claude-warden 2.8.0 → 2.8.1

package/.claude-plugin/marketplace.json

@@ -8,7 +8,7 @@
     {
       "name": "warden",
       "description": "Auto-approves safe commands, blocks dangerous ones, prompts for the rest",
-      "version": "2.8.0",
+      "version": "2.8.1",
       "author": {
         "name": "banyudu"
       },

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "warden",
-  "version": "2.8.0",
+  "version": "2.8.1",
   "description": "Smart command safety filter for Claude Code — parses shell pipelines and evaluates per-command safety rules to auto-approve safe commands and block dangerous ones",
   "author": {
     "name": "banyudu"

package/dist/cli.cjs

@@ -18860,6 +18860,91 @@ function registryOpsPattern() {
     reason: "Registry modification"
   };
 }
+var INLINE_LANG_CONFIG = {
+  Python: {
+    ext: "py",
+    patterns: [
+      "os\\.system",
+      "subprocess",
+      "commands\\.",
+      "pty\\.",
+      `__import__\\s*\\(\\s*['"](?:os|subprocess|socket)`,
+      "\\bexec\\s*\\(",
+      "\\beval\\s*\\(",
+      `open\\s*\\([^)]*['"][wax+]`,
+      "\\bsocket\\b",
+      "urllib",
+      "requests\\.",
+      "http\\.client"
+    ]
+  },
+  JavaScript: {
+    ext: "js",
+    patterns: [
+      "child[_]process",
+      `require\\s*\\(\\s*['"]child[_]process`,
+      "\\.(?:writeFile|appendFile|createWriteStream|writeFileSync|appendFileSync)\\s*\\(",
+      "http\\.request",
+      "https\\.request",
+      "net\\.(?:connect|createConnection)",
+      "fetch\\s*\\("
+    ]
+  },
+  Ruby: {
+    ext: "rb",
+    patterns: [
+      "`",
+      "%x[\\(\\{\\[]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      "IO\\.popen",
+      "Kernel\\.",
+      "\\bspawn\\s*\\(",
+      `File\\.open\\s*\\([^)]*['"][wax+]`,
+      "File\\.write",
+      "open-uri",
+      "Net::HTTP"
+    ]
+  },
+  Perl: {
+    ext: "pl",
+    patterns: [
+      "`",
+      "qx[\\(\\{\\[/]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      `open\\s*\\([^)]*['"][>|+]`
+    ]
+  },
+  PHP: {
+    ext: "php",
+    patterns: [
+      "`",
+      "shell_exec",
+      "\\b(?:system|passthru|popen|proc_open)\\s*\\(",
+      "\\bexec\\s*\\(",
+      "file_put_contents",
+      "fwrite",
+      `fopen\\s*\\([^)]*['"][wax+]`,
+      "curl_exec",
+      "fsockopen"
+    ]
+  }
+};
+function inlineExecPatterns(lang, flags) {
+  const { ext, patterns } = INLINE_LANG_CONFIG[lang];
+  const reason = `Inline ${lang} is hard to audit. For JSON, prefer \`jq\`. For reuse, save to scripts/*.${ext} and run it.`;
+  const flagAlt = flags.map((f) => f.replace(/^\^/, "").replace(/\$$/, "")).join("|");
+  const compound = `(?:^|\\s)(?:${flagAlt})[\\s=][^\\n]{0,16000}?(?:${patterns.join("|")})`;
+  return [
+    { match: { argsMatch: [compound] }, decision: "ask", reason },
+    {
+      match: { anyArgMatches: flags },
+      decision: "allow",
+      description: `Plausibly read-only inline ${lang} script`
+    }
+  ];
+}
 function pkgManagerRule(command, extraSafeCmds = []) {
   const safeCmds = [...SAFE_PKG_MANAGER_CMDS, ...extraSafeCmds];
   return {
@@ -19243,7 +19328,7 @@ var DEFAULT_CONFIG = {
         command: "node",
         default: "ask",
         argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval", "^-p$", "^--print"] }, decision: "ask", reason: "Evaluating inline code" },
+          ...inlineExecPatterns("JavaScript", ["^-e$", "^--eval", "^-p$", "^--print"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-[vh]$"] }, decision: "allow", description: "Version/help flags" },
           { match: { noArgs: true }, decision: "ask", reason: "Interactive REPL" }
         ]
@@ -19272,6 +19357,7 @@ var DEFAULT_CONFIG = {
         command: cmd,
         default: "ask",
         argPatterns: [
+          ...inlineExecPatterns("Python", ["^-c$"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-V$"] }, decision: "allow" }
         ]
       })),
@@ -19430,14 +19516,9 @@ var DEFAULT_CONFIG = {
         argPatterns: [VERSION_HELP_FLAGS]
       })),
       // --- Scripting languages ---
-      ...["ruby", "perl", "php"].map((cmd) => ({
-        command: cmd,
-        default: "ask",
-        argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval"] }, decision: "ask", reason: "Inline code execution" },
-          VERSION_HELP_FLAGS
-        ]
-      })),
+      { command: "ruby", default: "ask", argPatterns: [...inlineExecPatterns("Ruby", ["^-e$", "^--eval"]), VERSION_HELP_FLAGS] },
+      { command: "perl", default: "ask", argPatterns: [...inlineExecPatterns("Perl", ["^-e$", "^-E$"]), VERSION_HELP_FLAGS] },
+      { command: "php", default: "ask", argPatterns: [...inlineExecPatterns("PHP", ["^-r$"]), VERSION_HELP_FLAGS] },
       // --- Java ecosystem ---
       { command: "java", default: "ask", argPatterns: [VERSION_HELP_FLAGS] },
       { command: "javac", default: "allow" },

package/dist/codex-export.cjs

@@ -18864,6 +18864,91 @@ function registryOpsPattern() {
     reason: "Registry modification"
   };
 }
+var INLINE_LANG_CONFIG = {
+  Python: {
+    ext: "py",
+    patterns: [
+      "os\\.system",
+      "subprocess",
+      "commands\\.",
+      "pty\\.",
+      `__import__\\s*\\(\\s*['"](?:os|subprocess|socket)`,
+      "\\bexec\\s*\\(",
+      "\\beval\\s*\\(",
+      `open\\s*\\([^)]*['"][wax+]`,
+      "\\bsocket\\b",
+      "urllib",
+      "requests\\.",
+      "http\\.client"
+    ]
+  },
+  JavaScript: {
+    ext: "js",
+    patterns: [
+      "child[_]process",
+      `require\\s*\\(\\s*['"]child[_]process`,
+      "\\.(?:writeFile|appendFile|createWriteStream|writeFileSync|appendFileSync)\\s*\\(",
+      "http\\.request",
+      "https\\.request",
+      "net\\.(?:connect|createConnection)",
+      "fetch\\s*\\("
+    ]
+  },
+  Ruby: {
+    ext: "rb",
+    patterns: [
+      "`",
+      "%x[\\(\\{\\[]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      "IO\\.popen",
+      "Kernel\\.",
+      "\\bspawn\\s*\\(",
+      `File\\.open\\s*\\([^)]*['"][wax+]`,
+      "File\\.write",
+      "open-uri",
+      "Net::HTTP"
+    ]
+  },
+  Perl: {
+    ext: "pl",
+    patterns: [
+      "`",
+      "qx[\\(\\{\\[/]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      `open\\s*\\([^)]*['"][>|+]`
+    ]
+  },
+  PHP: {
+    ext: "php",
+    patterns: [
+      "`",
+      "shell_exec",
+      "\\b(?:system|passthru|popen|proc_open)\\s*\\(",
+      "\\bexec\\s*\\(",
+      "file_put_contents",
+      "fwrite",
+      `fopen\\s*\\([^)]*['"][wax+]`,
+      "curl_exec",
+      "fsockopen"
+    ]
+  }
+};
+function inlineExecPatterns(lang, flags) {
+  const { ext, patterns } = INLINE_LANG_CONFIG[lang];
+  const reason = `Inline ${lang} is hard to audit. For JSON, prefer \`jq\`. For reuse, save to scripts/*.${ext} and run it.`;
+  const flagAlt = flags.map((f) => f.replace(/^\^/, "").replace(/\$$/, "")).join("|");
+  const compound = `(?:^|\\s)(?:${flagAlt})[\\s=][^\\n]{0,16000}?(?:${patterns.join("|")})`;
+  return [
+    { match: { argsMatch: [compound] }, decision: "ask", reason },
+    {
+      match: { anyArgMatches: flags },
+      decision: "allow",
+      description: `Plausibly read-only inline ${lang} script`
+    }
+  ];
+}
 function pkgManagerRule(command, extraSafeCmds = []) {
   const safeCmds = [...SAFE_PKG_MANAGER_CMDS, ...extraSafeCmds];
   return {
@@ -19247,7 +19332,7 @@ var DEFAULT_CONFIG = {
         command: "node",
         default: "ask",
         argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval", "^-p$", "^--print"] }, decision: "ask", reason: "Evaluating inline code" },
+          ...inlineExecPatterns("JavaScript", ["^-e$", "^--eval", "^-p$", "^--print"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-[vh]$"] }, decision: "allow", description: "Version/help flags" },
           { match: { noArgs: true }, decision: "ask", reason: "Interactive REPL" }
         ]
@@ -19276,6 +19361,7 @@ var DEFAULT_CONFIG = {
         command: cmd,
         default: "ask",
         argPatterns: [
+          ...inlineExecPatterns("Python", ["^-c$"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-V$"] }, decision: "allow" }
         ]
       })),
@@ -19434,14 +19520,9 @@ var DEFAULT_CONFIG = {
         argPatterns: [VERSION_HELP_FLAGS]
       })),
       // --- Scripting languages ---
-      ...["ruby", "perl", "php"].map((cmd) => ({
-        command: cmd,
-        default: "ask",
-        argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval"] }, decision: "ask", reason: "Inline code execution" },
-          VERSION_HELP_FLAGS
-        ]
-      })),
+      { command: "ruby", default: "ask", argPatterns: [...inlineExecPatterns("Ruby", ["^-e$", "^--eval"]), VERSION_HELP_FLAGS] },
+      { command: "perl", default: "ask", argPatterns: [...inlineExecPatterns("Perl", ["^-e$", "^-E$"]), VERSION_HELP_FLAGS] },
+      { command: "php", default: "ask", argPatterns: [...inlineExecPatterns("PHP", ["^-r$"]), VERSION_HELP_FLAGS] },
       // --- Java ecosystem ---
       { command: "java", default: "ask", argPatterns: [VERSION_HELP_FLAGS] },
       { command: "javac", default: "allow" },

package/dist/copilot.cjs

@@ -18860,6 +18860,91 @@ function registryOpsPattern() {
     reason: "Registry modification"
   };
 }
+var INLINE_LANG_CONFIG = {
+  Python: {
+    ext: "py",
+    patterns: [
+      "os\\.system",
+      "subprocess",
+      "commands\\.",
+      "pty\\.",
+      `__import__\\s*\\(\\s*['"](?:os|subprocess|socket)`,
+      "\\bexec\\s*\\(",
+      "\\beval\\s*\\(",
+      `open\\s*\\([^)]*['"][wax+]`,
+      "\\bsocket\\b",
+      "urllib",
+      "requests\\.",
+      "http\\.client"
+    ]
+  },
+  JavaScript: {
+    ext: "js",
+    patterns: [
+      "child[_]process",
+      `require\\s*\\(\\s*['"]child[_]process`,
+      "\\.(?:writeFile|appendFile|createWriteStream|writeFileSync|appendFileSync)\\s*\\(",
+      "http\\.request",
+      "https\\.request",
+      "net\\.(?:connect|createConnection)",
+      "fetch\\s*\\("
+    ]
+  },
+  Ruby: {
+    ext: "rb",
+    patterns: [
+      "`",
+      "%x[\\(\\{\\[]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      "IO\\.popen",
+      "Kernel\\.",
+      "\\bspawn\\s*\\(",
+      `File\\.open\\s*\\([^)]*['"][wax+]`,
+      "File\\.write",
+      "open-uri",
+      "Net::HTTP"
+    ]
+  },
+  Perl: {
+    ext: "pl",
+    patterns: [
+      "`",
+      "qx[\\(\\{\\[/]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      `open\\s*\\([^)]*['"][>|+]`
+    ]
+  },
+  PHP: {
+    ext: "php",
+    patterns: [
+      "`",
+      "shell_exec",
+      "\\b(?:system|passthru|popen|proc_open)\\s*\\(",
+      "\\bexec\\s*\\(",
+      "file_put_contents",
+      "fwrite",
+      `fopen\\s*\\([^)]*['"][wax+]`,
+      "curl_exec",
+      "fsockopen"
+    ]
+  }
+};
+function inlineExecPatterns(lang, flags) {
+  const { ext, patterns } = INLINE_LANG_CONFIG[lang];
+  const reason = `Inline ${lang} is hard to audit. For JSON, prefer \`jq\`. For reuse, save to scripts/*.${ext} and run it.`;
+  const flagAlt = flags.map((f) => f.replace(/^\^/, "").replace(/\$$/, "")).join("|");
+  const compound = `(?:^|\\s)(?:${flagAlt})[\\s=][^\\n]{0,16000}?(?:${patterns.join("|")})`;
+  return [
+    { match: { argsMatch: [compound] }, decision: "ask", reason },
+    {
+      match: { anyArgMatches: flags },
+      decision: "allow",
+      description: `Plausibly read-only inline ${lang} script`
+    }
+  ];
+}
 function pkgManagerRule(command, extraSafeCmds = []) {
   const safeCmds = [...SAFE_PKG_MANAGER_CMDS, ...extraSafeCmds];
   return {
@@ -19243,7 +19328,7 @@ var DEFAULT_CONFIG = {
         command: "node",
         default: "ask",
         argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval", "^-p$", "^--print"] }, decision: "ask", reason: "Evaluating inline code" },
+          ...inlineExecPatterns("JavaScript", ["^-e$", "^--eval", "^-p$", "^--print"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-[vh]$"] }, decision: "allow", description: "Version/help flags" },
           { match: { noArgs: true }, decision: "ask", reason: "Interactive REPL" }
         ]
@@ -19272,6 +19357,7 @@ var DEFAULT_CONFIG = {
         command: cmd,
         default: "ask",
         argPatterns: [
+          ...inlineExecPatterns("Python", ["^-c$"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-V$"] }, decision: "allow" }
         ]
       })),
@@ -19430,14 +19516,9 @@ var DEFAULT_CONFIG = {
         argPatterns: [VERSION_HELP_FLAGS]
       })),
       // --- Scripting languages ---
-      ...["ruby", "perl", "php"].map((cmd) => ({
-        command: cmd,
-        default: "ask",
-        argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval"] }, decision: "ask", reason: "Inline code execution" },
-          VERSION_HELP_FLAGS
-        ]
-      })),
+      { command: "ruby", default: "ask", argPatterns: [...inlineExecPatterns("Ruby", ["^-e$", "^--eval"]), VERSION_HELP_FLAGS] },
+      { command: "perl", default: "ask", argPatterns: [...inlineExecPatterns("Perl", ["^-e$", "^-E$"]), VERSION_HELP_FLAGS] },
+      { command: "php", default: "ask", argPatterns: [...inlineExecPatterns("PHP", ["^-r$"]), VERSION_HELP_FLAGS] },
       // --- Java ecosystem ---
       { command: "java", default: "ask", argPatterns: [VERSION_HELP_FLAGS] },
       { command: "javac", default: "allow" },

package/dist/index.cjs

@@ -18860,6 +18860,91 @@ function registryOpsPattern() {
     reason: "Registry modification"
   };
 }
+var INLINE_LANG_CONFIG = {
+  Python: {
+    ext: "py",
+    patterns: [
+      "os\\.system",
+      "subprocess",
+      "commands\\.",
+      "pty\\.",
+      `__import__\\s*\\(\\s*['"](?:os|subprocess|socket)`,
+      "\\bexec\\s*\\(",
+      "\\beval\\s*\\(",
+      `open\\s*\\([^)]*['"][wax+]`,
+      "\\bsocket\\b",
+      "urllib",
+      "requests\\.",
+      "http\\.client"
+    ]
+  },
+  JavaScript: {
+    ext: "js",
+    patterns: [
+      "child[_]process",
+      `require\\s*\\(\\s*['"]child[_]process`,
+      "\\.(?:writeFile|appendFile|createWriteStream|writeFileSync|appendFileSync)\\s*\\(",
+      "http\\.request",
+      "https\\.request",
+      "net\\.(?:connect|createConnection)",
+      "fetch\\s*\\("
+    ]
+  },
+  Ruby: {
+    ext: "rb",
+    patterns: [
+      "`",
+      "%x[\\(\\{\\[]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      "IO\\.popen",
+      "Kernel\\.",
+      "\\bspawn\\s*\\(",
+      `File\\.open\\s*\\([^)]*['"][wax+]`,
+      "File\\.write",
+      "open-uri",
+      "Net::HTTP"
+    ]
+  },
+  Perl: {
+    ext: "pl",
+    patterns: [
+      "`",
+      "qx[\\(\\{\\[/]",
+      "\\bsystem\\s*\\(",
+      "\\bexec\\s*\\(",
+      `open\\s*\\([^)]*['"][>|+]`
+    ]
+  },
+  PHP: {
+    ext: "php",
+    patterns: [
+      "`",
+      "shell_exec",
+      "\\b(?:system|passthru|popen|proc_open)\\s*\\(",
+      "\\bexec\\s*\\(",
+      "file_put_contents",
+      "fwrite",
+      `fopen\\s*\\([^)]*['"][wax+]`,
+      "curl_exec",
+      "fsockopen"
+    ]
+  }
+};
+function inlineExecPatterns(lang, flags) {
+  const { ext, patterns } = INLINE_LANG_CONFIG[lang];
+  const reason = `Inline ${lang} is hard to audit. For JSON, prefer \`jq\`. For reuse, save to scripts/*.${ext} and run it.`;
+  const flagAlt = flags.map((f) => f.replace(/^\^/, "").replace(/\$$/, "")).join("|");
+  const compound = `(?:^|\\s)(?:${flagAlt})[\\s=][^\\n]{0,16000}?(?:${patterns.join("|")})`;
+  return [
+    { match: { argsMatch: [compound] }, decision: "ask", reason },
+    {
+      match: { anyArgMatches: flags },
+      decision: "allow",
+      description: `Plausibly read-only inline ${lang} script`
+    }
+  ];
+}
 function pkgManagerRule(command, extraSafeCmds = []) {
   const safeCmds = [...SAFE_PKG_MANAGER_CMDS, ...extraSafeCmds];
   return {
@@ -19243,7 +19328,7 @@ var DEFAULT_CONFIG = {
         command: "node",
         default: "ask",
         argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval", "^-p$", "^--print"] }, decision: "ask", reason: "Evaluating inline code" },
+          ...inlineExecPatterns("JavaScript", ["^-e$", "^--eval", "^-p$", "^--print"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-[vh]$"] }, decision: "allow", description: "Version/help flags" },
           { match: { noArgs: true }, decision: "ask", reason: "Interactive REPL" }
         ]
@@ -19272,6 +19357,7 @@ var DEFAULT_CONFIG = {
         command: cmd,
         default: "ask",
         argPatterns: [
+          ...inlineExecPatterns("Python", ["^-c$"]),
           { match: { anyArgMatches: ["^--(version|help)$", "^-V$"] }, decision: "allow" }
         ]
       })),
@@ -19430,14 +19516,9 @@ var DEFAULT_CONFIG = {
         argPatterns: [VERSION_HELP_FLAGS]
       })),
       // --- Scripting languages ---
-      ...["ruby", "perl", "php"].map((cmd) => ({
-        command: cmd,
-        default: "ask",
-        argPatterns: [
-          { match: { anyArgMatches: ["^-e$", "^--eval"] }, decision: "ask", reason: "Inline code execution" },
-          VERSION_HELP_FLAGS
-        ]
-      })),
+      { command: "ruby", default: "ask", argPatterns: [...inlineExecPatterns("Ruby", ["^-e$", "^--eval"]), VERSION_HELP_FLAGS] },
+      { command: "perl", default: "ask", argPatterns: [...inlineExecPatterns("Perl", ["^-e$", "^-E$"]), VERSION_HELP_FLAGS] },
+      { command: "php", default: "ask", argPatterns: [...inlineExecPatterns("PHP", ["^-r$"]), VERSION_HELP_FLAGS] },
       // --- Java ecosystem ---
       { command: "java", default: "ask", argPatterns: [VERSION_HELP_FLAGS] },
       { command: "javac", default: "allow" },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "claude-warden",
-  "version": "2.8.0",
+  "version": "2.8.1",
   "description": "Smart command safety filter for Claude Code — auto-approves safe commands, blocks dangerous ones",
   "type": "module",
   "main": "dist/index.cjs",