Skip to content

feat: add ton-trading-bot plugin & ton-bridge plugin & github-dev-assistant#10

Closed
xlabtg wants to merge 165 commits intoTONresistor:mainfrom
xlabtg:main
Closed

feat: add ton-trading-bot plugin & ton-bridge plugin & github-dev-assistant#10
xlabtg wants to merge 165 commits intoTONresistor:mainfrom
xlabtg:main

Conversation

@xlabtg
Copy link

@xlabtg xlabtg commented Mar 16, 2026
edited
Loading

📋 Description of changes

This PR adds three new plug-ins to extend the functionality of the Teleton AI Agent.:

Plugin Purpose Number of tools
ton-bridge Quick access to the TON Bridge Mini App via inline buttons 3
ton-trading-bot Atomic tools for trading in TON (DeDust, STON.fi) 6
`github-dev-assistant' Full automation of the GitHub workflow from the chat 15

🔌 Details on plugins

🌉 TON Bridge Plugin

  • Beautiful inline buttons for launching the Mini App: https://t.me/TONBridge_robot?startapp
  • Support for customization of button text and emojis
  • Tools:
  • ton_bridge_open — open the bridge with a button
  • ton_bridge_about — send information about the project
    • ton_bridge_custom_message — custom message with a button
  • ⚡ Works with the support of TONBANKCARD

💹 TON Trading Bot Plugin

*WARNING: Trading cryptocurrency involves financial risks. The plugin does not provide financial recommendations.

Architecture according to the tool-provider pattern:

  • Plugin = atomic tools (data, validation, execution)
  • Agent = strategy (LLM makes decisions)

Tools:

Tool Description Category
ton_trading_get_market_data Getting DEX prices and quotes
/ ton_trading_get_portfolio Wallet balance and position data-bearing
ton_trading_validate_trade Checking limits and risks before the transaction data-bearing
ton_trading_simulate_trade Test transaction without real funds action
ton_trading_execute_swap Real swap on DeDust/STON.fi (only in BOS) action
ton_trading_record_trade Closing the transaction and logging PnL action

🔐 Risk Management:

  • `maxTradePercent' (default: 10%) — limit per trade
  • `minBalanceTON' (default: 1 TON) — minimum balance
  • scope: dm-only for execute_swap — real operations only in private messages

🐙 GitHub Dev Assistant Plugin

Full development cycle on GitHub directly from Telegram:

Category Tools
🔐 Authorization github_auth', github_check_auth`
📁 Repositories github_list_repos', github_create_repo`
📄 Files and branches github_get_file, github_update_file, github_create_branch
🔀 Pull Requests github_create_pr, github_list_prs, github_merge_pr
🐛 Issues github_create_issue, github_list_issues, github_comment_issue, github_close_issue
⚙️ GitHub Actions github_trigger_workflow

, Security:

  • Tokens are stored only in the sdk.secrets
  • CSRF state with TTL of 10 minutes
  • Automatic hiding of sensitive data in logs
  • The require_pr_review option to confirm the PR merger

✅ Checklist

  • All plugins comply with the architecture of the @teleton-agent/sdk
  • Added manifest.json and index.js with the export manifest
  • Tool return format: { success, data?, error? }
  • Operation in Teleton Agent runtime has been tested
  • Updated README with usage examples
  • Added unit tests (where applicable)
  • Compatibility with the config.yaml configuration has been verified

Testing

# Installing dependencies for each plugin
cd plugins/ton-bridge & npm install
cd ../ton-trading-bot & npm install
cd ../github-dev-assistant & npm install

# Running tests (where available)
cd github-dev-assistant & npm test

📝 Notes

  • All plugins are developed by Tony (AI Agent) under the supervision of Anton Poroshin
  • Studio: xlabtg
  • Plugin versions: ton-bridge@1.2.0 , ton-trading-bot@1.0.0 , github-dev-assistant@1.0.0

🔗 Related changes

  • Bringing plug-ins to a single SDK standard (see commits `fix(*): align plugin with teleton-agent SDK architecture')
  • Unification of the response format of the tools
  • Adding inline export of manifest for runtime validation

@xlabtg xlabtg changed the title feat: add ton-trading-bot plugin feat: add ton-trading-bot plugin & ton-bridge Mar 17, 2026
@xlabtg xlabtg changed the title feat: add ton-trading-bot plugin & ton-bridge feat: add ton-trading-bot plugin & ton-bridge plugin Mar 17, 2026
konard and others added 22 commits March 17, 2026 19:02
@konard
Initial commit with task details
b9dee2f 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #1
@konard @claude
Add github-dev-assistant plugin — full GitHub workflow automation
5326970 
Implements all 15 tools from issue #1:
- Auth (2): github_auth (OAuth 2.0 with CSRF state), github_check_auth
- Repos (2): github_list_repos, github_create_repo
- Files/Branches (3): github_get_file, github_update_file, github_create_branch
- PRs (3): github_create_pr, github_list_prs, github_merge_pr
- Issues (4): github_create_issue, github_list_issues, github_comment_issue, github_close_issue
- Actions (1): github_trigger_workflow

Architecture: modular lib/*.js separation (github-client, auth, repo-ops,
pr-manager, issue-tracker, utils), web-ui components (config-panel.jsx,
oauth-callback.html), Vitest tests (unit + integration with mocked API).

Security: tokens only in sdk.secrets, cryptographically random CSRF state
with 10-min TTL, token redaction in errors, require_pr_review merge policy.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
1cf7afb 
This reverts commit b9dee2f.
@xlabtg
Merge pull request #2 from konard/issue-1-cbd6661264a6
2e20f3b 
feat: add github-dev-assistant plugin — full GitHub workflow automation
@xlabtg
fix bag
1419986
@xlabtg
Update index.js
6c485d7
@konard
Initial commit with task details
c241e1f 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #3
@konard @claude
refactor: rewrite ton-bridge plugin to inline-native architecture
1dcc6ea 
- Remove all sdk.inline.send() calls that caused 400/BOT_RESPONSE_TIMEOUT errors
- Tools now return structured inline result objects (article type with
  input_message_content + reply_markup) instead of sending messages directly
- Add sdk.bot.onInlineQuery handler with three results: open, about, custom
- Add query alias routing (ton-bridge:open, ton_bridge_open, etc.)
- Fix button label: no leading space when emoji is empty
- Support dynamic startParam in Mini App URL
- Bump version to 1.1.0 and declare bot.inline: true in manifest

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
deb30a2 
This reverts commit c241e1f.
@xlabtg
Merge pull request #4 from konard/issue-3-39da53d32838
97fc094 
refactor: rewrite ton-bridge plugin to inline-native architecture
@konard
Initial commit with task details
481c138 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #5
@konard @claude
refactor: rewrite ton-trading-bot as atomic tool-provider plugin
0bb7784 
Fixes #5 — the plugin had architectural issues that
prevented the LLM from using it correctly:

- Renamed tools with ton_trading_ prefix for global uniqueness
- Removed embedded signal/strategy logic (ton_analyze_signal,
  ton_generate_plan, ton_switch_mode) — the LLM now owns strategy decisions
- Fixed sdk.ton.dex API calls: use dex.quote({fromAsset,toAsset,amount})
  and dex.swap() instead of the non-existent dex.quoteDeDust/quoteSTONfi
  variants with wrong parameter shapes
- Fixed sdk.telegram.sendMessage calls to use (chatId, text) signature
- Removed sdk.ton.validate_risk() call (non-existent SDK method)
- Removed autoTrade config gate from execute path — LLM decides when to act
- Collapsed from 10 tools to 6 atomic, well-named tools:
    ton_trading_get_market_data, ton_trading_get_portfolio,
    ton_trading_validate_trade, ton_trading_simulate_trade,
    ton_trading_execute_swap, ton_trading_record_trade
- Simplified DB schema (trade_journal + sim_balance)
- Updated manifest.json and README.md to match new architecture
- Updated registry.json description and tags

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
ef14e13 
This reverts commit 481c138.
@konard
Initial commit with task details
1e539a8 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #7
@xlabtg
Merge pull request #6 from konard/issue-5-72d8054206b8
28f4f9f 
refactor: rewrite ton-trading-bot as atomic tool-provider plugin
@konard @claude
fix(ton-bridge): rewrite plugin for LLM tool agent compatibility
47962fa 
- Remove sdk.bot.onInlineQuery handler (never executed in MTProto agent)
- Fix tool return format: was { success, data: { type: "article", ... } },
  now returns agent-compatible { content, reply_markup }
- Add proper manifest.json following the same structure as other plugins
- Remove TypeScript build files (index.ts, manifest.ts, tsconfig.json,
  tsup.config.ts) — the plugin uses plain JS like all other plugins
- Use optional chaining (?.)) for sdk.log and sdk.pluginConfig access
  to avoid crashes if they are not provided

Fixes #7

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
16623ae 
This reverts commit 1e539a8.
@xlabtg
Merge pull request #8 from konard/issue-7-84162c8d2fb4
29adc0a 
fix(ton-bridge): rewrite plugin for LLM tool agent compatibility
@konard
Initial commit with task details
b48e695 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #9
@konard @claude
fix(github-dev-assistant): rewrite plugin for LLM agent compatibility
df0c14b 
Fixes critical incompatibilities identified in issue #9:

1. **Return format**: All tools now return `{ content: string }` (human-readable
   text) instead of `{ success, data }` JSON blobs. The LLM agent directly
   reads `content` and presents it to the user without extra parsing.

2. **Authentication**: Replaced OAuth 2.0 flow (incompatible with agent runtime —
   no callback handler) with Personal Access Token (PAT) via `sdk.secrets`.
   Set `github_token` secret to connect. Removed `github_auth` tool and the
   OAuth `lib/auth.js` module. Updated `manifest.json` secrets declaration.

3. **Client instantiation**: GitHub client is now created inside each tool's
   `execute()` function (not shared at SDK init time), so token updates in
   `sdk.secrets` are always picked up — no stale client issues.

4. **LLM-friendly descriptions**: All tool descriptions rewritten from technical
   API docs to intent-level ("Use this when the user wants to...") so the LLM
   can correctly decide when to call each tool.

5. **Normalized output**: List tools (repos, PRs, issues) return formatted
   Markdown lists instead of raw JSON arrays. Errors include a human-readable
   prefix ("Failed to list repositories: ...").

6. **Tests**: All 38 tests updated and passing — auth tests cover new PAT flow,
   integration tests use `global.fetch` mocking instead of injected client mock.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
587b916 
This reverts commit b48e695.
@xlabtg
Merge pull request #10 from konard/issue-9-6b133e1fab41
60c6aba 
fix(github-dev-assistant): rewrite plugin for LLM agent compatibility
konard and others added 24 commits March 27, 2026 00:51
@konard @claude
fix(ton-trading-bot): replace hardcoded /3 with sdk.ton.getPrice()
a6c4486 
Use sdk.ton.getPrice() to convert reserve_in_usd to TON instead of
hardcoded division by 3, in both ton_trading_get_token_listings and
ton_trading_get_token_info. Fallback to 3 if getPrice() returns null.

Fixes #59

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
8bd07eb 
This reverts commit c21d602.
@xlabtg
Merge pull request #67 from konard/issue-59-98246a5a890a
c996073 
fix(ton-trading-bot): replace hardcoded /3 price conversion with sdk.ton.getPrice()
@xlabtg
Merge pull request #65 from konard/issue-57-15674164092b
2b50099 
fix(github-dev-assistant): path traversal vulnerability in github_download_file
@konard
Initial commit with task details
d2c632a 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #60
@xlabtg
Merge pull request #66 from konard/issue-58-144d35d35259
0048ee6 
feat(ton-trading-bot): add ton_trading_check_stop_loss to query stop_loss_rules table
@konard @claude
security(github-dev-assistant): add dm-only scope to destructive tool…
9db7836 
…s (issue #60)

Destructive tools (merge, push, close, delete, cancel) were missing
scope: "dm-only", allowing them to be called in group chats. This patch
adds the restriction to all 8 affected tools:

- github_merge_pr
- github_push_files
- github_close_issue
- github_reopen_issue
- github_assign_issue
- github_create_gist
- github_delete_label
- github_cancel_workflow_run

Bumps plugin version to 3.1.2.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
eb9c11f 
This reverts commit d2c632a.
@xlabtg
Merge pull request #68 from konard/issue-60-4ee995b60c63
dbf302c 
security(github-dev-assistant): add dm-only scope to destructive tools
@konard
Initial commit with task details
40183ba 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #61
@konard @claude
housekeeping: fix manifest repository URLs to point to TONresistor/te…
d0d396a 
…leton-plugins

All 4 plugin manifests (ton-bridge, ton-trading-bot, github-dev-assistant,
memory) incorrectly referenced xlabtg/teleton-plugins. Updated to use the
correct TONresistor/teleton-plugins URL as specified in CONTRIBUTING.md.

Closes #61

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
a32b64a 
This reverts commit 40183ba.
@xlabtg
Merge pull request #69 from konard/issue-61-56e6f4d94f99
faca5a0 
housekeeping: fix manifest repository URLs to point to TONresistor/teleton-plugins
@konard
Initial commit with task details
8b5bd99 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #62
@konard @claude
fix(memory): truncate error messages to 500 chars and use nullish coa…
c7e1ded 
…lescing

- Wrap all error.message returns with String(...).slice(0, 500) to prevent
  excessively long error messages from propagating to users
- Replace `|| 0` with `?? 0` in memory_list for limit/offset defaults so
  that an explicit 0 is handled correctly

Fixes #62

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@xlabtg
Merge pull request #70 from konard/issue-62-9e39dc796023
530964c 
fix(memory): truncate error messages to 500 chars and use nullish coalescing
@konard
Initial commit with task details
38f0427 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #63
@konard @claude
docs: fix ton-trading-bot tool count from 6 to 22 in README files
03f4a70 
The ton-trading-bot plugin was expanded from 6 to 22 tools but the
documentation was not updated. This updates both the main README table
and the plugin's own README architecture section and tools table to
accurately reflect all 22 tools now present in manifest.json.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
776718e 
This reverts commit 38f0427.
@xlabtg
Merge pull request #71 from konard/issue-63-285a0cafed18
ddd95b4 
docs: fix ton-trading-bot tool count from 6 to 22 in README files
@konard
Initial commit with task details
0bd6738 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #64
@konard @claude
fix(ton-trading-bot): fix SQL injection in risk metrics and scheduled…
7960347 
… trades queries

Replace string interpolation of `mode` and `status` enum values in SQL queries
with parameterized `?` placeholders, consistent with all other queries in the file.
Adds 4 regression tests that verify injection payloads never appear in query strings.

Fixes #64

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
8636d05 
This reverts commit 0bd6738.
@xlabtg
Merge pull request #72 from konard/issue-64-7a6bdcb7d1ac
b79b8a8 
fix(ton-trading-bot): fix SQL injection in risk metrics and scheduled trades queries
@labtgbot labtgbot mentioned this pull request Mar 27, 2026
Closed
konard and others added 4 commits March 27, 2026 01:52
@konard
Initial commit with task details
f9a0e59 
Adding .gitkeep for PR creation (default mode).
This file will be removed when the task is complete.

Issue: #73
@konard @claude
docs: update README with memory plugin and github-dev-assistant tool …
8bc1f19 
…count

- Add memory plugin to Available Plugins table under new "AI & Memory" section
  with 10 tools and correct description
- Fix github-dev-assistant tool count from 57 to 60 (matches manifest v3.1.2)
- All plugin manifests already reference TONresistor/teleton-plugins (no change needed)

Fixes #73

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@konard
Revert "Initial commit with task details"
2663969 
This reverts commit f9a0e59.
@xlabtg
Merge pull request #74 from konard/issue-73-d924b5b78bf8
7a4cfd3 
docs: update README with memory plugin and github-dev-assistant tool count
@xlabtg xlabtg closed this Mar 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@xlabtg @TONresistor @konard