@dollhousemcp/mcp-server
Version:
DollhouseMCP - A Model Context Protocol (MCP) server that enables dynamic AI persona management from markdown files, allowing Claude and other compatible AI assistants to activate and switch between different behavioral personas.
109 lines • 3.58 kB
TypeScript
/**
* Skill element class implementing IElement interface.
* Represents a discrete capability for specific tasks.
*
* SECURITY FIXES IMPLEMENTED (PR #319):
* 1. CRITICAL: Added comprehensive input validation for all skill parameters
* 2. MEDIUM: Implemented Unicode normalization to prevent homograph attacks
* 3. MEDIUM: Added audit logging for security events via SecurityMonitor
* 4. MEDIUM: Implemented memory management to prevent unbounded growth
* 5. MEDIUM: Added XSS protection through input sanitization
*/
import { BaseElement } from '../BaseElement.js';
import { IElement, IElementMetadata, ElementValidationResult } from '../../types/elements/index.js';
export interface SkillMetadata extends IElementMetadata {
languages?: string[];
complexity?: 'beginner' | 'intermediate' | 'advanced' | 'expert';
domains?: string[];
prerequisites?: string[];
parameters?: SkillParameter[];
examples?: SkillExample[];
certification?: string;
proficiency_level?: number;
}
export interface SkillParameter {
name: string;
type: 'string' | 'number' | 'boolean' | 'enum';
description: string;
required?: boolean;
default?: any;
options?: string[];
min?: number;
max?: number;
}
export interface SkillExample {
title: string;
description: string;
input?: any;
output?: any;
code?: string;
}
export declare class Skill extends BaseElement implements IElement {
metadata: SkillMetadata;
instructions: string;
parameters: Map<string, any>;
private readonly MAX_PARAMETER_COUNT;
private readonly MAX_PARAMETER_SIZE;
constructor(metadata: Partial<SkillMetadata>, instructions?: string);
/**
* Initialize parameters with default values
*/
private initializeParameters;
/**
* Set a parameter value
* SECURITY FIX #1: Comprehensive input validation for all skill parameters
* Previously: Parameters were set without validation, creating security risks
* Now: Full validation pipeline including sanitization, type checking, and size limits
*/
setParameter(name: string, value: any): void;
/**
* Get a parameter value
*/
getParameter(name: string): any;
/**
* Get all parameters as object
*/
getAllParameters(): Record<string, any>;
/**
* Validate parameter value against its definition
*/
private validateParameterValue;
/**
* Execute the skill with current parameters
*/
execute(input?: any): Promise<any>;
/**
* Skill-specific validation
*/
validate(): ElementValidationResult;
/**
* Serialize skill to JSON format
*/
serialize(): string;
/**
* Deserialize skill from JSON format
*/
deserialize(data: string): void;
/**
* Skill activation lifecycle
*/
activate(): Promise<void>;
/**
* Clone the skill with different parameters
*/
clone(newParameters?: Record<string, any>): Skill;
/**
* Skill deactivation lifecycle
* SECURITY FIX #4: Automatically clears parameters on deactivation
* to prevent memory leaks in long-running processes
*/
deactivate(): Promise<void>;
/**
* Clear all parameters (for memory management)
* SECURITY FIX #4: Added method to clear parameters and prevent memory leaks
* Previously: Parameters accumulated indefinitely in long-running processes
* Now: Provides explicit cleanup mechanism called during deactivation
*/
clearParameters(): void;
}
//# sourceMappingURL=Skill.d.ts.map