skillc 0.2.1

A development kit for Agent Skills - the open format for extending AI agent capabilities
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

//! Open command per [[RFC-0002:C-OPEN]]

use crate::config::get_cwd;
use crate::error::{Result, SkillcError};
use crate::logging::{LogEntry, get_run_id, init_log_db, log_access_with_fallback};
use crate::resolver::resolve_skill;
use crate::{OutputFormat, verbose};
use std::fs;
use std::time::Instant;

/// Execute the open command per [[RFC-0002:C-OPEN]].
///
/// Returns the contents of the specified file.
///
/// The `max_lines` parameter truncates output to the first n lines if specified.
pub fn open(
    skill: &str,
    path: &str,
    max_lines: Option<usize>,
    format: OutputFormat,
) -> Result<String> {
    let start = Instant::now();
    let resolved = resolve_skill(skill)?;
    let run_id = get_run_id();

    verbose!("open: path=\"{}\" max_lines={:?}", path, max_lines);
    verbose!("open: source_dir={}", resolved.source_dir.display());

    // Initialize logging
    let log_conn = init_log_db(&resolved.runtime_dir);

    let args = serde_json::json!({ "path": path, "max_lines": max_lines });

    let result = do_open(&resolved, path, max_lines, &format);

    verbose!("open: completed in {:?}", start.elapsed());

    // Log access (with automatic fallback for sandboxed environments)
    log_access_with_fallback(
        log_conn.as_ref(),
        &LogEntry {
            run_id,
            command: "open".to_string(),
            skill: resolved.name.clone(),
            skill_path: resolved.source_dir.to_string_lossy().to_string(),
            cwd: get_cwd(),
            args: args.to_string(),
            error: result.as_ref().err().map(|e| e.to_string()),
        },
    );

    result
}

fn do_open(
    resolved: &crate::resolver::ResolvedSkill,
    path: &str,
    max_lines: Option<usize>,
    _format: &OutputFormat,
) -> Result<String> {
    // Validate path doesn't escape skill root
    if path.contains("..") {
        // Check if it actually escapes after canonicalization
        let full_path = resolved.source_dir.join(path);
        if let Ok(canonical) = full_path.canonicalize() {
            if !canonical.starts_with(&resolved.source_dir) {
                return Err(SkillcError::PathEscapesRoot(path.to_string()));
            }
        } else {
            return Err(SkillcError::PathEscapesRoot(path.to_string()));
        }
    }

    let file_path = resolved.source_dir.join(path);

    // Validate path after canonicalization
    if file_path.exists() {
        let canonical = file_path.canonicalize()?;
        if !canonical.starts_with(&resolved.source_dir) {
            return Err(SkillcError::PathEscapesRoot(path.to_string()));
        }
    }

    if !file_path.exists() {
        return Err(SkillcError::FileNotFound(path.to_string()));
    }

    if file_path.is_dir() {
        return Err(SkillcError::InvalidPath(
            "Path must be a file, not a directory".to_string(),
        ));
    }

    let content = fs::read_to_string(&file_path)?;

    // Apply max_lines truncation if specified
    if let Some(limit) = max_lines {
        let lines: Vec<&str> = content.lines().collect();
        if lines.len() > limit {
            let truncated: Vec<&str> = lines[..limit].to_vec();
            let remaining = lines.len() - limit;
            return Ok(format!(
                "{}\n... ({} more lines)",
                truncated.join("\n"),
                remaining
            ));
        }
    }

    Ok(content)
}