@diegopetrucci/pi-permission-gate 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +45 -0
  2. package/index.ts +34 -0
  3. package/package.json +27 -0
package/README.md ADDED
@@ -0,0 +1,45 @@
1
+ # permission-gate
2
+
3
+ A small pi extension that prompts for confirmation before running potentially dangerous bash commands.
4
+
5
+ This is adapted from the original `permission-gate.ts` example in [`badlogic/pi-mono`](https://github.com/badlogic/pi-mono/blob/main/packages/coding-agent/examples/extensions/permission-gate.ts) and kept basically the same.
6
+
7
+ ## What it checks
8
+
9
+ - `rm -rf`
10
+ - `sudo`
11
+ - `chmod` / `chown` with `777`
12
+
13
+ If pi is running without an interactive UI, it blocks matching commands by default.
14
+
15
+ ## Install
16
+
17
+ ### Standalone npm package
18
+
19
+ ```bash
20
+ pi install npm:@diegopetrucci/pi-permission-gate
21
+ ```
22
+
23
+ ### Collection package
24
+
25
+ ```bash
26
+ pi install npm:@diegopetrucci/pi-extensions
27
+ ```
28
+
29
+ ### GitHub package
30
+
31
+ ```bash
32
+ pi install git:github.com/diegopetrucci/pi-extensions
33
+ ```
34
+
35
+ Then reload pi:
36
+
37
+ ```text
38
+ /reload
39
+ ```
40
+
41
+ ## Notes
42
+
43
+ - Hooks the `tool_call` event.
44
+ - Only inspects the `bash` tool.
45
+ - Prompts with a simple `Yes` / `No` selector before allowing dangerous commands.
package/index.ts ADDED
@@ -0,0 +1,34 @@
1
+ /**
2
+ * Permission Gate Extension
3
+ *
4
+ * Prompts for confirmation before running potentially dangerous bash commands.
5
+ * Patterns checked: rm -rf, sudo, chmod/chown 777
6
+ */
7
+
8
+ import type { ExtensionAPI } from "@mariozechner/pi-coding-agent";
9
+
10
+ export default function (pi: ExtensionAPI) {
11
+ const dangerousPatterns = [/\brm\s+(-rf?|--recursive)/i, /\bsudo\b/i, /\b(chmod|chown)\b.*777/i];
12
+
13
+ pi.on("tool_call", async (event, ctx) => {
14
+ if (event.toolName !== "bash") return undefined;
15
+
16
+ const command = event.input.command as string;
17
+ const isDangerous = dangerousPatterns.some((p) => p.test(command));
18
+
19
+ if (isDangerous) {
20
+ if (!ctx.hasUI) {
21
+ // In non-interactive mode, block by default
22
+ return { block: true, reason: "Dangerous command blocked (no UI for confirmation)" };
23
+ }
24
+
25
+ const choice = await ctx.ui.select(`⚠️ Dangerous command:\n\n ${command}\n\nAllow?`, ["Yes", "No"]);
26
+
27
+ if (choice !== "Yes") {
28
+ return { block: true, reason: "Blocked by user" };
29
+ }
30
+ }
31
+
32
+ return undefined;
33
+ });
34
+ }
package/package.json ADDED
@@ -0,0 +1,27 @@
1
+ {
2
+ "name": "@diegopetrucci/pi-permission-gate",
3
+ "version": "0.1.0",
4
+ "description": "A pi extension that prompts before dangerous bash commands.",
5
+ "keywords": ["pi-package", "pi", "security", "bash"],
6
+ "license": "MIT",
7
+ "repository": {
8
+ "type": "git",
9
+ "url": "git+https://github.com/diegopetrucci/pi-extensions.git",
10
+ "directory": "extensions/permission-gate"
11
+ },
12
+ "files": [
13
+ "index.ts",
14
+ "README.md"
15
+ ],
16
+ "publishConfig": {
17
+ "access": "public"
18
+ },
19
+ "pi": {
20
+ "extensions": [
21
+ "index.ts"
22
+ ]
23
+ },
24
+ "peerDependencies": {
25
+ "@mariozechner/pi-coding-agent": "*"
26
+ }
27
+ }