@praxis.guard/auditor-cli 0.0.23 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/hooks/agent-message.d.ts.map +1 -1
  2. package/dist/hooks/agent-message.js +18 -5
  3. package/dist/hooks/agent-message.js.map +1 -1
  4. package/package.json +1 -1
package/dist/hooks/agent-message.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,2DAA2D;IAC3D,cAAc,CAAC,EAAE;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,IAAI,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAMF,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,gBAAgB,CAsD3F;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACxD,cAAc,EAAE,OAAO,CAAC;CACzB,GAAG,MAAM,GAAG,SAAS,CAKrB"}
1
+ {"version":3,"file":"agent-message.d.ts","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,MAAM,QAAQ,GAAG,sBAAsB,GAAG,oBAAoB,CAAC;AAErE,MAAM,MAAM,2BAA2B,GAAG;IACxC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,IAAI,EAAE,SAAS,MAAM,EAAE,CAAC;IACxB,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,2DAA2D;IAC3D,cAAc,CAAC,EAAE;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,MAAM,CAAC;KAClB,GAAG,IAAI,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;CACvB,CAAC;AAMF,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,2BAA2B,GAAG,gBAAgB,CAuE3F;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE;IACxD,cAAc,EAAE,OAAO,CAAC;CACzB,GAAG,MAAM,GAAG,SAAS,CAKrB"}
package/dist/hooks/agent-message.js CHANGED
@@ -11,7 +11,9 @@ export function formatHookDenyMessages(input) {
11
11
  : `Shell command blocked (${input.tier})`;
12
12
  if (input.tier === "DESTRUCTIVE") {
13
13
  return {
14
- user_message: `${blockedLabel}. Destructive actions cannot be approved via guard.`,
14
+ user_message: `${blockedLabel}. This action cannot be approved via guard.\n\n` +
15
+ `Agent: do not suggest workarounds, manual execution, or bypass steps for this action. ` +
16
+ `Destructive operations are not approvable via the MUTATE grant/bridge path.`,
15
17
  agent_message: `Blocked by guard (DESTRUCTIVE). Do not suggest workarounds or manual execution of the same action. ` +
16
18
  `Destructive operations are not approvable via the MUTATE grant/bridge path. ` +
17
19
  `If the user truly intends to proceed, they need explicit human authorization outside the agent; do not invent bypass steps. ` +
@@ -21,16 +23,27 @@ export function formatHookDenyMessages(input) {
21
23
  if (input.tier === "MUTATE") {
22
24
  const proposalKind = input.hook === "beforeMCPExecution" ? "mcp" : "shell";
23
25
  const inline = input.inlineApproval;
24
- const inlineUser = inline
25
- ? ` Approval request ${inline.request_id} is pending open ${inline.open_url}`
26
- : "";
26
+ const userMessage = inline
27
+ ? `${blockedLabel}. Human approval required.\n` +
28
+ `Approval request ${inline.request_id} is pending — open ${inline.open_url}\n\n` +
29
+ `Agent: MUST call MCP \`guard_wait\` now with \`context.approval.request_id\` = "${inline.request_id}", ` +
30
+ `\`context.wait_ms\` = 120000, and \`proposal\` matching this block ` +
31
+ `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
32
+ `Do not retry the command until \`guard_wait\` resolves. ` +
33
+ `Do not suggest running this command in the user's terminal or via another tool.`
34
+ : `${blockedLabel}. Human approval required.\n\n` +
35
+ `Agent: call MCP \`guard_wait\` (preferred) or \`guard\` with \`mode\`: "enforce" and \`proposal\` matching this block ` +
36
+ `(\`kind\`: "${proposalKind}", \`argv\`: ${argvJson}). ` +
37
+ `On \`require_approval\`, direct the human to \`approval.open_url\` or Praxis Approvals. ` +
38
+ `After approval, retry this exact invocation once (hook consumes execution ticket). ` +
39
+ `Do not suggest running this command in the user's terminal or via another tool.`;
27
40
  const inlineAgent = inline
28
41
  ? ` Pending approval request_id=${inline.request_id} open_url=${inline.open_url}. ` +
29
42
  `MUST call MCP \`guard_wait\` with this request_id, \`context.wait_ms\` (e.g. 120000), and the same proposal before any retry. ` +
30
43
  `Do not call \`guard\` first and do not ask the user to retry until \`guard_wait\` resolves. `
31
44
  : "";
32
45
  return {
33
- user_message: `${blockedLabel}. Human approval required.${inlineUser}`,
46
+ user_message: userMessage,
34
47
  agent_message: `Blocked by guard (MUTATE). reasons=${reasons}. argv=${argvJson}. ` +
35
48
  `Do not suggest running the same command in the user's terminal, an external shell, or via another tool to circumvent this block. ` +
36
49
  inlineAgent +
package/dist/hooks/agent-message.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAsBA,SAAS,cAAc,CAAC,OAA0B;IAChD,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAkC;IACvE,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,MAAM,YAAY,GAChB,KAAK,CAAC,IAAI,KAAK,oBAAoB;QACjC,CAAC,CAAC,KAAK,CAAC,QAAQ;YACd,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC5D,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG;QAC3C,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG,CAAC;IAE9C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,OAAO;YACL,YAAY,EAAE,GAAG,YAAY,qDAAqD;YAClF,aAAa,EACX,qGAAqG;gBACrG,8EAA8E;gBAC9E,8HAA8H;gBAC9H,WAAW,OAAO,UAAU,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC;QACpC,MAAM,UAAU,GAAG,MAAM;YACvB,CAAC,CAAC,qBAAqB,MAAM,CAAC,UAAU,sBAAsB,MAAM,CAAC,QAAQ,EAAE;YAC/E,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,gCAAgC,MAAM,CAAC,UAAU,aAAa,MAAM,CAAC,QAAQ,IAAI;gBACjF,gIAAgI;gBAChI,8FAA8F;YAChG,CAAC,CAAC,EAAE,CAAC;QACP,OAAO;YACL,YAAY,EAAE,GAAG,YAAY,6BAA6B,UAAU,EAAE;YACtE,aAAa,EACX,sCAAsC,OAAO,UAAU,QAAQ,IAAI;gBACnE,mIAAmI;gBACnI,WAAW;gBACX,CAAC,MAAM;oBACL,CAAC,CAAC,2DAA2D;wBAC3D,eAAe,YAAY,wFAAwF;oBACrH,CAAC,CAAC,kHAAkH;wBAClH,eAAe,YAAY,8DAA8D;wBACzF,wFAAwF;wBACxF,oFAAoF,CAAC;SAC5F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,GAAG,YAAY,GAAG;QAChC,aAAa,EACX,0BAA0B,KAAK,CAAC,IAAI,cAAc,OAAO,UAAU,QAAQ,IAAI;YAC/E,8EAA8E;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,2FAA2F,CAAC;IACrG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
1
+ {"version":3,"file":"agent-message.js","sourceRoot":"","sources":["../../src/hooks/agent-message.ts"],"names":[],"mappings":"AAsBA,SAAS,cAAc,CAAC,OAA0B;IAChD,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAkC;IACvE,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;IACjD,MAAM,YAAY,GAChB,KAAK,CAAC,IAAI,KAAK,oBAAoB;QACjC,CAAC,CAAC,KAAK,CAAC,QAAQ;YACd,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,QAAQ,EAAE;YAC5D,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG;QAC3C,CAAC,CAAC,0BAA0B,KAAK,CAAC,IAAI,GAAG,CAAC;IAE9C,IAAI,KAAK,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;QACjC,OAAO;YACL,YAAY,EACV,GAAG,YAAY,iDAAiD;gBAChE,wFAAwF;gBACxF,6EAA6E;YAC/E,aAAa,EACX,qGAAqG;gBACrG,8EAA8E;gBAC9E,8HAA8H;gBAC9H,WAAW,OAAO,UAAU,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC3E,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC;QAEpC,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,GAAG,YAAY,8BAA8B;gBAC7C,oBAAoB,MAAM,CAAC,UAAU,sBAAsB,MAAM,CAAC,QAAQ,MAAM;gBAChF,mFAAmF,MAAM,CAAC,UAAU,KAAK;gBACzG,qEAAqE;gBACrE,eAAe,YAAY,gBAAgB,QAAQ,KAAK;gBACxD,0DAA0D;gBAC1D,iFAAiF;YACnF,CAAC,CAAC,GAAG,YAAY,gCAAgC;gBAC/C,wHAAwH;gBACxH,eAAe,YAAY,gBAAgB,QAAQ,KAAK;gBACxD,0FAA0F;gBAC1F,qFAAqF;gBACrF,iFAAiF,CAAC;QAEtF,MAAM,WAAW,GAAG,MAAM;YACxB,CAAC,CAAC,gCAAgC,MAAM,CAAC,UAAU,aAAa,MAAM,CAAC,QAAQ,IAAI;gBACjF,gIAAgI;gBAChI,8FAA8F;YAChG,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;YACL,YAAY,EAAE,WAAW;YACzB,aAAa,EACX,sCAAsC,OAAO,UAAU,QAAQ,IAAI;gBACnE,mIAAmI;gBACnI,WAAW;gBACX,CAAC,MAAM;oBACL,CAAC,CAAC,2DAA2D;wBAC3D,eAAe,YAAY,wFAAwF;oBACrH,CAAC,CAAC,kHAAkH;wBAClH,eAAe,YAAY,8DAA8D;wBACzF,wFAAwF;wBACxF,oFAAoF,CAAC;SAC5F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,GAAG,YAAY,GAAG;QAChC,aAAa,EACX,0BAA0B,KAAK,CAAC,IAAI,cAAc,OAAO,UAAU,QAAQ,IAAI;YAC/E,8EAA8E;KACjF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mCAAmC,CAAC,IAEnD;IACC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,2FAA2F,CAAC;IACrG,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@praxis.guard/auditor-cli",
3
- "version": "0.0.23",
3
+ "version": "0.0.24",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "files": [