execute method
Executes the tool with the given arguments.
Returns the result as a string. Implementations should handle
validation of args and throw exceptions for invalid inputs.
args should be of type T, which represents the structured arguments
for this tool.
Implementation
@override
Future<String> execute(ApiTestArgs args) async {
try {
final uri = Uri.parse(args.url);
// Basic SSRF protection
if (hostnameBlacklist.any(
(h) => uri.host.toLowerCase() == h.toLowerCase(),
)) {
return 'Error: Access to blocked hostname "${uri.host}" is restricted.';
}
final method = args.method ?? 'GET';
http.Response response;
switch (method.toUpperCase()) {
case 'GET':
response = await http.get(uri);
break;
case 'POST':
response = await http.post(uri);
break;
case 'PUT':
response = await http.put(uri);
break;
case 'DELETE':
response = await http.delete(uri);
break;
default:
return 'Unsupported HTTP method: $method';
}
// Very strict snippet to prevent leaking large tokens or PII in the prompt history
final bodySnippet = response.body.length > 100
? '${response.body.substring(0, 100)}... [TRUNCATED]'
: response.body;
return 'Status: ${response.statusCode}, Length: ${response.body.length}, Body Snippet: $bodySnippet';
} catch (e) {
return 'Error testing API: $e';
}
}