
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@or-sdk/hitl
Advanced tools
$ npm i @or-sdk/hitl
To start using HitL API methods through this SDK it has to be Initialized first. To do that a OneReach JWT authorization token and a HitL or Discovery service URL have to be passed to the constructor. After initializing the HitL SDK, its methods can be used to make requests to HitL APIs.
Available HitL APIs are:
agents
- Manage HitL agents (retrieve, search, manage permissions, status and meta information) (see AgentsApi class for the documentation)cannedMessages
- Manage predefined message templates for quick responses (see CannedMessagesApi class for the documentation)commands
- Send and manage commands within HitL sessions (see CommandsApi class for the documentation)conferences
- Manage voice conference participants and member states (see ConferencesApi class for the documentation)contactRuleGroups
- Manage contact rule groups (search, create, update, delete) (see ContactRuleGroupsApi class for the documentation)contacts
- Search contacts with filtering based on agent's contact rule groups (see ContactsApi class for the documentation)contactsMeta
- Retrieve metadata information about contacts (timestamps, etc.) (see ContactsMetaApi class for the documentation)eventTemplates
- Manage event templates (retrieve, create, update, delete) (see EventTemplatesApi class for the documentation)filters
- Manage conversation view filters with bulk operations support (see FiltersApi class for the documentation)helpers
- Provide helper utilities for system maintenance (like cleaning duplicates) (see HelpersApi class for the documentation)listeners
- Manage HitL event listeners (WebSocket connections, callbacks, notifications) (see ListenersApi class for the documentation)migrations
- Manage database migrations and default records (see MigrationsApi class for the documentation)ruleGroups
- Manage rule groups (search, create, update, delete) (see RuleGroupsApi class for the documentation)sessionEvents
- Manage events for HitL sessions (retrieve, track read status, bulk operations) (see SessionEventsApi class for the documentation)sessionRelations
- Manage relationships between HitL sessions (see SessionRelationsApi class for the documentation)sessions
- Manage HitL session lifecycle (create, update, close, transfer, search) (see SessionsApi class for the documentation)settings
- Manage system settings and configuration (see SettingsApi class for the documentation)tasks
- Manage asynchronous task execution (event sending, broadcasting, etc.) (see TasksApi class for the documentation)versions
- Manage UI version information and compatibility (see VersionsApi class for the documentation)const HitlApi = require('@or-sdk/hitl').HITL;
// with direct api url
const hitlApi = new HitlApi({
token: `FLOW ${this.config.flowToken}`,
hitlUrl: this.config.env.HITL_API_URL
});
// with service discovery(slower)
const hitlApi = new HitlApi({
token: `FLOW ${this.config.flowToken}`,
discoveryUrl: this.config.env.SERVICE_DISCOVERY_API_URL,
});
const ruleGroupsList = await hitlApi.ruleGroups.searchRuleGroups();
const HitlApi = require('@or-sdk/hitl').HITL;
const CLIENT_DOMAIN_PREFIX = ''; // A PDE client-environment domain prefix, e.g. "staging"
// Either "discoveryUrl" or "hitlUrl" should be specified, "hitlUrl" takes precedence if both are present
const { agents, cannedMessages, ruleGroups } = new HitlApi({
token: 'AUTH TOKEN HERE', // FLOW, SERVICE or USER JWT OneReach authorization token
discoveryUrl: `https://discovery.${CLIENT_DOMAIN_PREFIX}.api.onereach.ai`, // A service discovery URL, e.g. "https://discovery.staging.api.onereach.ai"
hitlUrl: `https://hitl.${CLIENT_DOMAIN_PREFIX}.api.onereach.ai`, // A HitL API URL, e.g. "https://hitl.staging.api.onereach.ai"
});
const agentsList = await agents.getAgents();
const cannedMessages = await cannedMessages.getCannedMessages({ id: 'MESSAGE ID HERE' });
const ruleGroupsList = await hitlApi.ruleGroups.searchRuleGroups();
FAQs
Unknown package
The npm package @or-sdk/hitl receives a total of 1,265 weekly downloads. As such, @or-sdk/hitl popularity was classified as popular.
We found that @or-sdk/hitl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.