@praxis.guard/auditor-cli 0.0.18 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +18 -0
- package/dist/approval/client.d.ts +1 -0
- package/dist/approval/client.d.ts.map +1 -1
- package/dist/approval/client.js +1 -0
- package/dist/approval/client.js.map +1 -1
- package/dist/approval/fingerprint.d.ts +5 -0
- package/dist/approval/fingerprint.d.ts.map +1 -0
- package/dist/approval/fingerprint.js +44 -0
- package/dist/approval/fingerprint.js.map +1 -0
- package/dist/approval/grant.d.ts +3 -1
- package/dist/approval/grant.d.ts.map +1 -1
- package/dist/approval/grant.js +37 -0
- package/dist/approval/grant.js.map +1 -1
- package/dist/approval/hook-inline-approval.d.ts +23 -0
- package/dist/approval/hook-inline-approval.d.ts.map +1 -0
- package/dist/approval/hook-inline-approval.js +61 -0
- package/dist/approval/hook-inline-approval.js.map +1 -0
- package/dist/approval/mcp-flow.d.ts +8 -1
- package/dist/approval/mcp-flow.d.ts.map +1 -1
- package/dist/approval/mcp-flow.js +38 -4
- package/dist/approval/mcp-flow.js.map +1 -1
- package/dist/approval/redeem.d.ts +6 -2
- package/dist/approval/redeem.d.ts.map +1 -1
- package/dist/approval/redeem.js +40 -14
- package/dist/approval/redeem.js.map +1 -1
- package/dist/approval/types.d.ts +17 -0
- package/dist/approval/types.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.d.ts +18 -0
- package/dist/bridge/execution-ticket.d.ts.map +1 -0
- package/dist/bridge/execution-ticket.js +102 -0
- package/dist/bridge/execution-ticket.js.map +1 -0
- package/dist/bridge/guard-storage-root.d.ts +6 -0
- package/dist/bridge/guard-storage-root.d.ts.map +1 -0
- package/dist/bridge/guard-storage-root.js +24 -0
- package/dist/bridge/guard-storage-root.js.map +1 -0
- package/dist/bridge/pending-approval-index.d.ts +19 -0
- package/dist/bridge/pending-approval-index.d.ts.map +1 -0
- package/dist/bridge/pending-approval-index.js +29 -0
- package/dist/bridge/pending-approval-index.js.map +1 -0
- package/dist/bridge/shell-approval-bridge.d.ts.map +1 -1
- package/dist/bridge/shell-approval-bridge.js +8 -0
- package/dist/bridge/shell-approval-bridge.js.map +1 -1
- package/dist/cli/approvals.d.ts.map +1 -1
- package/dist/cli/approvals.js +17 -9
- package/dist/cli/approvals.js.map +1 -1
- package/dist/cli/doctor.d.ts.map +1 -1
- package/dist/cli/doctor.js +2 -0
- package/dist/cli/doctor.js.map +1 -1
- package/dist/cli/main.d.ts.map +1 -1
- package/dist/cli/main.js +4 -1
- package/dist/cli/main.js.map +1 -1
- package/dist/hooks/agent-message.d.ts +23 -0
- package/dist/hooks/agent-message.d.ts.map +1 -0
- package/dist/hooks/agent-message.js +54 -0
- package/dist/hooks/agent-message.js.map +1 -0
- package/dist/hooks/run-before-mcp.d.ts.map +1 -1
- package/dist/hooks/run-before-mcp.js +62 -20
- package/dist/hooks/run-before-mcp.js.map +1 -1
- package/dist/hooks/run-before-shell.d.ts.map +1 -1
- package/dist/hooks/run-before-shell.js +51 -20
- package/dist/hooks/run-before-shell.js.map +1 -1
- package/dist/mcp/guard-mode.d.ts +26 -0
- package/dist/mcp/guard-mode.d.ts.map +1 -0
- package/dist/mcp/guard-mode.js +27 -0
- package/dist/mcp/guard-mode.js.map +1 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +85 -39
- package/dist/mcp/server.js.map +1 -1
- package/package.json +1 -1
|
@@ -2,7 +2,14 @@ import { loadPoliciesV1, readPoliciesV1Revision } from "../policy/index.js";
|
|
|
2
2
|
import { appendAuditJsonl } from "../audit/jsonl.js";
|
|
3
3
|
import { getInstallId } from "../cli/install-id.js";
|
|
4
4
|
import { evaluateMcpProposal } from "../shell/evaluate.js";
|
|
5
|
-
import {
|
|
5
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
6
|
+
import { tryConsumeExecutionTicket } from "../bridge/execution-ticket.js";
|
|
7
|
+
import { tryHookInlineApprovalRequest } from "../approval/hook-inline-approval.js";
|
|
8
|
+
import { readPendingApprovalIndex } from "../bridge/pending-approval-index.js";
|
|
9
|
+
import { argvSha256 } from "../approval/argv-fingerprint.js";
|
|
10
|
+
import { toolInputSha256 } from "../approval/fingerprint.js";
|
|
11
|
+
import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
|
|
12
|
+
import { randomUUID } from "node:crypto";
|
|
6
13
|
import { sendGuardEvent } from "../telemetry/guard-events.js";
|
|
7
14
|
function tierToPermission(tier) {
|
|
8
15
|
if (tier === "READ")
|
|
@@ -112,7 +119,9 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
112
119
|
const { skipped, evaluation } = evaluateMcpProposal(policy, argv);
|
|
113
120
|
const { classification, flags, tier } = evaluation;
|
|
114
121
|
const reasons = evaluation.reasons.map((r) => r.message);
|
|
115
|
-
const
|
|
122
|
+
const storageRoot = resolveGuardStorageRoot();
|
|
123
|
+
const auditLogRoot = storageRoot;
|
|
124
|
+
const toolInputHash = toolInputSha256(payload.tool_input);
|
|
116
125
|
if (skipped) {
|
|
117
126
|
const latency_ms = performance.now() - decisionStarted;
|
|
118
127
|
const toolInputStr = stringifyToolInput(payload.tool_input);
|
|
@@ -128,7 +137,7 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
128
137
|
skip_reason: "mcp_policy_unmatched",
|
|
129
138
|
tier,
|
|
130
139
|
permission: "allow",
|
|
131
|
-
|
|
140
|
+
ticketConsumed: false,
|
|
132
141
|
reasons,
|
|
133
142
|
latency_ms,
|
|
134
143
|
}, auditLogRoot);
|
|
@@ -153,33 +162,67 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
153
162
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
154
163
|
meta: {
|
|
155
164
|
hook: "beforeMCPExecution",
|
|
156
|
-
|
|
165
|
+
ticketConsumed: false,
|
|
157
166
|
},
|
|
158
167
|
});
|
|
159
168
|
return;
|
|
160
169
|
}
|
|
161
170
|
let permission = tierToPermission(tier);
|
|
162
|
-
let
|
|
171
|
+
let ticketConsumed = false;
|
|
163
172
|
if (permission === "deny" && tier === "MUTATE") {
|
|
164
|
-
|
|
165
|
-
|
|
173
|
+
ticketConsumed = await tryConsumeExecutionTicket(argv, {
|
|
174
|
+
storageRoot,
|
|
175
|
+
kind: "mcp",
|
|
176
|
+
tool_input_sha256: toolInputHash,
|
|
177
|
+
});
|
|
178
|
+
if (ticketConsumed)
|
|
166
179
|
permission = "allow";
|
|
167
180
|
}
|
|
181
|
+
let inlineApproval = null;
|
|
182
|
+
if (permission === "deny" && tier === "MUTATE") {
|
|
183
|
+
const hash = argvSha256(argv);
|
|
184
|
+
const pending = await readPendingApprovalIndex(hash, { storageRoot });
|
|
185
|
+
if (pending) {
|
|
186
|
+
inlineApproval = { request_id: pending.request_id, open_url: pending.open_url };
|
|
187
|
+
}
|
|
188
|
+
else {
|
|
189
|
+
const created = await tryHookInlineApprovalRequest({
|
|
190
|
+
argv: [...argv],
|
|
191
|
+
kind: "mcp",
|
|
192
|
+
rawDisplay: `${rawToolName} ${stringifyToolInput(payload.tool_input).slice(0, 200)}`,
|
|
193
|
+
policyRevision,
|
|
194
|
+
reasons,
|
|
195
|
+
eventId: randomUUID(),
|
|
196
|
+
storageRoot,
|
|
197
|
+
tool_input_sha256: toolInputHash,
|
|
198
|
+
});
|
|
199
|
+
if (created) {
|
|
200
|
+
inlineApproval = { request_id: created.request_id, open_url: created.open_url };
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
}
|
|
168
204
|
const latency_ms = performance.now() - decisionStarted;
|
|
169
205
|
const toolInputStr = stringifyToolInput(payload.tool_input);
|
|
206
|
+
const allowMessage = formatHookAllowViaCredentialMessage({ ticketConsumed });
|
|
207
|
+
const denyMessages = permission === "deny"
|
|
208
|
+
? formatHookDenyMessages({
|
|
209
|
+
hook: "beforeMCPExecution",
|
|
210
|
+
tier,
|
|
211
|
+
argv,
|
|
212
|
+
reasons,
|
|
213
|
+
toolName: rawToolName,
|
|
214
|
+
inlineApproval,
|
|
215
|
+
})
|
|
216
|
+
: null;
|
|
170
217
|
const response = permission === "allow"
|
|
171
218
|
? {
|
|
172
219
|
permission,
|
|
173
|
-
...(
|
|
174
|
-
? {
|
|
175
|
-
agent_message: "Allowed via shell approval bridge (MCP guard token redeemed for this argv; one-shot consumed).",
|
|
176
|
-
}
|
|
177
|
-
: {}),
|
|
220
|
+
...(allowMessage ? { agent_message: allowMessage } : {}),
|
|
178
221
|
}
|
|
179
222
|
: {
|
|
180
223
|
permission,
|
|
181
|
-
user_message:
|
|
182
|
-
agent_message:
|
|
224
|
+
user_message: denyMessages.user_message,
|
|
225
|
+
agent_message: denyMessages.agent_message,
|
|
183
226
|
};
|
|
184
227
|
await tryAppendAuditEvent({
|
|
185
228
|
ts: new Date().toISOString(),
|
|
@@ -192,7 +235,9 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
192
235
|
flags,
|
|
193
236
|
tier,
|
|
194
237
|
permission,
|
|
195
|
-
|
|
238
|
+
ticketConsumed,
|
|
239
|
+
inline_request_id: inlineApproval?.request_id ?? null,
|
|
240
|
+
tool_input_sha256: toolInputHash,
|
|
196
241
|
reasons,
|
|
197
242
|
latency_ms,
|
|
198
243
|
}, auditLogRoot);
|
|
@@ -215,14 +260,11 @@ export async function runBeforeMcpHookFromStdin() {
|
|
|
215
260
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
216
261
|
meta: {
|
|
217
262
|
hook: "beforeMCPExecution",
|
|
218
|
-
|
|
263
|
+
ticketConsumed,
|
|
264
|
+
approval_request_id: inlineApproval?.request_id ?? null,
|
|
219
265
|
},
|
|
220
266
|
});
|
|
221
267
|
}
|
|
222
|
-
function pathResolveCwd() {
|
|
223
|
-
const cwd = process.cwd();
|
|
224
|
-
return cwd?.trim() ? cwd.trim() : undefined;
|
|
225
|
-
}
|
|
226
268
|
export function failClosedBeforeMcpHookErrorResponse(err) {
|
|
227
269
|
return {
|
|
228
270
|
permission: "deny",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run-before-mcp.js","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"run-before-mcp.js","sourceRoot":"","sources":["../../src/hooks/run-before-mcp.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,4BAA4B,EAAE,MAAM,qCAAqC,CAAC;AACnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EACL,mCAAmC,EACnC,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAgB9D,SAAS,gBAAgB,CAAC,IAAU;IAClC,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAY;IACtC,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,EAAE,CAAC;IACjD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACxC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACrB,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;IAChD,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,UAAU,IAAI,QAAQ;gBAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QACjF,CAAC;IACH,CAAC;IACD,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAkC;IACvE,MAAM,OAAO,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACtF,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAExD,IAAI,MAAM,GAAG,OAAO,CAAC;IACrB,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1D,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,GAAG,CAAC,CAAC;QACb,CAAC;IACH,CAAC;SAAM,IAAI,WAAW,EAAE,CAAC;QACvB,MAAM,GAAG,WAAW,CAAC;IACvB,CAAC;SAAM,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACzE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,IAAI,GAAG,CAAC,CAAC;AACtC,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,CAAC,CAAC,CAAC,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,GAA4B,EAAE,YAAqB;IACpF,IAAI,CAAC;QACH,MAAM,gBAAgB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,IAAI,CAAC,CAAC;IACtE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB;IAC7C,MAAM,OAAO,GAAG,MAAM,aAAa,EAA6B,CAAC;IACjE,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAE1C,MAAM,WAAW,GAAG,OAAO,OAAO,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1F,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,QAAQ,GAA+B;YAC3C,UAAU,EAAE,MAAM;YAClB,YAAY,EAAE,yDAAyD;YACvE,aAAa,EAAE,+DAA+D;SAC/E,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;IAEhC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,sBAAsB,EAAE,CAAC,CAAC,CAAC;IACjG,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAClE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC;IACnD,MAAM,OAAO,GAAa,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAEnE,MAAM,WAAW,GAAG,uBAAuB,EAAE,CAAC;IAC9C,MAAM,YAAY,GAAG,WAAW,CAAC;IACjC,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE1D,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;QACvD,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC5D,MAAM,mBAAmB,CACvB;YACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,IAAI,EAAE,oBAAoB;YAC1B,SAAS,EAAE,WAAW;YACtB,SAAS,EAAE,QAAQ;YACnB,UAAU,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;YACvC,IAAI;YACJ,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,sBAAsB;YACnC,IAAI;YACJ,UAAU,EAAE,OAAO;YACnB,cAAc,EAAE,KAAK;YACrB,OAAO;YACP,UAAU;SACX,EACD,YAAY,CACb,CAAC;QAEF,MAAM,YAAY,GAA+B,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;QACzE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAE5D,MAAM,cAAc,CAAC;YACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,sBAAsB;YACnC,IAAI,EAAE,kBAAkB;YACxB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YACrB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;YAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,sBAAsB;YAC5C,GAAG,EAAE,GAAG,WAAW,EAAE;YACrB,IAAI;YACJ,QAAQ,EAAE,OAAO;YACjB,UAAU;YACV,SAAS,EAAE,YAAY,EAAE;YACzB,IAAI,EAAE,KAAK;YACX,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,IAAI,EAAE;gBACJ,IAAI,EAAE,oBAAoB;gBAC1B,cAAc,EAAE,KAAK;aACtB;SACF,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,cAAc,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE;YACrD,WAAW;YACX,IAAI,EAAE,KAAK;YACX,iBAAiB,EAAE,aAAa;SACjC,CAAC,CAAC;QACH,IAAI,cAAc;YAAE,UAAU,GAAG,OAAO,CAAC;IAC3C,CAAC;IAED,IAAI,cAAc,GAAoD,IAAI,CAAC;IAC3E,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;QACtE,IAAI,OAAO,EAAE,CAAC;YACZ,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClF,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,MAAM,4BAA4B,CAAC;gBACjD,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;gBACf,IAAI,EAAE,KAAK;gBACX,UAAU,EAAE,GAAG,WAAW,IAAI,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACpF,cAAc;gBACd,OAAO;gBACP,OAAO,EAAE,UAAU,EAAE;gBACrB,WAAW;gBACX,iBAAiB,EAAE,aAAa;aACjC,CAAC,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClF,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;IACvD,MAAM,YAAY,GAAG,kBAAkB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,YAAY,GAAG,mCAAmC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAChB,UAAU,KAAK,MAAM;QACnB,CAAC,CAAC,sBAAsB,CAAC;YACrB,IAAI,EAAE,oBAAoB;YAC1B,IAAI;YACJ,IAAI;YACJ,OAAO;YACP,QAAQ,EAAE,WAAW;YACrB,cAAc;SACf,CAAC;QACJ,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,QAAQ,GACZ,UAAU,KAAK,OAAO;QACpB,CAAC,CAAC;YACE,UAAU;YACV,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD;QACH,CAAC,CAAC;YACE,UAAU;YACV,YAAY,EAAE,YAAa,CAAC,YAAY;YACxC,aAAa,EAAE,YAAa,CAAC,aAAa;SAC3C,CAAC;IAER,MAAM,mBAAmB,CACvB;QACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,IAAI,EAAE,oBAAoB;QAC1B,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;QACvC,IAAI;QACJ,cAAc;QACd,KAAK;QACL,IAAI;QACJ,UAAU;QACV,cAAc;QACd,iBAAiB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;QACrD,iBAAiB,EAAE,aAAa;QAChC,OAAO;QACP,UAAU;KACX,EACD,YAAY,CACb,CAAC;IAEF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExD,MAAM,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,cAAc,CAAC;QACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,IAAI,EAAE,kBAAkB;QACxB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QACrB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI;QAC1B,GAAG,EAAE,GAAG,WAAW,EAAE;QACrB,IAAI;QACJ,QAAQ,EAAE,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACpD,UAAU;QACV,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,KAAK;QACX,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,EAAE;YACJ,IAAI,EAAE,oBAAoB;YAC1B,cAAc;YACd,mBAAmB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;SACxD;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,GAAY;IAC/D,OAAO;QACL,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,yDAAyD;QACvE,aAAa,EAAE,0CAA0C,MAAM,CAAC,GAAG,CAAC,EAAE;KACvE,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run-before-shell.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"run-before-shell.d.ts","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAmBA,MAAM,MAAM,2BAA2B,GAAG;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC;AAEF,MAAM,MAAM,4BAA4B,GAAG;IACzC,UAAU,EAAE,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;IACrC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AA+BF;;GAEG;AACH,wBAAsB,2BAA2B,IAAI,OAAO,CAAC,IAAI,CAAC,CAiLjE;AAED,wBAAgB,2BAA2B,CAAC,GAAG,EAAE,OAAO,GAAG,4BAA4B,CAMtF"}
|
|
@@ -4,7 +4,13 @@ import { getInstallId } from "../cli/install-id.js";
|
|
|
4
4
|
import { DEFAULT_GOVERNED_SHELL_TOOLS } from "../shell/governed-tools.js";
|
|
5
5
|
import { parseCommandToArgv } from "../shell/parse.js";
|
|
6
6
|
import { stripTrailingBenignShellRedirectsForMetacharCheck } from "../shell/strip-trailing-benign-shell-redirs.js";
|
|
7
|
-
import {
|
|
7
|
+
import { resolveGuardStorageRoot } from "../bridge/guard-storage-root.js";
|
|
8
|
+
import { tryConsumeExecutionTicket } from "../bridge/execution-ticket.js";
|
|
9
|
+
import { tryHookInlineApprovalRequest } from "../approval/hook-inline-approval.js";
|
|
10
|
+
import { readPendingApprovalIndex } from "../bridge/pending-approval-index.js";
|
|
11
|
+
import { argvSha256 } from "../approval/argv-fingerprint.js";
|
|
12
|
+
import { formatHookAllowViaCredentialMessage, formatHookDenyMessages, } from "./agent-message.js";
|
|
13
|
+
import { randomUUID } from "node:crypto";
|
|
8
14
|
import { sendGuardEvent } from "../telemetry/guard-events.js";
|
|
9
15
|
function tierToPermission(tier) {
|
|
10
16
|
if (tier === "READ")
|
|
@@ -61,7 +67,7 @@ export async function runBeforeShellHookFromStdin() {
|
|
|
61
67
|
skip_reason: skipReason,
|
|
62
68
|
tier: "READ",
|
|
63
69
|
permission: "allow",
|
|
64
|
-
|
|
70
|
+
ticketConsumed: false,
|
|
65
71
|
reasons: [`${skipReason}(policy_not_evaluated)`],
|
|
66
72
|
latency_ms,
|
|
67
73
|
}, auditLogRoot);
|
|
@@ -87,7 +93,7 @@ export async function runBeforeShellHookFromStdin() {
|
|
|
87
93
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
88
94
|
meta: {
|
|
89
95
|
hook: "beforeShellExecution",
|
|
90
|
-
|
|
96
|
+
ticketConsumed: false,
|
|
91
97
|
},
|
|
92
98
|
});
|
|
93
99
|
return;
|
|
@@ -106,33 +112,56 @@ export async function runBeforeShellHookFromStdin() {
|
|
|
106
112
|
tier = "MUTATE";
|
|
107
113
|
if (flags.dangerous_flags)
|
|
108
114
|
tier = "DESTRUCTIVE";
|
|
115
|
+
const storageRoot = resolveGuardStorageRoot(typeof payload.cwd === "string" ? payload.cwd : undefined);
|
|
109
116
|
let permission = tierToPermission(tier);
|
|
110
|
-
let
|
|
117
|
+
let ticketConsumed = false;
|
|
111
118
|
if (permission === "deny" && tier === "MUTATE") {
|
|
112
|
-
|
|
113
|
-
if (
|
|
119
|
+
ticketConsumed = await tryConsumeExecutionTicket(argv, { storageRoot, kind: "shell" });
|
|
120
|
+
if (ticketConsumed)
|
|
114
121
|
permission = "allow";
|
|
122
|
+
}
|
|
123
|
+
let inlineApproval = null;
|
|
124
|
+
if (permission === "deny" && tier === "MUTATE") {
|
|
125
|
+
const pending = await readPendingApprovalIndex(argvSha256(argv), { storageRoot });
|
|
126
|
+
if (pending) {
|
|
127
|
+
inlineApproval = { request_id: pending.request_id, open_url: pending.open_url };
|
|
128
|
+
}
|
|
129
|
+
else {
|
|
130
|
+
const created = await tryHookInlineApprovalRequest({
|
|
131
|
+
argv: [...argv],
|
|
132
|
+
kind: "shell",
|
|
133
|
+
rawDisplay: payload.command,
|
|
134
|
+
policyRevision,
|
|
135
|
+
reasons,
|
|
136
|
+
eventId: randomUUID(),
|
|
137
|
+
storageRoot,
|
|
138
|
+
});
|
|
139
|
+
if (created) {
|
|
140
|
+
inlineApproval = { request_id: created.request_id, open_url: created.open_url };
|
|
141
|
+
}
|
|
115
142
|
}
|
|
116
143
|
}
|
|
144
|
+
const allowMessage = formatHookAllowViaCredentialMessage({ ticketConsumed });
|
|
145
|
+
const denyMessages = permission === "deny"
|
|
146
|
+
? formatHookDenyMessages({
|
|
147
|
+
hook: "beforeShellExecution",
|
|
148
|
+
tier,
|
|
149
|
+
argv,
|
|
150
|
+
reasons,
|
|
151
|
+
inlineApproval,
|
|
152
|
+
})
|
|
153
|
+
: null;
|
|
117
154
|
const response = permission === "allow"
|
|
118
155
|
? {
|
|
119
156
|
permission,
|
|
120
|
-
...(
|
|
121
|
-
? {
|
|
122
|
-
agent_message: "Allowed via shell approval bridge (MCP guard token redeemed for this argv; one-shot consumed).",
|
|
123
|
-
}
|
|
124
|
-
: {}),
|
|
157
|
+
...(allowMessage ? { agent_message: allowMessage } : {}),
|
|
125
158
|
}
|
|
126
159
|
: {
|
|
127
160
|
permission,
|
|
128
|
-
user_message:
|
|
129
|
-
|
|
130
|
-
: `Shell command blocked by guard (tier=${tier}).`,
|
|
131
|
-
agent_message: tier === "DESTRUCTIVE"
|
|
132
|
-
? `Blocked by guard (DESTRUCTIVE). Do not suggest bypassing via another shell, tool, or terminal. reasons=${reasons.join(",") || "policy"}. argv=${JSON.stringify(argv)}`
|
|
133
|
-
: `Blocked by guard (tier=${tier}). For MUTATE, use MCP guard → require_approval → human approves in Praxis → re-call guard with context.approval.request_id → retry. Do not circumvent hooks. reasons=${reasons.join(",") || "policy"}. argv=${JSON.stringify(argv)}`,
|
|
161
|
+
user_message: denyMessages.user_message,
|
|
162
|
+
agent_message: denyMessages.agent_message,
|
|
134
163
|
};
|
|
135
|
-
const auditLogRoot =
|
|
164
|
+
const auditLogRoot = storageRoot;
|
|
136
165
|
const latency_ms = performance.now() - decisionStarted;
|
|
137
166
|
await tryAppendAuditEvent({
|
|
138
167
|
ts: new Date().toISOString(),
|
|
@@ -144,7 +173,8 @@ export async function runBeforeShellHookFromStdin() {
|
|
|
144
173
|
flags,
|
|
145
174
|
tier,
|
|
146
175
|
permission,
|
|
147
|
-
|
|
176
|
+
ticketConsumed,
|
|
177
|
+
inline_request_id: inlineApproval?.request_id ?? null,
|
|
148
178
|
reasons,
|
|
149
179
|
latency_ms,
|
|
150
180
|
}, auditLogRoot);
|
|
@@ -169,7 +199,8 @@ export async function runBeforeShellHookFromStdin() {
|
|
|
169
199
|
...(policyRevision !== null ? { policy_revision: policyRevision } : {}),
|
|
170
200
|
meta: {
|
|
171
201
|
hook: "beforeShellExecution",
|
|
172
|
-
|
|
202
|
+
ticketConsumed,
|
|
203
|
+
approval_request_id: inlineApproval?.request_id ?? null,
|
|
173
204
|
},
|
|
174
205
|
});
|
|
175
206
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run-before-shell.js","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAErG,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,4BAA4B,EAAE,MAAM,4BAA4B,CAAC;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,iDAAiD,EAAE,MAAM,gDAAgD,CAAC;AACnH,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"run-before-shell.js","sourceRoot":"","sources":["../../src/hooks/run-before-shell.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,sBAAsB,EAAa,MAAM,oBAAoB,CAAC;AAErG,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,4BAA4B,EAAE,MAAM,4BAA4B,CAAC;AAC1E,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,iDAAiD,EAAE,MAAM,gDAAgD,CAAC;AACnH,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,4BAA4B,EAAE,MAAM,qCAAqC,CAAC;AACnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EACL,mCAAmC,EACnC,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAc9D,SAAS,gBAAgB,CAAC,IAAU;IAClC,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,CAAC,CAAC,CAAC,CAAC;YACZ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,GAA4B,EAAE,YAAqB;IACpF,IAAI,CAAC;QACH,MAAM,gBAAgB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,IAAI,CAAC,CAAC;IACtE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B;IAC/C,MAAM,OAAO,GAAG,MAAM,aAAa,EAA+B,CAAC;IACnE,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAE1C,MAAM,IAAI,GAAG,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACjD,MAAM,iBAAiB,GAAG,iDAAiD,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7F,MAAM,iBAAiB,GAAG,2BAA2B,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAE9E,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACrB,IAAI,CAAC,IAAI,IAAI,CAAC,4BAA4B,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1D,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,uBAAuB,CAAC;QAClE,MAAM,YAAY,GAAG,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5G,qFAAqF;QACrF,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;QACvD,MAAM,mBAAmB,CACvB;YACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,IAAI,EAAE,sBAAsB;YAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,IAAI;YACJ,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,UAAU;YACvB,IAAI,EAAE,MAAM;YACZ,UAAU,EAAE,OAAO;YACnB,cAAc,EAAE,KAAK;YACrB,OAAO,EAAE,CAAC,GAAG,UAAU,wBAAwB,CAAC;YAChD,UAAU;SACX,EACD,YAAY,CACb,CAAC;QAEF,MAAM,QAAQ,GAAiC,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;QACvE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAExD,MAAM,cAAc,GAAG,MAAM,sBAAsB,EAAE,CAAC;QACtD,MAAM,cAAc,CAAC;YACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAC5B,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,UAAU;YACvB,IAAI,EAAE,cAAc;YACpB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;YACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;YAC1D,MAAM,EAAE,UAAU;YAClB,GAAG,EAAE,OAAO,CAAC,OAAO;YACpB,IAAI,EAAE,MAAM;YACZ,QAAQ,EAAE,OAAO;YACjB,UAAU;YACV,SAAS,EAAE,YAAY,EAAE;YACzB,IAAI,EAAE,OAAO;YACb,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,IAAI,EAAE;gBACJ,IAAI,EAAE,sBAAsB;gBAC5B,cAAc,EAAE,KAAK;aACtB;SACF,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,sBAAsB,EAAE,CAAC,CAAC,CAAC;IACjG,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAE7D,IAAI,IAAI,GAAS,cAAc,CAAC,IAAI,CAAC;IACrC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,CAAC,cAAc,CAAC,OAAO;QAAE,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;IAC3E,IAAI,KAAK,CAAC,cAAc,IAAI,iBAAiB;QAAE,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAC9E,IAAI,KAAK,CAAC,eAAe;QAAE,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAE3D,IAAI,CAAC,KAAK,CAAC,cAAc,IAAI,iBAAiB,CAAC,IAAI,IAAI,KAAK,MAAM;QAAE,IAAI,GAAG,QAAQ,CAAC;IACpF,IAAI,KAAK,CAAC,eAAe;QAAE,IAAI,GAAG,aAAa,CAAC;IAEhD,MAAM,WAAW,GAAG,uBAAuB,CACzC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAC1D,CAAC;IAEF,IAAI,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACxC,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,cAAc,GAAG,MAAM,yBAAyB,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QACvF,IAAI,cAAc;YAAE,UAAU,GAAG,OAAO,CAAC;IAC3C,CAAC;IAED,IAAI,cAAc,GAAoD,IAAI,CAAC;IAC3E,IAAI,UAAU,KAAK,MAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,wBAAwB,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;QAClF,IAAI,OAAO,EAAE,CAAC;YACZ,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;QAClF,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,MAAM,4BAA4B,CAAC;gBACjD,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC;gBACf,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,OAAO,CAAC,OAAO;gBAC3B,cAAc;gBACd,OAAO;gBACP,OAAO,EAAE,UAAU,EAAE;gBACrB,WAAW;aACZ,CAAC,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,cAAc,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClF,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAG,mCAAmC,CAAC,EAAE,cAAc,EAAE,CAAC,CAAC;IAC7E,MAAM,YAAY,GAChB,UAAU,KAAK,MAAM;QACnB,CAAC,CAAC,sBAAsB,CAAC;YACrB,IAAI,EAAE,sBAAsB;YAC5B,IAAI;YACJ,IAAI;YACJ,OAAO;YACP,cAAc;SACf,CAAC;QACJ,CAAC,CAAC,IAAI,CAAC;IAEX,MAAM,QAAQ,GACZ,UAAU,KAAK,OAAO;QACpB,CAAC,CAAC;YACE,UAAU;YACV,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzD;QACH,CAAC,CAAC;YACE,UAAU;YACV,YAAY,EAAE,YAAa,CAAC,YAAY;YACxC,aAAa,EAAE,YAAa,CAAC,aAAa;SAC3C,CAAC;IAER,MAAM,YAAY,GAAG,WAAW,CAAC;IACjC,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC;IACvD,MAAM,mBAAmB,CACvB;QACE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,IAAI,EAAE,sBAAsB;QAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,IAAI;QACJ,cAAc;QACd,KAAK;QACL,IAAI;QACJ,UAAU;QACV,cAAc;QACd,iBAAiB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;QACrD,OAAO;QACP,UAAU;KACX,EACD,YAAY,CACb,CAAC;IAEF,oFAAoF;IACpF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAExD,2DAA2D;IAC3D,MAAM,MAAM,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,cAAc,CAAC;QACnB,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5B,MAAM;QACN,IAAI,EAAE,cAAc;QACpB,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QAC7B,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI;QACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI;QAC1D,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI;QAC1B,GAAG,EAAE,OAAO,CAAC,OAAO;QACpB,IAAI;QACJ,QAAQ,EAAE,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACpD,UAAU;QACV,SAAS,EAAE,YAAY,EAAE;QACzB,IAAI,EAAE,OAAO;QACb,GAAG,CAAC,cAAc,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,IAAI,EAAE;YACJ,IAAI,EAAE,sBAAsB;YAC5B,cAAc;YACd,mBAAmB,EAAE,cAAc,EAAE,UAAU,IAAI,IAAI;SACxD;KACF,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,2BAA2B,CAAC,GAAY;IACtD,OAAO;QACL,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,0DAA0D;QACxE,aAAa,EAAE,uBAAuB,MAAM,CAAC,GAAG,CAAC,EAAE;KACpD,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import type { Tier } from "../policy/index.js";
|
|
2
|
+
import type { GuardReason } from "../shell/evaluate.js";
|
|
3
|
+
export type GuardMode = "shadow" | "enforce";
|
|
4
|
+
export type GuardDecision = "allow" | "require_approval" | "block";
|
|
5
|
+
export type GuardShadowSnapshot = {
|
|
6
|
+
decision: GuardDecision;
|
|
7
|
+
tier: Tier;
|
|
8
|
+
reasons: GuardReason[];
|
|
9
|
+
};
|
|
10
|
+
export declare function tierToPolicyDecision(tier: Tier, skipped: boolean): GuardDecision;
|
|
11
|
+
/**
|
|
12
|
+
* Maps policy + approval-aware enforce outcome to MCP response fields.
|
|
13
|
+
* - shadow: non-blocking (`decision` always `allow`); `shadow` holds the policy verdict.
|
|
14
|
+
* - enforce: `decision` is the real coordination outcome; `shadow` holds the policy-only verdict.
|
|
15
|
+
*/
|
|
16
|
+
export declare function applyGuardMode(input: {
|
|
17
|
+
mode: GuardMode;
|
|
18
|
+
skipped: boolean;
|
|
19
|
+
tier: Tier;
|
|
20
|
+
policyReasons: GuardReason[];
|
|
21
|
+
enforceDecision: GuardDecision;
|
|
22
|
+
}): {
|
|
23
|
+
decision: GuardDecision;
|
|
24
|
+
shadow: GuardShadowSnapshot;
|
|
25
|
+
};
|
|
26
|
+
//# sourceMappingURL=guard-mode.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-mode.d.ts","sourceRoot":"","sources":["../../src/mcp/guard-mode.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAExD,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,SAAS,CAAC;AAC7C,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,kBAAkB,GAAG,OAAO,CAAC;AAEnE,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,aAAa,CAAC;IACxB,IAAI,EAAE,IAAI,CAAC;IACX,OAAO,EAAE,WAAW,EAAE,CAAC;CACxB,CAAC;AAEF,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,GAAG,aAAa,CAKhF;AAED;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE;IACpC,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,IAAI,CAAC;IACX,aAAa,EAAE,WAAW,EAAE,CAAC;IAC7B,eAAe,EAAE,aAAa,CAAC;CAChC,GAAG;IAAE,QAAQ,EAAE,aAAa,CAAC;IAAC,MAAM,EAAE,mBAAmB,CAAA;CAAE,CAa3D"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
export function tierToPolicyDecision(tier, skipped) {
|
|
2
|
+
if (skipped)
|
|
3
|
+
return "allow";
|
|
4
|
+
if (tier === "READ")
|
|
5
|
+
return "allow";
|
|
6
|
+
if (tier === "MUTATE")
|
|
7
|
+
return "require_approval";
|
|
8
|
+
return "block";
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Maps policy + approval-aware enforce outcome to MCP response fields.
|
|
12
|
+
* - shadow: non-blocking (`decision` always `allow`); `shadow` holds the policy verdict.
|
|
13
|
+
* - enforce: `decision` is the real coordination outcome; `shadow` holds the policy-only verdict.
|
|
14
|
+
*/
|
|
15
|
+
export function applyGuardMode(input) {
|
|
16
|
+
const policyDecision = tierToPolicyDecision(input.tier, input.skipped);
|
|
17
|
+
const shadow = {
|
|
18
|
+
decision: policyDecision,
|
|
19
|
+
tier: input.tier,
|
|
20
|
+
reasons: [...input.policyReasons],
|
|
21
|
+
};
|
|
22
|
+
if (input.mode === "shadow") {
|
|
23
|
+
return { decision: "allow", shadow };
|
|
24
|
+
}
|
|
25
|
+
return { decision: input.enforceDecision, shadow };
|
|
26
|
+
}
|
|
27
|
+
//# sourceMappingURL=guard-mode.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-mode.js","sourceRoot":"","sources":["../../src/mcp/guard-mode.ts"],"names":[],"mappings":"AAYA,MAAM,UAAU,oBAAoB,CAAC,IAAU,EAAE,OAAgB;IAC/D,IAAI,OAAO;QAAE,OAAO,OAAO,CAAC;IAC5B,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,OAAO,CAAC;IACpC,IAAI,IAAI,KAAK,QAAQ;QAAE,OAAO,kBAAkB,CAAC;IACjD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,KAM9B;IACC,MAAM,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACvE,MAAM,MAAM,GAAwB;QAClC,QAAQ,EAAE,cAAc;QACxB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,OAAO,EAAE,CAAC,GAAG,KAAK,CAAC,aAAa,CAAC;KAClC,CAAC;IAEF,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IACvC,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,KAAK,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC;AACrD,CAAC"}
|
package/dist/mcp/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":"AA+WA,8EAA8E;AAC9E,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC,CAmDvD"}
|