context-mode 1.0.47 → 1.0.49

package/.claude-plugin/marketplace.json

@@ -6,14 +6,14 @@
   },
   "metadata": {
     "description": "Claude Code plugins by Mert Koseoğlu",
-    "version": "1.0.47"
+    "version": "1.0.49"
   },
   "plugins": [
     {
       "name": "context-mode",
       "source": "./",
       "description": "Claude Code MCP plugin that saves 98% of your context window. Sandboxed code execution in 11 languages, FTS5 knowledge base with BM25 ranking, and intent-driven search.",
-      "version": "1.0.47",
+      "version": "1.0.49",
       "author": {
         "name": "Mert Koseoğlu"
       },

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "context-mode",
-  "version": "1.0.47",
+  "version": "1.0.49",
   "description": "MCP server that saves 98% of your context window with session continuity. Sandboxed code execution in 11 languages, FTS5 knowledge base with BM25 ranking, and automatic state restore across compactions.",
   "author": {
     "name": "Mert Koseoğlu",

package/.openclaw-plugin/openclaw.plugin.json

@@ -3,7 +3,7 @@
   "name": "Context Mode",
   "kind": "tool",
   "description": "OpenClaw plugin that saves 98% of your context window. Sandboxed code execution in 11 languages, FTS5 knowledge base with BM25 ranking, and intent-driven search.",
-  "version": "1.0.47",
+  "version": "1.0.49",
   "sandbox": {
     "mode": "permissive",
     "filesystem_access": "full",

package/.openclaw-plugin/package.json

@@ -1,6 +1,6 @@
 {
   "name": "context-mode",
-  "version": "1.0.47",
+  "version": "1.0.49",
   "description": "OpenClaw plugin that saves 98% of your context window. Sandboxed code execution in 11 languages, FTS5 knowledge base with BM25 ranking, and intent-driven search.",
   "author": {
     "name": "Mert Koseoğlu",

package/hooks/core/routing.mjs

@@ -180,14 +180,52 @@ export function routePreToolUse(toolName, toolInput, projectDir, platform) {
     // like `gh issue edit --body "text with curl in it"` (Issue #63).
     const stripped = stripQuotedContent(command);
 
-    // curl/wget → replace with echo redirect
+    // curl/wget — allow silent file-output downloads, block stdout floods (#166).
+    // Algorithm: split chained commands, evaluate each segment independently.
     if (/(^|\s|&&|\||\;)(curl|wget)\s/i.test(stripped)) {
-      return {
-        action: "modify",
-        updatedInput: {
-          command: `echo "context-mode: curl/wget blocked. You MUST use ${t("ctx_fetch_and_index")}(url, source) to fetch URLs, or ${t("ctx_execute")}(language, code) to run HTTP calls in sandbox. Do NOT retry with curl/wget."`,
-        },
-      };
+      // Split on chain operators (&&, ||, ;) to evaluate each segment
+      const segments = stripped.split(/\s*(?:&&|\|\||;)\s*/);
+      const hasDangerousSegment = segments.some(seg => {
+        const s = seg.trim();
+        // Only evaluate segments that contain curl or wget
+        if (!/(^|\s)(curl|wget)\s/i.test(s)) return false;
+
+        const isCurl = /\bcurl\b/i.test(s);
+        const isWget = /\bwget\b/i.test(s);
+
+        // Check for file output flags
+        const hasFileOutput = isCurl
+          ? /\s(-o|--output)\s/.test(s) || /\s*>\s*/.test(s) || /\s*>>\s*/.test(s)
+          : /\s(-O|--output-document)\s/.test(s) || /\s*>\s*/.test(s) || /\s*>>\s*/.test(s);
+
+        if (!hasFileOutput) return true; // no file output → dangerous
+
+        // Stdout aliases: -o -, -o /dev/stdout, -O -
+        if (isCurl && /\s(-o|--output)\s+(-|\/dev\/stdout)(\s|$)/.test(s)) return true;
+        if (isWget && /\s(-O|--output-document)\s+(-|\/dev\/stdout)(\s|$)/.test(s)) return true;
+
+        // Verbose/trace flags flood stderr → context
+        if (/\s(-v|--verbose|--trace|-D\s+-)\b/.test(s)) return true;
+
+        // Must be silent (curl: -s/--silent, wget: -q/--quiet) to prevent progress bar stderr flood
+        const isSilent = isCurl
+          ? /\s-[a-zA-Z]*s|--silent/.test(s)
+          : /\s-[a-zA-Z]*q|--quiet/.test(s);
+        if (!isSilent) return true;
+
+        return false; // safe: silent + file output + no verbose + no stdout alias
+      });
+
+      if (hasDangerousSegment) {
+        return {
+          action: "modify",
+          updatedInput: {
+            command: `echo "context-mode: curl/wget blocked. You MUST use ${t("ctx_fetch_and_index")}(url, source) to fetch URLs, or ${t("ctx_execute")}(language, code) to run HTTP calls in sandbox. Do NOT retry with curl/wget."`,
+          },
+        };
+      }
+      // All segments safe → allow through
+      return null;
     }
 
     // Inline HTTP detection: strip only heredocs (not quotes) so that

package/openclaw.plugin.json

@@ -3,7 +3,7 @@
   "name": "Context Mode",
   "kind": "tool",
   "description": "OpenClaw plugin that saves 98% of your context window. Sandboxed code execution in 11 languages, FTS5 knowledge base with BM25 ranking, and intent-driven search.",
-  "version": "1.0.47",
+  "version": "1.0.49",
   "sandbox": {
     "mode": "permissive",
     "filesystem_access": "full",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "context-mode",
-  "version": "1.0.47",
+  "version": "1.0.49",
   "type": "module",
   "description": "MCP plugin that saves 98% of your context window. Works with Claude Code, Gemini CLI, VS Code Copilot, OpenCode, and Codex CLI. Sandboxed code execution, FTS5 knowledge base, and intent-driven search.",
   "author": "Mert Koseoğlu",
@@ -79,15 +79,15 @@
   },
   "dependencies": {
     "@clack/prompts": "^1.0.1",
+    "@mixmark-io/domino": "^2.2.0",
     "@modelcontextprotocol/sdk": "^1.26.0",
     "picocolors": "^1.1.1",
+    "turndown": "^7.2.0",
+    "turndown-plugin-gfm": "^1.0.2",
     "zod": "^3.25.0"
   },
   "optionalDependencies": {
-    "better-sqlite3": "^12.6.2",
-    "turndown": "^7.2.0",
-    "turndown-plugin-gfm": "^1.0.2",
-    "@mixmark-io/domino": "^2.2.0"
+    "better-sqlite3": "^12.6.2"
   },
   "devDependencies": {
     "@types/better-sqlite3": "^7.6.13",