feat: import agents_and_robots platform as unibots (Matrix-out, unibus transport)

Reemplaza el scaffold del echobot por la plataforma completa de bots traida
desde ~/DataProyects/Github/agents_and_robots tras la operacion Matrix-out:
los bots ya no hablan por Matrix sino por el bus unibus (modelo todo-rooms +
E2E via shell/transportunibus sobre github.com/enmanuel/unibus/pkg/client).

- go.mod: replace de unibus -> ../unibus y de fn-registry -> ../../../.. (paths
  relativos reajustados a la nueva ubicacion dentro de fn_registry).
- app.md: bump a 0.2.0, descripcion + arquitectura + comandos + gotchas reales.
- modulo Go conservado como github.com/enmanuel/agents (sin reescribir imports).

agents_and_robots queda archivado como museo de la era Matrix.

tools/http/http.go

@@ -0,0 +1,198 @@
+package http
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/enmanuel/agents/internal/config"
+	"github.com/enmanuel/agents/tools"
+)
+
+// NewHTTPGet creates an http_get tool that performs GET requests.
+// Validates URLs against cfg.AllowedDomains (deny-by-default if non-empty)
+// and blocks requests to internal/private IP ranges (SSRF protection).
+func NewHTTPGet(cfg config.HTTPToolCfg) tools.Tool {
+	timeout := cfg.Timeout
+	if timeout == 0 {
+		timeout = 30 * time.Second
+	}
+	client := &http.Client{Timeout: timeout}
+
+	return tools.Tool{
+		Def: tools.Def{
+			Name:        "http_get",
+			Description: "Perform an HTTP GET request to a URL and return the response body.",
+			Parameters: []tools.Param{
+				{Name: "url", Type: "string", Description: "The URL to request", Required: true},
+			},
+		},
+		Exec: func(ctx context.Context, args map[string]any) tools.Result {
+			rawURL := tools.GetString(args, "url")
+			if rawURL == "" {
+				return tools.Result{Err: fmt.Errorf("http_get: url is required")}
+			}
+			if err := validateURL(rawURL, cfg.AllowedDomains); err != nil {
+				return tools.Result{Err: fmt.Errorf("http_get: %w", err)}
+			}
+
+			req, err := http.NewRequestWithContext(ctx, http.MethodGet, rawURL, nil)
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_get: %w", err)}
+			}
+
+			resp, err := client.Do(req)
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_get: %w", err)}
+			}
+			defer resp.Body.Close()
+
+			body, err := io.ReadAll(io.LimitReader(resp.Body, 64*1024)) // 64 KB limit
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_get read body: %w", err)}
+			}
+
+			return tools.Result{Output: fmt.Sprintf("HTTP %d\n%s", resp.StatusCode, body)}
+		},
+	}
+}
+
+// NewHTTPPost creates an http_post tool that performs POST requests with a JSON body.
+// Validates URLs against cfg.AllowedDomains and blocks internal IPs.
+func NewHTTPPost(cfg config.HTTPToolCfg) tools.Tool {
+	timeout := cfg.Timeout
+	if timeout == 0 {
+		timeout = 30 * time.Second
+	}
+	client := &http.Client{Timeout: timeout}
+
+	return tools.Tool{
+		Def: tools.Def{
+			Name:        "http_post",
+			Description: "Perform an HTTP POST request with a JSON body and return the response.",
+			Parameters: []tools.Param{
+				{Name: "url", Type: "string", Description: "The URL to request", Required: true},
+				{Name: "body", Type: "string", Description: "The JSON body to send", Required: true},
+			},
+		},
+		Exec: func(ctx context.Context, args map[string]any) tools.Result {
+			rawURL := tools.GetString(args, "url")
+			if rawURL == "" {
+				return tools.Result{Err: fmt.Errorf("http_post: url is required")}
+			}
+			bodyStr := tools.GetString(args, "body")
+			if bodyStr == "" {
+				return tools.Result{Err: fmt.Errorf("http_post: body is required")}
+			}
+			if err := validateURL(rawURL, cfg.AllowedDomains); err != nil {
+				return tools.Result{Err: fmt.Errorf("http_post: %w", err)}
+			}
+
+			req, err := http.NewRequestWithContext(ctx, http.MethodPost, rawURL, strings.NewReader(bodyStr))
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_post: %w", err)}
+			}
+			req.Header.Set("Content-Type", "application/json")
+
+			resp, err := client.Do(req)
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_post: %w", err)}
+			}
+			defer resp.Body.Close()
+
+			body, err := io.ReadAll(io.LimitReader(resp.Body, 64*1024))
+			if err != nil {
+				return tools.Result{Err: fmt.Errorf("http_post read body: %w", err)}
+			}
+
+			return tools.Result{Output: fmt.Sprintf("HTTP %d\n%s", resp.StatusCode, body)}
+		},
+	}
+}
+
+// validateURL checks domain allowlist and blocks internal IPs (SSRF protection).
+func validateURL(rawURL string, allowedDomains []string) error {
+	u, err := url.Parse(rawURL)
+	if err != nil {
+		return fmt.Errorf("invalid url: %w", err)
+	}
+
+	host := u.Hostname()
+	if host == "" {
+		return fmt.Errorf("url has no host")
+	}
+
+	// SSRF protection: block internal/private IPs and localhost.
+	if err := rejectInternalHost(host); err != nil {
+		return err
+	}
+
+	// Domain allowlist (if configured).
+	if err := validateDomain(host, allowedDomains); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// validateDomain checks that the host is in the allowed list.
+// If allowedDomains is empty, all domains are allowed.
+func validateDomain(host string, allowedDomains []string) error {
+	if len(allowedDomains) == 0 {
+		return nil
+	}
+	lower := strings.ToLower(host)
+	for _, d := range allowedDomains {
+		if lower == strings.ToLower(d) {
+			return nil
+		}
+	}
+	return fmt.Errorf("domain %q not in allowed list", host)
+}
+
+// rejectInternalHost blocks requests to localhost, private IPs, and link-local addresses.
+func rejectInternalHost(host string) error {
+	lower := strings.ToLower(host)
+	if lower == "localhost" {
+		return fmt.Errorf("requests to localhost are blocked")
+	}
+
+	ip := net.ParseIP(host)
+	if ip == nil {
+		// Not an IP literal — could be a domain. Resolve it.
+		ips, err := net.LookupIP(host)
+		if err != nil {
+			return nil // let the HTTP client handle DNS errors
+		}
+		for _, resolved := range ips {
+			if isPrivateIP(resolved) {
+				return fmt.Errorf("domain %q resolves to private IP %s", host, resolved)
+			}
+		}
+		return nil
+	}
+
+	if isPrivateIP(ip) {
+		return fmt.Errorf("requests to private IP %s are blocked", ip)
+	}
+	return nil
+}
+
+// isPrivateIP returns true for loopback, private, link-local, and metadata IPs.
+func isPrivateIP(ip net.IP) bool {
+	return ip.IsLoopback() ||
+		ip.IsPrivate() ||
+		ip.IsLinkLocalUnicast() ||
+		ip.IsLinkLocalMulticast() ||
+		isMetadataIP(ip)
+}
+
+// isMetadataIP checks for cloud metadata service IPs (169.254.169.254).
+func isMetadataIP(ip net.IP) bool {
+	return ip.Equal(net.ParseIP("169.254.169.254"))
+}

tools/http/http_test.go

@@ -0,0 +1,124 @@
+package http
+
+import (
+	"net"
+	"testing"
+)
+
+func TestValidateDomain_EmptyAllowed(t *testing.T) {
+	if err := validateDomain("example.com", nil); err != nil {
+		t.Fatalf("empty list should allow all: %v", err)
+	}
+}
+
+func TestValidateDomain_Allowed(t *testing.T) {
+	if err := validateDomain("api.example.com", []string{"api.example.com"}); err != nil {
+		t.Fatalf("should be allowed: %v", err)
+	}
+}
+
+func TestValidateDomain_Denied(t *testing.T) {
+	if err := validateDomain("evil.com", []string{"api.example.com"}); err == nil {
+		t.Fatal("should be denied")
+	}
+}
+
+func TestValidateDomain_CaseInsensitive(t *testing.T) {
+	if err := validateDomain("API.Example.COM", []string{"api.example.com"}); err != nil {
+		t.Fatalf("should be case-insensitive: %v", err)
+	}
+}
+
+func TestRejectInternalHost_Localhost(t *testing.T) {
+	if err := rejectInternalHost("localhost"); err == nil {
+		t.Fatal("localhost should be blocked")
+	}
+}
+
+func TestRejectInternalHost_Loopback(t *testing.T) {
+	if err := rejectInternalHost("127.0.0.1"); err == nil {
+		t.Fatal("loopback should be blocked")
+	}
+}
+
+func TestRejectInternalHost_IPv6Loopback(t *testing.T) {
+	if err := rejectInternalHost("::1"); err == nil {
+		t.Fatal("IPv6 loopback should be blocked")
+	}
+}
+
+func TestRejectInternalHost_PrivateA(t *testing.T) {
+	if err := rejectInternalHost("10.0.0.1"); err == nil {
+		t.Fatal("10.x should be blocked")
+	}
+}
+
+func TestRejectInternalHost_PrivateB(t *testing.T) {
+	if err := rejectInternalHost("172.16.0.1"); err == nil {
+		t.Fatal("172.16.x should be blocked")
+	}
+}
+
+func TestRejectInternalHost_PrivateC(t *testing.T) {
+	if err := rejectInternalHost("192.168.1.1"); err == nil {
+		t.Fatal("192.168.x should be blocked")
+	}
+}
+
+func TestRejectInternalHost_LinkLocal(t *testing.T) {
+	if err := rejectInternalHost("169.254.1.1"); err == nil {
+		t.Fatal("link-local should be blocked")
+	}
+}
+
+func TestRejectInternalHost_Metadata(t *testing.T) {
+	if err := rejectInternalHost("169.254.169.254"); err == nil {
+		t.Fatal("metadata IP should be blocked")
+	}
+}
+
+func TestRejectInternalHost_PublicIP(t *testing.T) {
+	if err := rejectInternalHost("8.8.8.8"); err != nil {
+		t.Fatalf("public IP should be allowed: %v", err)
+	}
+}
+
+func TestIsPrivateIP(t *testing.T) {
+	cases := []struct {
+		ip   string
+		want bool
+	}{
+		{"127.0.0.1", true},
+		{"10.0.0.1", true},
+		{"172.16.0.1", true},
+		{"192.168.0.1", true},
+		{"169.254.169.254", true},
+		{"8.8.8.8", false},
+		{"1.1.1.1", false},
+	}
+	for _, c := range cases {
+		ip := net.ParseIP(c.ip)
+		got := isPrivateIP(ip)
+		if got != c.want {
+			t.Errorf("isPrivateIP(%s) = %v, want %v", c.ip, got, c.want)
+		}
+	}
+}
+
+func TestValidateURL_Valid(t *testing.T) {
+	if err := validateURL("https://example.com/api", nil); err != nil {
+		t.Fatalf("public URL should pass: %v", err)
+	}
+}
+
+func TestValidateURL_InternalIP(t *testing.T) {
+	if err := validateURL("http://127.0.0.1:8080/admin", nil); err == nil {
+		t.Fatal("internal IP in URL should be blocked")
+	}
+}
+
+func TestValidateURL_NoHost(t *testing.T) {
+	if err := validateURL("file:///etc/passwd", nil); err == nil {
+		t.Fatal("URL with no host should be rejected")
+	}
+}