@vtstech/pi-security 1.0.4 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -0
- package/package.json +3 -3
- package/security.js +1 -1
package/README.md
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
# @vtstech/pi-security
|
|
2
|
+
|
|
3
|
+
Security extension for the [Pi Coding Agent](https://github.com/badlogic/pi-mono).
|
|
4
|
+
|
|
5
|
+
Command, path, and network security layer for Pi's tool execution. Automatically loaded — no commands needed.
|
|
6
|
+
|
|
7
|
+
## Install
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
pi install "npm:@vtstech/pi-security"
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
## Protection
|
|
14
|
+
|
|
15
|
+
- **65 blocked commands** — system modification, privilege escalation, network attacks, package management, process control, shell escapes
|
|
16
|
+
- **SSRF protection** — 27 blocked hostname patterns (loopback, RFC1918 private ranges, cloud metadata endpoints)
|
|
17
|
+
- **Path validation** — prevents filesystem escape and access to critical system directories
|
|
18
|
+
- **Shell injection detection** — regex patterns for command chaining, substitution, and redirection
|
|
19
|
+
- **Audit logging** — JSON-lines audit log at `~/.pi/agent/audit.log`
|
|
20
|
+
|
|
21
|
+
## Links
|
|
22
|
+
|
|
23
|
+
- [Full Documentation](https://github.com/VTSTech/pi-coding-agent#security-securityts)
|
|
24
|
+
- [Changelog](https://github.com/VTSTech/pi-coding-agent/blob/main/CHANGELOG.md)
|
|
25
|
+
|
|
26
|
+
## License
|
|
27
|
+
|
|
28
|
+
MIT — [VTSTech](https://www.vts-tech.org)
|
package/package.json
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vtstech/pi-security",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.5",
|
|
4
4
|
"description": "Security extension for Pi Coding Agent",
|
|
5
5
|
"main": "security.js",
|
|
6
|
-
"keywords": ["pi-
|
|
6
|
+
"keywords": ["pi-extensions"],
|
|
7
7
|
"license": "MIT",
|
|
8
8
|
"access": "public",
|
|
9
9
|
"type": "module",
|
|
@@ -14,7 +14,7 @@
|
|
|
14
14
|
"url": "https://github.com/VTSTech/pi-coding-agent"
|
|
15
15
|
},
|
|
16
16
|
"dependencies": {
|
|
17
|
-
"@vtstech/pi-shared": "1.0.
|
|
17
|
+
"@vtstech/pi-shared": "1.0.5"
|
|
18
18
|
},
|
|
19
19
|
"peerDependencies": {
|
|
20
20
|
"@mariozechner/pi-coding-agent": ">=0.66"
|
package/security.js
CHANGED
|
@@ -18,7 +18,7 @@ function security_temp_default(pi) {
|
|
|
18
18
|
byRule: {}
|
|
19
19
|
};
|
|
20
20
|
const branding = [
|
|
21
|
-
` \u26A1 Pi Security Extension v1.0.
|
|
21
|
+
` \u26A1 Pi Security Extension v1.0.5`,
|
|
22
22
|
` Written by VTSTech`,
|
|
23
23
|
` GitHub: https://github.com/VTSTech`,
|
|
24
24
|
` Website: www.vts-tech.org`
|