@shaifulshabuj-waymarks/cli 0.2.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +213 -0
  2. package/dist/commands/logs.js +1 -1
  3. package/dist/commands/start.js +3 -3
  4. package/dist/commands/status.js +4 -4
  5. package/dist/index.js +1 -1
  6. package/package.json +2 -2
package/README.md ADDED
@@ -0,0 +1,213 @@
1
+ # Waymark
2
+
3
+ **Control what AI agents can do in your codebase.**
4
+
5
+ Waymark sits between your team and any AI agent.
6
+ Every file action is intercepted, logged, and checked
7
+ against your policies before it executes.
8
+ Dangerous commands are blocked. Sensitive paths
9
+ require human approval. Everything is reversible.
10
+
11
+ ---
12
+
13
+ ## The Problem
14
+
15
+ AI agents like Claude Code are powerful.
16
+ They can also write to your .env, run rm -rf,
17
+ or modify your database schema without asking.
18
+
19
+ You find out after it happens.
20
+
21
+ ## The Solution
22
+
23
+ Waymark intercepts every action before it runs:
24
+
25
+ | Agent tries to... | Waymark does... |
26
+ |----------------------------|----------------------------------------|
27
+ | Write to .env | Blocks it instantly. Logged. |
28
+ | Run rm -rf | Blocks it instantly. Logged. |
29
+ | Pipe curl to bash | Blocks it instantly. Logged. |
30
+ | Modify src/db/schema.ts | Holds it. Asks for your approval. |
31
+ | Write to src/ | Allows it. Logged with full rollback. |
32
+ | Read any file | Logged with path and content snapshot. |
33
+
34
+ ---
35
+
36
+ ## Install
37
+
38
+ ```bash
39
+ cd your-project
40
+ npx @shaifulshabuj-waymarks/cli init
41
+ npx @shaifulshabuj-waymarks/cli start
42
+ ```
43
+
44
+ Restart Claude Code. Done.
45
+ Waymark is now active in this project.
46
+
47
+ ---
48
+
49
+ ## How It Works
50
+
51
+ ```
52
+ Your Prompt
53
+
54
+ Claude Code
55
+
56
+ Waymark MCP Server ← intercepts here
57
+
58
+ Policy Engine
59
+
60
+ allowed → executes + logged
61
+ blocked → stopped + logged
62
+ pending → held + approval required
63
+
64
+ Dashboard: http://localhost:3001
65
+ ```
66
+
67
+ ---
68
+
69
+ ## Dashboard
70
+
71
+ Open **http://localhost:3001** after running
72
+ `npx @shaifulshabuj-waymarks/cli start`.
73
+
74
+ - See every agent action in real time
75
+ - Approve or reject pending actions
76
+ - Roll back any write with one click
77
+ - Filter by allowed / blocked / pending
78
+
79
+ ---
80
+
81
+ ## Configuration
82
+
83
+ Edit `waymark.config.json` in your project root:
84
+
85
+ ```json
86
+ {
87
+ "policies": {
88
+ "allowedPaths": [
89
+ "./src/**",
90
+ "./data/**",
91
+ "./README.md"
92
+ ],
93
+ "blockedPaths": [
94
+ "./.env",
95
+ "./.env.*",
96
+ "./package-lock.json",
97
+ "/etc/**"
98
+ ],
99
+ "blockedCommands": [
100
+ "rm -rf",
101
+ "DROP TABLE",
102
+ "regex:\\|\\s*bash",
103
+ "regex:\\$\\(curl"
104
+ ],
105
+ "requireApproval": [
106
+ "./src/db/**",
107
+ "./waymark.config.json"
108
+ ]
109
+ }
110
+ }
111
+ ```
112
+
113
+ ### Policy Rules
114
+
115
+ **allowedPaths** — Agent can read and write these.
116
+ Supports glob patterns.
117
+
118
+ **blockedPaths** — Agent can never touch these.
119
+ Takes priority over allowedPaths.
120
+
121
+ **blockedCommands** — Bash commands containing
122
+ these strings are blocked. Prefix with `regex:`
123
+ for pattern matching.
124
+
125
+ **requireApproval** — Actions on these paths are
126
+ held until a human approves from the dashboard.
127
+
128
+ ---
129
+
130
+ ## CLI Commands
131
+
132
+ ```bash
133
+ npx @shaifulshabuj-waymarks/cli init # Set up Waymark in current project
134
+ npx @shaifulshabuj-waymarks/cli start # Start dashboard + MCP server (background)
135
+ npx @shaifulshabuj-waymarks/cli stop # Stop the running servers
136
+ npx @shaifulshabuj-waymarks/cli status # Check if server is running
137
+ npx @shaifulshabuj-waymarks/cli logs # View recent actions in terminal
138
+ npx @shaifulshabuj-waymarks/cli logs --pending # Show only pending actions
139
+ npx @shaifulshabuj-waymarks/cli logs --blocked # Show only blocked actions
140
+ ```
141
+
142
+ ---
143
+
144
+ ## Slack Notifications
145
+
146
+ Get notified when an agent action needs approval:
147
+
148
+ ```bash
149
+ # Add to .env in your project
150
+ WAYMARK_SLACK_WEBHOOK_URL=https://hooks.slack.com/...
151
+ WAYMARK_SLACK_CHANNEL=#engineering
152
+ WAYMARK_BASE_URL=http://localhost:3001
153
+ ```
154
+
155
+ Create a Slack webhook at:
156
+ api.slack.com/apps → Incoming Webhooks
157
+
158
+ ---
159
+
160
+ ## Works With
161
+
162
+ - **Claude Code** — native MCP integration,
163
+ zero configuration after init
164
+ - **Any MCP-compatible agent** — register
165
+ the Waymark MCP server in your agent config
166
+ - More integrations coming
167
+
168
+ ---
169
+
170
+ ## Requirements
171
+
172
+ - Node.js 18 or higher
173
+ - Claude Code (for MCP integration)
174
+ - macOS or Linux (Windows support coming)
175
+
176
+ ---
177
+
178
+ ## Roadmap
179
+
180
+ - [ ] Team approval routing
181
+ (assign approvals to specific teammates)
182
+ - [ ] Session-level rollback
183
+ (undo an entire agent run at once)
184
+ - [ ] CLI agent wrapping
185
+ (waymark run <any-agent-command>)
186
+ - [ ] Proxy mode
187
+ (drop-in for any OpenAI-compatible agent)
188
+ - [ ] Email notifications
189
+ - [ ] Windows support
190
+
191
+ ---
192
+
193
+ ## Contributing
194
+
195
+ Waymark is MIT licensed and open to contributions.
196
+
197
+ 1. Fork the repo
198
+ 2. Create a feature branch
199
+ 3. Open a pull request
200
+
201
+ Please open an issue before starting large changes.
202
+
203
+ ---
204
+
205
+ ## License
206
+
207
+ MIT — see [LICENSE](LICENSE)
208
+
209
+ ---
210
+
211
+ Built for developers who want to use AI agents
212
+ seriously — without giving them unsupervised
213
+ access to production systems.
package/dist/commands/logs.js CHANGED
@@ -37,7 +37,7 @@ async function run() {
37
37
  rows = await res.json();
38
38
  }
39
39
  catch {
40
- console.log('Waymark is not running. Start with: waymark start');
40
+ console.log('Waymark is not running. Start with: npx @shaifulshabuj-waymarks/cli start');
41
41
  return;
42
42
  }
43
43
  if (pendingOnly)
package/dist/commands/start.js CHANGED
@@ -72,7 +72,7 @@ function run() {
72
72
  const waymarkDir = path.join(projectRoot, '.waymark');
73
73
  const pidFile = path.join(waymarkDir, 'waymark.pid');
74
74
  if (!fs.existsSync(configPath)) {
75
- console.error('waymark.config.json not found. Run waymark init first.');
75
+ console.error('waymark.config.json not found. Run: npx @shaifulshabuj-waymarks/cli init');
76
76
  process.exit(1);
77
77
  }
78
78
  // Guard: already running
@@ -82,7 +82,7 @@ function run() {
82
82
  if (isAlive(saved.api) || isAlive(saved.mcp)) {
83
83
  console.log('Waymark is already running.');
84
84
  console.log('Dashboard: http://localhost:3001');
85
- console.log('Run "waymark stop" to stop it.');
85
+ console.log('Run "npx @shaifulshabuj-waymarks/cli stop" to stop it.');
86
86
  process.exit(0);
87
87
  }
88
88
  }
@@ -120,6 +120,6 @@ function run() {
120
120
  console.log('Waymark started (background)');
121
121
  console.log('Dashboard: http://localhost:3001');
122
122
  console.log('MCP server: active (stdio)');
123
- console.log('Run "waymark stop" to stop.');
123
+ console.log('Run "npx @shaifulshabuj-waymarks/cli stop" to stop.');
124
124
  }, 1500);
125
125
  }
package/dist/commands/status.js CHANGED
@@ -49,7 +49,7 @@ function isAlive(pid) {
49
49
  async function run() {
50
50
  const pidFile = path.join(process.cwd(), '.waymark', 'waymark.pid');
51
51
  if (!fs.existsSync(pidFile)) {
52
- console.log('Waymark is not running. Start with: waymark start');
52
+ console.log('Waymark is not running. Start with: npx @shaifulshabuj-waymarks/cli start');
53
53
  return;
54
54
  }
55
55
  let saved;
@@ -57,12 +57,12 @@ async function run() {
57
57
  saved = JSON.parse(fs.readFileSync(pidFile, 'utf8'));
58
58
  }
59
59
  catch {
60
- console.log('Waymark is not running. Start with: waymark start');
60
+ console.log('Waymark is not running. Start with: npx @shaifulshabuj-waymarks/cli start');
61
61
  return;
62
62
  }
63
63
  if (!isAlive(saved.api) && !isAlive(saved.mcp)) {
64
64
  fs.unlinkSync(pidFile);
65
- console.log('Waymark is not running (crashed). Start with: waymark start');
65
+ console.log('Waymark is not running (crashed). Start with: npx @shaifulshabuj-waymarks/cli start');
66
66
  return;
67
67
  }
68
68
  try {
@@ -82,6 +82,6 @@ async function run() {
82
82
  console.log(`Total actions logged: ${total}`);
83
83
  }
84
84
  catch {
85
- console.log('Waymark is not running. Start with: waymark start');
85
+ console.log('Waymark is not running. Start with: npx @shaifulshabuj-waymarks/cli start');
86
86
  }
87
87
  }
package/dist/index.js CHANGED
@@ -17,7 +17,7 @@ switch (command) {
17
17
  require('./commands/logs').run();
18
18
  break;
19
19
  default:
20
- console.log('Usage: waymark <init|start|stop|status|logs>');
20
+ console.log('Usage: npx @shaifulshabuj-waymarks/cli <init|start|stop|status|logs>');
21
21
  console.log('');
22
22
  console.log('Commands:');
23
23
  console.log(' init Set up Waymark in the current project');
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@shaifulshabuj-waymarks/cli",
3
- "version": "0.2.0",
3
+ "version": "0.3.1",
4
4
  "description": "Control what AI agents can do in your codebase",
5
5
  "author": "Waymark <hello@waymarks.dev>",
6
6
  "license": "MIT",
@@ -31,7 +31,7 @@
31
31
  "build": "tsc"
32
32
  },
33
33
  "dependencies": {
34
- "@shaifulshabuj-waymarks/server": "0.2.0"
34
+ "@shaifulshabuj-waymarks/server": "0.3.1"
35
35
  },
36
36
  "devDependencies": {
37
37
  "@types/node": "^20.11.5",