feat: add terminal tool for command execution

- Implement Terminal tool
- Add security restrictions to prevent dangerous commands
- Update team configuration template to use terminal tool

Author: zhayujie

README.md

@@ -179,6 +179,8 @@ Coming soon
 - **current_time**: Current time retrieval tool solving model time awareness issues
 - **browser**: Web browsing tool based on browser-use, supporting web access, content extraction, and interaction
 - **google_search**: Search engine tool for retrieving up-to-date information
+- **file_save**: Tool for saving agent outputs to the local workspace
+- **terminal**: Command-line tool for executing system commands safely with security restrictions
 - **MCP**: Extended tool capabilities through MCP protocol support (coming soon)
 
 ## Contribution

agentmesh/tools/__init__.py

@@ -7,6 +7,7 @@
 from agentmesh.tools.calculator.calculator import Calculator
 from agentmesh.tools.current_time.current_time import CurrentTime
 from agentmesh.tools.file_save.file_save import FileSave
+from agentmesh.tools.terminal.terminal import Terminal
 
 
 # Delayed import for BrowserTool
@@ -38,7 +39,8 @@ def __init__(self, *args, **kwargs):
     'Calculator',
     'CurrentTime',
     'FileSave',
-    'BrowserTool'
+    'BrowserTool',
+    'Terminal'
 ]
 
 """

agentmesh/tools/terminal/__init__.py

@@ -0,0 +1,3 @@
+from .terminal import Terminal
+
+__all__ = ['Terminal'] 

agentmesh/tools/terminal/terminal.py

@@ -1,51 +1,100 @@
 import platform
 import subprocess
+from typing import Dict, Any
 
+from agentmesh.tools.base_tool import BaseTool, ToolResult
 
-class Terminal:
-    def open_terminal(self, command):
-        system = platform.system()
 
-        try:
-            if system == "Windows":
-                subprocess.Popen(f'start cmd /k "{command}"', shell=True)
-            elif system == "Darwin":
-                applescript = f'''
-                tell application "Terminal"
-                    activate
-                    do script "{command}"
-                end tell
-                '''
-                subprocess.run(["osascript", "-e", applescript])
-            elif system == "Linux":
-                subprocess.Popen(f'gnome-terminal -- bash -c "{command}; exec bash"', shell=True)
-            else:
-                raise OSError("Unsupported operating system")
-            return True
-        except Exception as e:
-            print(f"Error opening terminal: {str(e)}")
-            return False
+class Terminal(BaseTool):
+    name: str = "terminal"
+    description: str = "A tool to run terminal commands on the local system"
+    params: dict = {
+        "type": "object",
+        "properties": {
+            "command": {
+                "type": "string",
+                "description": f"The terminal command to execute which should be valid in {platform.system()} platform"
+            }
+        },
+        "required": ["command"]
+    }
+    config: dict = {}
+
+    def __init__(self, config=None):
+        self.config = config or {}
+        # Set of dangerous commands that should be blocked
+        self.command_ban_set = {"halt", "poweroff", "shutdown", "reboot", "rm", "kill",
+                                "exit", "sudo", "su", "userdel", "groupdel", "logout", "alias"}
+
+    def execute(self, args: Dict[str, Any]) -> ToolResult:
+        """
+        Execute a terminal command safely.
+
+        :param args: Dictionary containing the command to execute
+        :return: Result of the command execution
+        """
+        command = args.get("command", "").strip()
+
+        # Check if the command is safe to execute
+        if not self._is_safe_command(command):
+            return ToolResult.fail(result=f"Command '{command}' is not allowed for security reasons.")
 
-    def run_command(self, command):
         try:
             result = subprocess.run(
                 command,
                 shell=True,
-                check=True,
+                check=True,  # Raise exception on non-zero return code
                 stdout=subprocess.PIPE,
                 stderr=subprocess.PIPE,
-                text=True
+                text=True,
+                timeout=self.config.get("timeout", 30)
             )
-            return {
-                "status": "success",
+
+            return ToolResult.success({
                 "stdout": result.stdout,
                 "stderr": result.stderr,
-                "returncode": result.returncode
-            }
+                "return_code": result.returncode,
+                "command": command
+            })
         except subprocess.CalledProcessError as e:
-            return {
-                "status": "error",
+            # Preserve the original error handling for CalledProcessError
+            return ToolResult.fail({
                 "stdout": e.stdout,
                 "stderr": e.stderr,
-                "returncode": e.returncode
-            }
+                "return_code": e.returncode,
+                "command": command
+            })
+        except subprocess.TimeoutExpired:
+            return ToolResult.fail(result=f"Command timed out after {self.config.get('timeout', 20)} seconds.")
+        except Exception as e:
+            return ToolResult.fail(result=f"Error executing command: {str(e)}")
+
+    def _is_safe_command(self, command: str) -> bool:
+        """
+        Check if a command is safe to execute.
+
+        :param command: The command to check
+        :return: True if the command is safe, False otherwise
+        """
+        # Split the command to get the base command
+        cmd_parts = command.split()
+        if not cmd_parts:
+            return False
+
+        base_cmd = cmd_parts[0].lower()
+
+        # Check if the base command is in the ban list
+        if base_cmd in self.command_ban_set:
+            return False
+
+        # Check for sudo/su commands
+        if any(banned in command.lower() for banned in ["sudo ", "su -"]):
+            return False
+
+        # Check for rm -rf or similar dangerous patterns
+        if "rm" in base_cmd and ("-rf" in command or "-r" in command or "-f" in command):
+            return False
+
+        # Additional security checks can be added here
+
+        return True

config-template.yaml

@@ -24,13 +24,14 @@ tools:
 teams:
   general_team:
     model: "gpt-4.1"
-    description: "A general-purpose research and information agent team"
+    description: "A versatile research and information agent team"
     max_steps: 10
     agents:
       - name: "General Agent"
-        description: "Universal assistant specializing in research and information synthesis"
+        description: "Universal assistant specializing in research, information synthesis, and task execution"
         system_prompt: |
-          You are a versatile assistant who answers questions and completes tasks using available tools. Specialize in researching topics, organizing information, and presenting findings in clear, well-structured, informative Markdown reports. Your reports should include:
+          You are a versatile assistant who answers questions and completes tasks using available tools.
+          When conducting research and analysis work, present findings in clear, well-structured, informative Markdown reports. Your reports should include:
             1. Clear introduction and context
             2. Detailed main content with relevant facts, data, and examples
             3. Multiple perspectives when appropriate
@@ -43,27 +44,30 @@ teams:
           - google_search
           - browser
           - file_save
+          - terminal
+
 
   software_team:
     model: "gpt-4.1"
     description: "A software development team with product manager, developer and tester."
     rule: "A normal R&D process should be that Product Manager writes PRD, Developer writes code based on PRD, and Finally, Tester performs testing."
     max_steps: 20
     agents:
-      - name: "Product Manager"
+      - name: "Product-Manager"
         description: "Responsible for product requirements and documentation"
         system_prompt: "You are an experienced product manager who creates concise PRDs, focusing on user needs and feature specifications. You always format your responses in Markdown."
         tools:
           - time
           - file_save
       - name: "Developer"
         description: "Implements code based on PRD"
-        system_prompt: "You are a skilled web developer who creates single-page website based on user needs. You deliver HTML files with embedded JavaScript and CSS that are visually appealing, responsive, and user-friendly, featuring a grand layout and beautiful background. The HTML, CSS, and JavaScript code should be well-structured and effectively organized."
+        system_prompt: "You are a skilled developer. When developing web application, you creates single-page website based on user needs, you deliver HTML files with embedded JavaScript and CSS that are visually appealing, responsive, and user-friendly, featuring a grand layout and beautiful background. The HTML, CSS, and JavaScript code should be well-structured and effectively organized."
         tools:
           - file_save
       - name: "Tester"
         description: "Tests code and verifies functionality"
-        system_prompt: "You are a tester who validates code against requirements. For HTML applications, use browser tools to test functionality. You only need to test a few core cases."
+        system_prompt: "You are a tester who validates code against requirements. For HTML applications, use browser tools to test functionality. For Python or other client-side applications, use the terminal tool to run and test. You only need to test a few core cases."
         tools:
           - browser
           - file_save
+          - terminal

docs/README-CN.md

@@ -176,6 +176,7 @@ result = team.run(task="Write a Snake client game")
 - **browser**: 浏览器操作工具，基于browser-use实现，支持网页访问、内容提取和交互操作
 - **google_search**: 搜索引擎工具，获取最新信息和知识
 - **file_save**: 将Agent输出内容保存在本地工作空间中
+- **terminal**: 终端命令执行工具，支持安全地执行系统命令
 - **MCP**: 通过支持MCP协议获得更多工具能力（即将支持）
 
 ## 贡献