guardrails-ruby 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d06593e6904bc4cb5c303bbd4eea1ad890eee72dd5941287f90929c174da05d5
-  data.tar.gz: ba5f54f032cbcf1d90bb785378de12b4ba71bc29882d0c053d90da4dbc498247
+  metadata.gz: 6012f0c117ac82c9c7feb863260f3b84f5ec527dccbe1d85390eff74c7e192e6
+  data.tar.gz: e2dab3618bb598cf932bb4e57c5300242e1816c893dee844084c8c36bc396deb
 SHA512:
-  metadata.gz: 558a0f6b675528b2a2241354fb17b981a4716bef878c6cb5ba2c6d5eb291e9a56abbfa955dd527d445f50d6520ea617d3a972bc97b280b2452a461524e4b6a0f
-  data.tar.gz: 9afe4a850e5e9a6dacbd2c8037c5357cd795534e1bd166fc2377cfe5e6bbbacec9263c75be166709546ec566ab56cfe9f4beb1a30d86dd37211896b6b27d062c
+  metadata.gz: a0777fb4f923885b9975f7ab174f9d1c3105551957cc71571921fbc34ad1daa26647b707a5605050d877002b0339336db6ce89276a77003ea4eb7baffc802c4d
+  data.tar.gz: a6565dc714a17497fdbe907b654c073ab00be71a39c39ae05e78d176ac7e160ad2b06f11507c32ddd825888ad178877f41d0396ace3d5647426e0beb4b3983cf

data/MILESTONES.md

@@ -0,0 +1,11 @@
+# Milestones
+
+## v0.1.1 (2026-03-10)
+
+### Changes
+- Error type fixes
+- nil input handling
+- 7 new test files for untested checks
+
+## v0.1.0 (Initial release)
+- Initial release

data/lib/guardrails_ruby/checks/code_execution.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module GuardrailsRuby
+  module Checks
+    class CodeExecution < Check
+      check_name :code_execution
+      direction :input
+
+      PATTERNS = [
+        # Shell commands
+        /\brm\s+-rf\b/i,
+        /\brm\s+-f\b/i,
+        /\bcurl\b.+\|\s*(ba)?sh\b/i,
+        /\bwget\b.+\|\s*(ba)?sh\b/i,
+        /\bchmod\s+[0-7]{3,4}\b/,
+        /\bchown\b/,
+        /\bsudo\b/,
+        /\bmkdir\s+-p\b/,
+        /\bdd\s+if=/,
+        /\b:(){ :\|:& };:/,  # fork bomb
+
+        # Code execution functions
+        /\beval\s*\(/i,
+        /\bexec\s*\(/i,
+        /\bsystem\s*\(/i,
+        /\b__import__\s*\(/i,
+        /\bos\.system\s*\(/i,
+        /\bsubprocess\.(run|call|Popen)\s*\(/i,
+        /\bRuntime\.getRuntime\(\)\.exec\s*\(/i,
+
+        # Shell interpolation
+        /`[^`]+`/,             # backticks
+        /\$\([^)]+\)/,        # $() command substitution
+
+        # Dangerous redirects
+        />\s*\/dev\/sd[a-z]/,
+        />\s*\/etc\//,
+        /;\s*shutdown\b/i,
+        /;\s*reboot\b/i,
+        /;\s*halt\b/i,
+        /\bpowershell\b.+-enc/i,
+      ].freeze
+
+      def call(text, context: {})
+        matched = PATTERNS.select { |p| text.match?(p) }
+
+        if matched.any?
+          fail! "Potential code execution detected",
+            matches: matched.map(&:source)
+        else
+          pass!
+        end
+      end
+    end
+  end
+end

data/lib/guardrails_ruby/checks/disclaimer.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module GuardrailsRuby
+  module Checks
+    class Disclaimer < Check
+      check_name :disclaimer
+      direction :output
+
+      DEFAULT_PHRASES = [].freeze
+
+      def call(text, context: {})
+        required = @options.fetch(:required_phrases, DEFAULT_PHRASES)
+        return pass! if required.empty?
+
+        missing = required.reject do |phrase|
+          text.downcase.include?(phrase.downcase)
+        end
+
+        if missing.any?
+          fail! "Missing required disclaimers: #{missing.join('; ')}",
+            matches: missing
+        else
+          pass!
+        end
+      end
+    end
+  end
+end

data/lib/guardrails_ruby/checks/pii.rb

@@ -12,7 +12,13 @@ module GuardrailsRuby
         email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/,
         phone_us: /\b(?:\+?1[-.]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/,
         ip_address: /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/,
-        date_of_birth: /\b(?:DOB|date of birth|born)[:\s]*\d{1,2}[\/\-]\d{1,2}[\/\-]\d{2,4}\b/i
+        date_of_birth: /\b(?:DOB|date of birth|born)[:\s]*\d{1,2}[\/\-]\d{1,2}[\/\-]\d{2,4}\b/i,
+
+        # International formats
+        nik_indonesia: /\b\d{16}\b/,
+        phone_international: /\b\+(?:62|44|49|33|81|86|91|61|64|65)\d{8,12}\b/,
+        iban: /\b[A-Z]{2}\d{2}[A-Z0-9]{4}\d{7}(?:[A-Z0-9]{0,16})\b/,
+        passport: /\b[A-Z]{1,2}\d{6,9}\b/
       }.freeze
 
       REDACT_MAP = {
@@ -21,12 +27,19 @@ module GuardrailsRuby
         email: "[EMAIL REDACTED]",
         phone_us: "[PHONE REDACTED]",
         ip_address: "[IP REDACTED]",
-        date_of_birth: "[DOB REDACTED]"
+        date_of_birth: "[DOB REDACTED]",
+        nik_indonesia: "[NIK REDACTED]",
+        phone_international: "[PHONE REDACTED]",
+        iban: "[IBAN REDACTED]",
+        passport: "[PASSPORT REDACTED]"
       }.freeze
 
       def call(text, context: {})
+        enabled = @options.fetch(:patterns, PATTERNS.keys)
         found = {}
+
         PATTERNS.each do |type, pattern|
+          next unless enabled.include?(type)
           matches = text.scan(pattern)
           found[type] = matches if matches.any?
         end

data/lib/guardrails_ruby/checks/prompt_injection.rb

@@ -7,6 +7,7 @@ module GuardrailsRuby
       direction :input
 
       INJECTION_PATTERNS = [
+        # Original patterns
         /ignore\s+(all\s+)?previous\s+instructions/i,
         /ignore\s+(all\s+)?above/i,
         /disregard\s+(all\s+)?previous/i,
@@ -18,7 +19,39 @@ module GuardrailsRuby
         /\[\s*system\s*\]/i,
         /<\s*system\s*>/i,
         /```\s*(system|instruction)/i,
-        /STOP\.?\s*(forget|ignore|disregard)/i
+        /STOP\.?\s*(forget|ignore|disregard)/i,
+
+        # Role-play and identity attacks
+        /from\s+now\s+on\s+(you|your)\s+(are|will|must|should)/i,
+        /forget\s+(everything|all|your)\s+(you|about|previous)/i,
+        /your\s+new\s+(role|persona|identity|name)\s+(is|will\s+be)/i,
+        /you\s+must\s+(now\s+)?(obey|follow|comply)/i,
+        /override\s+(your|all|previous)\s+(instructions|rules|guidelines)/i,
+        /bypass\s+(your|all|the)\s+(rules|restrictions|filters|safety)/i,
+
+        # Jailbreak patterns
+        /do\s+anything\s+now/i,
+        /\bDAN\b.*\bmode\b/i,
+        /jailbreak/i,
+        /developer\s+mode\s+(enabled|on|activated)/i,
+        /\bunlocked\s+mode\b/i,
+
+        # Instruction injection via delimiters
+        /---\s*(new|system|override)\s*(instructions?|prompt)/i,
+        /###\s*(instruction|system|override)/i,
+        /<<\s*(SYS|SYSTEM|INST)/i,
+        /\[INST\]/i,
+
+        # Encoding attacks
+        /base64[:\s]+[A-Za-z0-9+\/=]{20,}/i,
+        /hex[:\s]+(?:[0-9a-f]{2}\s*){10,}/i,
+        /rot13[:\s]/i,
+
+        # Prompt leaking
+        /reveal\s+(your|the)\s+(system\s+)?prompt/i,
+        /show\s+me\s+(your|the)\s+(system\s+)?(prompt|instructions)/i,
+        /what\s+(are|is)\s+your\s+(system\s+)?(prompt|instructions)/i,
+        /repeat\s+(your|the)\s+(system\s+)?(prompt|instructions)/i,
       ].freeze
 
       def call(text, context: {})

data/lib/guardrails_ruby/checks/script_detection.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module GuardrailsRuby
+  module Checks
+    class ScriptDetection < Check
+      check_name :script_detection
+      direction :input
+
+      SCRIPTS = {
+        latin:      /[\p{Latin}]/,
+        cyrillic:   /[\p{Cyrillic}]/,
+        arabic:     /[\p{Arabic}]/,
+        cjk:        /[\p{Han}]/,
+        hangul:     /[\p{Hangul}]/,
+        hiragana:   /[\p{Hiragana}]/,
+        katakana:   /[\p{Katakana}]/,
+        thai:       /[\p{Thai}]/,
+        devanagari: /[\p{Devanagari}]/,
+        greek:      /[\p{Greek}]/,
+        hebrew:     /[\p{Hebrew}]/,
+        georgian:   /[\p{Georgian}]/,
+        armenian:   /[\p{Armenian}]/,
+        ethiopic:   /[\p{Ethiopic}]/,
+        tamil:      /[\p{Tamil}]/
+      }.freeze
+
+      def call(text, context: {})
+        allowed = @options.fetch(:allowed_scripts, [:latin])
+        allowed = allowed.map(&:to_sym)
+
+        detected = detect_scripts(text)
+        unexpected = detected - allowed
+
+        if unexpected.any?
+          fail! "Unexpected scripts detected: #{unexpected.join(', ')}",
+            matches: unexpected.map(&:to_s)
+        else
+          pass!
+        end
+      end
+
+      private
+
+      def detect_scripts(text)
+        found = []
+        SCRIPTS.each do |name, pattern|
+          found << name if text.match?(pattern)
+        end
+        found
+      end
+    end
+  end
+end

data/lib/guardrails_ruby/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module GuardrailsRuby
-  VERSION = "0.1.1"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: guardrails-ruby
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Johannes Dwi Cahyo
@@ -57,6 +57,7 @@ extra_rdoc_files: []
 files:
 - Gemfile
 - LICENSE
+- MILESTONES.md
 - README.md
 - Rakefile
 - examples/basic.rb
@@ -65,7 +66,9 @@ files:
 - guardrails-ruby.gemspec
 - lib/guardrails_ruby.rb
 - lib/guardrails_ruby/check.rb
+- lib/guardrails_ruby/checks/code_execution.rb
 - lib/guardrails_ruby/checks/competitor_mention.rb
+- lib/guardrails_ruby/checks/disclaimer.rb
 - lib/guardrails_ruby/checks/encoding.rb
 - lib/guardrails_ruby/checks/format.rb
 - lib/guardrails_ruby/checks/hallucinated_emails.rb
@@ -75,6 +78,7 @@ files:
 - lib/guardrails_ruby/checks/pii.rb
 - lib/guardrails_ruby/checks/prompt_injection.rb
 - lib/guardrails_ruby/checks/relevance.rb
+- lib/guardrails_ruby/checks/script_detection.rb
 - lib/guardrails_ruby/checks/topic.rb
 - lib/guardrails_ruby/checks/toxic_language.rb
 - lib/guardrails_ruby/configuration.rb