mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-04-30 01:41:43 +00:00
69f4555822
The "ask" verdict for agent-created skills was producing the same "blocked" error message as a hard block, without indicating which patterns triggered or what content to fix. Now the error message lists each finding with file, line, description, and matched text, and uses "flagged" language that makes clear the agent can fix the issues and retry.
827 lines
30 KiB
Python
827 lines
30 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
Skill Manager Tool -- Agent-Managed Skill Creation & Editing
|
|
|
|
Allows the agent to create, update, and delete skills, turning successful
|
|
approaches into reusable procedural knowledge. New skills are created in
|
|
~/.hermes/skills/. Existing skills (bundled, hub-installed, or user-created)
|
|
can be modified or deleted wherever they live.
|
|
|
|
Skills are the agent's procedural memory: they capture *how to do a specific
|
|
type of task* based on proven experience. General memory (MEMORY.md, USER.md) is
|
|
broad and declarative. Skills are narrow and actionable.
|
|
|
|
Actions:
|
|
create -- Create a new skill (SKILL.md + directory structure)
|
|
edit -- Replace the SKILL.md content of a user skill (full rewrite)
|
|
patch -- Targeted find-and-replace within SKILL.md or any supporting file
|
|
delete -- Remove a user skill entirely
|
|
write_file -- Add/overwrite a supporting file (reference, template, script, asset)
|
|
remove_file-- Remove a supporting file from a user skill
|
|
|
|
Directory layout for user skills:
|
|
~/.hermes/skills/
|
|
├── my-skill/
|
|
│ ├── SKILL.md
|
|
│ ├── references/
|
|
│ ├── templates/
|
|
│ ├── scripts/
|
|
│ └── assets/
|
|
└── category-name/
|
|
└── another-skill/
|
|
└── SKILL.md
|
|
"""
|
|
|
|
import json
|
|
import logging
|
|
import os
|
|
import re
|
|
import shutil
|
|
import tempfile
|
|
from pathlib import Path
|
|
from hermes_constants import get_hermes_home, display_hermes_home
|
|
from typing import Dict, Any, Optional, Tuple
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
# Import security scanner — external hub installs always get scanned;
|
|
# agent-created skills only get scanned when skills.guard_agent_created is on.
|
|
try:
|
|
from tools.skills_guard import scan_skill, should_allow_install, format_scan_report
|
|
_GUARD_AVAILABLE = True
|
|
except ImportError:
|
|
_GUARD_AVAILABLE = False
|
|
|
|
|
|
def _guard_agent_created_enabled() -> bool:
|
|
"""Read skills.guard_agent_created from config (default False).
|
|
|
|
Off by default because the agent can already execute the same code
|
|
paths via terminal() with no gate, so the scan adds friction without
|
|
meaningful security. Users who want belt-and-suspenders can turn it
|
|
on via `hermes config set skills.guard_agent_created true`.
|
|
"""
|
|
try:
|
|
from hermes_cli.config import load_config
|
|
cfg = load_config()
|
|
return bool(cfg.get("skills", {}).get("guard_agent_created", False))
|
|
except Exception:
|
|
return False
|
|
|
|
|
|
def _security_scan_skill(skill_dir: Path) -> Optional[str]:
|
|
"""Scan a skill directory after write. Returns error string if blocked, else None.
|
|
|
|
No-op when skills.guard_agent_created is disabled (the default).
|
|
"""
|
|
if not _GUARD_AVAILABLE:
|
|
return None
|
|
if not _guard_agent_created_enabled():
|
|
return None
|
|
try:
|
|
result = scan_skill(skill_dir, source="agent-created")
|
|
allowed, reason = should_allow_install(result)
|
|
if allowed is False:
|
|
report = format_scan_report(result)
|
|
return f"Security scan blocked this skill ({reason}):\n{report}"
|
|
if allowed is None:
|
|
# "ask" verdict — for agent-created skills this means dangerous
|
|
# findings were detected. Surface specific findings so the agent
|
|
# knows exactly what to fix and can retry.
|
|
findings_detail = "\n".join(
|
|
f" - {f.file}:{f.line}: {f.description} (matched: {f.match!r})"
|
|
for f in result.findings
|
|
)
|
|
logger.warning(
|
|
"Agent-created skill flagged for review (dangerous findings): %s",
|
|
reason,
|
|
)
|
|
return (
|
|
f"Security scan flagged this skill — please fix the following issues and retry:\n"
|
|
f"{findings_detail}\n"
|
|
f"Remove or rewrite the flagged content, then try creating the skill again."
|
|
)
|
|
except Exception as e:
|
|
logger.warning("Security scan failed for %s: %s", skill_dir, e, exc_info=True)
|
|
return None
|
|
|
|
import yaml
|
|
|
|
|
|
# All skills live in ~/.hermes/skills/ (single source of truth)
|
|
HERMES_HOME = get_hermes_home()
|
|
SKILLS_DIR = HERMES_HOME / "skills"
|
|
|
|
MAX_NAME_LENGTH = 64
|
|
MAX_DESCRIPTION_LENGTH = 1024
|
|
|
|
|
|
def _is_local_skill(skill_path: Path) -> bool:
|
|
"""Check if a skill path is within the local SKILLS_DIR.
|
|
|
|
Skills found in external_dirs are read-only from the agent's perspective.
|
|
"""
|
|
try:
|
|
skill_path.resolve().relative_to(SKILLS_DIR.resolve())
|
|
return True
|
|
except ValueError:
|
|
return False
|
|
MAX_SKILL_CONTENT_CHARS = 100_000 # ~36k tokens at 2.75 chars/token
|
|
MAX_SKILL_FILE_BYTES = 1_048_576 # 1 MiB per supporting file
|
|
|
|
# Characters allowed in skill names (filesystem-safe, URL-friendly)
|
|
VALID_NAME_RE = re.compile(r'^[a-z0-9][a-z0-9._-]*$')
|
|
|
|
# Subdirectories allowed for write_file/remove_file
|
|
ALLOWED_SUBDIRS = {"references", "templates", "scripts", "assets"}
|
|
|
|
|
|
# =============================================================================
|
|
# Validation helpers
|
|
# =============================================================================
|
|
|
|
def _validate_name(name: str) -> Optional[str]:
|
|
"""Validate a skill name. Returns error message or None if valid."""
|
|
if not name:
|
|
return "Skill name is required."
|
|
if len(name) > MAX_NAME_LENGTH:
|
|
return f"Skill name exceeds {MAX_NAME_LENGTH} characters."
|
|
if not VALID_NAME_RE.match(name):
|
|
return (
|
|
f"Invalid skill name '{name}'. Use lowercase letters, numbers, "
|
|
f"hyphens, dots, and underscores. Must start with a letter or digit."
|
|
)
|
|
return None
|
|
|
|
|
|
def _validate_category(category: Optional[str]) -> Optional[str]:
|
|
"""Validate an optional category name used as a single directory segment."""
|
|
if category is None:
|
|
return None
|
|
if not isinstance(category, str):
|
|
return "Category must be a string."
|
|
|
|
category = category.strip()
|
|
if not category:
|
|
return None
|
|
if "/" in category or "\\" in category:
|
|
return (
|
|
f"Invalid category '{category}'. Use lowercase letters, numbers, "
|
|
"hyphens, dots, and underscores. Categories must be a single directory name."
|
|
)
|
|
if len(category) > MAX_NAME_LENGTH:
|
|
return f"Category exceeds {MAX_NAME_LENGTH} characters."
|
|
if not VALID_NAME_RE.match(category):
|
|
return (
|
|
f"Invalid category '{category}'. Use lowercase letters, numbers, "
|
|
"hyphens, dots, and underscores. Categories must be a single directory name."
|
|
)
|
|
return None
|
|
|
|
|
|
def _validate_frontmatter(content: str) -> Optional[str]:
|
|
"""
|
|
Validate that SKILL.md content has proper frontmatter with required fields.
|
|
Returns error message or None if valid.
|
|
"""
|
|
if not content.strip():
|
|
return "Content cannot be empty."
|
|
|
|
if not content.startswith("---"):
|
|
return "SKILL.md must start with YAML frontmatter (---). See existing skills for format."
|
|
|
|
end_match = re.search(r'\n---\s*\n', content[3:])
|
|
if not end_match:
|
|
return "SKILL.md frontmatter is not closed. Ensure you have a closing '---' line."
|
|
|
|
yaml_content = content[3:end_match.start() + 3]
|
|
|
|
try:
|
|
parsed = yaml.safe_load(yaml_content)
|
|
except yaml.YAMLError as e:
|
|
return f"YAML frontmatter parse error: {e}"
|
|
|
|
if not isinstance(parsed, dict):
|
|
return "Frontmatter must be a YAML mapping (key: value pairs)."
|
|
|
|
if "name" not in parsed:
|
|
return "Frontmatter must include 'name' field."
|
|
if "description" not in parsed:
|
|
return "Frontmatter must include 'description' field."
|
|
if len(str(parsed["description"])) > MAX_DESCRIPTION_LENGTH:
|
|
return f"Description exceeds {MAX_DESCRIPTION_LENGTH} characters."
|
|
|
|
body = content[end_match.end() + 3:].strip()
|
|
if not body:
|
|
return "SKILL.md must have content after the frontmatter (instructions, procedures, etc.)."
|
|
|
|
return None
|
|
|
|
|
|
def _validate_content_size(content: str, label: str = "SKILL.md") -> Optional[str]:
|
|
"""Check that content doesn't exceed the character limit for agent writes.
|
|
|
|
Returns an error message or None if within bounds.
|
|
"""
|
|
if len(content) > MAX_SKILL_CONTENT_CHARS:
|
|
return (
|
|
f"{label} content is {len(content):,} characters "
|
|
f"(limit: {MAX_SKILL_CONTENT_CHARS:,}). "
|
|
f"Consider splitting into a smaller SKILL.md with supporting files "
|
|
f"in references/ or templates/."
|
|
)
|
|
return None
|
|
|
|
|
|
def _resolve_skill_dir(name: str, category: str = None) -> Path:
|
|
"""Build the directory path for a new skill, optionally under a category."""
|
|
if category:
|
|
return SKILLS_DIR / category / name
|
|
return SKILLS_DIR / name
|
|
|
|
|
|
def _find_skill(name: str) -> Optional[Dict[str, Any]]:
|
|
"""
|
|
Find a skill by name across all skill directories.
|
|
|
|
Searches the local skills dir (~/.hermes/skills/) first, then any
|
|
external dirs configured via skills.external_dirs. Returns
|
|
{"path": Path} or None.
|
|
"""
|
|
from agent.skill_utils import get_all_skills_dirs
|
|
for skills_dir in get_all_skills_dirs():
|
|
if not skills_dir.exists():
|
|
continue
|
|
for skill_md in skills_dir.rglob("SKILL.md"):
|
|
if skill_md.parent.name == name:
|
|
return {"path": skill_md.parent}
|
|
return None
|
|
|
|
|
|
def _validate_file_path(file_path: str) -> Optional[str]:
|
|
"""
|
|
Validate a file path for write_file/remove_file.
|
|
Must be under an allowed subdirectory and not escape the skill dir.
|
|
"""
|
|
from tools.path_security import has_traversal_component
|
|
|
|
if not file_path:
|
|
return "file_path is required."
|
|
|
|
normalized = Path(file_path)
|
|
|
|
# Prevent path traversal
|
|
if has_traversal_component(file_path):
|
|
return "Path traversal ('..') is not allowed."
|
|
|
|
# Must be under an allowed subdirectory
|
|
if not normalized.parts or normalized.parts[0] not in ALLOWED_SUBDIRS:
|
|
allowed = ", ".join(sorted(ALLOWED_SUBDIRS))
|
|
return f"File must be under one of: {allowed}. Got: '{file_path}'"
|
|
|
|
# Must have a filename (not just a directory)
|
|
if len(normalized.parts) < 2:
|
|
return f"Provide a file path, not just a directory. Example: '{normalized.parts[0]}/myfile.md'"
|
|
|
|
return None
|
|
|
|
|
|
def _resolve_skill_target(skill_dir: Path, file_path: str) -> Tuple[Optional[Path], Optional[str]]:
|
|
"""Resolve a supporting-file path and ensure it stays within the skill directory."""
|
|
from tools.path_security import validate_within_dir
|
|
|
|
target = skill_dir / file_path
|
|
error = validate_within_dir(target, skill_dir)
|
|
if error:
|
|
return None, error
|
|
return target, None
|
|
|
|
|
|
def _atomic_write_text(file_path: Path, content: str, encoding: str = "utf-8") -> None:
|
|
"""
|
|
Atomically write text content to a file.
|
|
|
|
Uses a temporary file in the same directory and os.replace() to ensure
|
|
the target file is never left in a partially-written state if the process
|
|
crashes or is interrupted.
|
|
|
|
Args:
|
|
file_path: Target file path
|
|
content: Content to write
|
|
encoding: Text encoding (default: utf-8)
|
|
"""
|
|
file_path.parent.mkdir(parents=True, exist_ok=True)
|
|
fd, temp_path = tempfile.mkstemp(
|
|
dir=str(file_path.parent),
|
|
prefix=f".{file_path.name}.tmp.",
|
|
suffix="",
|
|
)
|
|
try:
|
|
with os.fdopen(fd, "w", encoding=encoding) as f:
|
|
f.write(content)
|
|
os.replace(temp_path, file_path)
|
|
except Exception:
|
|
# Clean up temp file on error
|
|
try:
|
|
os.unlink(temp_path)
|
|
except OSError:
|
|
logger.error("Failed to remove temporary file %s during atomic write", temp_path, exc_info=True)
|
|
raise
|
|
|
|
|
|
# =============================================================================
|
|
# Core actions
|
|
# =============================================================================
|
|
|
|
def _create_skill(name: str, content: str, category: str = None) -> Dict[str, Any]:
|
|
"""Create a new user skill with SKILL.md content."""
|
|
# Validate name
|
|
err = _validate_name(name)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
err = _validate_category(category)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
# Validate content
|
|
err = _validate_frontmatter(content)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
err = _validate_content_size(content)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
# Check for name collisions across all directories
|
|
existing = _find_skill(name)
|
|
if existing:
|
|
return {
|
|
"success": False,
|
|
"error": f"A skill named '{name}' already exists at {existing['path']}."
|
|
}
|
|
|
|
# Create the skill directory
|
|
skill_dir = _resolve_skill_dir(name, category)
|
|
skill_dir.mkdir(parents=True, exist_ok=True)
|
|
|
|
# Write SKILL.md atomically
|
|
skill_md = skill_dir / "SKILL.md"
|
|
_atomic_write_text(skill_md, content)
|
|
|
|
# Security scan — roll back on block
|
|
scan_error = _security_scan_skill(skill_dir)
|
|
if scan_error:
|
|
shutil.rmtree(skill_dir, ignore_errors=True)
|
|
return {"success": False, "error": scan_error}
|
|
|
|
result = {
|
|
"success": True,
|
|
"message": f"Skill '{name}' created.",
|
|
"path": str(skill_dir.relative_to(SKILLS_DIR)),
|
|
"skill_md": str(skill_md),
|
|
}
|
|
if category:
|
|
result["category"] = category
|
|
result["hint"] = (
|
|
"To add reference files, templates, or scripts, use "
|
|
"skill_manage(action='write_file', name='{}', file_path='references/example.md', file_content='...')".format(name)
|
|
)
|
|
return result
|
|
|
|
|
|
def _edit_skill(name: str, content: str) -> Dict[str, Any]:
|
|
"""Replace the SKILL.md of any existing skill (full rewrite)."""
|
|
err = _validate_frontmatter(content)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
err = _validate_content_size(content)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
existing = _find_skill(name)
|
|
if not existing:
|
|
return {"success": False, "error": f"Skill '{name}' not found. Use skills_list() to see available skills."}
|
|
|
|
if not _is_local_skill(existing["path"]):
|
|
return {"success": False, "error": f"Skill '{name}' is in an external directory and cannot be modified. Copy it to your local skills directory first."}
|
|
|
|
skill_md = existing["path"] / "SKILL.md"
|
|
# Back up original content for rollback
|
|
original_content = skill_md.read_text(encoding="utf-8") if skill_md.exists() else None
|
|
_atomic_write_text(skill_md, content)
|
|
|
|
# Security scan — roll back on block
|
|
scan_error = _security_scan_skill(existing["path"])
|
|
if scan_error:
|
|
if original_content is not None:
|
|
_atomic_write_text(skill_md, original_content)
|
|
return {"success": False, "error": scan_error}
|
|
|
|
return {
|
|
"success": True,
|
|
"message": f"Skill '{name}' updated.",
|
|
"path": str(existing["path"]),
|
|
}
|
|
|
|
|
|
def _patch_skill(
|
|
name: str,
|
|
old_string: str,
|
|
new_string: str,
|
|
file_path: str = None,
|
|
replace_all: bool = False,
|
|
) -> Dict[str, Any]:
|
|
"""Targeted find-and-replace within a skill file.
|
|
|
|
Defaults to SKILL.md. Use file_path to patch a supporting file instead.
|
|
Requires a unique match unless replace_all is True.
|
|
"""
|
|
if not old_string:
|
|
return {"success": False, "error": "old_string is required for 'patch'."}
|
|
if new_string is None:
|
|
return {"success": False, "error": "new_string is required for 'patch'. Use an empty string to delete matched text."}
|
|
|
|
existing = _find_skill(name)
|
|
if not existing:
|
|
return {"success": False, "error": f"Skill '{name}' not found."}
|
|
|
|
if not _is_local_skill(existing["path"]):
|
|
return {"success": False, "error": f"Skill '{name}' is in an external directory and cannot be modified. Copy it to your local skills directory first."}
|
|
|
|
skill_dir = existing["path"]
|
|
|
|
if file_path:
|
|
# Patching a supporting file
|
|
err = _validate_file_path(file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
target, err = _resolve_skill_target(skill_dir, file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
else:
|
|
# Patching SKILL.md
|
|
target = skill_dir / "SKILL.md"
|
|
|
|
if not target.exists():
|
|
return {"success": False, "error": f"File not found: {target.relative_to(skill_dir)}"}
|
|
|
|
content = target.read_text(encoding="utf-8")
|
|
|
|
# Use the same fuzzy matching engine as the file patch tool.
|
|
# This handles whitespace normalization, indentation differences,
|
|
# escape sequences, and block-anchor matching — saving the agent
|
|
# from exact-match failures on minor formatting mismatches.
|
|
from tools.fuzzy_match import fuzzy_find_and_replace
|
|
|
|
new_content, match_count, _strategy, match_error = fuzzy_find_and_replace(
|
|
content, old_string, new_string, replace_all
|
|
)
|
|
if match_error:
|
|
# Show a short preview of the file so the model can self-correct
|
|
preview = content[:500] + ("..." if len(content) > 500 else "")
|
|
err_msg = match_error
|
|
try:
|
|
from tools.fuzzy_match import format_no_match_hint
|
|
err_msg += format_no_match_hint(match_error, match_count, old_string, content)
|
|
except Exception:
|
|
pass
|
|
return {
|
|
"success": False,
|
|
"error": err_msg,
|
|
"file_preview": preview,
|
|
}
|
|
|
|
# Check size limit on the result
|
|
target_label = "SKILL.md" if not file_path else file_path
|
|
err = _validate_content_size(new_content, label=target_label)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
# If patching SKILL.md, validate frontmatter is still intact
|
|
if not file_path:
|
|
err = _validate_frontmatter(new_content)
|
|
if err:
|
|
return {
|
|
"success": False,
|
|
"error": f"Patch would break SKILL.md structure: {err}",
|
|
}
|
|
|
|
original_content = content # for rollback
|
|
_atomic_write_text(target, new_content)
|
|
|
|
# Security scan — roll back on block
|
|
scan_error = _security_scan_skill(skill_dir)
|
|
if scan_error:
|
|
_atomic_write_text(target, original_content)
|
|
return {"success": False, "error": scan_error}
|
|
|
|
return {
|
|
"success": True,
|
|
"message": f"Patched {'SKILL.md' if not file_path else file_path} in skill '{name}' ({match_count} replacement{'s' if match_count > 1 else ''}).",
|
|
}
|
|
|
|
|
|
def _delete_skill(name: str) -> Dict[str, Any]:
|
|
"""Delete a skill."""
|
|
existing = _find_skill(name)
|
|
if not existing:
|
|
return {"success": False, "error": f"Skill '{name}' not found."}
|
|
|
|
if not _is_local_skill(existing["path"]):
|
|
return {"success": False, "error": f"Skill '{name}' is in an external directory and cannot be deleted."}
|
|
|
|
skill_dir = existing["path"]
|
|
shutil.rmtree(skill_dir)
|
|
|
|
# Clean up empty category directories (don't remove SKILLS_DIR itself)
|
|
parent = skill_dir.parent
|
|
if parent != SKILLS_DIR and parent.exists() and not any(parent.iterdir()):
|
|
parent.rmdir()
|
|
|
|
return {
|
|
"success": True,
|
|
"message": f"Skill '{name}' deleted.",
|
|
}
|
|
|
|
|
|
def _write_file(name: str, file_path: str, file_content: str) -> Dict[str, Any]:
|
|
"""Add or overwrite a supporting file within any skill directory."""
|
|
err = _validate_file_path(file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
if not file_content and file_content != "":
|
|
return {"success": False, "error": "file_content is required."}
|
|
|
|
# Check size limits
|
|
content_bytes = len(file_content.encode("utf-8"))
|
|
if content_bytes > MAX_SKILL_FILE_BYTES:
|
|
return {
|
|
"success": False,
|
|
"error": (
|
|
f"File content is {content_bytes:,} bytes "
|
|
f"(limit: {MAX_SKILL_FILE_BYTES:,} bytes / 1 MiB). "
|
|
f"Consider splitting into smaller files."
|
|
),
|
|
}
|
|
err = _validate_content_size(file_content, label=file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
existing = _find_skill(name)
|
|
if not existing:
|
|
return {"success": False, "error": f"Skill '{name}' not found. Create it first with action='create'."}
|
|
|
|
if not _is_local_skill(existing["path"]):
|
|
return {"success": False, "error": f"Skill '{name}' is in an external directory and cannot be modified. Copy it to your local skills directory first."}
|
|
|
|
target, err = _resolve_skill_target(existing["path"], file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
target.parent.mkdir(parents=True, exist_ok=True)
|
|
# Back up for rollback
|
|
original_content = target.read_text(encoding="utf-8") if target.exists() else None
|
|
_atomic_write_text(target, file_content)
|
|
|
|
# Security scan — roll back on block
|
|
scan_error = _security_scan_skill(existing["path"])
|
|
if scan_error:
|
|
if original_content is not None:
|
|
_atomic_write_text(target, original_content)
|
|
else:
|
|
target.unlink(missing_ok=True)
|
|
return {"success": False, "error": scan_error}
|
|
|
|
return {
|
|
"success": True,
|
|
"message": f"File '{file_path}' written to skill '{name}'.",
|
|
"path": str(target),
|
|
}
|
|
|
|
|
|
def _remove_file(name: str, file_path: str) -> Dict[str, Any]:
|
|
"""Remove a supporting file from any skill directory."""
|
|
err = _validate_file_path(file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
|
|
existing = _find_skill(name)
|
|
if not existing:
|
|
return {"success": False, "error": f"Skill '{name}' not found."}
|
|
|
|
if not _is_local_skill(existing["path"]):
|
|
return {"success": False, "error": f"Skill '{name}' is in an external directory and cannot be modified."}
|
|
|
|
skill_dir = existing["path"]
|
|
|
|
target, err = _resolve_skill_target(skill_dir, file_path)
|
|
if err:
|
|
return {"success": False, "error": err}
|
|
if not target.exists():
|
|
# List what's actually there for the model to see
|
|
available = []
|
|
for subdir in ALLOWED_SUBDIRS:
|
|
d = skill_dir / subdir
|
|
if d.exists():
|
|
for f in d.rglob("*"):
|
|
if f.is_file():
|
|
available.append(str(f.relative_to(skill_dir)))
|
|
return {
|
|
"success": False,
|
|
"error": f"File '{file_path}' not found in skill '{name}'.",
|
|
"available_files": available if available else None,
|
|
}
|
|
|
|
target.unlink()
|
|
|
|
# Clean up empty subdirectories
|
|
parent = target.parent
|
|
if parent != skill_dir and parent.exists() and not any(parent.iterdir()):
|
|
parent.rmdir()
|
|
|
|
return {
|
|
"success": True,
|
|
"message": f"File '{file_path}' removed from skill '{name}'.",
|
|
}
|
|
|
|
|
|
# =============================================================================
|
|
# Main entry point
|
|
# =============================================================================
|
|
|
|
def skill_manage(
|
|
action: str,
|
|
name: str,
|
|
content: str = None,
|
|
category: str = None,
|
|
file_path: str = None,
|
|
file_content: str = None,
|
|
old_string: str = None,
|
|
new_string: str = None,
|
|
replace_all: bool = False,
|
|
) -> str:
|
|
"""
|
|
Manage user-created skills. Dispatches to the appropriate action handler.
|
|
|
|
Returns JSON string with results.
|
|
"""
|
|
if action == "create":
|
|
if not content:
|
|
return tool_error("content is required for 'create'. Provide the full SKILL.md text (frontmatter + body).", success=False)
|
|
result = _create_skill(name, content, category)
|
|
|
|
elif action == "edit":
|
|
if not content:
|
|
return tool_error("content is required for 'edit'. Provide the full updated SKILL.md text.", success=False)
|
|
result = _edit_skill(name, content)
|
|
|
|
elif action == "patch":
|
|
if not old_string:
|
|
return tool_error("old_string is required for 'patch'. Provide the text to find.", success=False)
|
|
if new_string is None:
|
|
return tool_error("new_string is required for 'patch'. Use empty string to delete matched text.", success=False)
|
|
result = _patch_skill(name, old_string, new_string, file_path, replace_all)
|
|
|
|
elif action == "delete":
|
|
result = _delete_skill(name)
|
|
|
|
elif action == "write_file":
|
|
if not file_path:
|
|
return tool_error("file_path is required for 'write_file'. Example: 'references/api-guide.md'", success=False)
|
|
if file_content is None:
|
|
return tool_error("file_content is required for 'write_file'.", success=False)
|
|
result = _write_file(name, file_path, file_content)
|
|
|
|
elif action == "remove_file":
|
|
if not file_path:
|
|
return tool_error("file_path is required for 'remove_file'.", success=False)
|
|
result = _remove_file(name, file_path)
|
|
|
|
else:
|
|
result = {"success": False, "error": f"Unknown action '{action}'. Use: create, edit, patch, delete, write_file, remove_file"}
|
|
|
|
if result.get("success"):
|
|
try:
|
|
from agent.prompt_builder import clear_skills_system_prompt_cache
|
|
clear_skills_system_prompt_cache(clear_snapshot=True)
|
|
except Exception:
|
|
pass
|
|
|
|
return json.dumps(result, ensure_ascii=False)
|
|
|
|
|
|
# =============================================================================
|
|
# OpenAI Function-Calling Schema
|
|
# =============================================================================
|
|
|
|
SKILL_MANAGE_SCHEMA = {
|
|
"name": "skill_manage",
|
|
"description": (
|
|
"Manage skills (create, update, delete). Skills are your procedural "
|
|
"memory — reusable approaches for recurring task types. "
|
|
f"New skills go to {display_hermes_home()}/skills/; existing skills can be modified wherever they live.\n\n"
|
|
"Actions: create (full SKILL.md + optional category), "
|
|
"patch (old_string/new_string — preferred for fixes), "
|
|
"edit (full SKILL.md rewrite — major overhauls only), "
|
|
"delete, write_file, remove_file.\n\n"
|
|
"Create when: complex task succeeded (5+ calls), errors overcome, "
|
|
"user-corrected approach worked, non-trivial workflow discovered, "
|
|
"or user asks you to remember a procedure.\n"
|
|
"Update when: instructions stale/wrong, OS-specific failures, "
|
|
"missing steps or pitfalls found during use. "
|
|
"If you used a skill and hit issues not covered by it, patch it immediately.\n\n"
|
|
"After difficult/iterative tasks, offer to save as a skill. "
|
|
"Skip for simple one-offs. Confirm with user before creating/deleting.\n\n"
|
|
"Good skills: trigger conditions, numbered steps with exact commands, "
|
|
"pitfalls section, verification steps. Use skill_view() to see format examples."
|
|
),
|
|
"parameters": {
|
|
"type": "object",
|
|
"properties": {
|
|
"action": {
|
|
"type": "string",
|
|
"enum": ["create", "patch", "edit", "delete", "write_file", "remove_file"],
|
|
"description": "The action to perform."
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": (
|
|
"Skill name (lowercase, hyphens/underscores, max 64 chars). "
|
|
"Must match an existing skill for patch/edit/delete/write_file/remove_file."
|
|
)
|
|
},
|
|
"content": {
|
|
"type": "string",
|
|
"description": (
|
|
"Full SKILL.md content (YAML frontmatter + markdown body). "
|
|
"Required for 'create' and 'edit'. For 'edit', read the skill "
|
|
"first with skill_view() and provide the complete updated text."
|
|
)
|
|
},
|
|
"old_string": {
|
|
"type": "string",
|
|
"description": (
|
|
"Text to find in the file (required for 'patch'). Must be unique "
|
|
"unless replace_all=true. Include enough surrounding context to "
|
|
"ensure uniqueness."
|
|
)
|
|
},
|
|
"new_string": {
|
|
"type": "string",
|
|
"description": (
|
|
"Replacement text (required for 'patch'). Can be empty string "
|
|
"to delete the matched text."
|
|
)
|
|
},
|
|
"replace_all": {
|
|
"type": "boolean",
|
|
"description": "For 'patch': replace all occurrences instead of requiring a unique match (default: false)."
|
|
},
|
|
"category": {
|
|
"type": "string",
|
|
"description": (
|
|
"Optional category/domain for organizing the skill (e.g., 'devops', "
|
|
"'data-science', 'mlops'). Creates a subdirectory grouping. "
|
|
"Only used with 'create'."
|
|
)
|
|
},
|
|
"file_path": {
|
|
"type": "string",
|
|
"description": (
|
|
"Path to a supporting file within the skill directory. "
|
|
"For 'write_file'/'remove_file': required, must be under references/, "
|
|
"templates/, scripts/, or assets/. "
|
|
"For 'patch': optional, defaults to SKILL.md if omitted."
|
|
)
|
|
},
|
|
"file_content": {
|
|
"type": "string",
|
|
"description": "Content for the file. Required for 'write_file'."
|
|
},
|
|
},
|
|
"required": ["action", "name"],
|
|
},
|
|
}
|
|
|
|
|
|
# --- Registry ---
|
|
from tools.registry import registry, tool_error
|
|
|
|
registry.register(
|
|
name="skill_manage",
|
|
toolset="skills",
|
|
schema=SKILL_MANAGE_SCHEMA,
|
|
handler=lambda args, **kw: skill_manage(
|
|
action=args.get("action", ""),
|
|
name=args.get("name", ""),
|
|
content=args.get("content"),
|
|
category=args.get("category"),
|
|
file_path=args.get("file_path"),
|
|
file_content=args.get("file_content"),
|
|
old_string=args.get("old_string"),
|
|
new_string=args.get("new_string"),
|
|
replace_all=args.get("replace_all", False)),
|
|
emoji="📝",
|
|
)
|