@vtstech/pi-security 1.2.0 → 1.2.1

package/README.md

@@ -14,7 +14,7 @@ pi install "npm:@vtstech/pi-security"
 
 - **Partitioned command blocklist** — 41 CRITICAL commands (always blocked: system modification, privilege escalation, network attacks, shell escapes) + 25 EXTENDED commands (blocked in max mode: package management, process control, development tools)
 - **Mode-aware SSRF protection** — 22 ALWAYS_BLOCKED URL patterns (loopback, RFC1918 private ranges, cloud metadata endpoints) + 7 MAX_ONLY patterns (localhost by name, broadcast, link-local, current network) that are allowed in basic mode
-- **Security mode toggle** — switch between `basic` and `max` modes at runtime; persisted to `~/.pi/agent/security.json`
+- **Security mode toggle** — switch between `basic`, `max`, and `off` modes at runtime; persisted to `~/.pi/agent/security.json`
 - **Path validation** — prevents filesystem escape and access to critical system directories; symlinks are dereferenced via `fs.realpathSync()` to block `/tmp/evil → /etc/passwd` bypasses
 - **Shell injection detection** — regex patterns for command chaining, substitution, and redirection
 - **Full-word command scanning** — all words in a command are checked against CRITICAL_COMMANDS (catches `sudo chmod`, `exec dd`, etc.)
@@ -26,6 +26,7 @@ pi install "npm:@vtstech/pi-security"
 ```bash
 /security mode basic    # Relaxed — CRITICAL commands blocked, localhost URLs allowed
 /security mode max      # Full lockdown — all 66 commands blocked, strict SSRF
+/security mode off     # Disable all security checks
 ```
 
 **Default mode: `max`**. The current mode is shown in the status bar as `SEC:BASIC` or `SEC:MAX`.

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@vtstech/pi-security",
-  "version": "1.2.0",
+  "version": "1.2.1",
   "description": "Security extension for Pi Coding Agent",
   "main": "security.js",
-  "keywords": ["pi-extensions"],
+  "keywords": ["pi-package", "pi", "pi-coding-agent", "pi-extensions"],
   "license": "MIT",
   "access": "public",
   "type": "module",
@@ -14,7 +14,7 @@
     "url": "https://github.com/VTSTech/pi-coding-agent"
   },
   "dependencies": {
-    "@vtstech/pi-shared": "1.2.0"
+    "@vtstech/pi-shared": "1.2.1"
   },
   "peerDependencies": {
     "@mariozechner/pi-coding-agent": ">=0.66"

package/security.js

@@ -52,9 +52,11 @@ function security_temp_default(pi) {
             lines2.push(section("MODE DIFFERENCES"));
             lines2.push(info("Basic: critical commands blocked, localhost/127.x allowed"));
             lines2.push(info("Max: all commands blocked, full SSRF protection"));
+            lines2.push(info("Off: no security enforcement, all commands allowed"));
             lines2.push(section("SWITCH MODE"));
             lines2.push(info("/security mode basic  \u2014 relax restrictions for development"));
             lines2.push(info("/security mode max    \u2014 full lockdown (default)"));
+            lines2.push(info("/security mode off     \u2014 disable all security checks"));
             lines2.push(branding);
             pi.sendMessage({
               customType: "security-mode-info",
@@ -63,7 +65,7 @@ function security_temp_default(pi) {
             });
             return;
           }
-          if (value === "basic" || value === "max") {
+          if (value === "basic" || value === "max" || value === "off") {
             if (value === currentMode) {
               ctx.ui.notify(`Security mode is already ${value.toUpperCase()}`, "info");
               return;
@@ -94,9 +96,12 @@ function security_temp_default(pi) {
               lines2.push(warn("Extended commands are now ALLOWED: rm, sudo, npm, apt, git, curl, wget, etc."));
               lines2.push(warn("Localhost and 127.x URLs are now ALLOWED for SSRF"));
               lines2.push(ok("Critical commands remain blocked: dd, mkfs, shred, fdisk, ssh, etc."));
-            } else {
+            } else if (value === "max") {
               lines2.push(ok(`Full lockdown active \u2014 all ${totalCmds} commands blocked`));
               lines2.push(ok("Full SSRF protection \u2014 localhost and private IPs blocked"));
+            } else if (value === "off") {
+              lines2.push(ok("Security enforcement disabled \u2014 all commands allowed"));
+              lines2.push(ok("SSRF protection disabled \u2014 all URLs allowed"));
             }
             lines2.push(branding);
             pi.sendMessage({
@@ -106,7 +111,7 @@ function security_temp_default(pi) {
             });
             return;
           }
-          ctx.ui.notify(`Invalid mode: "${value}". Use "basic" or "max".`, "error");
+          ctx.ui.notify(`Invalid mode: "${value}". Use "basic", "max", or "off".`, "error");
           return;
         }
         const lines = [branding];
@@ -114,6 +119,7 @@ function security_temp_default(pi) {
         lines.push(info("/security mode        \u2014 show current security mode"));
         lines.push(info("/security mode basic  \u2014 relax to basic mode"));
         lines.push(info("/security mode max    \u2014 switch to max lockdown"));
+        lines.push(info("/security mode off     \u2014 disable all security checks"));
         lines.push(info("/security-audit       \u2014 show security audit report"));
         lines.push(branding);
         pi.sendMessage({
@@ -138,7 +144,8 @@ function security_temp_default(pi) {
       if (sub === "mode" && args.length === 2) {
         return [
           { value: "basic", label: "basic", description: "Relax to basic mode \u2014 only critical commands blocked" },
-          { value: "max", label: "max", description: "Full lockdown \u2014 all commands blocked (default)" }
+          { value: "max", label: "max", description: "Full lockdown \u2014 all commands blocked (default)" },
+          { value: "off", label: "off", description: "Disable all security checks" }
         ];
       }
       return [];