@solongate/proxy 0.23.0 → 0.23.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +27 -9
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -4729,7 +4729,7 @@ var init_stage1_rules2 = __esm3({
|
|
|
4729
4729
|
patterns: [
|
|
4730
4730
|
/\bignore\s+(all\s+)?(previous|prior|above|earlier)\s+(instructions?|prompts?|rules?|directives?)\b/i,
|
|
4731
4731
|
/\bdisregard\s+(all\s+)?(previous|prior|above|earlier|your)\s+(instructions?|prompts?|rules?|guidelines?)\b/i,
|
|
4732
|
-
/\bforget\s+(all\s+)?(your|the|previous|prior)\
|
|
4732
|
+
/\bforget\s+(all\s+|everything\s+)?(your|the|previous|prior|above|earlier)\b/i,
|
|
4733
4733
|
/\boverride\s+(the\s+)?(system|previous|current)\s+(prompt|instructions?|rules?|settings?)\b/i,
|
|
4734
4734
|
/\bdo\s+not\s+follow\s+(your|the|any)\s+(instructions?|rules?|guidelines?)\b/i,
|
|
4735
4735
|
/\bcancel\s+(all\s+)?(prior|previous)\s+(directives?|instructions?)\b/i,
|
|
@@ -4788,13 +4788,13 @@ var init_stage1_rules2 = __esm3({
|
|
|
4788
4788
|
name: "multi_language",
|
|
4789
4789
|
weight: 0.7,
|
|
4790
4790
|
patterns: [
|
|
4791
|
-
|
|
4792
|
-
|
|
4793
|
-
|
|
4794
|
-
|
|
4795
|
-
|
|
4796
|
-
|
|
4797
|
-
|
|
4791
|
+
/ignor(iere|a|e[zs]?)\s+(alle|todas?|toutes?|tüm|все)/iu,
|
|
4792
|
+
/игнорируйте/iu,
|
|
4793
|
+
/yoksay/iu,
|
|
4794
|
+
/vorherigen?\s+Anweisungen/iu,
|
|
4795
|
+
/instrucciones\s+anteriores/iu,
|
|
4796
|
+
/instructions?\s+pr[eé]c[eé]dentes?/iu,
|
|
4797
|
+
/önceki\s+talimatlar/iu
|
|
4798
4798
|
]
|
|
4799
4799
|
}
|
|
4800
4800
|
];
|
|
@@ -5332,8 +5332,26 @@ var SHELL_INJECTION_PATTERNS = [
|
|
|
5332
5332
|
// URL-encoded tab
|
|
5333
5333
|
/\r\n/,
|
|
5334
5334
|
// CRLF injection
|
|
5335
|
-
/\n
|
|
5335
|
+
/\n/,
|
|
5336
5336
|
// Newline (command separator on Unix)
|
|
5337
|
+
/\bbash\s+-c\b/i,
|
|
5338
|
+
// Subshell wrapper: bash -c
|
|
5339
|
+
/\bsh\s+-c\b/i,
|
|
5340
|
+
// Subshell wrapper: sh -c
|
|
5341
|
+
/\bzsh\s+-c\b/i,
|
|
5342
|
+
// Subshell wrapper: zsh -c
|
|
5343
|
+
/\bsource\s+/i,
|
|
5344
|
+
// Source command
|
|
5345
|
+
/\bprintenv\b/i,
|
|
5346
|
+
// Environment variable leak
|
|
5347
|
+
/\$'\\x[0-9a-f]/i,
|
|
5348
|
+
// Hex escape in bash: $'\x72\x6d'
|
|
5349
|
+
/\bxargs\b/i,
|
|
5350
|
+
// xargs chaining
|
|
5351
|
+
/\bbase64\s+-d\b/i,
|
|
5352
|
+
// Base64 decode pipe
|
|
5353
|
+
/\bxxd\s+-r\b/i
|
|
5354
|
+
// Hex decode pipe
|
|
5337
5355
|
];
|
|
5338
5356
|
function detectShellInjection(value) {
|
|
5339
5357
|
for (const pattern of SHELL_INJECTION_PATTERNS) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solongate/proxy",
|
|
3
|
-
"version": "0.23.
|
|
3
|
+
"version": "0.23.1",
|
|
4
4
|
"description": "MCP security proxy — protect any MCP server with customizable policies, path/command constraints, rate limiting, and audit logging. Zero code changes required.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|