@dcl-regenesislabs/opendcl 0.1.0-22237371126.commit-87c447f → 0.1.0-22239132687.commit-eccf1dd

package/README.md

@@ -32,6 +32,7 @@ The result: **more creators building more scenes, faster.**
 - **Integrated commands** — `/init` to scaffold, `/preview` to launch the dev server, `/tasks` to manage running processes, `/review` to audit code
 - **TypeScript validation** — catches type errors immediately after writing code
 - **Free 3D asset catalog** — 900+ CC0-licensed models the agent can suggest and help you use
+- **Permission gate** — prompts for confirmation before destructive bash commands or writes to sensitive files
 - **Session persistence** — pick up where you left off across sessions
 
 ## Quick Start
@@ -154,7 +155,8 @@ opendcl/
 │   ├── dcl-update-check.ts   # Checks npm for newer OpenDCL versions
 │   ├── dcl-validate.ts       # Post-write TypeScript validation
 │   ├── dcl-tasks.ts          # /tasks command (process manager)
-│   └── process-registry.ts   # Shared background process registry
+│   ├── process-registry.ts   # Shared background process registry
+│   └── permissions/           # Permission gate for dangerous operations
 ├── skills/                   # 18 SKILL.md files (domain expertise)
 ├── prompts/                  # System prompt + command templates
 ├── context/                  # SDK7 reference docs + asset catalog

package/dist/index.js

@@ -51,6 +51,7 @@ for (const ext of extensions) {
     args.push("-e", join(extDir, ext));
 }
 args.push("-e", join(extDir, "plan-mode/index.ts"));
+args.push("-e", join(extDir, "permissions/index.ts"));
 // Load all skill directories
 args.push("--skill", join(packageDir, "skills"));
 // Load prompt templates (review, explain — NOT system.md since that's the system prompt)

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AAEzC,uFAAuF;AACvF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;AACtD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;AAC7C,CAAC;AAED,wEAAwE;AACxE,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;AACrD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;IAC9B,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC3F,CAAC;AAED,yCAAyC;AACzC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEnC,iFAAiF;AACjF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;IACtC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,EAAE,OAAO,CAAC,CAAC;IACzE,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACrE,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;AAC7C,CAAC;AAED,sBAAsB;AACtB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;AAC9C,MAAM,UAAU,GAAG;IACjB,gBAAgB;IAChB,gBAAgB;IAChB,aAAa;IACb,eAAe;IACf,cAAc;IACd,qBAAqB;IACrB,iBAAiB;IACjB,eAAe;IACf,qBAAqB;IACrB,eAAe;IACf,cAAc;CACf,CAAC;AACF,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;AACrC,CAAC;AACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAC;AAEpD,6BAA6B;AAC7B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;AAEjD,yFAAyF;AACzF,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC,CAAC;AACtE,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC,CAAC;AAEvE,gFAAgF;AAChF,mEAAmE;AACnE,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,GAAG,CAAC;AAC1C,CAAC;AAED,6EAA6E;AAC7E,sEAAsE;AACtE,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,WAAW,CAAC;AAC3D,eAAe,CAAC,SAAS,CAAC,WAAW,GAAG,UAAU,GAAW;IAC3D,IAAI,GAAG,CAAC,UAAU,CAAC,qBAAqB,CAAC;QAAE,OAAO;IAClD,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AAC/B,CAAC,CAAC;AAEF,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACvB,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;IAC3C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC7E,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AAEzC,uFAAuF;AACvF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;AACtD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;AAC7C,CAAC;AAED,wEAAwE;AACxE,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;AACrD,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;IAC9B,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC3F,CAAC;AAED,yCAAyC;AACzC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AAEnC,iFAAiF;AACjF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;IACtC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,EAAE,OAAO,CAAC,CAAC;IACzE,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACrE,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;AAC7C,CAAC;AAED,sBAAsB;AACtB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;AAC9C,MAAM,UAAU,GAAG;IACjB,gBAAgB;IAChB,gBAAgB;IAChB,aAAa;IACb,eAAe;IACf,cAAc;IACd,qBAAqB;IACrB,iBAAiB;IACjB,eAAe;IACf,qBAAqB;IACrB,eAAe;IACf,cAAc;CACf,CAAC;AACF,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;AACrC,CAAC;AACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAC;AACpD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC,CAAC;AAEtD,6BAA6B;AAC7B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;AAEjD,yFAAyF;AACzF,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC,CAAC;AACtE,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,IAAI,CAAC,UAAU,EAAE,oBAAoB,CAAC,CAAC,CAAC;AAEvE,gFAAgF;AAChF,mEAAmE;AACnE,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;IACb,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,GAAG,CAAC;AAC1C,CAAC;AAED,6EAA6E;AAC7E,sEAAsE;AACtE,MAAM,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,WAAW,CAAC;AAC3D,eAAe,CAAC,SAAS,CAAC,WAAW,GAAG,UAAU,GAAW;IAC3D,IAAI,GAAG,CAAC,UAAU,CAAC,qBAAqB,CAAC;QAAE,OAAO;IAClD,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;AAC/B,CAAC,CAAC;AAEF,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACvB,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;IAC3C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/extensions/permissions/index.ts

@@ -0,0 +1,77 @@
+/**
+ * Permission Gate Extension
+ *
+ * Prompts for confirmation before dangerous bash commands or writes to
+ * sensitive files. Blocks entirely in non-interactive mode.
+ * Disable with --no-permissions flag (for CI/container environments).
+ */
+
+import type { ExtensionFactory } from "@mariozechner/pi-coding-agent";
+import { classifyBashCommand, classifyFilePath } from "./utils.js";
+
+function blockResult(reason: string, detail: string): { block: true; reason: string } {
+  return {
+    block: true,
+    reason: `Blocked: ${reason}\n${detail}\nUse --no-permissions to allow in non-interactive mode.`,
+  };
+}
+
+function denyResult(reason: string): { block: true; reason: string } {
+  return { block: true, reason: `User denied: ${reason}` };
+}
+
+const ALLOW = "Allow";
+const ALWAYS = "Always allow";
+const DENY = "Deny";
+
+const extension: ExtensionFactory = (pi) => {
+  const sessionAllow = new Set<string>();
+
+  pi.registerFlag("no-permissions", {
+    description: "Disable permission gate (skip confirmation prompts for dangerous operations)",
+    type: "boolean",
+    default: false,
+  });
+
+  pi.on("tool_call", async (event, ctx) => {
+    if (pi.getFlag("no-permissions") === true) return;
+
+    const toolName = event.toolName as string;
+
+    if (toolName === "bash") {
+      const command = (event.input as { command?: string }).command ?? "";
+      const reason = classifyBashCommand(command);
+      if (!reason || sessionAllow.has(reason)) return;
+
+      if (!ctx.hasUI) return blockResult(reason, `Command: ${command}`);
+
+      const choice = await ctx.ui.select(
+        `${reason}\nCommand: ${command}`,
+        [ALLOW, ALWAYS, DENY],
+      );
+
+      if (choice === ALWAYS) { sessionAllow.add(reason); return; }
+      if (choice === ALLOW) return;
+      return denyResult(reason);
+    }
+
+    if (toolName === "write" || toolName === "edit") {
+      const filePath = (event.input as { path?: string }).path ?? "";
+      const reason = filePath ? classifyFilePath(filePath, ctx.cwd) : null;
+      if (!reason || sessionAllow.has(reason)) return;
+
+      if (!ctx.hasUI) return blockResult(reason, `Path: ${filePath}`);
+
+      const choice = await ctx.ui.select(
+        `${reason}\nFile: ${filePath}`,
+        [ALLOW, ALWAYS, DENY],
+      );
+
+      if (choice === ALWAYS) { sessionAllow.add(reason); return; }
+      if (choice === ALLOW) return;
+      return denyResult(reason);
+    }
+  });
+};
+
+export default extension;

package/extensions/permissions/utils.ts

@@ -0,0 +1,82 @@
+/**
+ * Pure classification functions for permission gating.
+ * No pi dependency — extracted for testability.
+ */
+
+import { resolve, relative } from "node:path";
+
+interface DenylistEntry {
+  pattern: RegExp;
+  reason: string;
+}
+
+const DANGEROUS_BASH_PATTERNS: DenylistEntry[] = [
+  { pattern: /\brm\b/, reason: "Deletes files or directories" },
+  { pattern: /\brmdir\b/, reason: "Removes directories" },
+  { pattern: /\bmv\b/, reason: "Moves or renames files" },
+  { pattern: /\bchmod\b/, reason: "Changes file permissions" },
+  { pattern: /\bchown\b/, reason: "Changes file ownership" },
+  { pattern: /\bdd\b/, reason: "Low-level disk write" },
+  { pattern: /\bshred\b/, reason: "Securely deletes files" },
+  { pattern: /\bsudo\b/, reason: "Runs with elevated privileges" },
+  { pattern: /\bsu\b/, reason: "Switches user" },
+  { pattern: /\bkill\b/, reason: "Terminates a process" },
+  { pattern: /\bpkill\b/, reason: "Terminates processes by name" },
+  { pattern: /\bkillall\b/, reason: "Terminates all matching processes" },
+  { pattern: /\bgit\s+push\b/i, reason: "Pushes to a remote repository" },
+  { pattern: /\bgit\s+reset\b/i, reason: "Resets git state" },
+  { pattern: /\bgit\s+rebase\b/i, reason: "Rebases git history" },
+  { pattern: /\bnpm\s+install\b/i, reason: "Installs npm packages (may run postinstall scripts)" },
+  { pattern: /\bnpm\s+uninstall\b/i, reason: "Uninstalls npm packages" },
+  { pattern: /\bnpm\s+publish\b/i, reason: "Publishes to npm registry" },
+  { pattern: /\bcurl\b.*(-X\s*(POST|PUT|DELETE|PATCH)|--data|-d\s|-F\s|--upload)/i, reason: "Sends data via HTTP" },
+  { pattern: /\bssh\b/, reason: "Opens remote shell connection" },
+  { pattern: /\bscp\b/, reason: "Copies files to/from remote host" },
+  { pattern: /\breboot\b/, reason: "Reboots the system" },
+  { pattern: /\bshutdown\b/, reason: "Shuts down the system" },
+  { pattern: /\btee\b/, reason: "Writes to files via pipe" },
+  { pattern: /(^|\s)>(?![>&])\s*\S/, reason: "Redirects output to a file" },
+  { pattern: />>/, reason: "Appends output to a file" },
+];
+
+const SENSITIVE_FILE_PATTERNS: DenylistEntry[] = [
+  { pattern: /\.env($|\.)/, reason: "Environment variables (may contain secrets)" },
+  { pattern: /\.pem$/, reason: "Private key file" },
+  { pattern: /\.key$/, reason: "Private key file" },
+  { pattern: /\.crt$/, reason: "Certificate file" },
+  { pattern: /credentials/i, reason: "Credentials file" },
+  { pattern: /\.secret/i, reason: "Secret file" },
+  { pattern: /(^|\/)package\.json$/, reason: "Package manifest (affects dependencies)" },
+  { pattern: /(^|\/)tsconfig\.json$/, reason: "TypeScript configuration" },
+  { pattern: /(^|\/)\.git\//, reason: "Git internal file" },
+];
+
+function findMatchingReason(entries: DenylistEntry[], value: string): string | null {
+  for (const { pattern, reason } of entries) {
+    if (pattern.test(value)) return reason;
+  }
+  return null;
+}
+
+/**
+ * Returns a reason string if the command is dangerous, or null if safe.
+ * Callers can use the return value as both a boolean guard and a message.
+ */
+export function classifyBashCommand(command: string): string | null {
+  return findMatchingReason(DANGEROUS_BASH_PATTERNS, command);
+}
+
+/**
+ * Returns a reason string if the file path is sensitive or outside the
+ * project root, or null if safe.
+ */
+export function classifyFilePath(filePath: string, projectRoot: string): string | null {
+  const resolved = resolve(projectRoot, filePath);
+  const rel = relative(projectRoot, resolved);
+
+  if (rel.startsWith("..")) {
+    return "File is outside the project root";
+  }
+
+  return findMatchingReason(SENSITIVE_FILE_PATTERNS, filePath);
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dcl-regenesislabs/opendcl",
-  "version": "0.1.0-22237371126.commit-87c447f",
+  "version": "0.1.0-22239132687.commit-eccf1dd",
   "description": "AI coding assistant for Decentraland SDK7 scene development",
   "type": "module",
   "bin": {
@@ -61,5 +61,5 @@
     "prompts/",
     "context/"
   ],
-  "commit": "87c447f3a7cbb92fd2dced062e437db0953a91d5"
+  "commit": "eccf1ddf7568056584700b927142426e95be390d"
 }