feat: add browser script skill execution

2026-03-30 02:15:07 +08:00
parent f7e2ff256e
commit d2c9902966
22 changed files with 1775 additions and 249 deletions
--- a/tests/browser_tool_test.rs
+++ b/tests/browser_tool_test.rs
@@ -5,7 +5,9 @@ use std::sync::Arc;
 use std::time::Duration;

 use common::MockTransport;
-use sgclaw::pipe::{Action, AgentMessage, BrowserMessage, BrowserPipeTool, Timing};
+use sgclaw::pipe::{
+    Action, AgentMessage, BrowserMessage, BrowserPipeTool, ExecutionSurfaceKind, Timing,
+};
 use sgclaw::security::MacPolicy;

 fn test_policy() -> MacPolicy {
@@ -84,6 +86,20 @@ fn browser_tool_rejects_action_when_mac_policy_blocks_it() {
    assert!(err.to_string().contains("action is not allowed"));
 }

+#[test]
+fn browser_tool_exposes_privileged_surface_metadata_backed_by_mac_policy() {
+    let transport = Arc::new(MockTransport::new(vec![]));
+    let tool = BrowserPipeTool::new(transport, test_policy(), vec![1, 2, 3, 4]);
+    let metadata = tool.surface_metadata();
+
+    assert_eq!(metadata.kind, ExecutionSurfaceKind::PrivilegedBrowserPipe);
+    assert!(metadata.privileged);
+    assert!(!metadata.defines_runtime_identity);
+    assert_eq!(metadata.guard, "mac_policy");
+    assert_eq!(metadata.allowed_domains, vec!["oa.example.com", "erp.example.com"]);
+    assert_eq!(metadata.allowed_actions, vec!["click", "type", "navigate", "getText"]);
+}
+
 #[test]
 fn default_rules_allow_zhihu_navigation() {
    let rules_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"))