hardstop 1.4.7 → 1.4.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/skills/hs/SKILL.md +2 -0
- package/.claude-plugin/marketplace.json +1 -1
- package/.claude-plugin/plugin.json +1 -1
- package/.codex/skills/hs/SKILL.md +2 -0
- package/.github/skills/hs/SKILL.md +2 -0
- package/CHANGELOG.md +26 -0
- package/bin/install.js +322 -310
- package/commands/__pycache__/hs_cmd.cpython-313.pyc +0 -0
- package/commands/hs_cmd.py +273 -272
- package/hooks/pre_tool_use.py +7 -3
- package/package.json +1 -1
- package/skills/hs/SKILL.md +10 -6
|
@@ -20,6 +20,8 @@ When this skill is activated via the Skill tool, check the ARGUMENTS field immed
|
|
|
20
20
|
|
|
21
21
|
**Execute the Bash command immediately.** The hook reads `~/.hardstop/skip_next` — if that file is not written, skips have no effect.
|
|
22
22
|
|
|
23
|
+
> **Path note:** Commands above assume the default install location. If Hardstop was installed with `CLAUDE_CONFIG_DIR` set, replace `~/.claude` in the paths with that directory.
|
|
24
|
+
|
|
23
25
|
---
|
|
24
26
|
|
|
25
27
|
> **Note:** This skill complements the Hardstop plugin. The plugin provides deterministic protection via hooks; this skill provides LLM-level awareness for platforms without hook support.
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"name": "hs",
|
|
14
14
|
"source": "./",
|
|
15
15
|
"description": "Pre-execution safety layer that blocks dangerous shell commands and credential file reads using pattern matching + LLM analysis. Fail-closed design.",
|
|
16
|
-
"version": "1.4.
|
|
16
|
+
"version": "1.4.9",
|
|
17
17
|
"author": {
|
|
18
18
|
"name": "Francesco Marinoni Moretto",
|
|
19
19
|
"email": "contact@clarity-gate.org"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "hs",
|
|
3
|
-
"version": "1.4.
|
|
3
|
+
"version": "1.4.9",
|
|
4
4
|
"description": "Pre-execution safety layer that blocks dangerous shell commands and credential file reads using pattern matching + LLM analysis. Fail-closed design.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Francesco Marinoni Moretto",
|
|
@@ -21,6 +21,8 @@ When this skill is activated via the Skill tool, check the ARGUMENTS field immed
|
|
|
21
21
|
|
|
22
22
|
**Execute the Bash command immediately.** The hook reads `~/.hardstop/skip_next` — if that file is not written, skips have no effect.
|
|
23
23
|
|
|
24
|
+
> **Path note:** Commands above assume the default install location. If Hardstop was installed with `CLAUDE_CONFIG_DIR` set, replace `~/.claude` in the paths with that directory.
|
|
25
|
+
|
|
24
26
|
---
|
|
25
27
|
|
|
26
28
|
> **Note:** This skill complements the Hardstop plugin. The plugin provides deterministic protection via hooks; this skill provides LLM-level awareness for platforms without hook support.
|
|
@@ -21,6 +21,8 @@ When this skill is activated via the Skill tool, check the ARGUMENTS field immed
|
|
|
21
21
|
|
|
22
22
|
**Execute the Bash command immediately.** The hook reads `~/.hardstop/skip_next` — if that file is not written, skips have no effect.
|
|
23
23
|
|
|
24
|
+
> **Path note:** Commands above assume the default install location. If Hardstop was installed with `CLAUDE_CONFIG_DIR` set, replace `~/.claude` in the paths with that directory.
|
|
25
|
+
|
|
24
26
|
---
|
|
25
27
|
|
|
26
28
|
> **Note:** This skill complements the Hardstop plugin. The plugin provides deterministic protection via hooks; this skill provides LLM-level awareness for platforms without hook support.
|
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,32 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to Hardstop will be documented in this file.
|
|
4
4
|
|
|
5
|
+
## [1.4.9] - 2026-04-18
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
- **Installers + runtime:** Respect `CLAUDE_CONFIG_DIR` env var across `bin/install.js`, `install.sh`, `install.ps1`, `uninstall.sh` (resolved at install time) and `hooks/pre_tool_use.py`, `commands/hs_cmd.py` (derived from `__file__` at runtime). 7 new tests cover path derivation and dynamic safe-pattern matching. Thanks to @moiri-gamboni in #4.
|
|
9
|
+
|
|
10
|
+
### Fixed
|
|
11
|
+
- **uninstall.ps1:** Apply `CLAUDE_CONFIG_DIR` resolution for parity with `uninstall.sh`; previously left files behind on Windows when installed under a custom config directory.
|
|
12
|
+
|
|
13
|
+
### Changed
|
|
14
|
+
- **Platform skill copies (`.claude/`, `.codex/`, `.github/`):** Add a path-note clarifying that `~/.claude/...` paths in invocation tables assume the default install location.
|
|
15
|
+
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
## [1.4.8] - 2026-03-02
|
|
19
|
+
|
|
20
|
+
### Changed
|
|
21
|
+
- **skills/hs/SKILL.md (canonical):** Soften invocation language and add Security Architecture note to address OpenClaw "Suspicious" rating on ClawhHub
|
|
22
|
+
- Table header: "run this Bash command FIRST" → "Action (user-requested via /hs)"
|
|
23
|
+
- "Execute the Bash command immediately" → "Run the corresponding command — the user has explicitly requested this action via /hs"
|
|
24
|
+
- Added Security Architecture blockquote: explains plugin architecture, local scripts (not remote code), credential paths are block targets, skip is user-initiated and scoped
|
|
25
|
+
- Section 9: clarified that Hardstop blocks reads of credential paths, it does not access them
|
|
26
|
+
- Skip context: expanded to explain scoped bypass (next N commands, default 1)
|
|
27
|
+
- **Platform copies unchanged** (`.claude/`, `.codex/`, `.github/`): retain original directive language for reliable LLM execution
|
|
28
|
+
|
|
29
|
+
---
|
|
30
|
+
|
|
5
31
|
## [1.4.7] - 2026-02-22
|
|
6
32
|
|
|
7
33
|
### Added
|