vrr/agent-zero
2
0
Fork 0
mirror of https://github.com/agent0ai/agent-zero.git synced 2026-04-28 11:40:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
agent-zero/plugins/_plugin_installer
History
Alessandro c2e14b6cd1 sanitize plugin markdown rendering with shared helper 
Add a shared safe markdown pipeline for plugin READMEs and docs.

- vendor DOMPurify and introduce a shared safe-markdown helper
- centralize GitHub README link/image rebasing, including repo routes like `releases`
- sanitize rendered HTML before all plugin-related x-html sinks
- apply the shared renderer to Plugin Hub README, installed plugin README, and markdown modal docs
- preserve target/rel handling for external links
2026-03-28 19:29:26 +01:00
..
api Remove force parameter from plugin index fetch in API handler 2026-03-27 10:26:50 +01:00
extensions/webui plugins: rename marketplace to plugin hub 2026-03-16 17:54:54 +01:00
helpers Add force refresh support and state management improvements to plugin installer and model config 2026-03-26 17:24:32 +01:00
webui sanitize plugin markdown rendering with shared helper 2026-03-28 19:29:26 +01:00
plugin.yaml refactor - plugin names and builtin plugins 2026-03-10 22:20:53 +01:00
README.md plugins: update docs and skills for extensible refactor 2026-03-23 03:42:10 +01:00

README.md

Plugin Installer

Install and update Agent Zero plugins from ZIP uploads, Git repositories, or the community Plugin Index surfaced through the Plugin Hub.

What It Does

This plugin provides the built-in installation workflow for third-party plugins. It validates plugin manifests, prevents naming conflicts, installs plugins into usr/plugins/, optionally updates Git-based plugins, and exposes a UI for browsing and installing community plugins.

Main Behavior

  • ZIP install
    • Accepts an uploaded archive, extracts it safely, locates plugin.yaml, validates metadata, and moves the plugin into usr/plugins/.
  • Git install
    • Clones a repository to a temporary directory, validates the plugin, then installs it into usr/plugins/.
  • Plugin update
    • Updates already installed Git-backed custom plugins and re-runs installation hooks.
  • Safety checks
    • Rejects archives with unsafe paths.
    • Rejects missing or invalid plugin.yaml files.
    • Rejects plugin name conflicts.
  • Install hooks and refresh
    • Runs the plugin install hook when present and calls after_plugin_change(...) so the app refreshes plugin state.
  • Plugin Hub UI
    • The web UI store handles browsing Plugin Index entries, showing README content, prompting about third-party plugin risk, and launching install/update actions.

Key Files

  • API
    • api/plugin_install.py dispatches install, update, and index fetch actions.
  • Installer logic
    • helpers/install.py contains archive extraction, Git install, update, validation, and hook execution.
  • Frontend
    • webui/pluginInstallStore.js manages the installer modal state and community index interactions.

Configuration Scope

  • Settings sections: none
  • Always enabled: true

Plugin Metadata

  • Name: _plugin_installer
  • Title: Plugin Installer
  • Description: Install plugins from ZIP files, Git repositories, or the community index.