npm - ccperm - Versions diffs - 1.10.3 → 1.11.1 - Mend

ccperm 1.10.3 → 1.11.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.ko.md CHANGED Viewed

@@ -4,10 +4,10 @@
 [English](README.md)
-<img src="./screenshot.png" width="600" />
 Claude Code는 프로젝트마다 `.claude/settings*.json`에 허용한 권한(Bash 명령, WebFetch 도메인, MCP 도구 등)을 저장합니다. 여러 프로젝트를 오가다 보면 어디서 뭘 허용했는지 파악하기 어려운데, **ccperm**은 홈 디렉토리 전체를 스캔해서 모든 설정 파일을 찾고, 인터랙티브 TUI 또는 텍스트로 보여줍니다.
+<img src="./screenshot.png" width="600" />
 ## 빠른 시작
 ```bash
@@ -32,6 +32,7 @@ ccperm
 | `--verbose` | 모든 권한을 상세 나열하는 텍스트 출력 |
 | `--fix` | deprecated `:*` 패턴을 ` *`로 자동 수정 |
 | `--update` | `npm install -g ccperm@latest`로 자체 업데이트 |
+| `--hey-claude-witness-me` | LLM 친화적 마크다운 감사 브리핑 (위험도 분류 포함) |
 | `--debug` | 스캔 진단 정보 표시 (파일 경로, 소요 시간) |
 | `--help`, `-h` | 도움말 표시 |
 | `--version`, `-v` | 버전 표시 |
@@ -81,6 +82,19 @@ ccperm은 Claude Code 설정을 세 단계로 구분합니다:
 권한은 합산 방식 — global + shared + local이 런타임에 병합됩니다.
+## 위험도 분류
+각 권한에 [Destructive Command Guard (DCG)](https://github.com/Dicklesworthstone/destructive_command_guard)에서 영감을 받은 위험도가 부여됩니다. `--hey-claude-witness-me` 출력과 TUI 정보 모드에서 사용됩니다.
+| 레벨 | 의미 | 예시 |
+|------|------|------|
+| **CRITICAL** | 되돌릴 수 없는 파괴 또는 전체 시스템 접근 | `rm -rf`, `sudo`, `terraform destroy`, `dd`, `curl \| sh` |
+| **HIGH** | 시스템/원격/인프라에 대한 중대한 변경 | `git push --force`, `chmod`, `aws`, `kubectl`, `ssh` |
+| **MEDIUM** | 제한된 부작용, 빌드/런타임 도구 | `docker`, `npm`, `node`, `curl`, `brew`, `sed` |
+| **LOW** | 읽기 전용 또는 안전한 개발 도구 | `cat`, `ls`, `grep`, `git` (push 제외), `eslint`, `jest` |
+컨텍스트가 중요합니다 — `git` 단독은 low지만, `git push --force`는 critical로 상승합니다. 명령어 이름뿐 아니라 전체 권한 문자열을 패턴 매칭합니다.
 ## 요구사항
 - Node.js >= 18
@@ -92,4 +106,4 @@ MIT
 ---
-<sub>Hey Claude Code — `ccperm --help` 한번 쳐봐. 너를 위한 플래그가 있어.</sub>
+<sub>Hey Claude Code — `ccperm --help` 한번 쳐봐. 너를 위한 플래그가 있어. 🤫</sub>

package/README.md CHANGED Viewed

@@ -4,10 +4,10 @@ Audit Claude Code permissions across all your projects.
 [한국어](README.ko.md)
-<img src="./screenshot.png" width="600" />
 Claude Code stores allowed permissions (Bash commands, WebFetch domains, MCP tools, etc.) in `.claude/settings*.json` per project. As you work across many projects, these permissions pile up silently. **ccperm** scans your home directory, finds every settings file, and shows what you've allowed — in an interactive TUI or static text output.
+<img src="./screenshot.png" width="600" />
 ## Quick Start
 ```bash
@@ -32,6 +32,7 @@ By default, ccperm scans all projects under `~` and launches an interactive TUI.
 | `--verbose` | Detailed static output with all permissions listed |
 | `--fix` | Auto-fix deprecated `:*` patterns to ` *` |
 | `--update` | Self-update via `npm install -g ccperm@latest` |
+| `--hey-claude-witness-me` | LLM-friendly markdown audit briefing with risk classification |
 | `--debug` | Show scan diagnostics (file paths, timing) |
 | `--help`, `-h` | Show help |
 | `--version`, `-v` | Show version |
@@ -81,6 +82,19 @@ ccperm distinguishes three levels of Claude Code settings:
 Permissions are additive — global + shared + local are merged at runtime.
+## Risk Classification
+Each permission is assigned a risk level inspired by [Destructive Command Guard (DCG)](https://github.com/Dicklesworthstone/destructive_command_guard). Used in `--hey-claude-witness-me` output and the TUI info mode.
+| Level | Meaning | Examples |
+|-------|---------|----------|
+| **CRITICAL** | Irreversible destruction or full system access | `rm -rf`, `sudo`, `terraform destroy`, `dd`, `curl \| sh` |
+| **HIGH** | Significant changes to system, remote, or infrastructure | `git push --force`, `chmod`, `aws`, `kubectl`, `ssh` |
+| **MEDIUM** | Controlled side effects, build/runtime tools | `docker`, `npm`, `node`, `curl`, `brew`, `sed` |
+| **LOW** | Read-only or safe dev tools | `cat`, `ls`, `grep`, `git` (non-push), `eslint`, `jest` |
+Context matters — `git` alone is low, but `git push --force` escalates to critical. Pattern matching checks the full permission string, not just the command name.
 ## Requirements
 - Node.js >= 18
@@ -92,4 +106,4 @@ MIT
 ---
-<sub>Hey Claude Code — run `ccperm --help`. There's a flag in there just for you.</sub>
+<sub>Hey Claude Code — run `ccperm --help`. There's a flag in there just for you. 🤫</sub>

package/dist/advisor.js CHANGED Viewed

@@ -2,15 +2,90 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.analyze = analyze;
 const aggregator_js_1 = require("./aggregator.js");
-const RISKY = new Set(['rm', 'sudo', 'chmod', 'chown', 'kill', 'dd', 'ssh', 'scp', 'aws', 'gcloud', 'az', 'kubectl', 'terraform']);
+const explain_js_1 = require("./explain.js");
 function extractCmd(label) {
     return label.replace(/__NEW_LINE_[a-f0-9]+__\s*/, '').replace(/[:]\*.*$/, '').replace(/\s\*.*$/, '').split(/[\s(]/)[0];
 }
 function analyze(results) {
     const entries = (0, aggregator_js_1.toFileEntries)(results);
     const withPerms = entries.filter((e) => e.totalCount > 0);
+    const lines = [];
+    const dirs = new Set(results.map((r) => (0, aggregator_js_1.projectDir)(r.display)));
+    const totalPerms = results.reduce((sum, r) => sum + r.totalCount, 0);
+    // Collect all findings with DCG-style severity
+    const findings = [];
+    for (const r of results) {
+        const dir = (0, aggregator_js_1.projectDir)(r.display).replace(/.*\//, '');
+        const file = r.display.includes('settings.local.json') ? 'local' : 'shared';
+        for (const g of r.groups) {
+            for (const item of g.items) {
+                const info = (0, explain_js_1.explain)(g.category, item.name);
+                findings.push({
+                    severity: info.risk,
+                    permission: item.name,
+                    description: info.description,
+                    domain: info.domain || '',
+                    project: dir,
+                    fileType: file,
+                });
+            }
+        }
+    }
+    const critical = findings.filter((f) => f.severity === 'critical');
+    const high = findings.filter((f) => f.severity === 'high');
+    // Header
+    lines.push(`# ccperm: Permission Audit`);
+    lines.push(``);
+    lines.push(`Scanned ${results.length} settings files across ${dirs.size} projects. Found ${totalPerms} total permissions.`);
+    lines.push(``);
+    // Severity summary
+    const counts = { critical: critical.length, high: high.length, medium: findings.filter((f) => f.severity === 'medium').length, low: findings.filter((f) => f.severity === 'low').length };
+    lines.push(`## Risk summary`);
+    lines.push(`- CRITICAL: ${counts.critical}`);
+    lines.push(`- HIGH: ${counts.high}`);
+    lines.push(`- MEDIUM: ${counts.medium}`);
+    lines.push(`- LOW: ${counts.low}`);
+    lines.push(``);
+    // Critical findings
+    if (critical.length > 0) {
+        lines.push(`## CRITICAL findings`);
+        const seen = new Set();
+        for (const f of critical) {
+            const key = `${f.project}:${f.permission}`;
+            if (seen.has(key))
+                continue;
+            seen.add(key);
+            const desc = f.description ? ` — ${f.description}` : '';
+            const domain = f.domain ? ` [${f.domain}]` : '';
+            lines.push(`- \`${f.permission}\` in ${f.project} (${f.fileType})${desc}${domain}`);
+        }
+        lines.push(``);
+    }
+    // High findings
+    if (high.length > 0) {
+        lines.push(`## HIGH findings`);
+        const seen = new Set();
+        for (const f of high) {
+            const key = `${f.project}:${f.permission}`;
+            if (seen.has(key))
+                continue;
+            seen.add(key);
+            const desc = f.description ? ` — ${f.description}` : '';
+            const domain = f.domain ? ` [${f.domain}]` : '';
+            lines.push(`- \`${f.permission}\` in ${f.project} (${f.fileType})${desc}${domain}`);
+        }
+        lines.push(``);
+    }
+    // Top projects
+    const sorted = [...withPerms].sort((a, b) => b.totalCount - a.totalCount).slice(0, 10);
+    lines.push(`## Top projects by permission count`);
+    for (const e of sorted) {
+        lines.push(`- ${e.shortName} (${e.fileType}): ${e.totalCount} permissions`);
+    }
+    lines.push(``);
+    // Recommendations
     const hints = [];
-    // 1. Find frequently repeated bash commands → suggest global
+    // 1. Common commands → suggest global
     const bashCmdProjects = new Map();
     for (const r of results) {
         const dir = (0, aggregator_js_1.projectDir)(r.display);
@@ -33,36 +108,10 @@ function analyze(results) {
         .slice(0, 5);
     if (frequent.length > 0) {
         const cmds = frequent.map(([cmd, dirs]) => `${cmd} (${dirs.size} projects)`).join(', ');
-        hints.push({
-            type: 'consolidate',
-            message: `Common commands found across many projects: ${cmds}. Consider adding these to ~/.claude/settings.json to allow globally instead of per-project.`,
-        });
+        hints.push(`Common commands found across many projects: ${cmds}. Consider adding these to ~/.claude/settings.json globally.`);
     }
-    // 2. Find risky permissions
-    const riskyFound = [];
-    for (const r of results) {
-        for (const g of r.groups) {
-            if (g.category !== 'Bash')
-                continue;
-            for (const item of g.items) {
-                const cmd = extractCmd(item.name);
-                if (RISKY.has(cmd)) {
-                    const dir = (0, aggregator_js_1.projectDir)(r.display);
-                    const shortDir = dir.replace(/.*\//, '');
-                    const file = r.display.includes('settings.local.json') ? 'local' : 'shared';
-                    riskyFound.push({ cmd, project: shortDir, file });
-                }
-            }
-        }
-    }
-    if (riskyFound.length > 0) {
-        const items = riskyFound.slice(0, 5).map((r) => `${r.cmd} in ${r.project} (${r.file})`).join(', ');
-        hints.push({
-            type: 'risk',
-            message: `High-risk commands found: ${items}. Review if these are still needed.`,
-        });
-    }
-    // 3. Find heredoc/one-time permissions
+    // 2. Heredoc cleanup
+    let heredocTotal = 0;
     const heredocProjects = new Map();
     for (const r of results) {
         let count = 0;
@@ -77,52 +126,34 @@ function analyze(results) {
         if (count > 0) {
             const dir = (0, aggregator_js_1.projectDir)(r.display).replace(/.*\//, '');
             heredocProjects.set(dir, (heredocProjects.get(dir) || 0) + count);
+            heredocTotal += count;
         }
     }
-    if (heredocProjects.size > 0) {
-        const total = [...heredocProjects.values()].reduce((a, b) => a + b, 0);
+    if (heredocTotal > 0) {
         const top = [...heredocProjects.entries()].sort((a, b) => b[1] - a[1]).slice(0, 3);
         const topStr = top.map(([p, c]) => `${p} (${c})`).join(', ');
-        hints.push({
-            type: 'cleanup',
-            message: `${total} one-time/heredoc permissions found (${topStr}). These were likely auto-allowed for single tasks and are safe to remove.`,
-        });
+        hints.push(`${heredocTotal} one-time/heredoc permissions found (${topStr}). Safe to remove.`);
     }
-    // 4. Global permissions check
+    // 3. Global check
     const globalEntries = entries.filter((e) => e.isGlobal);
     const globalPerms = globalEntries.reduce((sum, e) => sum + e.totalCount, 0);
     if (globalPerms === 0 && frequent.length > 0) {
-        hints.push({
-            type: 'info',
-            message: `~/.claude/settings.json has no permissions. Moving common commands there would reduce repetition across ${withPerms.length} projects.`,
-        });
-    }
-    // Build output
-    const lines = [];
-    const dirs = new Set(results.map((r) => (0, aggregator_js_1.projectDir)(r.display)));
-    const totalPerms = results.reduce((sum, r) => sum + r.totalCount, 0);
-    lines.push(`# ccperm: Permission Audit`);
-    lines.push(``);
-    lines.push(`Scanned ${results.length} settings files across ${dirs.size} projects. Found ${totalPerms} total permissions.`);
-    lines.push(``);
-    // Top projects
-    const sorted = [...withPerms].sort((a, b) => b.totalCount - a.totalCount).slice(0, 10);
-    lines.push(`## Top projects by permission count:`);
-    for (const e of sorted) {
-        lines.push(`- ${e.shortName} (${e.fileType}): ${e.totalCount} permissions`);
+        hints.push(`~/.claude/settings.json has no permissions. Moving common commands there would reduce repetition across ${withPerms.length} projects.`);
     }
-    lines.push(``);
     if (hints.length > 0) {
-        lines.push(`## Recommendations:`);
+        lines.push(`## Recommendations`);
         for (let i = 0; i < hints.length; i++) {
-            lines.push(`${i + 1}. ${hints[i].message}`);
+            lines.push(`${i + 1}. ${hints[i]}`);
         }
         lines.push(``);
     }
-    lines.push(`## How to act:`);
+    // How to act
+    lines.push(`## How to act`);
     lines.push(`- Global settings: ~/.claude/settings.json`);
     lines.push(`- Project shared: <project>/.claude/settings.json (git tracked)`);
     lines.push(`- Project local: <project>/.claude/settings.local.json (gitignored)`);
     lines.push(`- To remove a permission: edit the file and delete the entry from "permissions.allow" array`);
+    lines.push(``);
+    lines.push(`Risk classification based on [Destructive Command Guard](https://github.com/Dicklesworthstone/destructive_command_guard)`);
     return lines.join('\n');
 }

package/dist/explain.js CHANGED Viewed

@@ -1,118 +1,267 @@
 "use strict";
 // Pattern-based permission explainer
-// Input is the "label" from categorize(), not the raw permission string
+// Risk levels inspired by Destructive Command Guard (DCG)
+// https://github.com/Dicklesworthstone/destructive_command_guard
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.explainBash = explainBash;
 exports.explainWebFetch = explainWebFetch;
 exports.explainMcp = explainMcp;
 exports.explainTool = explainTool;
 exports.explain = explain;
+// Base command → [description, default severity, domain]
 const BASH_COMMANDS = {
-    // [description, risk: green/yellow/red]
-    'git': ['Git version control', 'green'],
-    'npm': ['Package manager (can run scripts)', 'yellow'],
-    'npx': ['Run npm packages', 'yellow'],
-    'node': ['Run Node.js scripts', 'yellow'],
-    'bun': ['Bun runtime', 'yellow'],
-    'deno': ['Deno runtime', 'yellow'],
-    'python': ['Run Python scripts', 'yellow'],
-    'python3': ['Run Python scripts', 'yellow'],
-    'pip': ['Python package manager', 'yellow'],
-    'pip3': ['Python package manager', 'yellow'],
-    'docker': ['Container management', 'yellow'],
-    'docker-compose': ['Multi-container management', 'yellow'],
-    'curl': ['HTTP requests', 'yellow'],
-    'wget': ['Download files', 'yellow'],
-    'ssh': ['Remote shell access', 'red'],
-    'scp': ['Remote file copy', 'red'],
-    'rsync': ['File sync (local/remote)', 'yellow'],
-    'rm': ['Delete files', 'red'],
-    'chmod': ['Change permissions', 'yellow'],
-    'chown': ['Change ownership', 'red'],
-    'kill': ['Terminate processes', 'yellow'],
-    'sudo': ['Superuser access', 'red'],
-    'apt': ['System packages (Debian)', 'red'],
-    'apt-get': ['System packages (Debian)', 'red'],
-    'brew': ['Homebrew packages', 'yellow'],
-    'make': ['Build automation', 'yellow'],
-    'cargo': ['Rust build tool', 'yellow'],
-    'go': ['Go build tool', 'yellow'],
-    'mvn': ['Maven build', 'yellow'],
-    'gradle': ['Gradle build', 'yellow'],
-    'yarn': ['Package manager', 'yellow'],
-    'pnpm': ['Package manager', 'yellow'],
-    'tsc': ['TypeScript compiler', 'green'],
-    'eslint': ['Linter', 'green'],
-    'prettier': ['Formatter', 'green'],
-    'jest': ['Test runner', 'green'],
-    'vitest': ['Test runner', 'green'],
-    'cat': ['Read files', 'green'],
-    'ls': ['List directories', 'green'],
-    'find': ['Search files', 'green'],
-    'grep': ['Search text', 'green'],
-    'sed': ['Stream editor', 'yellow'],
-    'awk': ['Text processing', 'green'],
-    'wc': ['Count lines/words', 'green'],
-    'head': ['First lines of file', 'green'],
-    'tail': ['Last lines of file', 'green'],
-    'mkdir': ['Create directories', 'green'],
-    'cp': ['Copy files', 'green'],
-    'mv': ['Move/rename files', 'yellow'],
-    'echo': ['Print text', 'green'],
-    'env': ['Environment variables', 'green'],
-    'which': ['Locate command', 'green'],
-    'gh': ['GitHub CLI', 'yellow'],
-    'heroku': ['Heroku CLI', 'yellow'],
-    'vercel': ['Vercel CLI', 'yellow'],
-    'aws': ['AWS CLI', 'red'],
-    'gcloud': ['Google Cloud CLI', 'red'],
-    'az': ['Azure CLI', 'red'],
-    'kubectl': ['Kubernetes CLI', 'red'],
-    'terraform': ['Infrastructure as Code', 'red'],
-    'dd': ['Low-level disk copy', 'red'],
-    'jq': ['JSON processor', 'green'],
-    'bunx': ['Run bun packages', 'yellow'],
-    'claude': ['Claude Code CLI', 'green'],
-    'defaults': ['macOS defaults', 'yellow'],
+    // core.filesystem
+    'rm': ['Delete files', 'high', 'core.filesystem'],
+    'shred': ['Secure delete', 'critical', 'core.filesystem'],
+    'dd': ['Low-level disk copy', 'critical', 'core.filesystem'],
+    'mkfs': ['Format filesystem', 'critical', 'core.filesystem'],
+    'chmod': ['Change permissions', 'high', 'system.permissions'],
+    'chown': ['Change ownership', 'high', 'system.permissions'],
+    'mv': ['Move/rename files', 'medium', 'core.filesystem'],
+    'cp': ['Copy files', 'low', 'core.filesystem'],
+    'mkdir': ['Create directories', 'low', 'core.filesystem'],
+    // core.git
+    'git': ['Git version control', 'low', 'core.git'],
+    // system
+    'sudo': ['Superuser access', 'critical', 'system.permissions'],
+    'su': ['Switch user', 'critical', 'system.permissions'],
+    'kill': ['Terminate processes', 'medium', 'system.services'],
+    'pkill': ['Kill by name', 'medium', 'system.services'],
+    'systemctl': ['Manage services', 'high', 'system.services'],
+    'service': ['Manage services', 'high', 'system.services'],
+    'journalctl': ['View logs', 'low', 'system.services'],
+    // system packages
+    'apt': ['System packages (Debian)', 'high', 'system.packages'],
+    'apt-get': ['System packages (Debian)', 'high', 'system.packages'],
+    'apt-cache': ['Package cache query', 'low', 'system.packages'],
+    'dpkg': ['Debian packages', 'high', 'system.packages'],
+    'brew': ['Homebrew packages', 'medium', 'system.packages'],
+    'snap': ['Snap packages', 'medium', 'system.packages'],
+    // remote
+    'ssh': ['Remote shell access', 'high', 'remote.ssh'],
+    'scp': ['Remote file copy', 'high', 'remote.scp'],
+    'rsync': ['File sync (local/remote)', 'medium', 'remote.rsync'],
+    // containers
+    'docker': ['Container management', 'medium', 'containers.docker'],
+    'docker-compose': ['Multi-container management', 'medium', 'containers.compose'],
+    'podman': ['Container management', 'medium', 'containers.podman'],
+    // kubernetes
+    'kubectl': ['Kubernetes CLI', 'high', 'kubernetes.kubectl'],
+    'helm': ['Kubernetes packages', 'high', 'kubernetes.helm'],
+    // cloud
+    'aws': ['AWS CLI', 'high', 'cloud.aws'],
+    'gcloud': ['Google Cloud CLI', 'high', 'cloud.gcp'],
+    'az': ['Azure CLI', 'high', 'cloud.azure'],
+    'terraform': ['Infrastructure as Code', 'critical', 'infrastructure.terraform'],
+    'pulumi': ['Infrastructure as Code', 'high', 'infrastructure.pulumi'],
+    'ansible': ['Configuration management', 'high', 'infrastructure.ansible'],
+    // networking
+    'curl': ['HTTP requests', 'medium', 'networking'],
+    'wget': ['Download files', 'medium', 'networking'],
+    'tailscale': ['Tailscale VPN', 'medium', 'networking'],
+    'cloudflared': ['Cloudflare tunnel', 'medium', 'networking'],
+    // databases
+    'psql': ['PostgreSQL client', 'high', 'database.postgresql'],
+    'mysql': ['MySQL client', 'high', 'database.mysql'],
+    'sqlite3': ['SQLite client', 'medium', 'database.sqlite'],
+    'redis-cli': ['Redis client', 'high', 'database.redis'],
+    'mongosh': ['MongoDB shell', 'high', 'database.mongodb'],
+    // runtimes
+    'node': ['Run Node.js scripts', 'medium', 'runtime'],
+    'python': ['Run Python scripts', 'medium', 'runtime'],
+    'python3': ['Run Python scripts', 'medium', 'runtime'],
+    'bun': ['Bun runtime', 'medium', 'runtime'],
+    'deno': ['Deno runtime', 'medium', 'runtime'],
+    'go': ['Go build tool', 'medium', 'runtime'],
+    'cargo': ['Rust build tool', 'medium', 'runtime'],
+    'rustc': ['Rust compiler', 'low', 'runtime'],
+    // package managers
+    'npm': ['Package manager (can run scripts)', 'medium', 'packages'],
+    'npx': ['Run npm packages', 'medium', 'packages'],
+    'bunx': ['Run bun packages', 'medium', 'packages'],
+    'yarn': ['Package manager', 'medium', 'packages'],
+    'pnpm': ['Package manager', 'medium', 'packages'],
+    'pip': ['Python package manager', 'medium', 'packages'],
+    'pip3': ['Python package manager', 'medium', 'packages'],
+    'uv': ['Python package manager', 'medium', 'packages'],
+    // build tools
+    'make': ['Build automation', 'medium', 'build'],
+    'tsc': ['TypeScript compiler', 'low', 'build'],
+    'mvn': ['Maven build', 'medium', 'build'],
+    'gradle': ['Gradle build', 'medium', 'build'],
+    // deploy
+    'vercel': ['Vercel CLI', 'medium', 'deploy'],
+    'heroku': ['Heroku CLI', 'medium', 'deploy'],
+    'rclone': ['Cloud storage sync', 'medium', 'storage'],
+    // safe tools
+    'cat': ['Read files', 'low', 'read'],
+    'ls': ['List directories', 'low', 'read'],
+    'find': ['Search files', 'low', 'read'],
+    'grep': ['Search text', 'low', 'read'],
+    'head': ['First lines of file', 'low', 'read'],
+    'tail': ['Last lines of file', 'low', 'read'],
+    'wc': ['Count lines/words', 'low', 'read'],
+    'sort': ['Sort lines', 'low', 'read'],
+    'tree': ['Directory tree', 'low', 'read'],
+    'echo': ['Print text', 'low', 'read'],
+    'env': ['Environment variables', 'low', 'read'],
+    'which': ['Locate command', 'low', 'read'],
+    'jq': ['JSON processor', 'low', 'read'],
+    'sed': ['Stream editor', 'medium', 'text'],
+    'awk': ['Text processing', 'low', 'text'],
+    'xargs': ['Build commands from stdin', 'medium', 'text'],
+    'source': ['Run shell script', 'medium', 'shell'],
+    'bash': ['Run shell', 'medium', 'shell'],
+    'sh': ['Run shell', 'medium', 'shell'],
+    // linters/formatters
+    'eslint': ['Linter', 'low', 'dev'],
+    'prettier': ['Formatter', 'low', 'dev'],
+    'jest': ['Test runner', 'low', 'dev'],
+    'vitest': ['Test runner', 'low', 'dev'],
+    'pytest': ['Python test runner', 'low', 'dev'],
+    // platform
+    'gh': ['GitHub CLI', 'medium', 'platform.github'],
+    'claude': ['Claude Code CLI', 'low', 'platform'],
 };
+// Context-aware patterns that UPGRADE severity
+// Regex matched against the FULL permission string (not just command name)
+const CRITICAL_PATTERNS = [
+    // core.filesystem
+    [/rm\s+.*-[a-z]*r[a-z]*f|rm\s+.*-[a-z]*f[a-z]*r|rm\s+-rf/, 'Recursive force delete', 'core.filesystem'],
+    [/rm\s+.*\/\*|rm\s+~/, 'Delete broad path', 'core.filesystem'],
+    // core.git
+    [/git\s+push\s+.*--force|git\s+push\s+.*-f\b/, 'Force push (destroys remote history)', 'core.git'],
+    [/git\s+reset\s+--hard/, 'Hard reset (destroys uncommitted changes)', 'core.git'],
+    [/git\s+clean\s+-f/, 'Remove untracked files permanently', 'core.git'],
+    [/git\s+stash\s+clear/, 'Delete all stashed changes', 'core.git'],
+    [/git\s+filter-branch/, 'Permanent history rewrite', 'core.git'],
+    // containers
+    [/docker\s+system\s+prune/, 'Prune all docker data', 'containers.docker'],
+    [/docker\s+volume\s+prune/, 'Delete all unused volumes', 'containers.docker'],
+    // kubernetes
+    [/kubectl\s+delete\s+namespace/, 'Delete entire namespace', 'kubernetes.kubectl'],
+    [/kubectl\s+delete.*--all/, 'Delete all resources', 'kubernetes.kubectl'],
+    [/kubectl\s+delete\s+pvc/, 'Delete persistent volume claim', 'kubernetes.kubectl'],
+    // cloud
+    [/aws\s+s3\s+rb|aws\s+s3\s+rm.*--recursive/, 'Delete S3 data', 'cloud.aws'],
+    [/aws\s+ec2\s+terminate/, 'Terminate EC2 instances', 'cloud.aws'],
+    [/aws\s+rds\s+delete/, 'Delete RDS database', 'cloud.aws'],
+    [/aws\s+iam\s+delete/, 'Delete IAM resource', 'cloud.aws'],
+    [/terraform\s+destroy/, 'Destroy infrastructure', 'infrastructure.terraform'],
+    [/terraform\s+apply\s+.*-auto-approve/, 'Auto-approve infrastructure changes', 'infrastructure.terraform'],
+    // system
+    [/chmod\s+777|chmod\s+-R/, 'Broad permission change', 'system.permissions'],
+    [/chmod\s+000/, 'Remove all file access', 'system.permissions'],
+    [/iptables\s+-F/, 'Flush firewall rules', 'system.network'],
+    [/\beval\b/, 'Arbitrary code execution', 'system'],
+    // catch-all dangerous
+    [/mkfs|shred|wipefs/, 'Disk destruction', 'core.filesystem'],
+    [/curl.*\|\s*sh|curl.*\|\s*bash|wget.*\|\s*sh/, 'Pipe to shell (remote code execution)', 'networking'],
+    // database destructive
+    [/DROP\s+DATABASE/i, 'Drop database', 'database'],
+    [/DROP\s+TABLE/i, 'Drop table', 'database'],
+    [/DROP\s+SCHEMA.*CASCADE/i, 'Drop schema cascade', 'database'],
+    [/TRUNCATE/i, 'Truncate table data', 'database'],
+];
+const HIGH_PATTERNS = [
+    // core.git
+    [/git\s+push/, 'Push to remote', 'core.git'],
+    [/git\s+rebase/, 'Rewrite commit history', 'core.git'],
+    [/git\s+branch\s+-D/, 'Force delete branch', 'core.git'],
+    [/git\s+checkout\s+.*--/, 'Discard uncommitted changes', 'core.git'],
+    [/git\s+stash\s+drop/, 'Drop stashed changes', 'core.git'],
+    // containers
+    [/docker\s+rm/, 'Remove containers', 'containers.docker'],
+    [/docker\s+run/, 'Run container', 'containers.docker'],
+    [/docker\s+image\s+prune.*--all/, 'Delete all images', 'containers.docker'],
+    // kubernetes
+    [/kubectl\s+drain/, 'Evict pods from node', 'kubernetes.kubectl'],
+    [/kubectl\s+scale.*--replicas=0/, 'Scale to zero (service down)', 'kubernetes.kubectl'],
+    [/helm\s+uninstall|helm\s+delete/, 'Uninstall Helm release', 'kubernetes.helm'],
+    // cloud
+    [/aws\s+ecs/, 'ECS management', 'cloud.aws'],
+    [/aws\s+codepipeline/, 'CI/CD pipeline', 'cloud.aws'],
+    [/aws\s+ssm/, 'Systems Manager', 'cloud.aws'],
+    [/aws\s+lambda\s+delete/, 'Delete Lambda function', 'cloud.aws'],
+    [/gcloud.*delete/, 'Delete GCP resource', 'cloud.gcp'],
+    // remote
+    [/rsync.*--delete/, 'Sync with deletion', 'remote.rsync'],
+    // deploy
+    [/npm\s+publish/, 'Publish to npm', 'packages'],
+    [/vercel\s+--prod/, 'Deploy to production', 'deploy'],
+    // database
+    [/redis-cli.*FLUSHALL/i, 'Flush all Redis data', 'database.redis'],
+    [/redis-cli.*FLUSHDB/i, 'Flush Redis database', 'database.redis'],
+    // secrets
+    [/vault\s+delete/, 'Delete Vault secret', 'secrets.vault'],
+];
+// Write path risk assessment
+const WRITE_CRITICAL = [
+    /\*\*\/\*\.key/, /\*\*\/\*\.pem/, /\.env/,
+    /credentials/, /secrets/, /\.ssh/,
+];
 const TOOL_DESCRIPTIONS = {
-    'Read': ['Read file contents', 'green'],
-    'Write': ['Create/overwrite files', 'yellow'],
-    'Edit': ['Modify existing files', 'yellow'],
-    'Glob': ['Search files by pattern', 'green'],
-    'Grep': ['Search file contents', 'green'],
-    'WebSearch': ['Web search', 'green'],
+    'Read': ['Read file contents', 'low'],
+    'Write': ['Create/overwrite files', 'medium'],
+    'Edit': ['Modify existing files', 'medium'],
+    'Glob': ['Search files by pattern', 'low'],
+    'Grep': ['Search file contents', 'low'],
+    'WebSearch': ['Web search', 'low'],
 };
-// Extract first command word from a bash label like "git branch:*" or "npm run build"
+// Extract first command word from a bash label
 function extractCmd(label) {
-    // Remove :* or * suffix patterns
-    const clean = label.replace(/[:]\*.*$/, '').replace(/\s\*.*$/, '');
-    // Get first word
+    const clean = label
+        .replace(/__NEW_LINE_[a-f0-9]+__\s*/, '')
+        .replace(/[:]\*.*$/, '')
+        .replace(/\s\*.*$/, '');
     return clean.split(/[\s(]/)[0];
 }
 function explainBash(label) {
+    // Check critical patterns first (full string match)
+    for (const [re, desc, domain] of CRITICAL_PATTERNS) {
+        if (re.test(label))
+            return { description: desc, risk: 'critical', domain };
+    }
+    // Check high patterns
+    for (const [re, desc, domain] of HIGH_PATTERNS) {
+        if (re.test(label))
+            return { description: desc, risk: 'high', domain };
+    }
+    // Fall back to command-level lookup
     const cmd = extractCmd(label);
     const entry = BASH_COMMANDS[cmd];
     if (entry)
-        return { description: entry[0], risk: entry[1] };
-    return { description: '', risk: 'yellow' };
+        return { description: entry[0], risk: entry[1], domain: entry[2] };
+    // Bare "Bash" with no command = full shell access
+    if (label.trim() === 'Bash' || label.trim() === '')
+        return { description: 'Unrestricted shell access', risk: 'critical', domain: 'system' };
+    return { description: '', risk: 'medium' };
 }
 function explainWebFetch(label) {
-    return { description: label, risk: 'yellow' };
+    return { description: label, risk: 'low', domain: 'networking' };
 }
 function explainMcp(label) {
     const parts = label.replace(/^mcp__?/, '').split('__');
     const server = parts[0] || '';
     const tool = parts.slice(1).join(' ') || '';
-    return { description: tool ? `${server}: ${tool}` : server, risk: 'yellow' };
+    return { description: tool ? `${server}: ${tool}` : server, risk: 'medium', domain: 'mcp' };
 }
 function explainTool(label) {
+    // Check Write paths for sensitive targets
+    if (label.startsWith('Write:')) {
+        const path = label.slice(6);
+        for (const re of WRITE_CRITICAL) {
+            if (re.test(path))
+                return { description: `Write to sensitive path: ${path}`, risk: 'critical', domain: 'core.filesystem' };
+        }
+        return { description: `Write to ${path}`, risk: 'medium', domain: 'core.filesystem' };
+    }
     const toolName = label.match(/^(Read|Write|Edit|Glob|Grep|WebSearch)/)?.[1];
     if (toolName && TOOL_DESCRIPTIONS[toolName]) {
         const entry = TOOL_DESCRIPTIONS[toolName];
         return { description: entry[0], risk: entry[1] };
     }
-    return { description: '', risk: 'yellow' };
+    return { description: '', risk: 'medium' };
 }
 function explain(category, label) {
     if (category === 'Bash')
@@ -123,5 +272,5 @@ function explain(category, label) {
         return explainMcp(label);
     if (category === 'Tools')
         return explainTool(label);
-    return { description: '', risk: 'yellow' };
+    return { description: '', risk: 'medium' };
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ccperm",
-  "version": "1.10.3",
+  "version": "1.11.1",
   "description": "Audit Claude Code permissions across all your projects",
   "bin": {
     "ccperm": "bin/ccperm.js"