cc-safety-net 1.0.3 → 1.0.5

package/README.md

@@ -226,6 +226,8 @@ Install CC Safety Net into your Kimi Code config:
 npx -y cc-safety-net hook install --kimi-code
 ```
 
+Optional: run `npx skill add kenryu42/cc-safety-net` to add the `/cc-safety-net` skill for configuring custom rules.
+
 ---
 
 

package/dist/bin/cc-safety-net.js

@@ -6429,7 +6429,7 @@ var CLAUDE_CODE_TOOL_NAME = "Bash";
 var GEMINI_CLI_HOOK_EVENT = "BeforeTool";
 var GEMINI_CLI_TOOL_NAME = "run_shell_command";
 var KIMI_CODE_HOOK_EVENT = "PreToolUse";
-var KIMI_CODE_TOOL_NAME = "Shell";
+var KIMI_CODE_TOOL_NAME = "Bash";
 
 // src/bin/hook/claude-code.ts
 async function runClaudeCodeHook() {
@@ -7531,7 +7531,7 @@ function detectGeminiCLI(extensionsListOutput) {
   };
 }
 function _getKimiConfigPath(homeDir) {
-  return join10(process.env.KIMI_SHARE_DIR || join10(homeDir, ".kimi"), "config.toml");
+  return join10(process.env.KIMI_CODE_HOME || join10(homeDir, ".kimi-code"), "config.toml");
 }
 function detectKimiCode(homeDir) {
   const configPath = _getKimiConfigPath(homeDir);
@@ -7927,7 +7927,7 @@ import { existsSync as existsSync14 } from "node:fs";
 import { mkdtemp, readFile, rm, writeFile } from "node:fs/promises";
 import { tmpdir as tmpdir4 } from "node:os";
 import { delimiter, extname, join as join11 } from "node:path";
-var CURRENT_VERSION = "1.0.3";
+var CURRENT_VERSION = "1.0.5";
 var VERSION_FETCH_TIMEOUT_MS = 2000;
 var PI_PROBE_TIMEOUT_MS = 5000;
 var PI_SENTINEL_COMMAND = "cc-safety-net";
@@ -9436,7 +9436,7 @@ function formatTraceJson(result) {
   return JSON.stringify(result, null, 2);
 }
 // src/bin/help.ts
-var version = "1.0.3";
+var version = "1.0.5";
 var INDENT = "  ";
 var PROGRAM_NAME = "cc-safety-net";
 function formatOptionFlags(option) {
@@ -9635,11 +9635,11 @@ function removeArrayRangeItem(content, item) {
 var KIMI_HOOK_COMMAND = "npx -y cc-safety-net hook --kimi-code";
 var KIMI_HOOK_BLOCK = `[[hooks]]
 event = "PreToolUse"
-matcher = "Shell"
+matcher = "Bash"
 command = "${KIMI_HOOK_COMMAND}"`;
-var KIMI_INLINE_HOOK = `{ event = "PreToolUse", matcher = "Shell", command = "${KIMI_HOOK_COMMAND}" }`;
+var KIMI_INLINE_HOOK = `{ event = "PreToolUse", matcher = "Bash", command = "${KIMI_HOOK_COMMAND}" }`;
 function getKimiConfigPath(homeDir) {
-  return join12(process.env.KIMI_SHARE_DIR ?? join12(homeDir, ".kimi"), "config.toml");
+  return join12(process.env.KIMI_CODE_HOME ?? join12(homeDir, ".kimi-code"), "config.toml");
 }
 function removeTopLevelEmptyHooksArray(content) {
   const result = content.split(`

package/dist/bin/hook/constants.d.ts

@@ -3,4 +3,4 @@ export declare const CLAUDE_CODE_TOOL_NAME = "Bash";
 export declare const GEMINI_CLI_HOOK_EVENT = "BeforeTool";
 export declare const GEMINI_CLI_TOOL_NAME = "run_shell_command";
 export declare const KIMI_CODE_HOOK_EVENT = "PreToolUse";
-export declare const KIMI_CODE_TOOL_NAME = "Shell";
+export declare const KIMI_CODE_TOOL_NAME = "Bash";

package/dist/index.d.ts

@@ -1,2 +1,15 @@
-import type { Plugin } from '@opencode-ai/plugin';
-export declare const CCSafetyNetPlugin: Plugin;
+import type { PluginInput } from '@opencode-ai/plugin';
+type CCSafetyNetPluginInput = PluginInput & {
+    homeDir?: string;
+};
+export declare const CCSafetyNetPlugin: ({ directory, homeDir }: CCSafetyNetPluginInput) => Promise<{
+    config: (opencodeConfig: Record<string, unknown>) => Promise<void>;
+    'tool.execute.before': (input: {
+        tool: string;
+        sessionID: string;
+        callID: string;
+    }, output: {
+        args: any;
+    }) => Promise<void>;
+}>;
+export {};

package/dist/index.js

@@ -6187,6 +6187,66 @@ function analyzeCommand(command2, options2 = {}) {
   return analyzeCommandInternal(command2, 0, { ...options2, config });
 }
 
+// src/core/audit.ts
+import { appendFileSync, existsSync as existsSync10, mkdirSync as mkdirSync3 } from "node:fs";
+import { homedir as homedir3 } from "node:os";
+import { join as join8 } from "node:path";
+function sanitizeSessionIdForFilename(sessionId) {
+  const raw = sessionId.trim();
+  if (!raw) {
+    return null;
+  }
+  let safe = raw.replace(/[^A-Za-z0-9_.-]+/g, "_");
+  safe = safe.replace(/^[._-]+|[._-]+$/g, "").slice(0, 128);
+  if (!safe || safe === "." || safe === "..") {
+    return null;
+  }
+  return safe;
+}
+function writeAuditLog(sessionId, command2, segment, reason, cwd, options2 = {}) {
+  const safeSessionId = sanitizeSessionIdForFilename(sessionId);
+  if (!safeSessionId) {
+    return;
+  }
+  const home = options2.homeDir ?? process.env.HOME ?? homedir3();
+  const logsDir = join8(home, ".cc-safety-net", "logs");
+  try {
+    if (!existsSync10(logsDir)) {
+      mkdirSync3(logsDir, { recursive: true });
+    }
+    const logFile = join8(logsDir, `${safeSessionId}.jsonl`);
+    const entry = {
+      ts: new Date().toISOString(),
+      decision: options2.decision ?? "deny",
+      command: redactSecrets(command2).slice(0, 300),
+      segment: redactSecrets(segment).slice(0, 300),
+      reason,
+      cwd
+    };
+    appendFileSync(logFile, `${JSON.stringify(entry)}
+`, "utf-8");
+  } catch {}
+}
+function redactSecrets(text) {
+  let result = text;
+  result = result.replace(/-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g, "<redacted>");
+  result = result.replace(/\b((?:DATABASE|POSTGRES|POSTGRESQL|MYSQL|MARIADB|REDIS|MONGO(?:DB)?|DB)_URL)=([^\s]+)/gi, "$1=<redacted>");
+  result = result.replace(/\b([A-Z0-9_]*(?:TOKEN|SECRET|PASSWORD|PASS|KEY|CREDENTIALS)[A-Z0-9_]*)=([^\s]+)/gi, "$1=<redacted>");
+  result = result.replace(/(['"]?\s*(?:authorization|cookie|x-api-key|api-key)\s*:\s*)([^'"\r\n]+)(['"]?)/gi, "$1<redacted>$3");
+  result = result.replace(/(['"]?\s*authorization\s*:\s*)([^'"]+)(['"]?)/gi, "$1<redacted>$3");
+  result = result.replace(/(authorization\s*:\s*)([^\s"']+)(\s+[^\s"']+)?/gi, "$1<redacted>");
+  result = result.replace(/\b([a-z][a-z0-9+.-]*:\/\/)([^\s/:@]+):([^\s@/]+)@/gi, "$1<redacted>:<redacted>@");
+  result = result.replace(/\b([a-z][a-z0-9+.-]*:\/\/)([^\s/@:]+)@/gi, "$1<redacted>@");
+  result = result.replace(/\bgh[pousr]_[A-Za-z0-9]{20,}\b/g, "<redacted>");
+  result = result.replace(/\bxoxb-[A-Za-z0-9-]{20,}\b/g, "<redacted>");
+  result = result.replace(/\bnpm_[A-Za-z0-9_]{20,}\b/g, "<redacted>");
+  result = result.replace(/\b[rs]k_(?:live|test)_[A-Za-z0-9_]{20,}\b/g, "<redacted>");
+  result = result.replace(/\bpypi-[A-Za-z0-9_-]{20,}\b/g, "<redacted>");
+  result = result.replace(/\b[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{6,}\b/g, "<redacted>");
+  result = result.replace(/\b(?:AKIA|ASIA)[A-Z0-9]{16}\b/g, "<redacted>");
+  return result;
+}
+
 // src/core/format.ts
 function formatBlockedMessage(input) {
   const { reason, command: command2, segment } = input;
@@ -6276,7 +6336,7 @@ function loadBuiltinCommands(disabledCommands) {
 }
 // src/index.ts
 var REASON_SAFETY_NET_FAILED_CLOSED = "CC Safety Net failed closed because command analysis failed unexpectedly.";
-var CCSafetyNetPlugin = async ({ directory }) => {
+var CCSafetyNetPlugin = async ({ directory, homeDir }) => {
   const modes = getCCSafetyNetEnvModes();
   return {
     config: async (opencodeConfig) => {
@@ -6308,6 +6368,11 @@ var CCSafetyNetPlugin = async ({ directory }) => {
           }));
         }
         if (result) {
+          if (input.sessionID) {
+            writeAuditLog(input.sessionID, command2, result.segment, result.reason, directory, {
+              homeDir
+            });
+          }
           const message = formatBlockedMessage({
             reason: result.reason,
             command: command2,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cc-safety-net",
-  "version": "1.0.3",
+  "version": "1.0.5",
   "description": "A coding agent CLI hook - block destructive git and filesystem commands before execution",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",