@phuetz/code-buddy 0.1.12 → 0.1.14

package/dist/security/code-validator.js

@@ -0,0 +1,185 @@
+/**
+ * Generated Code Validator
+ *
+ * Validates code produced by LLMs before writing to filesystem.
+ * Checks for:
+ * - Security vulnerabilities (SQLi, XSS, command injection)
+ * - Hardcoded secrets
+ * - Suspicious imports/requires
+ * - Prototype pollution patterns
+ * - Unsafe deserialization
+ *
+ * Integrates with text-editor and apply-patch before file writes.
+ */
+import { DANGEROUS_CODE_PATTERNS } from './dangerous-patterns.js';
+/**
+ * Additional language-specific patterns beyond the shared dangerous patterns.
+ */
+const LANGUAGE_PATTERNS = {
+    python: [
+        { pattern: /\bos\.system\s*\(/, severity: 'high', description: 'os.system() call', name: 'os-system', category: 'code_execution', appliesTo: ['code'] },
+        { pattern: /\bsubprocess\.(?:call|run|Popen)\s*\(.*shell\s*=\s*True/i, severity: 'high', description: 'subprocess with shell=True', name: 'subprocess-shell', category: 'code_execution', appliesTo: ['code'] },
+        { pattern: /\b__import__\s*\(/, severity: 'high', description: 'Dynamic __import__', name: 'python-dynamic-import', category: 'dynamic_import', appliesTo: ['code'] },
+        { pattern: /\bMarshal\.loads?\b/, severity: 'high', description: 'Ruby-style Marshal deserialization', name: 'marshal-load', category: 'code_execution', appliesTo: ['code'] },
+    ],
+    sql: [
+        { pattern: /\bDROP\s+(?:TABLE|DATABASE|INDEX|VIEW)\b/i, severity: 'high', description: 'DROP statement', name: 'sql-drop', category: 'filesystem_destruction', appliesTo: ['code'] },
+        { pattern: /\bTRUNCATE\s+TABLE\b/i, severity: 'high', description: 'TRUNCATE TABLE', name: 'sql-truncate', category: 'filesystem_destruction', appliesTo: ['code'] },
+        { pattern: /\bGRANT\s+ALL\b/i, severity: 'medium', description: 'GRANT ALL privileges', name: 'sql-grant-all', category: 'privilege_escalation', appliesTo: ['code'] },
+    ],
+    shell: [
+        { pattern: /\bchmod\s+[0-7]{3,4}\b/, severity: 'medium', description: 'chmod with octal permissions', name: 'shell-chmod', category: 'privilege_escalation', appliesTo: ['code'] },
+        { pattern: /\bcurl\s+.*-k\b/, severity: 'medium', description: 'curl with insecure flag', name: 'curl-insecure', category: 'network_exfiltration', appliesTo: ['code'] },
+    ],
+    html: [
+        { pattern: /<script\b[^>]*>[\s\S]*?<\/script>/i, severity: 'medium', description: 'Inline script tag', name: 'inline-script', category: 'command_injection', appliesTo: ['code'] },
+        { pattern: /\bon\w+\s*=\s*['"]/i, severity: 'medium', description: 'Inline event handler', name: 'inline-handler', category: 'command_injection', appliesTo: ['code'] },
+        { pattern: /javascript:/i, severity: 'high', description: 'javascript: protocol', name: 'js-protocol', category: 'command_injection', appliesTo: ['code'] },
+    ],
+};
+/**
+ * Suspicious npm package names that might indicate typosquatting or malicious intent.
+ */
+const SUSPICIOUS_PACKAGES = [
+    /\brequire\s*\(\s*['"](?:color-string|event-stream|flatmap-stream|ua-parser-js-malicious|malicious-[a-z]+)\b/i,
+    /\bfrom\s+['"](?:crossenv|cross-env\.js|babelcli|babel-cli\.js|d3\.js|fabric-js|ffmepg|gruntcli|http-proxy\.js|jquery\.js|mariadb|mongose|mssql\.js|mssql-node|mysqljs|node-hierarchypsi|node-mailer|node-tesseract|nodefabric|nodemailer\.js|noderequest|nodesass|nodefetch|sqliter)\b/i,
+];
+/**
+ * Detect the language from file extension or content heuristics.
+ */
+export function detectLanguage(filePath, code) {
+    if (filePath) {
+        const ext = filePath.split('.').pop()?.toLowerCase();
+        const map = {
+            ts: 'typescript', tsx: 'typescript', mts: 'typescript',
+            js: 'javascript', jsx: 'javascript', mjs: 'javascript', cjs: 'javascript',
+            py: 'python', rb: 'ruby', go: 'go', java: 'java',
+            sh: 'shell', bash: 'shell', zsh: 'shell',
+            sql: 'sql', html: 'html', htm: 'html',
+        };
+        if (ext && map[ext])
+            return map[ext];
+    }
+    // Content heuristics
+    if (code) {
+        if (/^#!\/.*\b(ba)?sh\b/.test(code))
+            return 'shell';
+        if (/^#!\/.*python/.test(code))
+            return 'python';
+        if (/\bimport\s+\w+\s+from\s+['"]/.test(code))
+            return 'typescript';
+        if (/\bdef\s+\w+\s*\(.*\):\s*$/m.test(code))
+            return 'python';
+        if (/\bpackage\s+\w+\b/.test(code) && /\bfunc\s+\w+\b/.test(code))
+            return 'go';
+        if (/\bSELECT\b.*\bFROM\b/i.test(code))
+            return 'sql';
+        if (/<html\b|<!DOCTYPE/i.test(code))
+            return 'html';
+    }
+    return 'unknown';
+}
+/**
+ * Validate generated code for security issues.
+ *
+ * @param code - The code content to validate
+ * @param language - Language hint (auto-detected if not provided)
+ * @param filePath - Optional file path for better language detection
+ * @returns Validation result with findings
+ */
+export function validateGeneratedCode(code, language, filePath) {
+    const detectedLang = language || detectLanguage(filePath, code);
+    const findings = [];
+    const lines = code.split('\n');
+    // Collect applicable patterns
+    const patterns = [
+        ...DANGEROUS_CODE_PATTERNS.filter(p => p.appliesTo.includes('code')),
+        ...(LANGUAGE_PATTERNS[detectedLang] || []),
+    ];
+    // Scan each line
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        const lineNum = i + 1;
+        // Skip comment lines
+        if (isCommentLine(line, detectedLang))
+            continue;
+        for (const pattern of patterns) {
+            if (pattern.pattern.test(line)) {
+                findings.push({
+                    severity: pattern.severity,
+                    name: pattern.name,
+                    description: pattern.description,
+                    line: lineNum,
+                    evidence: line.trim().slice(0, 150),
+                    category: pattern.category,
+                });
+            }
+        }
+        // Check for suspicious package imports
+        for (const pkgPattern of SUSPICIOUS_PACKAGES) {
+            if (pkgPattern.test(line)) {
+                findings.push({
+                    severity: 'critical',
+                    name: 'suspicious-package',
+                    description: 'Import of known suspicious/malicious package',
+                    line: lineNum,
+                    evidence: line.trim().slice(0, 150),
+                    category: 'dynamic_import',
+                });
+            }
+        }
+    }
+    // Count by severity
+    const counts = {
+        critical: 0, high: 0, medium: 0, low: 0, info: 0,
+    };
+    for (const f of findings) {
+        counts[f.severity]++;
+    }
+    // Safe = no critical or high findings
+    const safe = counts.critical === 0 && counts.high === 0;
+    return { safe, findings, counts, language: detectedLang };
+}
+/**
+ * Check if a line is a comment (language-specific).
+ */
+function isCommentLine(line, language) {
+    const trimmed = line.trim();
+    switch (language) {
+        case 'typescript':
+        case 'javascript':
+        case 'java':
+        case 'go':
+            return trimmed.startsWith('//') || trimmed.startsWith('/*') || trimmed.startsWith('*');
+        case 'python':
+        case 'ruby':
+        case 'shell':
+            return trimmed.startsWith('#');
+        case 'sql':
+            return trimmed.startsWith('--') || trimmed.startsWith('/*');
+        case 'html':
+            return trimmed.startsWith('<!--');
+        default:
+            return trimmed.startsWith('//') || trimmed.startsWith('#');
+    }
+}
+/**
+ * Format validation result as human-readable report.
+ */
+export function formatValidationReport(result) {
+    if (result.findings.length === 0) {
+        return 'Code validation: No security issues found.';
+    }
+    const lines = [];
+    const status = result.safe ? 'PASS (warnings only)' : 'FAIL';
+    lines.push(`Code Validation: ${status} — ${result.findings.length} findings (${result.language})`);
+    lines.push(`  Critical: ${result.counts.critical} | High: ${result.counts.high} | Medium: ${result.counts.medium} | Low: ${result.counts.low}`);
+    lines.push('');
+    for (const f of result.findings) {
+        const sev = f.severity.toUpperCase().padEnd(8);
+        lines.push(`  [${sev}] L${f.line}: ${f.description}`);
+        lines.push(`           ${f.evidence}`);
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=code-validator.js.map

package/dist/security/code-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-validator.js","sourceRoot":"","sources":["../../src/security/code-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,uBAAuB,EAAqC,MAAM,yBAAyB,CAAC;AA0BrG;;GAEG;AACH,MAAM,iBAAiB,GAAuC;IAC5D,MAAM,EAAE;QACN,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,kBAAkB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QACvJ,EAAE,OAAO,EAAE,0DAA0D,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QAC/M,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QACrK,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,oCAAoC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;KAC/K;IACD,GAAG,EAAE;QACH,EAAE,OAAO,EAAE,2CAA2C,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QACpL,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QACpK,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;KACvK;IACD,KAAK,EAAE;QACL,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QAClL,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,yBAAyB,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;KACzK;IACD,IAAI,EAAE;QACJ,EAAE,OAAO,EAAE,oCAAoC,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QAClL,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;QACvK,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;KAC5J;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAa;IACpC,8GAA8G;IAC9G,yRAAyR;CAC1R,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAAiB,EAAE,IAAa;IAC7D,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,CAAC;QACrD,MAAM,GAAG,GAAsC;YAC7C,EAAE,EAAE,YAAY,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,EAAE,YAAY;YACtD,EAAE,EAAE,YAAY,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,EAAE,YAAY;YACzE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM;YAChD,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO;YACxC,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;SACtC,CAAC;QACF,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;IACvC,CAAC;IAED,qBAAqB;IACrB,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,OAAO,CAAC;QACpD,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,QAAQ,CAAC;QAChD,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,YAAY,CAAC;QACnE,IAAI,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC7D,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QAC/E,IAAI,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QACrD,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO,MAAM,CAAC;IACrD,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAY,EACZ,QAAiB,EACjB,QAAiB;IAEjB,MAAM,YAAY,GAAI,QAA8B,IAAI,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACvF,MAAM,QAAQ,GAA4B,EAAE,CAAC;IAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE/B,8BAA8B;IAC9B,MAAM,QAAQ,GAAuB;QACnC,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACpE,GAAG,CAAC,iBAAiB,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;KAC3C,CAAC;IAEF,iBAAiB;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;QAEtB,qBAAqB;QACrB,IAAI,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC;YAAE,SAAS;QAEhD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,IAAI,EAAE,OAAO;oBACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACnC,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,KAAK,MAAM,UAAU,IAAI,mBAAmB,EAAE,CAAC;YAC7C,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1B,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,UAAU;oBACpB,IAAI,EAAE,oBAAoB;oBAC1B,WAAW,EAAE,8CAA8C;oBAC3D,IAAI,EAAE,OAAO;oBACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACnC,QAAQ,EAAE,gBAAgB;iBAC3B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,MAAM,GAAoC;QAC9C,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC;KACjD,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;IACvB,CAAC;IAED,sCAAsC;IACtC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC,CAAC;IAExD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,IAAY,EAAE,QAA2B;IAC9D,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,YAAY,CAAC;QAClB,KAAK,YAAY,CAAC;QAClB,KAAK,MAAM,CAAC;QACZ,KAAK,IAAI;YACP,OAAO,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACzF,KAAK,QAAQ,CAAC;QACd,KAAK,MAAM,CAAC;QACZ,KAAK,OAAO;YACV,OAAO,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,KAAK,KAAK;YACR,OAAO,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC9D,KAAK,MAAM;YACT,OAAO,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACpC;YACE,OAAO,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAA4B;IACjE,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO,4CAA4C,CAAC;IACtD,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,MAAM,CAAC;IAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,MAAM,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,cAAc,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC;IACnG,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,CAAC,QAAQ,YAAY,MAAM,CAAC,MAAM,CAAC,IAAI,cAAc,MAAM,CAAC,MAAM,CAAC,MAAM,WAAW,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;IAChJ,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/security/dangerous-patterns.d.ts

@@ -0,0 +1,68 @@
+/**
+ * Centralized Dangerous Patterns Registry
+ *
+ * Single source of truth for all dangerous pattern detection across:
+ * - Bash command validation (bash tool, command-validator)
+ * - Skill scanner (static analysis of SKILL.md files)
+ * - Input validators (validators.ts)
+ * - Bash parser (containsDangerousCommand)
+ * - Code validator (generated code checks)
+ *
+ * Consolidates patterns previously scattered across 4+ files.
+ */
+export type PatternSeverity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export type PatternCategory = 'filesystem_destruction' | 'remote_code_execution' | 'command_injection' | 'privilege_escalation' | 'network_exfiltration' | 'encoding_bypass' | 'code_execution' | 'dynamic_import' | 'prototype_pollution' | 'secret_exposure' | 'shell_injection' | 'system_control' | 'credential_access';
+export interface DangerousPattern {
+    /** Regex to match */
+    pattern: RegExp;
+    /** Severity level */
+    severity: PatternSeverity;
+    /** Human-readable description */
+    description: string;
+    /** Short identifier */
+    name: string;
+    /** Classification category */
+    category: PatternCategory;
+    /** Which subsystems use this pattern */
+    appliesTo: Array<'bash' | 'skill' | 'code' | 'command'>;
+}
+/**
+ * Commands that are always dangerous regardless of arguments.
+ * Used by bash-parser's containsDangerousCommand() and bash tool's BLOCKED_COMMANDS.
+ */
+export declare const DANGEROUS_COMMANDS: ReadonlySet<string>;
+/**
+ * Patterns that should block command execution.
+ * Merged from bash tool's BLOCKED_PATTERNS + validators DANGEROUS_COMMAND_PATTERNS.
+ */
+export declare const DANGEROUS_BASH_PATTERNS: DangerousPattern[];
+/**
+ * Patterns for scanning code content (skill files, LLM output).
+ * Merged from skill-scanner's DANGEROUS_PATTERNS + new additions.
+ */
+export declare const DANGEROUS_CODE_PATTERNS: DangerousPattern[];
+/**
+ * Get all patterns applicable to a specific subsystem.
+ */
+export declare function getPatternsFor(subsystem: 'bash' | 'skill' | 'code' | 'command'): DangerousPattern[];
+/**
+ * Get patterns at or above a given severity level.
+ */
+export declare function getPatternsBySeverity(minSeverity: PatternSeverity, patterns?: DangerousPattern[]): DangerousPattern[];
+/**
+ * Get patterns by category.
+ */
+export declare function getPatternsByCategory(category: PatternCategory, patterns?: DangerousPattern[]): DangerousPattern[];
+/**
+ * Check if a string matches any dangerous pattern for the given subsystem.
+ * Returns the first matching pattern or null.
+ */
+export declare function matchDangerousPattern(text: string, subsystem: 'bash' | 'skill' | 'code' | 'command'): DangerousPattern | null;
+/**
+ * Check if a string matches any dangerous patterns, returning all matches.
+ */
+export declare function matchAllDangerousPatterns(text: string, subsystem: 'bash' | 'skill' | 'code' | 'command'): DangerousPattern[];
+/**
+ * Check if a command name is in the dangerous commands set.
+ */
+export declare function isDangerousCommand(commandName: string): boolean;

package/dist/security/dangerous-patterns.js

@@ -0,0 +1,218 @@
+/**
+ * Centralized Dangerous Patterns Registry
+ *
+ * Single source of truth for all dangerous pattern detection across:
+ * - Bash command validation (bash tool, command-validator)
+ * - Skill scanner (static analysis of SKILL.md files)
+ * - Input validators (validators.ts)
+ * - Bash parser (containsDangerousCommand)
+ * - Code validator (generated code checks)
+ *
+ * Consolidates patterns previously scattered across 4+ files.
+ */
+// ============================================================================
+// Dangerous Commands (for parsed command name matching)
+// ============================================================================
+/**
+ * Commands that are always dangerous regardless of arguments.
+ * Used by bash-parser's containsDangerousCommand() and bash tool's BLOCKED_COMMANDS.
+ */
+export const DANGEROUS_COMMANDS = new Set([
+    // Destructive file operations
+    'rm', 'shred', 'wipefs', 'rmdir',
+    // Disk operations
+    'mkfs', 'fdisk', 'parted', 'dd',
+    // Permission changes
+    'chmod', 'chown', 'chgrp',
+    // Privilege escalation
+    'sudo', 'su', 'doas',
+    // Network tools (dangerous modes)
+    'nc', 'netcat', 'ncat', 'socat',
+    // Insecure protocols
+    'telnet', 'ftp',
+    // Port scanning / packet capture
+    'nmap', 'masscan', 'tcpdump', 'wireshark', 'tshark',
+    // Process tracing / debugging
+    'strace', 'ltrace', 'ptrace', 'gdb', 'lldb',
+    // System control
+    'reboot', 'shutdown', 'poweroff', 'halt',
+    'init', 'systemctl', 'service',
+    // Firewall
+    'iptables', 'ip6tables', 'nft', 'firewall-cmd',
+    // Mount operations
+    'mount', 'umount',
+    // Kernel modules
+    'insmod', 'rmmod', 'modprobe', 'sysctl',
+    // Scheduled tasks
+    'crontab', 'at',
+    // User management
+    'useradd', 'userdel', 'usermod', 'groupadd',
+    'passwd', 'chpasswd', 'visudo',
+    // SSH / GPG / certs
+    'ssh-keygen', 'ssh-add', 'gpg', 'openssl',
+    // Kill (process control)
+    'kill', 'killall', 'pkill',
+]);
+// ============================================================================
+// Dangerous Bash Patterns (regex-based, for full command strings)
+// ============================================================================
+/**
+ * Patterns that should block command execution.
+ * Merged from bash tool's BLOCKED_PATTERNS + validators DANGEROUS_COMMAND_PATTERNS.
+ */
+export const DANGEROUS_BASH_PATTERNS = [
+    // --- Filesystem destruction ---
+    { pattern: /rm\s+(-rf?|--recursive)\s+[/~]/i, severity: 'critical', description: 'Recursive force delete from root or home', name: 'rm-rf-root', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: /rm\s+.*\/\s*$/i, severity: 'high', description: 'Delete ending with directory path', name: 'rm-dir-path', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: />\s*\/dev\/sd[a-z]/i, severity: 'critical', description: 'Write to disk device', name: 'write-disk-device', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: /dd\s+.*if=.*of=\/dev/i, severity: 'critical', description: 'dd to disk device', name: 'dd-device', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: /mkfs/i, severity: 'critical', description: 'Format filesystem', name: 'mkfs', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: /:\(\)\s*\{\s*:\|:&\s*\};:/, severity: 'critical', description: 'Fork bomb', name: 'fork-bomb', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: /chmod\s+-R\s+777\s+\//i, severity: 'critical', description: 'chmod 777 on root', name: 'chmod-777-root', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    { pattern: />\s*\/etc\/(passwd|shadow|sudoers)/i, severity: 'critical', description: 'Overwrite system files', name: 'overwrite-sys-files', category: 'filesystem_destruction', appliesTo: ['bash', 'command'] },
+    // --- Remote code execution via pipe to shell ---
+    { pattern: /wget.*\|\s*(ba)?sh/i, severity: 'critical', description: 'wget | sh (remote code execution)', name: 'wget-pipe-sh', category: 'remote_code_execution', appliesTo: ['bash', 'command'] },
+    { pattern: /curl.*\|\s*(ba)?sh/i, severity: 'critical', description: 'curl | sh (remote code execution)', name: 'curl-pipe-sh', category: 'remote_code_execution', appliesTo: ['bash', 'command'] },
+    { pattern: /sudo\s+(rm|dd|mkfs)/i, severity: 'critical', description: 'Sudo with dangerous command', name: 'sudo-dangerous', category: 'privilege_escalation', appliesTo: ['bash', 'command'] },
+    // --- Command injection via substitution ---
+    { pattern: /\$\([^)]*(?:rm|dd|mkfs|chmod|chown|curl|wget|nc|netcat|bash|sh|eval|exec)/i, severity: 'high', description: 'Dangerous command in $() substitution', name: 'subst-dangerous', category: 'command_injection', appliesTo: ['bash'] },
+    { pattern: /`[^`]*(?:rm|dd|mkfs|chmod|chown|curl|wget|nc|netcat|bash|sh|eval|exec)/i, severity: 'high', description: 'Dangerous command in backtick substitution', name: 'backtick-dangerous', category: 'command_injection', appliesTo: ['bash'] },
+    // --- Secret variable expansion ---
+    { pattern: /\$\{?(?:GROK_API_KEY|AWS_SECRET|AWS_ACCESS_KEY|AWS_SESSION_TOKEN|GITHUB_TOKEN|NPM_TOKEN|MORPH_API_KEY|DATABASE_URL|DB_PASSWORD|SECRET_KEY|PRIVATE_KEY|API_KEY|API_SECRET|AUTH_TOKEN|ACCESS_TOKEN|OPENAI_API_KEY|ANTHROPIC_API_KEY|SLACK_TOKEN|DISCORD_TOKEN)\}?/i, severity: 'high', description: 'Secret variable expansion', name: 'secret-var-expand', category: 'secret_exposure', appliesTo: ['bash'] },
+    // --- Eval and exec injection ---
+    { pattern: /\beval\s+.*\$/i, severity: 'high', description: 'eval with variable expansion', name: 'eval-var', category: 'code_execution', appliesTo: ['bash', 'command'] },
+    { pattern: /\bexec\s+\d*[<>]/i, severity: 'high', description: 'exec with redirections', name: 'exec-redirect', category: 'code_execution', appliesTo: ['bash', 'command'] },
+    // --- Encoding bypass attempts ---
+    { pattern: /\\x[0-9a-f]{2}/i, severity: 'high', description: 'Hex escape sequences', name: 'hex-escape', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\\[0-7]{3}/, severity: 'high', description: 'Octal escape sequences', name: 'octal-escape', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\$'\\x/i, severity: 'high', description: 'ANSI-C quoting with hex', name: 'ansi-c-hex', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\$'\\[0-7]/, severity: 'high', description: 'ANSI-C quoting with octal', name: 'ansi-c-octal', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\$'[^']*\\[nrtbfv]/i, severity: 'medium', description: 'ANSI-C with special escape sequences', name: 'ansi-c-special', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /base64\s+(-d|--decode).*\|\s*(ba)?sh/i, severity: 'critical', description: 'Base64 decode piped to shell', name: 'base64-pipe-sh', category: 'encoding_bypass', appliesTo: ['bash', 'command'] },
+    // --- Network exfiltration ---
+    { pattern: /\|\s*(nc|netcat|curl|wget)\s+[^|]*(>|>>)/i, severity: 'high', description: 'Pipe to network tool with redirect', name: 'net-redirect', category: 'network_exfiltration', appliesTo: ['bash'] },
+    { pattern: />\s*\/dev\/(tcp|udp)\//i, severity: 'critical', description: 'Bash network redirection', name: 'dev-tcp', category: 'network_exfiltration', appliesTo: ['bash'] },
+    { pattern: /\bnc\s+-[elp]/i, severity: 'high', description: 'Netcat listen/exec modes', name: 'nc-listen', category: 'network_exfiltration', appliesTo: ['bash'] },
+    { pattern: /\bbash\s+-i\s+>&?\s*\/dev\/(tcp|udp)/i, severity: 'critical', description: 'Bash reverse shell', name: 'bash-reverse-shell', category: 'network_exfiltration', appliesTo: ['bash'] },
+    { pattern: /nc\s+.*-e\s+.*sh/i, severity: 'critical', description: 'Netcat reverse shell', name: 'nc-reverse-shell', category: 'network_exfiltration', appliesTo: ['bash', 'command'] },
+    // --- Additional bypass patterns ---
+    { pattern: /\bprintf\s+['"]%b['"].*\\x/i, severity: 'high', description: 'printf %b with hex (bypass attempt)', name: 'printf-hex', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\becho\s+-e\s+.*\\x/i, severity: 'high', description: 'echo -e with hex', name: 'echo-hex', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\becho\s+\$'\\x/i, severity: 'high', description: 'echo with ANSI-C quoting', name: 'echo-ansi', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\bxxd\s+-r.*\|\s*(ba)?sh/i, severity: 'critical', description: 'xxd decode to shell', name: 'xxd-pipe-sh', category: 'encoding_bypass', appliesTo: ['bash'] },
+    { pattern: /\bpython[23]?\s+-c\s+['"].*(?:exec|eval|os\.system|subprocess|__import__)/i, severity: 'high', description: 'Python code execution', name: 'python-exec', category: 'code_execution', appliesTo: ['bash'] },
+    { pattern: /\bperl\s+-e\s+['"].*(?:system|exec|`)/i, severity: 'high', description: 'Perl code execution', name: 'perl-exec', category: 'code_execution', appliesTo: ['bash'] },
+    { pattern: /\bruby\s+-e\s+['"].*(?:system|exec|`)/i, severity: 'high', description: 'Ruby code execution', name: 'ruby-exec', category: 'code_execution', appliesTo: ['bash'] },
+    { pattern: /\bnode\s+-e\s+['"].*(?:exec|spawn|child_process)/i, severity: 'high', description: 'Node.js code execution', name: 'node-exec', category: 'code_execution', appliesTo: ['bash'] },
+    { pattern: /\bawk\s+.*\bsystem\s*\(/i, severity: 'high', description: 'awk system() call', name: 'awk-system', category: 'code_execution', appliesTo: ['bash'] },
+    { pattern: /\bsed\s+.*e\b/i, severity: 'medium', description: 'sed with e flag (exec)', name: 'sed-exec', category: 'code_execution', appliesTo: ['bash'] },
+];
+// ============================================================================
+// Code Scanning Patterns (for skill files and generated code)
+// ============================================================================
+/**
+ * Patterns for scanning code content (skill files, LLM output).
+ * Merged from skill-scanner's DANGEROUS_PATTERNS + new additions.
+ */
+export const DANGEROUS_CODE_PATTERNS = [
+    // --- Code execution ---
+    { pattern: /\beval\s*\(/, severity: 'critical', description: 'Dynamic code execution via eval()', name: 'eval', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bnew\s+Function\s*\(/, severity: 'critical', description: 'Dynamic function creation', name: 'new-function', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bchild_process\b/, severity: 'high', description: 'Child process module usage', name: 'child_process', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bexecSync\s*\(/, severity: 'high', description: 'Synchronous command execution', name: 'execSync', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bexecFile\s*\(/, severity: 'high', description: 'File execution', name: 'execFile', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bspawn\s*\(/, severity: 'medium', description: 'Process spawning', name: 'spawn', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bexec\s*\(/, severity: 'high', description: 'Command execution', name: 'exec', category: 'code_execution', appliesTo: ['skill', 'code'] },
+    // --- Filesystem dangers ---
+    { pattern: /\brm\s+-rf\b/, severity: 'critical', description: 'Recursive force delete', name: 'rm-rf', category: 'filesystem_destruction', appliesTo: ['skill', 'code'] },
+    { pattern: /\bunlinkSync\s*\(/, severity: 'medium', description: 'Synchronous file deletion', name: 'unlinkSync', category: 'filesystem_destruction', appliesTo: ['skill', 'code'] },
+    { pattern: /\bwriteFileSync\s*\(/, severity: 'low', description: 'Synchronous file write', name: 'writeFileSync', category: 'filesystem_destruction', appliesTo: ['skill'] },
+    { pattern: /\brmdirSync\s*\(/, severity: 'medium', description: 'Directory removal', name: 'rmdirSync', category: 'filesystem_destruction', appliesTo: ['skill', 'code'] },
+    // --- Network ---
+    { pattern: /\bfetch\s*\(\s*['"`]http/, severity: 'medium', description: 'External HTTP request', name: 'fetch-http', category: 'network_exfiltration', appliesTo: ['skill'] },
+    { pattern: /\baxios\b/, severity: 'low', description: 'HTTP client library usage', name: 'axios', category: 'network_exfiltration', appliesTo: ['skill'] },
+    { pattern: /\brequire\s*\(\s*['"`]https?['"`]\s*\)/, severity: 'medium', description: 'HTTP module import', name: 'http-require', category: 'network_exfiltration', appliesTo: ['skill'] },
+    { pattern: /\bWebSocket\b/, severity: 'medium', description: 'WebSocket usage', name: 'websocket', category: 'network_exfiltration', appliesTo: ['skill'] },
+    // --- Dynamic imports ---
+    { pattern: /\brequire\s*\(\s*[a-zA-Z_$\[]/, severity: 'high', description: 'Dynamic require with variable', name: 'dynamic-require', category: 'dynamic_import', appliesTo: ['skill', 'code'] },
+    { pattern: /\bimport\s*\(\s*[a-zA-Z_$\[]/, severity: 'high', description: 'Dynamic import with variable', name: 'dynamic-import', category: 'dynamic_import', appliesTo: ['skill', 'code'] },
+    // --- Environment/secrets ---
+    { pattern: /process\.env\[/, severity: 'low', description: 'Dynamic environment variable access', name: 'env-dynamic', category: 'secret_exposure', appliesTo: ['skill'] },
+    { pattern: /\b(API_KEY|SECRET|PASSWORD|TOKEN)\b/i, severity: 'info', description: 'Possible secret reference', name: 'secret-ref', category: 'secret_exposure', appliesTo: ['skill'] },
+    // --- Prototype pollution ---
+    { pattern: /__proto__/, severity: 'high', description: 'Prototype pollution risk', name: 'proto', category: 'prototype_pollution', appliesTo: ['skill', 'code'] },
+    { pattern: /\bconstructor\s*\[/, severity: 'high', description: 'Constructor access via bracket notation', name: 'constructor-bracket', category: 'prototype_pollution', appliesTo: ['skill', 'code'] },
+    // --- Shell injection in code ---
+    { pattern: /`\$\{.*\}`/, severity: 'medium', description: 'Template literal with interpolation (potential injection)', name: 'template-injection', category: 'shell_injection', appliesTo: ['skill', 'code'] },
+    { pattern: /\$\(.*\)/, severity: 'medium', description: 'Shell command substitution', name: 'shell-subst', category: 'shell_injection', appliesTo: ['skill'] },
+    // --- SQL injection patterns (for generated code) ---
+    { pattern: /['"`]\s*\+\s*\w+\s*\+\s*['"`].*(?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER|CREATE)\b/i, severity: 'high', description: 'SQL string concatenation (injection risk)', name: 'sql-concat', category: 'command_injection', appliesTo: ['code'] },
+    { pattern: /\b(?:query|execute|exec)\s*\(\s*['"`].*\$\{/i, severity: 'high', description: 'SQL template literal interpolation', name: 'sql-template', category: 'command_injection', appliesTo: ['code'] },
+    { pattern: /\b(?:query|execute|exec)\s*\(\s*\w+\s*\+/i, severity: 'medium', description: 'SQL with string concatenation', name: 'sql-string-concat', category: 'command_injection', appliesTo: ['code'] },
+    // --- XSS patterns (for generated code) ---
+    { pattern: /\.innerHTML\s*=\s*(?!\s*['"`]\s*['"`])/, severity: 'high', description: 'innerHTML assignment (XSS risk)', name: 'innerHTML', category: 'command_injection', appliesTo: ['code'] },
+    { pattern: /document\.write\s*\(/, severity: 'high', description: 'document.write (XSS risk)', name: 'document-write', category: 'command_injection', appliesTo: ['code'] },
+    { pattern: /\bdangerouslySetInnerHTML\b/, severity: 'medium', description: 'React dangerouslySetInnerHTML', name: 'react-dangerous-html', category: 'command_injection', appliesTo: ['code'] },
+    // --- Hardcoded secrets ---
+    { pattern: /(?:password|passwd|pwd|secret|token|api_key|apikey)\s*[:=]\s*['"][^'"]{8,}['"]/i, severity: 'high', description: 'Hardcoded secret in code', name: 'hardcoded-secret', category: 'secret_exposure', appliesTo: ['code'] },
+    { pattern: /-----BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY-----/, severity: 'critical', description: 'Private key in code', name: 'private-key', category: 'secret_exposure', appliesTo: ['code', 'skill'] },
+    // --- Unsafe deserialization ---
+    { pattern: /\bpickle\.loads?\b/, severity: 'high', description: 'Python pickle deserialization', name: 'pickle-loads', category: 'code_execution', appliesTo: ['code'] },
+    { pattern: /\byaml\.load\s*\((?!.*Loader)/, severity: 'medium', description: 'Unsafe YAML load (no Loader specified)', name: 'yaml-unsafe-load', category: 'code_execution', appliesTo: ['code'] },
+    { pattern: /\bJSON\.parse\s*\(.*\bthen\b/, severity: 'low', description: 'JSON.parse in promise chain (may swallow errors)', name: 'json-parse-promise', category: 'code_execution', appliesTo: ['code'] },
+];
+// ============================================================================
+// Helper functions
+// ============================================================================
+/**
+ * Get all patterns applicable to a specific subsystem.
+ */
+export function getPatternsFor(subsystem) {
+    return [
+        ...DANGEROUS_BASH_PATTERNS.filter(p => p.appliesTo.includes(subsystem)),
+        ...DANGEROUS_CODE_PATTERNS.filter(p => p.appliesTo.includes(subsystem)),
+    ];
+}
+/**
+ * Get patterns at or above a given severity level.
+ */
+export function getPatternsBySeverity(minSeverity, patterns) {
+    const severityOrder = ['info', 'low', 'medium', 'high', 'critical'];
+    const minIndex = severityOrder.indexOf(minSeverity);
+    const source = patterns ?? [...DANGEROUS_BASH_PATTERNS, ...DANGEROUS_CODE_PATTERNS];
+    return source.filter(p => severityOrder.indexOf(p.severity) >= minIndex);
+}
+/**
+ * Get patterns by category.
+ */
+export function getPatternsByCategory(category, patterns) {
+    const source = patterns ?? [...DANGEROUS_BASH_PATTERNS, ...DANGEROUS_CODE_PATTERNS];
+    return source.filter(p => p.category === category);
+}
+/**
+ * Check if a string matches any dangerous pattern for the given subsystem.
+ * Returns the first matching pattern or null.
+ */
+export function matchDangerousPattern(text, subsystem) {
+    const patterns = getPatternsFor(subsystem);
+    for (const p of patterns) {
+        if (p.pattern.test(text)) {
+            return p;
+        }
+    }
+    return null;
+}
+/**
+ * Check if a string matches any dangerous patterns, returning all matches.
+ */
+export function matchAllDangerousPatterns(text, subsystem) {
+    const patterns = getPatternsFor(subsystem);
+    return patterns.filter(p => p.pattern.test(text));
+}
+/**
+ * Check if a command name is in the dangerous commands set.
+ */
+export function isDangerousCommand(commandName) {
+    return DANGEROUS_COMMANDS.has(commandName.toLowerCase());
+}
+//# sourceMappingURL=dangerous-patterns.js.map

package/dist/security/dangerous-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dangerous-patterns.js","sourceRoot":"","sources":["../../src/security/dangerous-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAkCH,+EAA+E;AAC/E,wDAAwD;AACxD,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAwB,IAAI,GAAG,CAAC;IAC7D,8BAA8B;IAC9B,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO;IAChC,kBAAkB;IAClB,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI;IAC/B,qBAAqB;IACrB,OAAO,EAAE,OAAO,EAAE,OAAO;IACzB,uBAAuB;IACvB,MAAM,EAAE,IAAI,EAAE,MAAM;IACpB,kCAAkC;IAClC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO;IAC/B,qBAAqB;IACrB,QAAQ,EAAE,KAAK;IACf,iCAAiC;IACjC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ;IACnD,8BAA8B;IAC9B,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM;IAC3C,iBAAiB;IACjB,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM;IACxC,MAAM,EAAE,WAAW,EAAE,SAAS;IAC9B,WAAW;IACX,UAAU,EAAE,WAAW,EAAE,KAAK,EAAE,cAAc;IAC9C,mBAAmB;IACnB,OAAO,EAAE,QAAQ;IACjB,iBAAiB;IACjB,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ;IACvC,kBAAkB;IAClB,SAAS,EAAE,IAAI;IACf,kBAAkB;IAClB,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU;IAC3C,QAAQ,EAAE,UAAU,EAAE,QAAQ;IAC9B,oBAAoB;IACpB,YAAY,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS;IACzC,yBAAyB;IACzB,MAAM,EAAE,SAAS,EAAE,OAAO;CAC3B,CAAC,CAAC;AAEH,+EAA+E;AAC/E,kEAAkE;AAClE,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAuB;IACzD,iCAAiC;IACjC,EAAE,OAAO,EAAE,iCAAiC,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,0CAA0C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IACrN,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAC1L,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAC5L,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IACnL,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAC9J,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAC/K,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IACzL,EAAE,OAAO,EAAE,qCAAqC,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAEhN,kDAAkD;IAClD,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,uBAAuB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IACnM,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,uBAAuB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IACnM,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,6BAA6B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAE/L,6CAA6C;IAC7C,EAAE,OAAO,EAAE,4EAA4E,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,uCAAuC,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC9O,EAAE,OAAO,EAAE,yEAAyE,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,4CAA4C,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAEnP,oCAAoC;IACpC,EAAE,OAAO,EAAE,kQAAkQ,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAExZ,kCAAkC;IAClC,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAC1K,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAE5K,mCAAmC;IACnC,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC3J,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC1J,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,yBAAyB,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACtJ,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC7J,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,sCAAsC,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACrL,EAAE,OAAO,EAAE,uCAAuC,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAE5M,+BAA+B;IAC/B,EAAE,OAAO,EAAE,2CAA2C,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,oCAAoC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC1M,EAAE,OAAO,EAAE,yBAAyB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC7K,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAClK,EAAE,OAAO,EAAE,uCAAuC,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAChM,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE;IAEvL,qCAAqC;IACrC,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,qCAAqC,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACtL,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,kBAAkB,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC1J,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC/J,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,qBAAqB,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACzK,EAAE,OAAO,EAAE,4EAA4E,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,uBAAuB,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACvN,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,qBAAqB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC/K,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,qBAAqB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC/K,EAAE,OAAO,EAAE,mDAAmD,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC7L,EAAE,OAAO,EAAE,0BAA0B,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAChK,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;CAC5J,CAAC;AAEF,+EAA+E;AAC/E,8DAA8D;AAC9D,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAuB;IACzD,yBAAyB;IACzB,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC1K,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IACpL,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC9K,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC1K,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC3J,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IACzJ,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAEtJ,6BAA6B;IAC7B,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IACzK,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IACpL,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAC5K,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAE1K,kBAAkB;IAClB,EAAE,OAAO,EAAE,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAC7K,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAC1J,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAC1L,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAE3J,0BAA0B;IAC1B,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC/L,EAAE,OAAO,EAAE,8BAA8B,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAE5L,8BAA8B;IAC9B,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,qCAAqC,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAC1K,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAEtL,8BAA8B;IAC9B,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,qBAAqB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IACjK,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,yCAAyC,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,qBAAqB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAEvM,kCAAkC;IAClC,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE;IAC9M,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,OAAO,CAAC,EAAE;IAE9J,sDAAsD;IACtD,EAAE,OAAO,EAAE,qFAAqF,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2CAA2C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACtP,EAAE,OAAO,EAAE,8CAA8C,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,oCAAoC,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC1M,EAAE,OAAO,EAAE,2CAA2C,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAEzM,4CAA4C;IAC5C,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,iCAAiC,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC9L,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAC3K,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAE9L,4BAA4B;IAC5B,EAAE,OAAO,EAAE,iFAAiF,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACrO,EAAE,OAAO,EAAE,4CAA4C,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,qBAAqB,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE;IAEnM,iCAAiC;IACjC,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACxK,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,wCAAwC,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IAClM,EAAE,OAAO,EAAE,8BAA8B,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,kDAAkD,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;CAC3M,CAAC;AAEF,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,SAAgD;IAC7E,OAAO;QACL,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACvE,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;KACxE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,WAA4B,EAC5B,QAA6B;IAE7B,MAAM,aAAa,GAAsB,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IACvF,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,QAAQ,IAAI,CAAC,GAAG,uBAAuB,EAAE,GAAG,uBAAuB,CAAC,CAAC;IACpF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAAyB,EACzB,QAA6B;IAE7B,MAAM,MAAM,GAAG,QAAQ,IAAI,CAAC,GAAG,uBAAuB,EAAE,GAAG,uBAAuB,CAAC,CAAC;IACpF,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AACrD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAY,EACZ,SAAgD;IAEhD,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,IAAY,EACZ,SAAgD;IAEhD,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;IAC3C,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,WAAmB;IACpD,OAAO,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC;AAC3D,CAAC"}

package/dist/security/remote-approval.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Remote Approval Forwarding
+ *
+ * Forward tool execution approval requests to messaging channels
+ * (Telegram, Discord, Slack) for remote /approve or /deny.
+ * OpenClaw-inspired remote authorization flow.
+ */
+import { EventEmitter } from 'events';
+export interface ApprovalRequest {
+    /** Unique request ID */
+    id: string;
+    /** Tool name requiring approval */
+    toolName: string;
+    /** Human-readable summary of what's being approved */
+    summary: string;
+    /** When the request was created */
+    requestedAt: Date;
+    /** When the request expires */
+    expiresAt: Date;
+    /** Current status */
+    status: 'pending' | 'approved' | 'denied' | 'expired';
+}
+export type ChannelSendFn = (message: string) => Promise<void>;
+export declare class RemoteApprovalService extends EventEmitter {
+    private pending;
+    private resolvers;
+    private channels;
+    private nextId;
+    private defaultTimeoutMs;
+    /**
+     * Register a messaging channel for forwarding approvals
+     */
+    registerChannel(channelType: string, sendFn: ChannelSendFn): void;
+    /**
+     * Unregister a channel
+     */
+    unregisterChannel(channelType: string): void;
+    /**
+     * Check if any channels are registered
+     */
+    hasChannels(): boolean;
+    /**
+     * Request approval via remote channels.
+     * Returns a promise that resolves to true (approved) or false (denied/expired).
+     */
+    requestApproval(req: {
+        toolName: string;
+        summary: string;
+        timeoutMs?: number;
+    }): Promise<boolean>;
+    /**
+     * Handle an approval response (called when user sends /approve or /deny)
+     */
+    handleResponse(requestId: string, approved: boolean): void;
+    /**
+     * Get all pending approval requests
+     */
+    getPending(): ApprovalRequest[];
+    /**
+     * Format the approval message for channels
+     */
+    private formatApprovalMessage;
+}
+export declare function getRemoteApprovalService(): RemoteApprovalService;
+export declare function resetRemoteApprovalService(): void;