@node9/proxy 1.12.0 → 1.12.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/cli.js +435 -391
  2. package/dist/cli.mjs +421 -377
  3. package/dist/index.js +9 -1
  4. package/dist/index.mjs +9 -1
  5. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -2159,7 +2159,12 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2159
2159
  pathTokens = analyzed.paths;
2160
2160
  const INLINE_EXEC_PATTERN = /^(python3?|bash|sh|zsh|perl|ruby|node|php|lua)\s+(-c|-e|-eval)\s/i;
2161
2161
  if (INLINE_EXEC_PATTERN.test(shellCommand.trim())) {
2162
- return { decision: "review", blockedByLabel: "Node9 Standard (Inline Execution)", tier: 3 };
2162
+ return {
2163
+ decision: "review",
2164
+ blockedByLabel: "Node9 Standard (Inline Execution)",
2165
+ ruleDescription: "The AI is running code directly from the command line. Review the full script below before allowing it to execute.",
2166
+ tier: 3
2167
+ };
2163
2168
  }
2164
2169
  const evalVerdict = detectDangerousShellExec(shellCommand);
2165
2170
  if (evalVerdict === "block") {
@@ -2167,6 +2172,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2167
2172
  decision: "block",
2168
2173
  blockedByLabel: "Node9: Eval Remote Execution",
2169
2174
  reason: "eval of remote download (curl/wget) is a near-certain supply-chain attack",
2175
+ ruleDescription: "The AI is downloading a script from the internet and running it immediately without inspection. This is a common way malware gets installed.",
2170
2176
  tier: 3
2171
2177
  };
2172
2178
  }
@@ -2175,6 +2181,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2175
2181
  decision: "review",
2176
2182
  blockedByLabel: "Node9: Eval Dynamic Content",
2177
2183
  reason: "eval of dynamic content (variable or subshell expansion) requires approval",
2184
+ ruleDescription: "The AI is running a command that includes a variable or subshell expansion. The actual command executed at runtime may differ from what is shown here.",
2178
2185
  tier: 3
2179
2186
  };
2180
2187
  }
@@ -2304,6 +2311,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2304
2311
  blockedByLabel: `Project/Global Config \u2014 dangerous word: "${matchedDangerousWord}"`,
2305
2312
  matchedWord: matchedDangerousWord,
2306
2313
  matchedField,
2314
+ ruleDescription: `This command contains a flagged keyword ("${matchedDangerousWord}") from your node9 config. Review it before allowing.`,
2307
2315
  tier: 6
2308
2316
  };
2309
2317
  }
package/dist/index.mjs CHANGED
@@ -2129,7 +2129,12 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2129
2129
  pathTokens = analyzed.paths;
2130
2130
  const INLINE_EXEC_PATTERN = /^(python3?|bash|sh|zsh|perl|ruby|node|php|lua)\s+(-c|-e|-eval)\s/i;
2131
2131
  if (INLINE_EXEC_PATTERN.test(shellCommand.trim())) {
2132
- return { decision: "review", blockedByLabel: "Node9 Standard (Inline Execution)", tier: 3 };
2132
+ return {
2133
+ decision: "review",
2134
+ blockedByLabel: "Node9 Standard (Inline Execution)",
2135
+ ruleDescription: "The AI is running code directly from the command line. Review the full script below before allowing it to execute.",
2136
+ tier: 3
2137
+ };
2133
2138
  }
2134
2139
  const evalVerdict = detectDangerousShellExec(shellCommand);
2135
2140
  if (evalVerdict === "block") {
@@ -2137,6 +2142,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2137
2142
  decision: "block",
2138
2143
  blockedByLabel: "Node9: Eval Remote Execution",
2139
2144
  reason: "eval of remote download (curl/wget) is a near-certain supply-chain attack",
2145
+ ruleDescription: "The AI is downloading a script from the internet and running it immediately without inspection. This is a common way malware gets installed.",
2140
2146
  tier: 3
2141
2147
  };
2142
2148
  }
@@ -2145,6 +2151,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2145
2151
  decision: "review",
2146
2152
  blockedByLabel: "Node9: Eval Dynamic Content",
2147
2153
  reason: "eval of dynamic content (variable or subshell expansion) requires approval",
2154
+ ruleDescription: "The AI is running a command that includes a variable or subshell expansion. The actual command executed at runtime may differ from what is shown here.",
2148
2155
  tier: 3
2149
2156
  };
2150
2157
  }
@@ -2274,6 +2281,7 @@ async function evaluatePolicy(toolName, args, agent, cwd) {
2274
2281
  blockedByLabel: `Project/Global Config \u2014 dangerous word: "${matchedDangerousWord}"`,
2275
2282
  matchedWord: matchedDangerousWord,
2276
2283
  matchedField,
2284
+ ruleDescription: `This command contains a flagged keyword ("${matchedDangerousWord}") from your node9 config. Review it before allowing.`,
2277
2285
  tier: 6
2278
2286
  };
2279
2287
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@node9/proxy",
3
- "version": "1.12.0",
3
+ "version": "1.12.1",
4
4
  "description": "The Sudo Command for AI Agents. Execution Security for Claude Code & MCP.",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.mjs",