion: number
items: number
type: string
createdAt: string | null
updatedAt: string | null
}>
}
}
export interface OnePasswordGetVaultResponse extends ToolResponse {
output: {
id: string
name: string
description: string | null
attributeVersion: number
contentVersion: number
items: number
type: string
createdAt: string | null
updatedAt: string | null
}
}
export interface OnePasswordListItemsResponse extends ToolResponse {
output: {
items: Array<{
id: string
title: string
vault: { id: string }
category: string
urls: Array<{ href: string; label: string | null; primary: boolean }>
favorite: boolean
tags: string[]
version: number
state: string | null
createdAt: string | null
updatedAt: string | null
lastEditedBy: string | null
}>
}
}
interface OnePasswordFullItemResponse extends ToolResponse {
output: {
id: string
title: string
vault: { id: string }
category: string
urls: Array<{ href: string; label: string | null; primary: boolean }>
favorite: boolean
tags: string[]
version: number
state: string | null
fields: Array<{
id: string
label: string | null
type: string
purpose: string
value: string | null
section: { id: string } | null
generate: boolean
recipe: {
length: number | null
characterSets: string[]
excludeCharacters: string | null
} | null
entropy: number | null
}>
sections: Array<{
id: string
label: string | null
}>
files: Array<{
id: string | null
name: string | null
size: number
section: { id: string } | null
}>
createdAt: string | null
updatedAt: string | null
lastEditedBy: string | null
}
}
export type OnePasswordGetItemResponse = OnePasswordFullItemResponse
export type OnePasswordCreateItemResponse = OnePasswordFullItemResponse
export type OnePasswordUpdateItemResponse = OnePasswordFullItemResponse
export type OnePasswordReplaceItemResponse = OnePasswordFullItemResponse
export interface OnePasswordDeleteItemResponse extends ToolResponse {
output: {
success: boolean
}
}
export interface OnePasswordGetItemFileResponse extends ToolResponse {
output: {
file: {
name: string
mimeType: string
data: string
size: number
}
}
}
export interface OnePasswordResolveSecretResponse extends ToolResponse {
output: {
value: string
reference: string
}
}
+89
View File
@@ -0,0 +1,89 @@
import type {
OnePasswordUpdateItemParams,
OnePasswordUpdateItemResponse,
} from '@/tools/onepassword/types'
import { FULL_ITEM_OUTPUTS, transformFullItem } from '@/tools/onepassword/utils'
import type { ToolConfig } from '@/tools/types'
export const updateItemTool: ToolConfig<
OnePasswordUpdateItemParams,
OnePasswordUpdateItemResponse
> = {
id: 'onepassword_update_item',
name: '1Password Update Item',
description: 'Update an existing item using JSON Patch operations (RFC6902)',
version: '1.0.0',
params: {
connectionMode: {
type: 'string',
required: false,
description: 'Connection mode: "service_account" or "connect"',
},
serviceAccountToken: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Service Account token (for Service Account mode)',
},
apiKey: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect API token (for Connect Server mode)',
},
serverUrl: {
type: 'string',
required: false,
visibility: 'user-only',
description: '1Password Connect server URL (for Connect Server mode)',
},
vaultId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The vault UUID',
},
itemId: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description: 'The item UUID to update',
},
operations: {
type: 'string',
required: true,
visibility: 'user-or-llm',
description:
'JSON array of RFC6902 patch operations (e.g., [{"op":"replace","path":"/title","value":"New Title"}])',
},
},
request: {
url: '/api/tools/onepassword/update-item',
method: 'POST',
headers: () => ({ 'Content-Type': 'application/json' }),
body: (params) => ({
connectionMode: params.connectionMode,
serviceAccountToken: params.serviceAccountToken,
serverUrl: params.serverUrl,
apiKey: params.apiKey,
vaultId: params.vaultId,
itemId: params.itemId,
operations: params.operations,
}),
},
transformResponse: async (response) => {
const data = await response.json()
if (data.error) {
return { success: false, output: transformFullItem({}), error: data.error }
}
return {
success: true,
output: transformFullItem(data),
}
},
outputs: FULL_ITEM_OUTPUTS,
}
+178
View File
@@ -0,0 +1,178 @@
import type { OutputType } from '@/tools/types'
/** Transforms a raw FullItem API response into our standardized output. */
export function transformFullItem(data: any) {
return {
id: data.id ?? null,
title: data.title ?? null,
vault: data.vault ?? null,
category: data.category ?? null,
urls: (data.urls ?? []).map((url: any) => ({
href: url.href ?? null,
label: url.label ?? null,
primary: url.primary ?? false,
})),
favorite: data.favorite ?? false,
tags: data.tags ?? [],
version: data.version ?? 0,
state: data.state ?? null,
fields: (data.fields ?? []).map((field: any) => ({
id: field.id ?? null,
label: field.label ?? null,
type: field.type ?? 'STRING',
purpose: field.purpose ?? '',
value: field.value ?? null,
section: field.section ?? null,
generate: field.generate ?? false,
recipe: field.recipe
? {
length: field.recipe.length ?? null,
characterSets: field.recipe.characterSets ?? [],
excludeCharacters: field.recipe.excludeCharacters ?? null,
}
: null,
entropy: field.entropy ?? null,
})),
sections: (data.sections ?? []).map((section: any) => ({
id: section.id ?? null,
label: section.label ?? null,
})),
files: (data.files ?? []).map((file: any) => ({
id: file.id ?? null,
name: file.name ?? null,
size: file.size ?? 0,
section: file.section ?? null,
})),
createdAt: data.createdAt ?? null,
updatedAt: data.updatedAt ?? null,
lastEditedBy: data.lastEditedBy ?? null,
}
}
/** Shared output schema for FullItem responses (get_item, create_item, update_item). */
export const FULL_ITEM_OUTPUTS: Record<
string,
{
type: OutputType
description: string
optional?: boolean
properties?: Record<string, any>
items?: { type: OutputType; description?: string; properties?: Record<string, any> }
}
> = {
id: { type: 'string', description: 'Item ID' },
title: { type: 'string', description: 'Item title' },
vault: {
type: 'object',
description: 'Vault reference',
properties: {
id: { type: 'string', description: 'Vault ID' },
},
},
category: {
type: 'string',
description: 'Item category (e.g., LOGIN, API_CREDENTIAL, SECURE_NOTE)',
},
urls: {
type: 'array',
description: 'URLs associated with the item',
optional: true,
items: {
type: 'object',
properties: {
href: { type: 'string', description: 'URL' },
label: { type: 'string', description: 'URL label', optional: true },
primary: { type: 'boolean', description: 'Whether this is the primary URL' },
},
},
},
favorite: { type: 'boolean', description: 'Whether the item is favorited' },
tags: { type: 'array', description: 'Item tags' },
version: { type: 'number', description: 'Item version number' },
state: {
type: 'string',
description: 'Item state (ARCHIVED, or absent/null when active)',
optional: true,
},
fields: {
type: 'array',
description: 'Item fields including secrets',
items: {
type: 'object',
properties: {
id: { type: 'string', description: 'Field ID' },
label: { type: 'string', description: 'Field label', optional: true },
type: {
type: 'string',
description: 'Field type (STRING, EMAIL, CONCEALED, URL, TOTP, DATE, MONTH_YEAR, MENU)',
},
purpose: {
type: 'string',
description: 'Field purpose (USERNAME, PASSWORD, NOTES, or empty)',
},
value: { type: 'string', description: 'Field value', optional: true },
section: {
type: 'object',
description: 'Section reference this field belongs to',
optional: true,
properties: {
id: { type: 'string', description: 'Section ID' },
},
},
generate: { type: 'boolean', description: 'Whether the field value should be generated' },
recipe: {
type: 'object',
description: 'Password generation recipe',
optional: true,
properties: {
length: { type: 'number', description: 'Generated password length', optional: true },
characterSets: {
type: 'array',
description: 'Character sets (LETTERS, DIGITS, SYMBOLS)',
},
excludeCharacters: {
type: 'string',
description: 'Characters to exclude',
optional: true,
},
},
},
entropy: { type: 'number', description: 'Password entropy score', optional: true },
},
},
},
sections: {
type: 'array',
description: 'Item sections',
items: {
type: 'object',
properties: {
id: { type: 'string', description: 'Section ID' },
label: { type: 'string', description: 'Section label', optional: true },
},
},
},
files: {
type: 'array',
description: 'Files attached to the item (fetch content with Get Item File)',
items: {
type: 'object',
properties: {
id: { type: 'string', description: 'File ID' },
name: { type: 'string', description: 'File name' },
size: { type: 'number', description: 'File size in bytes' },
section: {
type: 'object',
description: 'Section reference this file belongs to',
optional: true,
properties: {
id: { type: 'string', description: 'Section ID' },
},
},
},
},
},
createdAt: { type: 'string', description: 'Creation timestamp', optional: true },
updatedAt: { type: 'string', description: 'Last update timestamp', optional: true },
lastEditedBy: { type: 'string', description: 'ID of the last editor', optional: true },
}