@seberto/agcp 1.0.1 → 1.0.2

package/bin/agcp.js

@@ -4,7 +4,7 @@ import { Command } from "commander";
 import chalk from "chalk";
 import { confirm } from "@inquirer/prompts";
 import { execSync } from "child_process";
-import generateCommand from "../service/ollama.js";
+import generateCommand, { isSafe } from "../service/ollama.js";
 
 const program = new Command();
 
@@ -19,6 +19,16 @@ program
 
       const command = await generateCommand(prompt);
 
+      if (command === "UNSAFE") {
+        console.log(chalk.red("\n✖ That request is not development related or is unsafe. Only dev commands are supported."));
+        process.exit(1);
+      }
+
+      if (!isSafe(command)) {
+        console.log(chalk.red(`\n✖ Blocked unsafe command: ${chalk.bold(command)}`));
+        process.exit(1);
+      }
+
       console.log(chalk.cyan(`\n💡 Suggested command:\n  ${chalk.bold(command)}\n`));
 
       const shouldRun = await confirm({
@@ -28,7 +38,12 @@ program
 
       if (shouldRun) {
         console.log(chalk.green("\n▶ Running...\n"));
-        execSync(command, { stdio: "inherit" });
+        try {
+          execSync(command, { stdio: "inherit", shell: true });
+        } catch {
+          // command already printed its output, non-zero exit is not our error
+        }
+
       } else {
         console.log(chalk.gray("\nAborted."));
       }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@seberto/agcp",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "AI CLI that generates and runs shell commands",
   "type": "module",
   "bin": {

package/service/ollama.js

@@ -1,4 +1,32 @@
 import axios from "axios";
+import { platform } from "os";
+
+const OS_MAP = { darwin: "macOS", linux: "Linux", win32: "Windows" };
+const os = OS_MAP[platform()] ?? platform();
+const shell = platform() === "win32" ? "PowerShell" : "bash";
+
+// Commands that are never allowed to run
+const BLOCKED = [
+  /rm\s+-rf/,
+  /rm\s+-fr/,
+  /rmdir/,
+  /mkfs/,
+  /dd\s+if=/,
+  /:\(\)\{.*\}/,        // fork bomb
+  /chmod\s+-R\s+777/,
+  /chown\s+-R/,
+  /shutdown/,
+  /reboot/,
+  /halt/,
+  /curl.*\|\s*sh/,      // curl pipe to shell
+  /wget.*\|\s*sh/,
+  /sudo\s+rm/,
+  />\s*\/dev\//,        // writing to devices
+];
+
+export function isSafe(command) {
+  return !BLOCKED.some((pattern) => pattern.test(command));
+}
 
 async function generateCommand(userPrompt) {
   const { data } = await axios.get("http://localhost:11434/api/tags");
@@ -6,7 +34,19 @@ async function generateCommand(userPrompt) {
 
   if (!model) throw new Error("No Ollama models found. Run 'ollama pull <model>' first.");
 
-  const prompt = `Convert the following text into a shell command. Return only the command, no explanation, no markdown.\n\n${userPrompt}`;
+  const prompt = `You are a development shell command assistant for ${os} using ${shell}.
+
+Allowed topics: git, npm, yarn, node, file navigation, code editors, docker, build tools, package managers, and general software development tasks.
+
+Rules:
+- Output a single shell command only
+- No markdown, no backticks, no code blocks, no explanation
+- One line only
+- Only generate commands related to software development
+- Never generate destructive commands like rm -rf, shutdown, reboot, mkfs, dd, fork bombs, or piping curl/wget to shell
+- If the request is not development related, respond with exactly: UNSAFE
+
+User request: ${userPrompt}`;
 
   const response = await axios.post("http://localhost:11434/api/generate", {
     model,
@@ -14,7 +54,17 @@ async function generateCommand(userPrompt) {
     stream: false,
   });
 
-  return response.data.response.trim();
+  const raw = response.data.response.trim();
+
+  // Strip accidental markdown the model may add
+  const cleaned = raw
+    .replace(/^```[\w]*\n?/m, "")
+    .replace(/```$/m, "")
+    .replace(/^`|`$/g, "")
+    .split("\n")[0]
+    .trim();
+
+  return cleaned;
 }
 
 export default generateCommand;