silkweb-protocol
diff --git a/‎api/main.py‎
Lines changed: 2 additions & 1 deletion b/‎api/main.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎api/routers/agents_proxy.py‎
Lines changed: 266 additions & 0 deletions b/‎api/routers/agents_proxy.py‎
Lines changed: 266 additions & 0 deletions
diff --git a/‎launch-kit/custom-gpt-instructions.md‎
Lines changed: 100 additions & 0 deletions b/‎launch-kit/custom-gpt-instructions.md‎
Lines changed: 100 additions & 0 deletions
@@ -21,7 +21,7 @@
 from api.config import settings
 from api.middleware.rate_limit import RateLimitMiddleware
 from api.middleware.security import SecurityHeadersMiddleware
-from api.routers import agents, discovery, health, receipts, tasks
+from api.routers import agents, agents_proxy, discovery, health, receipts, tasks
 
 # Logging
 logging.basicConfig(
@@ -93,6 +93,7 @@ def create_app() -> FastAPI:
     app.include_router(discovery.router)
     app.include_router(tasks.router)
     app.include_router(receipts.router)
+    app.include_router(agents_proxy.router)
 
     return app
 
 
@@ -0,0 +1,266 @@
+"""SilkWeb Agent Proxy Router.
+
+Proxies requests from api.silkweb.io/agents/{agent_name}/{path}
+to the correct localhost port where each agent runs.
+
+Agent port mapping:
+  aegis     -> 3003  (Cybersecurity)
+  navigator -> 3004  (Logistics)
+  sentinel  -> 3005  (IT Ops)
+  oracle    -> 3006  (Finance)
+  atlas     -> 3007  (Geospatial)
+  justice   -> 3008  (Legal)
+  shield    -> 3009  (Personal Injury)
+  fortress  -> 3010  (Criminal Defense)
+  design    -> 3002  (Design)
+"""
+
+import logging
+from typing import Any
+
+import httpx
+from fastapi import APIRouter, Request
+from fastapi.responses import JSONResponse
+
+logger = logging.getLogger("silkweb.agents_proxy")
+
+router = APIRouter(prefix="/agents", tags=["agents-proxy"])
+
+# ── Agent name -> localhost port mapping ──────────────────────────
+
+AGENT_PORTS: dict[str, int] = {
+    "aegis": 3003,
+    "navigator": 3004,
+    "sentinel": 3005,
+    "oracle": 3006,
+    "atlas": 3007,
+    "justice": 3008,
+    "shield": 3009,
+    "fortress": 3010,
+    "design": 3002,
+}
+
+AGENT_METADATA: dict[str, dict[str, str]] = {
+    "aegis": {
+        "id": "aegis-security",
+        "name": "AEGIS",
+        "description": "Cybersecurity Threat Intelligence — URL scanning, SSL inspection, domain reputation, email security",
+    },
+    "navigator": {
+        "id": "navigator-logistics",
+        "name": "NAVIGATOR",
+        "description": "Global Logistics Intelligence — route calculation, multimodal optimization, customs compliance, carbon footprint",
+    },
+    "sentinel": {
+        "id": "sentinel-ops",
+        "name": "SENTINEL",
+        "description": "IT Infrastructure Monitoring — health checks, DNS resolution, SSL expiry, log analysis, incident classification",
+    },
+    "oracle": {
+        "id": "oracle-finance",
+        "name": "ORACLE",
+        "description": "Financial Intelligence — company analysis, risk scoring, Benford's Law fraud detection, regulatory compliance",
+    },
+    "atlas": {
+        "id": "atlas-geospatial",
+        "name": "ATLAS",
+        "description": "Geospatial Intelligence — distance calculations, geofencing, sun position, route analysis",
+    },
+    "justice": {
+        "id": "justice-legal",
+        "name": "JUSTICE",
+        "description": "General Legal & Contract Law — contract analysis, NDA review, statute research, clause drafting, compliance",
+    },
+    "shield": {
+        "id": "shield-injury",
+        "name": "SHIELD",
+        "description": "Personal Injury / Accident Law — case evaluation, damage calculation, statute of limitations, insurance analysis",
+    },
+    "fortress": {
+        "id": "fortress-defense",
+        "name": "FORTRESS",
+        "description": "Criminal Defense Intelligence — charge analysis, constitutional rights, evidence suppression, sentencing guidelines",
+    },
+    "design": {
+        "id": "sphinx-design",
+        "name": "SPHINX",
+        "description": "Design Intelligence Agent",
+    },
+}
+
+# Proxy timeout in seconds
+PROXY_TIMEOUT = 10.0
+
+# Shared httpx async client (created lazily)
+_client: httpx.AsyncClient | None = None
+
+
+async def _get_client() -> httpx.AsyncClient:
+    """Get or create the shared httpx async client."""
+    global _client
+    if _client is None or _client.is_closed:
+        _client = httpx.AsyncClient(
+            timeout=httpx.Timeout(PROXY_TIMEOUT, connect=5.0),
+            follow_redirects=False,
+            limits=httpx.Limits(max_connections=50, max_keepalive_connections=10),
+        )
+    return _client
+
+
+# ── /agents/list — Agent directory ───────────────────────────────
+
+@router.get("/list")
+async def list_agents() -> JSONResponse:
+    """Return a directory of all available agents with metadata."""
+    agents = []
+    client = await _get_client()
+
+    for name, port in AGENT_PORTS.items():
+        meta = AGENT_METADATA.get(name, {})
+        entry = {
+            "id": meta.get("id", name),
+            "name": meta.get("name", name.upper()),
+            "description": meta.get("description", ""),
+            "proxy_prefix": f"/agents/{name}",
+            "status": "unknown",
+        }
+
+        # Quick health check (non-blocking, with short timeout)
+        try:
+            resp = await client.get(
+                f"http://127.0.0.1:{port}/health",
+                timeout=httpx.Timeout(2.0),
+            )
+            if resp.status_code == 200:
+                entry["status"] = "operational"
+            else:
+                entry["status"] = "degraded"
+        except Exception:
+            entry["status"] = "offline"
+
+        agents.append(entry)
+
+    return JSONResponse(
+        content={"agents": agents, "count": len(agents)},
+        headers=_cors_headers(),
+    )
+
+
+# ── Catch-all proxy: /agents/{agent_name}/{path} ────────────────
+
+@router.api_route(
+    "/{agent_name}/{path:path}",
+    methods=["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
+)
+async def proxy_to_agent(agent_name: str, path: str, request: Request) -> JSONResponse:
+    """Proxy a request to the correct agent's localhost port.
+
+    Maps:
+        POST /agents/aegis/scan/url  ->  POST http://127.0.0.1:3003/scan/url
+        POST /agents/oracle/analyze/company  ->  POST http://127.0.0.1:3006/analyze/company
+    """
+    # Handle CORS preflight
+    if request.method == "OPTIONS":
+        return JSONResponse(content={}, status_code=204, headers=_cors_headers())
+
+    # Resolve agent
+    agent_key = agent_name.lower()
+    port = AGENT_PORTS.get(agent_key)
+
+    if port is None:
+        return JSONResponse(
+            status_code=404,
+            content={
+                "error": f"Unknown agent: {agent_name}",
+                "available_agents": list(AGENT_PORTS.keys()),
+            },
+            headers=_cors_headers(),
+        )
+
+    # Build target URL
+    target_url = f"http://127.0.0.1:{port}/{path}"
+
+    # Read request body (if any)
+    body: bytes | None = None
+    if request.method in ("POST", "PUT", "PATCH"):
+        body = await request.body()
+
+    # Forward headers (only safe ones)
+    forward_headers: dict[str, str] = {}
+    content_type = request.headers.get("content-type")
+    if content_type:
+        forward_headers["Content-Type"] = content_type
+    authorization = request.headers.get("authorization")
+    if authorization:
+        forward_headers["Authorization"] = authorization
+
+    # Proxy the request
+    client = await _get_client()
+    try:
+        resp = await client.request(
+            method=request.method,
+            url=target_url,
+            content=body,
+            headers=forward_headers,
+        )
+
+        # Try to return as JSON, fall back to plain text
+        try:
+            response_json = resp.json()
+            return JSONResponse(
+                content=response_json,
+                status_code=resp.status_code,
+                headers=_cors_headers(),
+            )
+        except Exception:
+            return JSONResponse(
+                content={"raw": resp.text},
+                status_code=resp.status_code,
+                headers=_cors_headers(),
+            )
+
+    except httpx.TimeoutException:
+        logger.warning(f"Timeout proxying to {agent_key} at {target_url}")
+        return JSONResponse(
+            status_code=504,
+            content={
+                "error": "Agent request timed out",
+                "agent": agent_key,
+                "timeout_seconds": PROXY_TIMEOUT,
+            },
+            headers=_cors_headers(),
+        )
+    except httpx.ConnectError:
+        logger.warning(f"Connection refused for {agent_key} at {target_url}")
+        return JSONResponse(
+            status_code=502,
+            content={
+                "error": f"Agent '{agent_key}' is not running or unreachable",
+                "agent": agent_key,
+                "port": port,
+            },
+            headers=_cors_headers(),
+        )
+    except Exception as exc:
+        logger.error(f"Proxy error for {agent_key}: {exc}")
+        return JSONResponse(
+            status_code=502,
+            content={
+                "error": "Proxy error",
+                "agent": agent_key,
+                "detail": str(exc),
+            },
+            headers=_cors_headers(),
+        )
+
+
+# ── CORS helper ──────────────────────────────────────────────────
+
+def _cors_headers() -> dict[str, str]:
+    """Return CORS headers that allow ChatGPT Custom GPT Actions."""
+    return {
+        "Access-Control-Allow-Origin": "*",
+        "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, OPTIONS",
+        "Access-Control-Allow-Headers": "Authorization, Content-Type, openai-conversation-id, openai-ephemeral-user-id",
+        "Access-Control-Max-Age": "3600",
+    }
@@ -0,0 +1,100 @@
+# SilkWeb Agents — Custom GPT Configuration
+
+## GPT Name
+
+SilkWeb Agents
+
+## GPT Description (for Store listing)
+
+Access 8 specialized AI agents for cybersecurity scanning, logistics routing, infrastructure monitoring, financial analysis, geospatial intelligence, contract law, personal injury evaluation, and criminal defense research. Real analytical tools, not just chat.
+
+## System Prompt / Instructions
+
+You are **SilkWeb Agents**, a gateway to a network of 8 specialized AI agents. Each agent has real analytical capabilities -- they perform actual computations, network requests, and data lookups rather than generating approximations.
+
+### Available Agents
+
+1. **AEGIS** (Cybersecurity) -- Scan URLs for security headers, inspect SSL certificates, analyze domain DNS/email authentication, check email security, and test password strength.
+2. **NAVIGATOR** (Logistics) -- Calculate shipping routes with haversine distance, compare transport modes (air/sea/rail/truck) for cost/time/CO2, check customs compliance between countries, and estimate carbon footprint.
+3. **SENTINEL** (IT Ops) -- Perform HTTP health checks on websites, resolve DNS across multiple public resolvers, monitor SSL certificate expiry, analyze log files for errors and patterns, and classify incidents with root cause suggestions.
+4. **ORACLE** (Finance) -- Analyze company financials with 20+ ratios and a health grade, assess partnership risk between two companies, detect fraud using Benford's Law and anomaly detection, and check regulatory compliance across 7 jurisdictions.
+5. **ATLAS** (Geospatial) -- Calculate precise distances using Vincenty/haversine formulas, test point-in-polygon geofences, look up elevation data, compute sunrise/sunset/twilight times, and analyze multi-waypoint routes.
+6. **JUSTICE** (Legal) -- Analyze contract text for risky clauses and missing protections, review NDAs for scope and enforceability, research statutes by legal topic, draft standard clause language from templates, and check business compliance requirements.
+7. **SHIELD** (Personal Injury) -- Evaluate case strength with settlement range estimates, calculate economic and non-economic damages, check statute of limitations deadlines by state, analyze insurance policy coverage gaps, and provide accident action guides.
+8. **FORTRESS** (Criminal Defense) -- Look up federal charges with elements and penalties, explain constitutional rights by situation, analyze evidence for suppression arguments, calculate sentencing guidelines, and compare charges for plea bargain strategy.
+
+### How to Use the Agents
+
+When a user asks a question, determine which agent(s) are relevant and call the appropriate action. You can call multiple agents in a single turn if the question spans domains.
+
+**Always present the results in a clear, readable format.** Highlight key findings, scores, grades, and actionable recommendations. Use tables when comparing data.
+
+**Important disclaimers:**
+- Legal agents (JUSTICE, SHIELD, FORTRESS) provide AI-generated legal **information**, not legal advice. Always remind users to consult a licensed attorney.
+- Financial analysis (ORACLE) is for informational purposes only, not investment advice.
+- Security scans (AEGIS, SENTINEL) provide a point-in-time assessment and should supplement, not replace, professional security audits.
+
+### Response Guidelines
+
+- Be direct and actionable. Lead with the most important findings.
+- When an agent returns a grade (A-F) or score, always mention it prominently.
+- For security scans, prioritize critical and high-severity findings.
+- For legal queries, always include the disclaimer about consulting an attorney.
+- For financial analysis, explain what the ratios mean in plain language.
+- For logistics, highlight the recommended option (fastest, cheapest, greenest).
+- If an agent returns an error (e.g., could not resolve a location), explain it clearly and suggest alternatives.
+
+### Agent Selection Guide
+
+| User Intent | Agent | Action |
+|---|---|---|
+| "Is this website secure?" | AEGIS | aegisFullReport or aegisScanUrl |
+| "Check SSL certificate" | AEGIS | aegisScanSsl |
+| "Is this email legit?" | AEGIS | aegisScanEmail |
+| "How strong is this password?" | AEGIS | aegisScanPassword |
+| "Ship from Shanghai to LA" | NAVIGATOR | navigatorRouteCalculate |
+| "Customs docs for US to China" | NAVIGATOR | navigatorComplianceCustoms |
+| "Carbon footprint of shipping" | NAVIGATOR | navigatorEstimateCarbon |
+| "Is example.com up?" | SENTINEL | sentinelMonitorHealth |
+| "Check DNS for my domain" | SENTINEL | sentinelMonitorDns |
+| "Analyze these server logs" | SENTINEL | sentinelAnalyzeLogs |
+| "Server is down, help!" | SENTINEL | sentinelAnalyzeIncident |
+| "Analyze this company's finances" | ORACLE | oracleAnalyzeCompany |
+| "Is this partnership risky?" | ORACLE | oracleAnalyzeRisk |
+| "Check these numbers for fraud" | ORACLE | oracleDetectFraud |
+| "What regulations apply to us?" | ORACLE | oracleComplianceCheck |
+| "Distance from Tokyo to London" | ATLAS | atlasGeoDistance |
+| "Is this point inside my zone?" | ATLAS | atlasGeoGeofence |
+| "Sunrise time in Paris" | ATLAS | atlasGeoSun |
+| "Review this contract" | JUSTICE | justiceAnalyzeContract |
+| "Analyze this NDA" | JUSTICE | justiceAnalyzeNda |
+| "What law covers breach of contract?" | JUSTICE | justiceResearchStatute |
+| "Draft an indemnification clause" | JUSTICE | justiceDraftClause |
+| "I was in a car accident" | SHIELD | shieldEvaluateCase |
+| "Calculate my injury damages" | SHIELD | shieldCalculateDamages |
+| "Has my statute of limitations expired?" | SHIELD | shieldCheckStatute |
+| "Analyze my auto insurance" | SHIELD | shieldAnalyzeInsurance |
+| "What should I do after a slip and fall?" | SHIELD | shieldGuideSteps |
+| "What is wire fraud?" | FORTRESS | fortressAnalyzeCharge |
+| "What are my rights during a traffic stop?" | FORTRESS | fortressRightsExplain |
+| "Can this evidence be suppressed?" | FORTRESS | fortressAnalyzeEvidence |
+| "What sentence for drug trafficking?" | FORTRESS | fortressSentencingGuide |
+| "Compare wire fraud vs mail fraud" | FORTRESS | fortressCompareCharges |
+
+## Conversation Starters
+
+- Run a full security scan on my website
+- Calculate the cheapest shipping route from Shanghai to Los Angeles
+- Analyze this contract for risky clauses
+- What are the penalties for wire fraud?
+- Check if my company needs to comply with GDPR
+- What are my rights if I get pulled over?
+- Calculate damages for my car accident injuries
+- How far is it from Tokyo to London?
+
+## Configuration Notes
+
+- **Authentication**: None required (public API, rate-limited)
+- **API Server**: `https://api.silkweb.io`
+- **OpenAPI Spec URL**: `https://silkweb.io/openapi.json`
+- **Privacy Policy**: `https://silkweb.io/privacy`