@praxis.guard/auditor-cli 0.0.32 → 0.0.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/approval/argv-fingerprint.d.ts +10 -1
- package/dist/approval/argv-fingerprint.d.ts.map +1 -1
- package/dist/approval/argv-fingerprint.js +10 -1
- package/dist/approval/argv-fingerprint.js.map +1 -1
- package/dist/approval/hook-inline-approval.d.ts +2 -0
- package/dist/approval/hook-inline-approval.d.ts.map +1 -1
- package/dist/approval/hook-inline-approval.js +6 -2
- package/dist/approval/hook-inline-approval.js.map +1 -1
- package/dist/approval/mcp-flow.d.ts +4 -2
- package/dist/approval/mcp-flow.d.ts.map +1 -1
- package/dist/approval/mcp-flow.js +9 -3
- package/dist/approval/mcp-flow.js.map +1 -1
- package/dist/approval/redeem.d.ts +2 -0
- package/dist/approval/redeem.d.ts.map +1 -1
- package/dist/approval/redeem.js +7 -2
- package/dist/approval/redeem.js.map +1 -1
- package/dist/bridge/execution-ticket.d.ts +3 -0
- package/dist/bridge/execution-ticket.d.ts.map +1 -1
- package/dist/bridge/execution-ticket.js +38 -9
- package/dist/bridge/execution-ticket.js.map +1 -1
- package/dist/bridge/shell-approval-bridge.d.ts +14 -5
- package/dist/bridge/shell-approval-bridge.d.ts.map +1 -1
- package/dist/bridge/shell-approval-bridge.js +47 -24
- package/dist/bridge/shell-approval-bridge.js.map +1 -1
- package/dist/hooks/before-mcp-argv.d.ts +17 -0
- package/dist/hooks/before-mcp-argv.d.ts.map +1 -0
- package/dist/hooks/before-mcp-argv.js +67 -0
- package/dist/hooks/before-mcp-argv.js.map +1 -0
- package/dist/hooks/before-mcp-mutate.d.ts +23 -0
- package/dist/hooks/before-mcp-mutate.d.ts.map +1 -0
- package/dist/hooks/before-mcp-mutate.js +76 -0
- package/dist/hooks/before-mcp-mutate.js.map +1 -0
- package/dist/hooks/before-mcp-skipped.d.ts +14 -0
- package/dist/hooks/before-mcp-skipped.d.ts.map +1 -0
- package/dist/hooks/before-mcp-skipped.js +56 -0
- package/dist/hooks/before-mcp-skipped.js.map +1 -0
- package/dist/hooks/before-mcp-types.d.ts +15 -0
- package/dist/hooks/before-mcp-types.d.ts.map +1 -0
- package/dist/hooks/before-mcp-types.js +2 -0
- package/dist/hooks/before-mcp-types.js.map +1 -0
- package/dist/hooks/before-shell-io.d.ts +3 -0
- package/dist/hooks/before-shell-io.d.ts.map +1 -0
- package/dist/hooks/before-shell-io.js +26 -0
- package/dist/hooks/before-shell-io.js.map +1 -0
- package/dist/hooks/before-shell-mutate.d.ts +23 -0
- package/dist/hooks/before-shell-mutate.d.ts.map +1 -0
- package/dist/hooks/before-shell-mutate.js +74 -0
- package/dist/hooks/before-shell-mutate.js.map +1 -0
- package/dist/hooks/before-shell-skipped.d.ts +11 -0
- package/dist/hooks/before-shell-skipped.d.ts.map +1 -0
- package/dist/hooks/before-shell-skipped.js +49 -0
- package/dist/hooks/before-shell-skipped.js.map +1 -0
- package/dist/hooks/before-shell-types.d.ts +12 -0
- package/dist/hooks/before-shell-types.d.ts.map +1 -0
- package/dist/hooks/before-shell-types.js +2 -0
- package/dist/hooks/before-shell-types.js.map +1 -0
- package/dist/hooks/run-before-mcp.d.ts +3 -27
- package/dist/hooks/run-before-mcp.d.ts.map +1 -1
- package/dist/hooks/run-before-mcp.js +57 -195
- package/dist/hooks/run-before-mcp.js.map +1 -1
- package/dist/hooks/run-before-shell.d.ts +2 -10
- package/dist/hooks/run-before-shell.d.ts.map +1 -1
- package/dist/hooks/run-before-shell.js +63 -142
- package/dist/hooks/run-before-shell.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -2
- package/dist/index.js.map +1 -1
- package/dist/mcp/evaluate-guard.d.ts +11 -0
- package/dist/mcp/evaluate-guard.d.ts.map +1 -0
- package/dist/mcp/evaluate-guard.js +159 -0
- package/dist/mcp/evaluate-guard.js.map +1 -0
- package/dist/mcp/guard-approval-block.d.ts +27 -0
- package/dist/mcp/guard-approval-block.d.ts.map +1 -0
- package/dist/mcp/guard-approval-block.js +155 -0
- package/dist/mcp/guard-approval-block.js.map +1 -0
- package/dist/mcp/guard-heartbeat.d.ts +6 -0
- package/dist/mcp/guard-heartbeat.d.ts.map +1 -0
- package/dist/mcp/guard-heartbeat.js +68 -0
- package/dist/mcp/guard-heartbeat.js.map +1 -0
- package/dist/mcp/guard-schemas.d.ts +42 -0
- package/dist/mcp/guard-schemas.d.ts.map +1 -0
- package/dist/mcp/guard-schemas.js +39 -0
- package/dist/mcp/guard-schemas.js.map +1 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +4 -327
- package/dist/mcp/server.js.map +1 -1
- package/dist/policies.v1.json +4 -0
- package/dist/policy/index.d.ts +4 -0
- package/dist/policy/index.d.ts.map +1 -1
- package/dist/policy/index.js +6 -0
- package/dist/policy/index.js.map +1 -1
- package/dist/shell/analyze-command-aggregate.d.ts +16 -0
- package/dist/shell/analyze-command-aggregate.d.ts.map +1 -0
- package/dist/shell/analyze-command-aggregate.js +89 -0
- package/dist/shell/analyze-command-aggregate.js.map +1 -0
- package/dist/shell/analyze-command-invocations.d.ts +11 -0
- package/dist/shell/analyze-command-invocations.d.ts.map +1 -0
- package/dist/shell/analyze-command-invocations.js +113 -0
- package/dist/shell/analyze-command-invocations.js.map +1 -0
- package/dist/shell/analyze-command.d.ts +7 -0
- package/dist/shell/analyze-command.d.ts.map +1 -0
- package/dist/shell/analyze-command.js +46 -0
- package/dist/shell/analyze-command.js.map +1 -0
- package/dist/shell/analyze-command.types.d.ts +38 -0
- package/dist/shell/analyze-command.types.d.ts.map +1 -0
- package/dist/shell/analyze-command.types.js +2 -0
- package/dist/shell/analyze-command.types.js.map +1 -0
- package/dist/shell/evaluate.d.ts +15 -18
- package/dist/shell/evaluate.d.ts.map +1 -1
- package/dist/shell/evaluate.js +57 -47
- package/dist/shell/evaluate.js.map +1 -1
- package/dist/shell/governed-tools.d.ts +18 -1
- package/dist/shell/governed-tools.d.ts.map +1 -1
- package/dist/shell/governed-tools.js +60 -1
- package/dist/shell/governed-tools.js.map +1 -1
- package/dist/shell/guard-eval.d.ts +15 -0
- package/dist/shell/guard-eval.d.ts.map +1 -0
- package/dist/shell/guard-eval.js +35 -0
- package/dist/shell/guard-eval.js.map +1 -0
- package/dist/shell/parse-segments.d.ts +14 -0
- package/dist/shell/parse-segments.d.ts.map +1 -0
- package/dist/shell/parse-segments.js +41 -0
- package/dist/shell/parse-segments.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { classifyArgv } from "../policy/index.js";
|
|
2
|
+
export function evaluateArgv(policy, argv) {
|
|
3
|
+
const { classification, flags } = classifyArgv(policy, argv);
|
|
4
|
+
let tier = classification.tier;
|
|
5
|
+
const reasons = [];
|
|
6
|
+
if (!classification.matched) {
|
|
7
|
+
reasons.push({
|
|
8
|
+
code: "unknown_command",
|
|
9
|
+
message: "Command did not match any policy entry; default-deny applies.",
|
|
10
|
+
details: { tool: classification.tool, command_path: classification.command_path, verb: classification.verb },
|
|
11
|
+
});
|
|
12
|
+
}
|
|
13
|
+
else {
|
|
14
|
+
reasons.push({
|
|
15
|
+
code: "policy_match",
|
|
16
|
+
message: "Matched policy entry.",
|
|
17
|
+
details: { tool: classification.tool, command_path: classification.command_path, verb: classification.verb, tier },
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
if (flags.metacharacters) {
|
|
21
|
+
if (tier === "READ")
|
|
22
|
+
tier = "MUTATE";
|
|
23
|
+
reasons.push({ code: "metacharacters", message: "Metacharacters detected; treat as high-risk." });
|
|
24
|
+
}
|
|
25
|
+
if (flags.dangerous_flags && (tier === "MUTATE" || tier === "DESTRUCTIVE")) {
|
|
26
|
+
reasons.push({
|
|
27
|
+
code: "dangerous_flags",
|
|
28
|
+
message: "Dangerous flags detected for mutating/destructive action; rejected.",
|
|
29
|
+
details: { dangerous_flags: policy.dangerous_flags },
|
|
30
|
+
});
|
|
31
|
+
tier = "DESTRUCTIVE";
|
|
32
|
+
}
|
|
33
|
+
return { argv, tier, reasons, classification, flags };
|
|
34
|
+
}
|
|
35
|
+
//# sourceMappingURL=guard-eval.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard-eval.js","sourceRoot":"","sources":["../../src/shell/guard-eval.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAA8B,MAAM,oBAAoB,CAAC;AAY9E,MAAM,UAAU,YAAY,CAAC,MAAkB,EAAE,IAAc;IAC7D,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC7D,IAAI,IAAI,GAAS,cAAc,CAAC,IAAI,CAAC;IAErC,MAAM,OAAO,GAAkB,EAAE,CAAC;IAClC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,OAAO,EAAE,+DAA+D;YACxE,OAAO,EAAE,EAAE,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,YAAY,EAAE,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE;SAC7G,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,OAAO,EAAE,uBAAuB;YAChC,OAAO,EAAE,EAAE,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,YAAY,EAAE,cAAc,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE;SACnH,CAAC,CAAC;IACL,CAAC;IAED,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;QACzB,IAAI,IAAI,KAAK,MAAM;YAAE,IAAI,GAAG,QAAQ,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC,CAAC;IACpG,CAAC;IAED,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,aAAa,CAAC,EAAE,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,OAAO,EAAE,qEAAqE;YAC9E,OAAO,EAAE,EAAE,eAAe,EAAE,MAAM,CAAC,eAAe,EAAE;SACrD,CAAC,CAAC;QACH,IAAI,GAAG,aAAa,CAAC;IACvB,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC;AACxD,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
export type ShellOperator = "&&" | "||" | ";" | "|";
|
|
2
|
+
export type ShellParseToken = string | {
|
|
3
|
+
op: string;
|
|
4
|
+
};
|
|
5
|
+
export declare function parseShellTokens(command: string): ShellParseToken[];
|
|
6
|
+
export declare function isUnparseableTokens(tokens: ShellParseToken[]): boolean;
|
|
7
|
+
export declare function parseShellSegments(command: string): {
|
|
8
|
+
tokens: ShellParseToken[];
|
|
9
|
+
segments: {
|
|
10
|
+
argv: string[];
|
|
11
|
+
}[];
|
|
12
|
+
operators: ShellOperator[];
|
|
13
|
+
};
|
|
14
|
+
//# sourceMappingURL=parse-segments.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parse-segments.d.ts","sourceRoot":"","sources":["../../src/shell/parse-segments.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,aAAa,GAAG,IAAI,GAAG,IAAI,GAAG,GAAG,GAAG,GAAG,CAAC;AAIpD,MAAM,MAAM,eAAe,GAAG,MAAM,GAAG;IAAE,EAAE,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtD,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,EAAE,CAInE;AAED,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,eAAe,EAAE,GAAG,OAAO,CAEtE;AAED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG;IACnD,MAAM,EAAE,eAAe,EAAE,CAAC;IAC1B,QAAQ,EAAE;QAAE,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE,EAAE,CAAC;IAC/B,SAAS,EAAE,aAAa,EAAE,CAAC;CAC5B,CA+BA"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import { parse as shellParse } from "shell-quote";
|
|
2
|
+
const SEGMENT_OPERATORS = new Set(["&&", "||", ";", "|"]);
|
|
3
|
+
export function parseShellTokens(command) {
|
|
4
|
+
const parsed = shellParse(command);
|
|
5
|
+
if (parsed.length === 0)
|
|
6
|
+
return ["<unparseable>", command];
|
|
7
|
+
return parsed;
|
|
8
|
+
}
|
|
9
|
+
export function isUnparseableTokens(tokens) {
|
|
10
|
+
return tokens.length >= 1 && tokens[0] === "<unparseable>";
|
|
11
|
+
}
|
|
12
|
+
export function parseShellSegments(command) {
|
|
13
|
+
const tokens = parseShellTokens(command);
|
|
14
|
+
if (isUnparseableTokens(tokens)) {
|
|
15
|
+
return {
|
|
16
|
+
tokens,
|
|
17
|
+
segments: [{ argv: tokens }],
|
|
18
|
+
operators: [],
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
const segments = [];
|
|
22
|
+
const operators = [];
|
|
23
|
+
let current = [];
|
|
24
|
+
for (const token of tokens) {
|
|
25
|
+
if (typeof token === "object" && token !== null && "op" in token) {
|
|
26
|
+
const op = token.op;
|
|
27
|
+
if (SEGMENT_OPERATORS.has(op)) {
|
|
28
|
+
segments.push({ argv: current });
|
|
29
|
+
current = [];
|
|
30
|
+
operators.push(op);
|
|
31
|
+
continue;
|
|
32
|
+
}
|
|
33
|
+
current.push(op);
|
|
34
|
+
continue;
|
|
35
|
+
}
|
|
36
|
+
current.push(token);
|
|
37
|
+
}
|
|
38
|
+
segments.push({ argv: current });
|
|
39
|
+
return { tokens, segments, operators };
|
|
40
|
+
}
|
|
41
|
+
//# sourceMappingURL=parse-segments.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parse-segments.js","sourceRoot":"","sources":["../../src/shell/parse-segments.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,UAAU,EAAE,MAAM,aAAa,CAAC;AAIlD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAS,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;AAIlE,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;IAC3D,OAAO,MAA2B,CAAC;AACrC,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAyB;IAC3D,OAAO,MAAM,CAAC,MAAM,IAAI,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,eAAe,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAKhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;QAChC,OAAO;YACL,MAAM;YACN,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAkB,EAAE,CAAC;YACxC,SAAS,EAAE,EAAE;SACd,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAyB,EAAE,CAAC;IAC1C,MAAM,SAAS,GAAoB,EAAE,CAAC;IACtC,IAAI,OAAO,GAAa,EAAE,CAAC;IAE3B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,IAAI,IAAI,KAAK,EAAE,CAAC;YACjE,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC;YACpB,IAAI,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;gBACjC,OAAO,GAAG,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC,EAAmB,CAAC,CAAC;gBACpC,SAAS;YACX,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACjB,SAAS;QACX,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IAEjC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACzC,CAAC"}
|