npm - hardstop - Versions diffs - 1.4.0 → 1.4.1 - Mend

hardstop 1.4.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,8 +1,29 @@
 # 🛑 Hardstop
-**The Emergency Brake for Claude Code, Claude Desktop & Cowork.**
+Pre-execution safety validation for AI coding agents. Validates every shell command against 428 security patterns before execution — blocking destructive operations, credential theft, infrastructure teardown, and prompt injection. Fail-closed: blocks by default when uncertain.
-Hardstop is a defense-in-depth safety layer that catches dangerous commands and credential file reads before they execute: even when soft guardrails fail.
+## 🚀 Quick Start
+**Install as Claude Code / Cowork plugin:**
+```bash
+npx hardstop install
+```
+Or clone and install manually:
+```bash
+git clone https://github.com/frmoretto/hardstop.git && cd hardstop && ./install.sh
+```
+**Pattern library standalone (npm):**
+```bash
+npm install hardstop-patterns
+```
+```js
+const { checkBashDangerous } = require('hardstop-patterns');
+const result = checkBashDangerous('rm -rf ~/');
+// { matched: true, pattern: { id: 'DEL-001', message: 'Deletes home directory', ... } }
+```
 [![npm version](https://img.shields.io/npm/v/hardstop.svg)](https://www.npmjs.com/package/hardstop)
 [![Tests](https://github.com/frmoretto/hardstop/workflows/Tests/badge.svg)](https://github.com/frmoretto/hardstop/actions/workflows/test.yml)

package/install.md ADDED Viewed

@@ -0,0 +1,89 @@
+# hardstop
+> Pre-execution safety validation for AI coding agents. Blocks dangerous shell commands before they execute.
+## OBJECTIVE
+Install and activate HardStop as a safety layer for Claude Code, Claude Desktop, or Cowork. HardStop intercepts shell commands via PreToolUse hooks and validates them against 428 security patterns before execution.
+## DONE WHEN
+- Running `/hs status` in Claude Code returns protection status as enabled
+- A test dangerous command like `rm -rf /` triggers a block response from HardStop
+- The hook is registered in `~/.claude/settings.json` (or project-level `.claude/settings.json`)
+## TODO
+- [ ] Install HardStop for your platform
+- [ ] Restart Claude Code / Claude Desktop / Cowork
+- [ ] Verify protection is active
+- [ ] Test that a dangerous command is caught and blocked
+## Installation
+### Option 1: npm (Recommended)
+```bash
+npx hardstop install
+```
+Or install globally:
+```bash
+npm install -g hardstop
+hardstop install
+```
+### Option 2: Manual — macOS / Linux
+```bash
+git clone https://github.com/frmoretto/hardstop.git
+cd hardstop
+chmod +x install.sh
+./install.sh
+```
+### Option 3: Manual — Windows (PowerShell)
+```powershell
+git clone https://github.com/frmoretto/hardstop.git
+cd hardstop
+powershell -ExecutionPolicy Bypass -File install.ps1
+```
+## What the installer does
+1. Copies plugin files to `~/.claude/plugins/hs/`
+2. Creates the `/hs` skill at `~/.claude/skills/hs/`
+3. Registers PreToolUse and PreRead hooks in `~/.claude/settings.json`
+4. Does NOT modify any system files or install system-wide packages
+## Verification
+After restarting Claude Code / Desktop / Cowork:
+```
+/hs status
+```
+Expected: HardStop reports as enabled with pattern count and version.
+Test with a dangerous command — ask Claude to run `rm -rf /`. HardStop should intercept and block it before execution.
+## Troubleshooting
+- If `/hs status` is not recognized, restart Claude Code completely (VS Code: Cmd+Shift+P > "Developer: Reload Window")
+- Ensure Python 3.9+ is available in PATH
+- Check `~/.claude/settings.json` for hook entries pointing to `~/.claude/plugins/hs/hooks/`
+- Check `~/.claude/plugins/hs/hooks/` contains `pre_tool_use.py` and `pre_read.py`
+## Uninstall
+macOS/Linux: `cd hardstop && ./uninstall.sh`
+Windows: `cd hardstop && powershell -ExecutionPolicy Bypass -File uninstall.ps1`
+## More information
+- Repository: https://github.com/frmoretto/hardstop
+- Pattern library (npm): https://www.npmjs.com/package/hardstop-patterns
+- Issues: https://github.com/frmoretto/hardstop/issues

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "hardstop",
-  "version": "1.4.0",
+  "version": "1.4.1",
   "description": "Pre-execution safety layer for Claude Code - blocks dangerous commands before they run",
   "keywords": [
     "claude-code",
@@ -11,7 +11,22 @@
     "shell-protection",
     "ai-safety",
     "mitre-attack",
-    "risk-scoring"
+    "risk-scoring",
+    "command-validation",
+    "shell-safety",
+    "ai-agent-security",
+    "bash-guardrail",
+    "pre-execution-check",
+    "prompt-injection-defense",
+    "agentic-safety",
+    "claude-code-hooks",
+    "llm-command-filter",
+    "dangerous-command-detection",
+    "supply-chain-security",
+    "fail-closed",
+    "command-allowlist",
+    "command-blocklist",
+    "claude-cowork"
   ],
   "author": {
     "name": "Francesco Marinoni Moretto",
@@ -38,7 +53,8 @@
     "skills/",
     "LICENSE",
     "README.md",
-    "CHANGELOG.md"
+    "CHANGELOG.md",
+    "install.md"
   ],
   "engines": {
     "node": ">=16.7.0"