rhachet-roles-ehmpathy 1.15.3 → 1.15.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -9,11 +9,20 @@
|
|
|
9
9
|
"permissions": {
|
|
10
10
|
// commands that should never be auto-approved
|
|
11
11
|
"deny": [
|
|
12
|
-
// git write operations - require explicit user
|
|
12
|
+
// git write operations - require explicit user request for audit trail
|
|
13
13
|
"Bash(git commit:*)",
|
|
14
14
|
"Bash(git add:*)",
|
|
15
15
|
"Bash(git stash:*)",
|
|
16
16
|
"Bash(git checkout:*)",
|
|
17
|
+
"Bash(git branch -d:*)",
|
|
18
|
+
"Bash(git branch -D:*)",
|
|
19
|
+
"Bash(git tag -d:*)",
|
|
20
|
+
"Bash(git remote add:*)",
|
|
21
|
+
"Bash(git remote remove:*)",
|
|
22
|
+
"Bash(git remote set-url:*)",
|
|
23
|
+
"Bash(git reflog expire:*)",
|
|
24
|
+
"Bash(git reflog delete:*)",
|
|
25
|
+
"Bash(git config:*)",
|
|
17
26
|
|
|
18
27
|
// "anywrite" commands - CRITICAL SECURITY RISK
|
|
19
28
|
//
|
|
@@ -118,9 +127,6 @@
|
|
|
118
127
|
"WebFetch(domain:raw.githubusercontent.com)",
|
|
119
128
|
"WebFetch(domain:biomejs.dev)",
|
|
120
129
|
|
|
121
|
-
// git read-only
|
|
122
|
-
"Bash(git log:*)",
|
|
123
|
-
|
|
124
130
|
// filesystem read operations
|
|
125
131
|
"Bash(ls:*)",
|
|
126
132
|
"Bash(tree:*)",
|
|
@@ -139,6 +145,17 @@
|
|
|
139
145
|
"Bash(git mv:*)",
|
|
140
146
|
"Bash(git rm:*)",
|
|
141
147
|
|
|
148
|
+
// git read-only - all have no write variants
|
|
149
|
+
"Bash(git log:*)",
|
|
150
|
+
"Bash(git status:*)",
|
|
151
|
+
"Bash(git diff:*)",
|
|
152
|
+
"Bash(git show:*)",
|
|
153
|
+
"Bash(git blame:*)",
|
|
154
|
+
"Bash(git describe:*)",
|
|
155
|
+
"Bash(git ls-files:*)",
|
|
156
|
+
"Bash(git ls-tree:*)",
|
|
157
|
+
"Bash(git cat-file:*)",
|
|
158
|
+
|
|
142
159
|
// sedreplace - safe bulk find-and-replace on git-tracked files only
|
|
143
160
|
"Bash(bash .agent/repo=ehmpathy/role=mechanic/skills/.skills/claude.tools/sedreplace.sh:*)",
|
|
144
161
|
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "rhachet-roles-ehmpathy",
|
|
3
3
|
"author": "ehmpathy",
|
|
4
4
|
"description": "empathetic software construction roles and skills, via rhachet",
|
|
5
|
-
"version": "1.15.
|
|
5
|
+
"version": "1.15.4",
|
|
6
6
|
"repository": "ehmpathy/rhachet-roles-ehmpathy",
|
|
7
7
|
"homepage": "https://github.com/ehmpathy/rhachet-roles-ehmpathy",
|
|
8
8
|
"keywords": [
|