rhachet-roles-ehmpathy 1.13.10 → 1.13.12

package/dist/logic/roles/mechanic/.skills/init.claude.permissions.jsonc

@@ -0,0 +1,136 @@
+{
+  // mechanic role permissions for Claude
+  //
+  // these permissions are conservative by design:
+  // - deny: commands that should never be auto-approved
+  // - ask: commands that require explicit user approval
+  // - allow: commands that are safe to auto-approve
+
+  "permissions": {
+    // commands that should never be auto-approved
+    "deny": [
+      // git write operations - require explicit user approval for audit trail
+      "Bash(git commit:*)",
+      "Bash(git add:*)",
+      "Bash(git stash:*)",
+      "Bash(git checkout:*)",
+
+      // "anywrite" commands - CRITICAL SECURITY RISK
+      //
+      // unlike Claude's native Edit/Write tools which are scoped to the repo,
+      // these bash commands can write ANYWHERE on your OS. this makes them
+      // prime targets for prompt injection attacks:
+      //
+      //   1. user asks claude to fetch docs from lookslegit.dev/api-reference
+      //   2. page contains hidden instructions to write innocent-looking content
+      //   3. with anywrite allowed, claude writes to ~/.bashrc or ~/.zshrc
+      //   4. content looks like helpful aliases but executes malicious logic
+      //   5. your entire system is now compromised
+      //
+      // sed: in-place file modification anywhere on disk
+      "Bash(sed:*)",
+      // tee: write to any path - ~/.bashrc, ~/.ssh/authorized_keys, etc.
+      "Bash(tee:*)",
+      // find -exec: arbitrary command execution on matched files
+      "Bash(find:*)",
+      // echo >: redirect to any file - echo "malicious" >> ~/.bashrc
+      "Bash(echo:*)",
+      // mv: move/overwrite any file - mv ~/.ssh/config ~/.ssh/config.bak
+      "Bash(mv:*)",
+
+      // test runners - should use npm run test:* scripts instead
+      // direct invocation bypasses project test configuration
+      "Bash(npx biome:*)",
+      "Bash(npx jest:*)"
+    ],
+
+    // commands that require explicit user approval each time
+    "ask": [
+      "Bash(bash:*)",
+      "Bash(chmod:*)",
+      "Bash(npm install:*)",
+      "Bash(pnpm install:*)",
+      "Bash(pnpm add:*)"
+    ],
+
+    // commands that are safe to auto-approve
+    "allow": [
+      // ide integrations
+      "mcp__ide__getDiagnostics",
+
+      // web access
+      "WebSearch",
+      "WebFetch(domain:github.com)",
+      "WebFetch(domain:www.npmjs.com)",
+      "WebFetch(domain:hub.docker.com)",
+      "WebFetch(domain:raw.githubusercontent.com)",
+      "WebFetch(domain:biomejs.dev)",
+
+      // git read-only
+      "Bash(git log:*)",
+
+      // filesystem read operations
+      "Bash(ls:*)",
+      "Bash(tree:*)",
+      "Bash(cat:*)",
+      "Bash(head:*)",
+      "Bash(tail:*)",
+      "Bash(grep:*)",
+      "Bash(wc:*)",
+      "Bash(diff:*)",
+      "Bash(which:*)",
+      "Bash(file:*)",
+      "Bash(mkdir:*)",
+      "Bash(pwd)",
+
+      // safe custom tools
+      "Bash(bash src/logic/roles/mechanic/.skills/claude.tools/mvsafe.sh:*)",
+
+      // npm read operations
+      "Bash(npm view:*)",
+      "Bash(npm list:*)",
+      "Bash(npm remove:*)",
+
+      // rhachet operations
+      "Bash(npx rhachet roles boot --repo ehmpathy --role mechanic)",
+
+      // self execution of packages
+      "Bash(npx tsx ./bin/run:*)",
+
+      // build operations
+      "Bash(npm run build:*)",
+      "Bash(npm run build:compile)",
+      "Bash(npm run start:testdb:*)",
+
+      // test operations
+      "Bash(npm run test:*)",
+      "Bash(npm run test:types:*)",
+      "Bash(npm run test:format:*)",
+      "Bash(npm run test:lint:*)",
+      "Bash(npm run test:unit:*)",
+      "Bash(npm run test:integration:*)",
+      "Bash(npm run test:acceptance:*)",
+
+      // thorough test operations
+      "Bash(THOROUGH=true npm run test:*)",
+      "Bash(THOROUGH=true npm run test:types:*)",
+      "Bash(THOROUGH=true npm run test:format:*)",
+      "Bash(THOROUGH=true npm run test:lint:*)",
+      "Bash(THOROUGH=true npm run test:unit:*)",
+      "Bash(THOROUGH=true npm run test:integration:*)",
+      "Bash(THOROUGH=true npm run test:acceptance:*)",
+
+      // fix operations
+      "Bash(npm run fix:*)",
+      "Bash(npm run fix:format:*)",
+      "Bash(npm run fix:lint:*)",
+
+      // github cli read operations
+      "Bash(gh pr checks:*)",
+      "Bash(gh pr status:*)",
+
+      // skill sourcing
+      "Bash(source .agent/repo=.this/skills/*)"
+    ]
+  }
+}

package/dist/logic/roles/mechanic/.skills/init.claude.permissions.sh

@@ -11,8 +11,8 @@
 #           • extends asks by appending new entries (conservative)
 #           • idempotent: safe to rerun
 #
-# .how  = uses jq to merge the permissions configuration
-#         into the existing settings structure, creating it if absent.
+# .how  = loads permissions from init.claude.permissions.jsonc
+#         and uses jq to merge them into .claude/settings.local.json
 #
 # guarantee:
 #   ✔ creates .claude/settings.local.json if missing
@@ -29,95 +29,19 @@ set -euo pipefail
 PROJECT_ROOT="$PWD"
 SETTINGS_FILE="$PROJECT_ROOT/.claude/settings.local.json"
 
-# define the permissions configuration to apply
-PERMISSIONS_CONFIG=$(cat <<'EOF'
-{
-  "permissions": {
-    "deny": [
-      "Bash(git commit:*)",
-      "Bash(sed:*)",
-      "Bash(tee:*)",
-      "Bash(find:*)",
-      "Bash(echo:*)",
-      "Bash(mv:*)",
-      "Bash(npx biome:*)",
-      "Bash(npx jest:*)",
-      "Bash(git add:*)",
-      "Bash(git stash:*)",
-      "Bash(git checkout:*)"
-    ],
-    "ask": [
-      "Bash(bash:*)",
-      "Bash(chmod:*)",
-      "Bash(npm install:*)",
-      "Bash(pnpm install:*)",
-      "Bash(pnpm add:*)"
-    ],
-    "allow": [
-      "mcp__ide__getDiagnostics",
-
-      "WebSearch",
-      "WebFetch(domain:github.com)",
-      "WebFetch(domain:www.npmjs.com)",
-      "WebFetch(domain:hub.docker.com)",
-      "WebFetch(domain:raw.githubusercontent.com)",
-      "WebFetch(domain:biomejs.dev)",
-      "Bash(git log:*),
-
-      "Bash(ls:*)",
-      "Bash(tree:*)",
-      "Bash(cat:*)",
-      "Bash(head:*)",
-      "Bash(tail:*)",
-      "Bash(grep:*)",
-      "Bash(wc:*)",
-      "Bash(diff:*)",
-      "Bash(which:*)",
-      "Bash(file:*)",
-      "Bash(mkdir:*)",
-      "Bash(pwd)",
-      "Bash(bash src/logic/roles/mechanic/.skills/claude.tools/mvsafe.sh:*)",
-      "Bash(npm view:*)",
-      "Bash(npm list:*)",
-      "Bash(npm remove:*)",
-
-      "Bash(npx rhachet roles boot --repo ehmpathy --role mechanic)",
-      "Bash(npx tsx ./bin/run:*)",
-
-      "Bash(npm run build:*)",
-      "Bash(npm run build:compile)",
-      "Bash(npm run start:testdb:*)",
-
-
-      "Bash(npm run test:*)",
-      "Bash(npm run test:types:*)",
-      "Bash(npm run test:format:*)",
-      "Bash(npm run test:lint:*)",
-      "Bash(npm run test:unit:*)",
-      "Bash(npm run test:integration:*)",
-      "Bash(npm run test:acceptance:*)",
-
-      "Bash(THOROUGH=true npm run test:*)",
-      "Bash(THOROUGH=true npm run test:types:*)",
-      "Bash(THOROUGH=true npm run test:format:*)",
-      "Bash(THOROUGH=true npm run test:lint:*)",
-      "Bash(THOROUGH=true npm run test:unit:*)",
-      "Bash(THOROUGH=true npm run test:integration:*)",
-      "Bash(THOROUGH=true npm run test:acceptance:*)",
-
-      "Bash(npm run fix:*)",
-      "Bash(npm run fix:format:*)",
-      "Bash(npm run fix:lint:*)",
-
-      "Bash(gh pr checks:*)",
-      "Bash(gh pr status:*)",
-
-      "Bash(source .agent/repo=.this/skills/*)"
-    ]
-  }
-}
-EOF
-)
+# resolve the permissions config file (relative to this script)
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PERMISSIONS_FILE="$SCRIPT_DIR/init.claude.permissions.jsonc"
+
+# verify permissions file exists
+if [[ ! -f "$PERMISSIONS_FILE" ]]; then
+  echo "❌ permissions config not found: $PERMISSIONS_FILE" >&2
+  exit 1
+fi
+
+# load and parse JSONC (strip comments before parsing)
+# - removes // line comments (both standalone and trailing)
+PERMISSIONS_CONFIG=$(grep -v '^\s*//' "$PERMISSIONS_FILE" | sed 's|//.*||' | jq -c '.')
 
 # ensure .claude directory exists
 mkdir -p "$(dirname "$SETTINGS_FILE")"
@@ -145,19 +69,26 @@ jq --argjson perms "$PERMISSIONS_CONFIG" '
   .permissions.ask = ((.permissions.ask // []) + $perms.permissions.ask | unique)
 ' "$SETTINGS_FILE" > "$SETTINGS_FILE.tmp"
 
-# check if any changes were made
-if diff -q "$SETTINGS_FILE" "$SETTINGS_FILE.tmp" >/dev/null 2>&1; then
+TIMESTAMP=$(date -u +"%Y-%m-%dT%H-%M-%SZ")
+BACKUP_FILE="${SETTINGS_FILE%.local.json}.${TIMESTAMP}.bak.local.json"
+
+# check if any changes were made (use jq for semantic JSON comparison)
+if jq -e --slurpfile before "$SETTINGS_FILE" --slurpfile after "$SETTINGS_FILE.tmp" -n '$before[0].permissions == $after[0].permissions' >/dev/null 2>&1; then
   rm "$SETTINGS_FILE.tmp"
   echo "👌 mechanic permissions already configured"
-  echo "   $SETTINGS_FILE"
+  echo "   ${SETTINGS_FILE#"$PROJECT_ROOT/"}"
   exit 0
 fi
 
+# create backup before applying changes (guards against partial failures)
+cp "$SETTINGS_FILE" "$BACKUP_FILE"
+
 # atomic replace
 mv "$SETTINGS_FILE.tmp" "$SETTINGS_FILE"
 
 echo "🔐 mechanic permissions configured successfully!"
-echo "   $SETTINGS_FILE"
+echo "   ${SETTINGS_FILE#"$PROJECT_ROOT/"}"
+echo "   ${BACKUP_FILE#"$PROJECT_ROOT/"}"
 echo ""
 echo "✨ permissions applied:"
 echo "   • allow: replaced entirely"

package/package.json

@@ -2,7 +2,7 @@
   "name": "rhachet-roles-ehmpathy",
   "author": "ehmpathy",
   "description": "empathetic software construction roles and skills, via rhachet",
-  "version": "1.13.10",
+  "version": "1.13.12",
   "repository": "ehmpathy/rhachet-roles-ehmpathy",
   "homepage": "https://github.com/ehmpathy/rhachet-roles-ehmpathy",
   "keywords": [
@@ -27,7 +27,7 @@
     "fix": "npm run fix:format && npm run fix:lint",
     "build:clean": "rm dist/ -rf",
     "build:compile": "tsc -p ./tsconfig.build.json && tsc-alias -p ./tsconfig.build.json",
-    "build:complete": "rsync -a --prune-empty-dirs --include='*/' --exclude='**/.route/**' --exclude='**/.scratch/**' --exclude='**/.behavior/**' --exclude='**/*.test.sh' --include='**/*.template.md' --include='**/.briefs/**/*.md' --include='**/.briefs/*.md' --include='**/.skills/**/*.sh' --include='**/.skills/*.sh' --exclude='*' src/ dist/",
+    "build:complete": "rsync -a --prune-empty-dirs --include='*/' --exclude='**/.route/**' --exclude='**/.scratch/**' --exclude='**/.behavior/**' --exclude='**/*.test.sh' --include='**/*.template.md' --include='**/.briefs/**/*.md' --include='**/.briefs/*.md' --include='**/.skills/**/*.sh' --include='**/.skills/*.sh' --include='**/.skills/**/*.jsonc' --include='**/.skills/*.jsonc' --exclude='*' src/ dist/",
     "build": "npm run build:clean && npm run build:compile && npm run build:complete --if-present",
     "test:commits": "LAST_TAG=$(git describe --tags --abbrev=0 @^ 2> /dev/null || git rev-list --max-parents=0 HEAD) && npx commitlint --from $LAST_TAG --to HEAD --verbose",
     "test:types": "tsc -p ./tsconfig.json --noEmit",