metaend.eth.xyz
commits
New tool: errparse normalizes any HTTP error to RFC 9457 JSON.
Updated README demo registry, CLAUDE/AGENTS docs, recommendation
files, SKILL.md, and install.sh default tools list.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 0e888c5fd831
Feature yuzoo's wasmbox-hermes bridge (auto-generates Hermes skill
files from installed tools) and include agent feedback quotes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 69139bb1ee59
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 36d9ae668e80
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: df1f863ed510
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: a820c6cac717
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: d9dc937bafd9
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: d98f575452be
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: ac75222d8823
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: ce2b118b4d84
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 6aeeed07ef46
Add b64 (base64 encode/decode) to available tools in CLAUDE.md,
CLAUDE-recommendation.md, and AGENTS-recommendation.md. Create
AGENTS.md as agent-agnostic project instructions with WasmBox
tool usage section.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 59cb2e7628c5
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 4cedd0b7ca0e
- reqwest 0.12 → 0.13 (rustls-tls renamed to rustls; webpki-roots bundled)
- toml 0.8 → 1.0 (TOML spec 1.1)
- Catch I32Exit trap in runtime so proc_exit(non_zero) from tools is
treated as ToolExited (silent exit with code 1) rather than printing
a wasmtime error — fixes noisy output when piping secretscan | jfmt
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 0cbb3593a0f8
Add RuntimeError::ToolExited variant for proc_exit(N>0). CLI now exits
with code 1 instead of printing a wasmtime backtrace when a tool exits
non-zero (e.g. secretscan finding secrets).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 7e30295cea50
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: c1c19f6a5b55
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 24976600aad4
SKILL.md was jfmt-specific; now documents the wasmbox runtime itself
with agent workflow, install/run patterns, and capability grants.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: f86134b1249d
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: bf5745eb8268
- info --json now merges the [agent] section into the flat metadata output
- README rewritten to lead with agent-first design: skill files, [agent]
manifest block, machine-readable info output, registry protocol updated
to document <name>.md skill artifact
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: ddcfff3f3fa7
Adds AgentSection and AgentMode structs to support the optional [agent]
block in wasmbox.toml, including prompt, skill, modes array, and
exit_codes table.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: f11b789b097e
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 68f0f7686d98
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: ddab87215923
Link to live Quilibrium-hosted registry with jfmt tool examples.
Update test count to 72.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 15cf6c05c335
When --allow-all or --allow flags are used on an installed tool, save
the granted capabilities to permissions.toml so future runs work
without flags, including piped/non-TTY invocations by agents.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 3e188452b9d8
Pass arguments after -- to the WASM tool via WASI argv. Set argv[0]
to "tool" as WASI convention requires. When --allow-all is used with
--file (no manifest), default to stdin+stdout instead of empty caps.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 9147232b7402
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 91e3d17c4b2e
Prevent concurrent CLI invocations from corrupting permissions.toml by
holding an exclusive advisory lock (fs4) for the PermissionStore lifetime.
Add LTO, strip, codegen-units=1, and panic=abort to release profile,
reducing binary from ~26MB to 18.65MB (under 20MB target).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 7336ba83e167
Write to a staging temp dir first, then rename into final location.
Applies to both install and update paths. If interrupted mid-write,
no partial files are left in the cache.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: f1f47ccc6ee5
Covers: corrupted/empty/missing wasm files, missing cache entries,
corrupt config.toml/permissions.toml/manifest, nonexistent tools,
registry errors (500, invalid JSON, 404 for wasm/manifest), empty
registries, duplicate install, version-specific remove, no-args run,
revoke on missing permissions, duplicate registry add/remove.
All edge cases handled gracefully by existing code.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 4d080b3103c3
- wasmtime/wasmtime-wasi 31 → 42 (latest)
- Adapt runtime to new API: IoView removed, WasiView returns
WasiCtxView, add_to_linker_sync moved to p2 module
- deny.toml: remove all advisory ignores (zero advisories now)
- All 44 tests pass
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 5f0a45e801bd
- deny.toml: cargo-deny config with license allowlist and wasmtime
advisory ignores (upgrade to 38+ planned)
- README.md: usage guide, commands, security model, architecture
- CLAUDE.md: updated to reflect actual implementation state —
integration tests location, all CLI commands, binary size, and
wasmtime advisory notes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 6c64c4e79a98
Sandboxed WebAssembly tool launcher with 7 crates (cli, runtime,
registry, permissions, verify, manifest, shared). Features include
install from registry, sandboxed execution via Wasmtime, SHA-256
hash verification, capability-based permissions, and 27 integration
tests covering the complete install → run → update → remove flow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- reqwest 0.12 → 0.13 (rustls-tls renamed to rustls; webpki-roots bundled)
- toml 0.8 → 1.0 (TOML spec 1.1)
- Catch I32Exit trap in runtime so proc_exit(non_zero) from tools is
treated as ToolExited (silent exit with code 1) rather than printing
a wasmtime error — fixes noisy output when piping secretscan | jfmt
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 0cbb3593a0f8
- info --json now merges the [agent] section into the flat metadata output
- README rewritten to lead with agent-first design: skill files, [agent]
manifest block, machine-readable info output, registry protocol updated
to document <name>.md skill artifact
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Entire-Checkpoint: ddcfff3f3fa7
Prevent concurrent CLI invocations from corrupting permissions.toml by
holding an exclusive advisory lock (fs4) for the PermissionStore lifetime.
Add LTO, strip, codegen-units=1, and panic=abort to release profile,
reducing binary from ~26MB to 18.65MB (under 20MB target).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 7336ba83e167
Covers: corrupted/empty/missing wasm files, missing cache entries,
corrupt config.toml/permissions.toml/manifest, nonexistent tools,
registry errors (500, invalid JSON, 404 for wasm/manifest), empty
registries, duplicate install, version-specific remove, no-args run,
revoke on missing permissions, duplicate registry add/remove.
All edge cases handled gracefully by existing code.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 4d080b3103c3
- wasmtime/wasmtime-wasi 31 → 42 (latest)
- Adapt runtime to new API: IoView removed, WasiView returns
WasiCtxView, add_to_linker_sync moved to p2 module
- deny.toml: remove all advisory ignores (zero advisories now)
- All 44 tests pass
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 5f0a45e801bd
- deny.toml: cargo-deny config with license allowlist and wasmtime
advisory ignores (upgrade to 38+ planned)
- README.md: usage guide, commands, security model, architecture
- CLAUDE.md: updated to reflect actual implementation state —
integration tests location, all CLI commands, binary size, and
wasmtime advisory notes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Entire-Checkpoint: 6c64c4e79a98
Sandboxed WebAssembly tool launcher with 7 crates (cli, runtime,
registry, permissions, verify, manifest, shared). Features include
install from registry, sandboxed execution via Wasmtime, SHA-256
hash verification, capability-based permissions, and 27 integration
tests covering the complete install → run → update → remove flow.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>