From 0490f8e801199893a971fdbfbead6ba2973a53c7 Mon Sep 17 00:00:00 2001
From: Kris Braun <kris.braun@gmail.com>
Date: Mon, 20 Oct 2025 15:12:13 -0400
Subject: [PATCH] Require http access permissions

---
 .changeset/old-wolves-boil.md        |  5 ++++
 sdk/cli/templates/AGENTS.template.md |  2 ++
 sdk/src/agent.ts                     | 40 ++++++++++++++++++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 .changeset/old-wolves-boil.md

diff --git a/.changeset/old-wolves-boil.md b/.changeset/old-wolves-boil.md
new file mode 100644
index 0000000..b0a1468
--- /dev/null
+++ b/.changeset/old-wolves-boil.md
@@ -0,0 +1,5 @@
+---
+"@plotday/sdk": minor
+---
+
+Changed: BREAKING: Agents are now restricted to the http URLs they request via tools.enableInternet().
diff --git a/sdk/cli/templates/AGENTS.template.md b/sdk/cli/templates/AGENTS.template.md
index 08fc3d4..23f37fb 100644
--- a/sdk/cli/templates/AGENTS.template.md
+++ b/sdk/cli/templates/AGENTS.template.md
@@ -59,6 +59,8 @@ constructor(id: string, protected tools: Tools) {
 
 All `tools.get()` calls must occur in the constructor as they are used for dependency analysis.
 
+IMPORTANT: http access is restricted to URLs requested via `tools.enableInternet([url1, url2, ...])` in the constructor. Wildcards are supported. Use `tools.enableInternet(['*'])` if full access is needed.
+
 ### Built-in Tools (Always Available)
 
 For complete API documentation of built-in tools including all methods, types, and detailed examples, see the TypeScript definitions in your installed package at `node_modules/@plotday/sdk/src/tools/*.ts`. Each tool file contains comprehensive JSDoc documentation.
diff --git a/sdk/src/agent.ts b/sdk/src/agent.ts
index a863303..989078a 100644
--- a/sdk/src/agent.ts
+++ b/sdk/src/agent.ts
@@ -401,4 +401,44 @@ export interface Tools {
    * @throws When the tool is not found or not properly configured
    */
   get<T extends ITool>(ToolClass: ToolConstructor<T>): T;
+
+  /**
+   * Enables HTTP access to the specified URLs for this agent or tool.
+   *
+   * **IMPORTANT**: This method must be called in the Agent or Tool constructor
+   * to request HTTP access permissions. Without calling this method, all outbound
+   * HTTP requests (fetch, etc.) will be blocked.
+   *
+   * @param urls - Array of URL patterns to allow. Supports wildcards:
+   *   - `*` - Allow access to all URLs
+   *   - `https://*.example.com` - Allow access to all subdomains
+   *   - `https://api.example.com/*` - Allow access to all paths on the domain
+   *   - `https://api.example.com/v1/*` - Allow access to specific path prefix
+   *
+   * @example
+   * ```typescript
+   * class MyAgent extends Agent<MyAgent> {
+   *   constructor(id: string, tools: Tools) {
+   *     super(id, tools);
+   *     // Request HTTP access to specific APIs
+   *     tools.enableInternet([
+   *       'https://api.github.com/*',
+   *       'https://api.openai.com/*'
+   *     ]);
+   *   }
+   * }
+   * ```
+   *
+   * @example
+   * ```typescript
+   * class MyTool extends Tool<MyTool> {
+   *   constructor(id: string, tools: Tools) {
+   *     super(id, tools);
+   *     // Request unrestricted HTTP access
+   *     tools.enableInternet(['*']);
+   *   }
+   * }
+   * ```
+   */
+  enableInternet(urls: string[]): void;
 }