@code4bug/jarvis-agent 1.0.2

package/dist/core/safeguard.js

@@ -0,0 +1,236 @@
+/**
+ * 统一安全围栏 — 危险命令拦截 + 敏感信息保护 + 双模式授权
+ *
+ * 授权模式：
+ *   1. 临时授权（once）  — 仅当前会话有效，会话重置后失效
+ *   2. 持久授权（always）— 写入 ~/.jarvis/.permissions.json，跨会话永久生效
+ *
+ * critical 级别命令不可授权，high 级别支持两种授权模式。
+ */
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+// ===== 持久化路径 =====
+const JARVIS_DIR = path.join(os.homedir(), '.jarvis');
+const PERMISSIONS_FILE = path.join(JARVIS_DIR, '.permissions.json');
+/** 危险命令规则表 */
+export const DANGER_RULES = [
+    // === critical: 直接禁止，不可授权 ===
+    { name: 'fork-bomb', pattern: /:\(\)\{.*\|.*\};:/, level: 'critical', reason: 'Fork bomb，会导致系统崩溃' },
+    { name: 'dev-null-disk', pattern: />\s*\/dev\/sda/, level: 'critical', reason: '直接写入磁盘设备，会破坏文件系统' },
+    { name: 'mkfs', pattern: /\bmkfs\b/, level: 'critical', reason: '格式化磁盘，数据不可恢复' },
+    { name: 'dd-disk', pattern: /\bdd\b.*\bof=\/dev\//, level: 'critical', reason: '直接写入磁盘设备，数据不可恢复' },
+    // === high: 需要用户确认 ===
+    { name: 'rm-rf-root', pattern: /\brm\s+(-[a-zA-Z]*f[a-zA-Z]*\s+(-[a-zA-Z]*r[a-zA-Z]*\s+)?|(-[a-zA-Z]*r[a-zA-Z]*\s+(-[a-zA-Z]*f[a-zA-Z]*\s+)?))\s*\/(\s|$)/, level: 'high', reason: '递归强制删除根目录，会摧毁整个系统' },
+    { name: 'rm-rf-wildcard', pattern: /\brm\s+-[a-zA-Z]*r[a-zA-Z]*f?\s+.*\*/, level: 'high', reason: '递归删除通配符匹配的文件，范围不可控' },
+    { name: 'rm-recursive', pattern: /\brm\s+(-[a-zA-Z]*r[a-zA-Z]*)\b/, level: 'high', reason: '递归删除目录，操作不可逆，请确认目标路径' },
+    { name: 'chmod-777', pattern: /\bchmod\s+(-R\s+)?777\b/, level: 'high', reason: '开放所有权限，存在严重安全隐患' },
+    { name: 'curl-pipe-sh', pattern: /\bcurl\b.*\|\s*(ba)?sh/, level: 'high', reason: '从网络下载并直接执行脚本，存在供应链攻击风险' },
+    { name: 'wget-pipe-sh', pattern: /\bwget\b.*\|\s*(ba)?sh/, level: 'high', reason: '从网络下载并直接执行脚本，存在供应链攻击风险' },
+    { name: 'shutdown', pattern: /\b(shutdown|reboot|halt|poweroff)\b/, level: 'high', reason: '关机/重启命令，会中断所有服务' },
+    { name: 'kill-all', pattern: /\bkill\s+-9\s+-1\b/, level: 'high', reason: '杀死所有用户进程' },
+    { name: 'iptables-flush', pattern: /\biptables\s+-F\b/, level: 'high', reason: '清空防火墙规则，可能暴露系统' },
+    { name: 'passwd-change', pattern: /\b(passwd|chpasswd|usermod)\b/, level: 'high', reason: '修改用户密码/账户，影响系统安全' },
+    { name: 'sudoers-edit', pattern: /\/etc\/sudoers/, level: 'high', reason: '修改 sudoers 文件，影响权限体系' },
+    { name: 'ssh-key-ops', pattern: /\.ssh\/(authorized_keys|id_rsa|id_ed25519)/, level: 'high', reason: '操作 SSH 密钥，影响远程访问安全' },
+    { name: 'env-export', pattern: /\benv\b|\bprintenv\b|\bexport\b.*=/, level: 'high', reason: '操作环境变量，可能泄露敏感信息' },
+    { name: 'history-access', pattern: /\bhistory\b|\.bash_history|\.zsh_history/, level: 'high', reason: '访问命令历史，可能包含敏感信息' },
+    { name: 'network-sniff', pattern: /\b(tcpdump|wireshark|nmap|netcat|nc)\b/, level: 'high', reason: '网络嗅探/扫描工具，可能用于攻击' },
+    { name: 'crontab-edit', pattern: /\bcrontab\s+-[er]\b/, level: 'high', reason: '修改定时任务，可能植入持久化后门' },
+    { name: 'systemctl', pattern: /\bsystemctl\s+(stop|disable|mask|restart)\b/, level: 'high', reason: '操作系统服务，可能中断关键服务' },
+];
+/** 敏感信息匹配规则 — 用于输出脱敏 */
+export const SENSITIVE_PATTERNS = [
+    { name: 'AWS Access Key', pattern: /\b(AKIA[0-9A-Z]{16})\b/g, replacement: '[AWS_ACCESS_KEY]' },
+    { name: 'AWS Secret Key', pattern: /\b([A-Za-z0-9/+=]{40})\b/g, replacement: '[AWS_SECRET_KEY]' },
+    { name: 'Generic API Key', pattern: /\b(api[_-]?key|apikey)\s*[:=]\s*['"]?([^\s'"]+)/gi, replacement: '$1=[REDACTED]' },
+    { name: 'Generic Secret', pattern: /\b(secret|token|password|passwd|pwd)\s*[:=]\s*['"]?([^\s'"]+)/gi, replacement: '$1=[REDACTED]' },
+    { name: 'Bearer Token', pattern: /Bearer\s+[A-Za-z0-9\-._~+/]+=*/g, replacement: 'Bearer [REDACTED]' },
+    { name: 'Private Key Block', pattern: /-----BEGIN\s+(RSA\s+)?PRIVATE\s+KEY-----[\s\S]*?-----END\s+(RSA\s+)?PRIVATE\s+KEY-----/g, replacement: '[PRIVATE_KEY_REDACTED]' },
+    { name: 'Connection String', pattern: /\b(mongodb|postgres|mysql|redis):\/\/[^\s]+/gi, replacement: '[CONNECTION_STRING_REDACTED]' },
+    { name: 'Env Var Inline', pattern: /\$\{?[A-Z_]*(KEY|SECRET|TOKEN|PASSWORD|PASSWD)[A-Z_]*\}?/gi, replacement: '[ENV_VAR_REDACTED]' },
+];
+// ===== 持久化授权：文件读写 =====
+/** 读取持久化授权文件 */
+function loadPermissions() {
+    const defaults = {
+        _comment: '安全围栏持久化授权配置 — 由 /authorize always 写入，可手动编辑',
+        rules: [],
+        commands: [],
+    };
+    try {
+        if (!fs.existsSync(PERMISSIONS_FILE))
+            return defaults;
+        const raw = fs.readFileSync(PERMISSIONS_FILE, 'utf-8');
+        const parsed = JSON.parse(raw);
+        return {
+            _comment: parsed._comment ?? defaults._comment,
+            rules: Array.isArray(parsed.rules) ? parsed.rules : [],
+            commands: Array.isArray(parsed.commands) ? parsed.commands : [],
+        };
+    }
+    catch {
+        return defaults;
+    }
+}
+/** 写入持久化授权文件 */
+function savePermissions(perms) {
+    try {
+        if (!fs.existsSync(JARVIS_DIR)) {
+            fs.mkdirSync(JARVIS_DIR, { recursive: true });
+        }
+        fs.writeFileSync(PERMISSIONS_FILE, JSON.stringify(perms, null, 2), 'utf-8');
+    }
+    catch { /* 静默失败，不影响主流程 */ }
+}
+/** 检查命令是否已持久化授权 */
+function isPermanentlyAuthorized(command, ruleName) {
+    const perms = loadPermissions();
+    // 1. 按规则名称授权（整类放行）
+    if (ruleName && perms.rules.includes(ruleName))
+        return true;
+    // 2. 按具体命令授权
+    const trimmed = command.trim();
+    return perms.commands.some((e) => e.command === trimmed);
+}
+// ===== 临时授权：会话级内存 =====
+/** 会话级临时授权集合 */
+const sessionAuthorizedCommands = new Set();
+const sessionAuthorizedRules = new Set();
+// ===== 对外授权 API =====
+/**
+ * 授权命令
+ * @param command 具体命令字符串
+ * @param mode 'once' 仅本次会话 | 'always' 持久化到文件
+ * @param ruleName 可选，关联的规则名称
+ */
+export function authorizeCommand(command, mode = 'once', ruleName) {
+    const trimmed = command.trim();
+    if (mode === 'once') {
+        sessionAuthorizedCommands.add(trimmed);
+    }
+    else {
+        // 持久化写入
+        const perms = loadPermissions();
+        if (!perms.commands.some((e) => e.command === trimmed)) {
+            perms.commands.push({
+                ruleName: ruleName ?? 'unknown',
+                command: trimmed,
+                grantedAt: new Date().toISOString(),
+            });
+            savePermissions(perms);
+        }
+    }
+}
+/**
+ * 按规则名称授权（整类命令放行）
+ * @param ruleName 规则名称（对应 DangerRule.name）
+ * @param mode 'once' 仅本次会话 | 'always' 持久化到文件
+ */
+export function authorizeRule(ruleName, mode = 'once') {
+    if (mode === 'once') {
+        sessionAuthorizedRules.add(ruleName);
+    }
+    else {
+        const perms = loadPermissions();
+        if (!perms.rules.includes(ruleName)) {
+            perms.rules.push(ruleName);
+            savePermissions(perms);
+        }
+    }
+}
+/**
+ * 撤销持久化授权
+ * @param target 规则名称或具体命令
+ */
+export function revokeAuthorization(target) {
+    const perms = loadPermissions();
+    let changed = false;
+    // 尝试从 rules 中移除
+    const ruleIdx = perms.rules.indexOf(target);
+    if (ruleIdx !== -1) {
+        perms.rules.splice(ruleIdx, 1);
+        changed = true;
+    }
+    // 尝试从 commands 中移除
+    const cmdIdx = perms.commands.findIndex((e) => e.command === target || e.ruleName === target);
+    if (cmdIdx !== -1) {
+        perms.commands.splice(cmdIdx, 1);
+        changed = true;
+    }
+    if (changed)
+        savePermissions(perms);
+    return changed;
+}
+/** 列出所有持久化授权 */
+export function listPermanentAuthorizations() {
+    return loadPermissions();
+}
+/** 检查命令是否已授权（临时 + 持久化） */
+export function isAuthorized(command, ruleName) {
+    const trimmed = command.trim();
+    // 1. 会话级临时授权
+    if (sessionAuthorizedCommands.has(trimmed))
+        return true;
+    if (ruleName && sessionAuthorizedRules.has(ruleName))
+        return true;
+    // 2. 持久化授权
+    return isPermanentlyAuthorized(trimmed, ruleName);
+}
+/** 清空会话级临时授权（会话重置时调用，不影响持久化授权） */
+export function clearAuthorizations() {
+    sessionAuthorizedCommands.clear();
+    sessionAuthorizedRules.clear();
+}
+/**
+ * 校验命令是否安全
+ */
+export function validateCommand(command) {
+    for (const rule of DANGER_RULES) {
+        if (rule.pattern.test(command)) {
+            if (rule.level === 'critical') {
+                return {
+                    allowed: false,
+                    reason: `🚫 [禁止执行] ${rule.reason}`,
+                    rule,
+                    canOverride: false,
+                };
+            }
+            // high 级别：先检查是否已授权
+            if (isAuthorized(command, rule.name)) {
+                return { allowed: true };
+            }
+            return {
+                allowed: false,
+                reason: `[危险命令] ${rule.reason}`,
+                rule,
+                canOverride: true,
+            };
+        }
+    }
+    return { allowed: true };
+}
+/**
+ * 对输出文本进行敏感信息脱敏
+ */
+export function sanitizeOutput(text) {
+    let result = text;
+    for (const sp of SENSITIVE_PATTERNS) {
+        result = result.replace(sp.pattern, sp.replacement);
+    }
+    return result;
+}
+/**
+ * 检查文件写入内容是否包含硬编码敏感信息
+ */
+export function detectSensitiveContent(content) {
+    const findings = [];
+    for (const sp of SENSITIVE_PATTERNS) {
+        sp.pattern.lastIndex = 0;
+        if (sp.pattern.test(content)) {
+            findings.push(sp.name);
+        }
+        sp.pattern.lastIndex = 0;
+    }
+    return findings;
+}

package/dist/hooks/useFocus.d.ts

@@ -0,0 +1,12 @@
+/**
+ * 检测终端窗口是否处于激活（聚焦）状态。
+ *
+ * 利用终端 focus reporting 功能：
+ * - 发送 \x1B[?1004h 开启 focus 事件上报
+ * - 终端聚焦时发送 \x1B[I
+ * - 终端失焦时发送 \x1B[O
+ * - 退出时发送 \x1B[?1004l 关闭上报
+ *
+ * 支持的终端：iTerm2, kitty, WezTerm, Windows Terminal, xterm 等
+ */
+export declare function useWindowFocus(): boolean;

package/dist/hooks/useFocus.js

@@ -0,0 +1,35 @@
+import { useState, useEffect } from 'react';
+/**
+ * 检测终端窗口是否处于激活（聚焦）状态。
+ *
+ * 利用终端 focus reporting 功能：
+ * - 发送 \x1B[?1004h 开启 focus 事件上报
+ * - 终端聚焦时发送 \x1B[I
+ * - 终端失焦时发送 \x1B[O
+ * - 退出时发送 \x1B[?1004l 关闭上报
+ *
+ * 支持的终端：iTerm2, kitty, WezTerm, Windows Terminal, xterm 等
+ */
+export function useWindowFocus() {
+    const [focused, setFocused] = useState(true);
+    useEffect(() => {
+        // 开启 focus reporting
+        process.stdout.write('\x1B[?1004h');
+        const onData = (data) => {
+            const str = data.toString('utf-8');
+            if (str.includes('\x1B[I')) {
+                setFocused(true);
+            }
+            else if (str.includes('\x1B[O')) {
+                setFocused(false);
+            }
+        };
+        process.stdin.on('data', onData);
+        return () => {
+            process.stdin.off('data', onData);
+            // 关闭 focus reporting
+            process.stdout.write('\x1B[?1004l');
+        };
+    }, []);
+    return focused;
+}

package/dist/hooks/useInputHistory.d.ts

@@ -0,0 +1,14 @@
+/**
+ * 输入历史记录 hook
+ *
+ * - 上箭头：浏览更早的历史
+ * - 下箭头：浏览更近的历史，到底回到当前输入
+ * - 提交时自动追加到历史
+ */
+export declare function useInputHistory(): {
+    pushHistory: (input: string) => void;
+    navigateUp: (currentInput: string) => string | null;
+    navigateDown: () => string | null;
+    resetNavigation: () => void;
+    historyIndex: number;
+};

package/dist/hooks/useInputHistory.js

@@ -0,0 +1,102 @@
+import { useState, useCallback, useRef } from 'react';
+import fs from 'fs';
+import path from 'path';
+import os from 'os';
+const HISTORY_DIR = path.join(os.homedir(), '.jarvis');
+const HISTORY_FILE = path.join(HISTORY_DIR, '.input_history');
+const MAX_HISTORY = 20;
+/** 从文件加载历史记录 */
+function loadHistory() {
+    try {
+        if (!fs.existsSync(HISTORY_FILE))
+            return [];
+        const content = fs.readFileSync(HISTORY_FILE, 'utf-8').trim();
+        if (!content)
+            return [];
+        return content.split('\n').slice(-MAX_HISTORY);
+    }
+    catch {
+        return [];
+    }
+}
+/** 保存历史记录到文件 */
+function saveHistory(history) {
+    try {
+        if (!fs.existsSync(HISTORY_DIR)) {
+            fs.mkdirSync(HISTORY_DIR, { recursive: true });
+        }
+        fs.writeFileSync(HISTORY_FILE, history.slice(-MAX_HISTORY).join('\n') + '\n', 'utf-8');
+    }
+    catch {
+        // 静默失败
+    }
+}
+/**
+ * 输入历史记录 hook
+ *
+ * - 上箭头：浏览更早的历史
+ * - 下箭头：浏览更近的历史，到底回到当前输入
+ * - 提交时自动追加到历史
+ */
+export function useInputHistory() {
+    const [history, setHistory] = useState(() => loadHistory());
+    // -1 表示当前输入（非历史浏览状态）
+    const [historyIndex, setHistoryIndex] = useState(-1);
+    // 保存用户正在编辑的内容，以便从历史返回时恢复
+    const draftRef = useRef('');
+    /** 添加一条历史记录 */
+    const pushHistory = useCallback((input) => {
+        const trimmed = input.trim();
+        if (!trimmed)
+            return;
+        setHistory((prev) => {
+            // 去重：移除已有的相同记录，再追加到末尾
+            const filtered = prev.filter((h) => h !== trimmed);
+            const next = [...filtered, trimmed].slice(-MAX_HISTORY);
+            saveHistory(next);
+            return next;
+        });
+        setHistoryIndex(-1);
+        draftRef.current = '';
+    }, []);
+    /** 上箭头：向更早的历史移动，返回应显示的文本 */
+    const navigateUp = useCallback((currentInput) => {
+        if (history.length === 0)
+            return null;
+        if (historyIndex === -1) {
+            // 首次进入历史浏览，保存当前输入
+            draftRef.current = currentInput;
+            const newIndex = history.length - 1;
+            setHistoryIndex(newIndex);
+            return history[newIndex];
+        }
+        if (historyIndex > 0) {
+            const newIndex = historyIndex - 1;
+            setHistoryIndex(newIndex);
+            return history[newIndex];
+        }
+        // 已经到最早的记录
+        return null;
+    }, [history, historyIndex]);
+    /** 下箭头：向更近的历史移动，返回应显示的文本 */
+    const navigateDown = useCallback(() => {
+        if (historyIndex === -1)
+            return null;
+        if (historyIndex < history.length - 1) {
+            const newIndex = historyIndex + 1;
+            setHistoryIndex(newIndex);
+            return history[newIndex];
+        }
+        // 回到当前输入
+        setHistoryIndex(-1);
+        return draftRef.current;
+    }, [history, historyIndex]);
+    /** 重置浏览状态（用户开始编辑时调用） */
+    const resetNavigation = useCallback(() => {
+        if (historyIndex !== -1) {
+            setHistoryIndex(-1);
+            draftRef.current = '';
+        }
+    }, [historyIndex]);
+    return { pushHistory, navigateUp, navigateDown, resetNavigation, historyIndex };
+}

package/dist/index.d.ts

@@ -0,0 +1 @@
+export declare function startJarvis(): void;

package/dist/index.js

@@ -0,0 +1,6 @@
+import { jsx as _jsx } from "react/jsx-runtime";
+import { render } from 'ink';
+import REPL from './screens/repl.js';
+export function startJarvis() {
+    render(_jsx(REPL, {}), { exitOnCtrlC: false });
+}

package/dist/screens/repl.d.ts

@@ -0,0 +1 @@
+export default function REPL(): import("react/jsx-runtime").JSX.Element;