wormclaude 1.0.12 → 1.0.14

package/dist/cli.js

@@ -12,6 +12,7 @@ import { t, cmdDesc, setLang, saveLang, loadLang, getLang } from './i18n.js';
 import { linkify } from './links.js';
 import { recordLearned } from './learn.js';
 import { loadSkills, getSkills, getSkill, buildSkillPrompt } from './skills.js';
+import { loadExtensions, getExtCommands, getExtCommand, buildExtCommandPrompt } from './extensions.js';
 import { COMMANDS, runSlashCommand } from './commands.js';
 import { tasks } from './tasks.js';
 import { connectMcpServers } from './mcp.js';
@@ -61,6 +62,7 @@ setToolConfig(config); // Agent/alt-agent araçları aynı config'i kullanır
 const MAX_TURNS = Number(process.env.WORMCLAUDE_MAX_TURNS) || 50; // tur limiti
 setLang(loadLang() ?? 'tr'); // kayıtlı dili yükle (yoksa tr)
 loadSkills(); // .wormclaude/skills/*.md yükle
+loadExtensions(); // extensions/<ad>/ (gömülü + kullanıcı + proje) yükle
 // Kalıcı hafıza: açılışta .wormclaude/memory.md + WORMCLAUDE.md'yi context'e yükle
 const _memCtx = loadMemoryContext();
 const _envContext = () => {
@@ -411,10 +413,11 @@ function App() {
             abortRef.current?.abort();
         }
     });
-    // Slash menüsü filtresi (yerleşik komutlar + skill'ler)
+    // Slash menüsü filtresi (yerleşik komutlar + skill'ler + extension komutları)
     const allCommands = () => [
         ...COMMANDS,
         ...getSkills().map((s) => ({ name: '/' + s.name, desc: s.description })),
+        ...getExtCommands().map((c) => ({ name: '/' + c.name, desc: c.description })),
     ];
     const cmdFilter = (inp) => {
         const tok = inp.split(' ')[0];
@@ -724,6 +727,14 @@ function App() {
                 }
                 return;
             }
+            // Extension komutu mu? (/ns:cmd veya /cmd — yerleşik komut/skill değilse)
+            const extCmd = (!builtin && !skill) ? getExtCommand(tok.slice(1)) : undefined;
+            if (extCmd) {
+                const extArgs = v.slice(tok.length).trim();
+                const prompt = buildExtCommandPrompt(extCmd, extArgs);
+                runAgent(prompt, `/${extCmd.name}${extArgs ? ' ' + extArgs : ''}`);
+                return;
+            }
             const ctx = {
                 config,
                 getHistory: () => historyRef.current,

package/dist/cmdsec.js

@@ -0,0 +1,306 @@
+// Komut güvenliği — Bash aracı çalışmadan ÖNCE kontrol eder.
+// Gemini/Blackbox CLI shell-utils.js + shellReadOnlyChecker.js'ten uyarlandı, WormClaude'a özel.
+//   - Hard-deny blocklist (rm -rf /, fork bomb, dd of=/dev, mkfs, curl|bash...)
+//   - Command-substitution engeli ($(), <(), backtick) -> hard deny
+//   - Read-only allowlist (ls, cat, git status... -> izinsiz geçer)
+//   - Kalıcı kullanıcı allowlist'i (kök komut bazlı: "git", "npm")
+//   - escapeShellArg (PowerShell/cmd/bash) -> !{} injection güvenliği
+import * as os from 'node:os';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+// ── Kalıcı kullanıcı allowlist'i (kök komut: git, npm...) ───────────────────
+const ALLOW_FILE = path.join(os.homedir(), '.wormclaude', 'approved-commands.json');
+let _approved = null;
+function loadApproved() {
+    if (_approved)
+        return _approved;
+    try {
+        const arr = JSON.parse(fs.readFileSync(ALLOW_FILE, 'utf8'));
+        _approved = new Set(Array.isArray(arr) ? arr.map(String) : []);
+    }
+    catch {
+        _approved = new Set();
+    }
+    return _approved;
+}
+export function getApprovedCommands() { return [...loadApproved()].sort(); }
+function saveApproved(set) {
+    _approved = set;
+    try {
+        fs.mkdirSync(path.dirname(ALLOW_FILE), { recursive: true });
+        fs.writeFileSync(ALLOW_FILE, JSON.stringify([...set], null, 2));
+    }
+    catch { }
+}
+export function approveCommands(roots) {
+    const set = loadApproved();
+    const before = set.size;
+    for (const r of roots)
+        if (r)
+            set.add(r);
+    saveApproved(set);
+    return set.size - before;
+}
+export function unapproveCommands(roots) {
+    const set = loadApproved();
+    const before = set.size;
+    for (const r of roots)
+        set.delete(r);
+    saveApproved(set);
+    return before - set.size;
+}
+export function clearApproved() { saveApproved(new Set()); }
+// ── Komut ayrıştırma (shell-utils.js'ten) ──────────────────────────────────
+export function splitCommands(command) {
+    const commands = [];
+    let cur = '';
+    let inS = false, inD = false;
+    let i = 0;
+    while (i < command.length) {
+        const c = command[i], n = command[i + 1];
+        if (c === '\\' && i < command.length - 1) {
+            cur += c + n;
+            i += 2;
+            continue;
+        }
+        if (c === "'" && !inD)
+            inS = !inS;
+        else if (c === '"' && !inS)
+            inD = !inD;
+        if (!inS && !inD) {
+            if ((c === '&' && n === '&') || (c === '|' && n === '|')) {
+                commands.push(cur.trim());
+                cur = '';
+                i++;
+            }
+            else if (c === ';' || c === '&' || c === '|') {
+                commands.push(cur.trim());
+                cur = '';
+            }
+            else
+                cur += c;
+        }
+        else
+            cur += c;
+        i++;
+    }
+    if (cur.trim())
+        commands.push(cur.trim());
+    return commands.filter(Boolean);
+}
+export function getCommandRoot(command) {
+    const t = command.trim();
+    if (!t)
+        return undefined;
+    const m = t.match(/^"([^"]+)"|^'([^']+)'|^(\S+)/);
+    if (m) {
+        const root = m[1] || m[2] || m[3];
+        if (root)
+            return root.split(/[\\/]/).pop();
+    }
+    return undefined;
+}
+export function getCommandRoots(command) {
+    if (!command)
+        return [];
+    return splitCommands(command).map(getCommandRoot).filter((c) => !!c);
+}
+export function stripShellWrapper(command) {
+    const m = command.match(/^\s*(?:sh|bash|zsh|cmd\.exe|powershell|pwsh)\s+(?:\/c|-c|-Command)\s+/i);
+    if (m) {
+        let c = command.substring(m[0].length).trim();
+        if ((c.startsWith('"') && c.endsWith('"')) || (c.startsWith("'") && c.endsWith("'")))
+            c = c.slice(1, -1);
+        return c;
+    }
+    return command.trim();
+}
+// $(), <(), backtick komut-ikamesi tespiti (bash kurallarına göre)
+export function detectCommandSubstitution(command) {
+    let inS = false, inD = false, inB = false;
+    let i = 0;
+    while (i < command.length) {
+        const c = command[i], n = command[i + 1];
+        if (c === '\\' && !inS) {
+            i += 2;
+            continue;
+        }
+        if (c === "'" && !inD && !inB)
+            inS = !inS;
+        else if (c === '"' && !inS && !inB)
+            inD = !inD;
+        else if (c === '`' && !inS)
+            inB = !inB;
+        if (!inS) {
+            if (c === '$' && n === '(')
+                return true;
+            if (c === '<' && n === '(' && !inD && !inB)
+                return true;
+            if (c === '`' && !inB)
+                return true;
+        }
+        i++;
+    }
+    return false;
+}
+export function escapeShellArg(arg, shell = process.platform === 'win32' ? 'cmd' : 'bash') {
+    if (!arg)
+        return shell === 'bash' ? "''" : '""';
+    switch (shell) {
+        case 'powershell': return `'${arg.replace(/'/g, "''")}'`;
+        case 'cmd': return `"${arg.replace(/"/g, '""')}"`;
+        case 'bash':
+        default: return `'${arg.replace(/'/g, "'\\''")}'`;
+    }
+}
+// ── Tehlikeli komut blocklist (HARD DENY) ──────────────────────────────────
+const DANGER = [
+    { re: /\brm\s+(?:-[a-zA-Z]+\s+)*-[a-zA-Z]*[rf][a-zA-Z]*\s+(?:-[a-zA-Z]+\s+)*(?:\/|~|\$HOME|\*|\.)(?:\s|$)/, reason: 'Tehlikeli geniş silme (rm -rf /, ~, *, .)' },
+    { re: /:\s*\(\s*\)\s*\{\s*:\s*\|\s*:\s*&\s*\}\s*;\s*:/, reason: 'Fork bomb' },
+    { re: /\bmkfs(\.\w+)?\b/, reason: 'Dosya sistemi formatlama (mkfs)' },
+    { re: /\bdd\b[^\n]*\bof=\/dev\/(sd|nvme|hd|mmcblk|disk)/, reason: 'Diske ham yazma (dd of=/dev/...)' },
+    { re: />\s*\/dev\/(sd|nvme|hd|mmcblk|disk)/, reason: 'Blok aygıtına yazma (> /dev/sd...)' },
+    { re: /\bchmod\s+-R\s+0*777\s+\//, reason: 'Kök dizinde chmod -R 777 /' },
+    { re: /\bchown\s+-R\s+[^\s]+\s+\/(?:\s|$)/, reason: 'Kök dizinde chown -R' },
+    { re: /\b(?:curl|wget)\b[^\n|]*\|\s*(?:sudo\s+)?(?:bash|sh|zsh)\b/, reason: 'İnternetten indirip shell\'e pipe (curl|bash)' },
+    { re: /\b(?:shutdown|reboot|halt|poweroff|init\s+0)\b/, reason: 'Sistemi kapatma/yeniden başlatma' },
+    { re: /\bmv\s+[^\n]*\s+\/dev\/null\b/, reason: 'Veriyi /dev/null\'a taşıma' },
+    { re: />\s*\/dev\/null\s+2>&1\s*;\s*rm/, reason: 'Gizli silme' },
+];
+// ── Read-only komut tespiti (shellReadOnlyChecker.js'ten — sağlam) ──────────
+const READONLY_ROOTS = new Set([
+    'awk', 'basename', 'cat', 'cd', 'column', 'cut', 'df', 'dirname', 'du', 'echo', 'env', 'find',
+    'git', 'grep', 'egrep', 'fgrep', 'head', 'less', 'more', 'printenv', 'printf', 'ps', 'pwd', 'rg',
+    'ripgrep', 'sed', 'sort', 'stat', 'tail', 'tree', 'uniq', 'wc', 'which', 'where', 'whoami',
+    'id', 'hostname', 'uname', 'date', 'cal', 'uptime', 'file', 'realpath', 'nl', 'tac', 'cmp',
+    'md5sum', 'sha256sum', 'seq', 'test', 'true', 'false',
+    'node', 'python', 'python3', 'java', 'go', 'rustc', 'php', 'ruby', // yalnız --version
+    'npm', 'pnpm', 'yarn', 'pip', 'pip3', 'docker', 'kubectl', 'cargo', // yalnız read-only alt-komut
+]);
+// Alt-komutu read-only olanlar (yazan alt-komutlar — config/run/install — DAHİL DEĞİL)
+const READONLY_SUB = {
+    git: new Set(['blame', 'branch', 'cat-file', 'diff', 'grep', 'log', 'ls-files', 'remote', 'rev-parse', 'show', 'status', 'describe']),
+    npm: new Set(['ls', 'list', 'view', 'info', 'outdated', 'show', 'search', 'ping', 'whoami', 'doctor', 'why', 'audit']),
+    pnpm: new Set(['ls', 'list', 'view', 'outdated', 'why', 'audit']),
+    yarn: new Set(['list', 'info', 'why', 'outdated', 'audit']),
+    pip: new Set(['show', 'list', 'freeze', 'check']),
+    pip3: new Set(['show', 'list', 'freeze', 'check']),
+    docker: new Set(['ps', 'images', 'logs', 'inspect', 'version', 'info', 'stats', 'top', 'port', 'diff', 'history']),
+    kubectl: new Set(['get', 'describe', 'logs', 'top', 'explain', 'version', 'api-resources']),
+    cargo: new Set(['tree', 'search', 'metadata']),
+};
+const VERSION_ONLY = new Set(['node', 'python', 'python3', 'java', 'go', 'rustc', 'php', 'ruby']);
+const BLOCKED_FIND = new Set(['-delete', '-exec', '-execdir', '-ok', '-okdir']);
+const BLOCKED_FIND_PREFIX = ['-fprint'];
+const BLOCKED_GIT_REMOTE = new Set(['add', 'remove', 'rename', 'set-url', 'prune', 'update']);
+const BLOCKED_GIT_BRANCH = new Set(['-d', '-D', '--delete', '--move', '-m']);
+const ENV_ASSIGN = /^[A-Za-z_][A-Za-z0-9_]*=/;
+// Tırnak dışında '>' (yazma yönlendirmesi) -> read-only DEĞİL.
+function hasWriteRedirection(cmd) {
+    let inS = false, inD = false, esc = false;
+    for (const ch of cmd) {
+        if (esc) {
+            esc = false;
+            continue;
+        }
+        if (ch === '\\' && !inS) {
+            esc = true;
+            continue;
+        }
+        if (ch === "'" && !inD) {
+            inS = !inS;
+            continue;
+        }
+        if (ch === '"' && !inS) {
+            inD = !inD;
+            continue;
+        }
+        if (!inS && !inD && ch === '>')
+            return true;
+    }
+    return false;
+}
+function cmdIsReadOnly(single) {
+    const s = stripShellWrapper(single);
+    if (!s.trim())
+        return true;
+    if (detectCommandSubstitution(s))
+        return false;
+    if (hasWriteRedirection(s))
+        return false;
+    let tk = s.trim().split(/\s+/).filter(Boolean);
+    let i = 0;
+    while (i < tk.length && ENV_ASSIGN.test(tk[i]))
+        i++; // FOO=bar cmd -> atla
+    tk = tk.slice(i);
+    if (tk.length === 0)
+        return true;
+    const root = (tk[0].split(/[\\/]/).pop() || '').toLowerCase();
+    if (!READONLY_ROOTS.has(root))
+        return false;
+    const args = tk.slice(1);
+    if (VERSION_ONLY.has(root)) {
+        return args.some((a) => /^(--version|-v|-V|version)$/.test(a)) &&
+            !args.some((a) => a.startsWith('-') && !/^(-v|-V|--version)$/.test(a));
+    }
+    if (root === 'find') {
+        return !args.some((a) => BLOCKED_FIND.has(a.toLowerCase()) || BLOCKED_FIND_PREFIX.some((p) => a.toLowerCase().startsWith(p)));
+    }
+    if (root === 'sed') {
+        return !args.some((a) => a.startsWith('-i') || a === '--in-place');
+    }
+    if (READONLY_SUB[root]) {
+        let j = 0;
+        while (j < args.length && args[j].startsWith('-')) {
+            const f = args[j].toLowerCase();
+            if (f === '--version' || f === '--help')
+                return true;
+            j++;
+        }
+        if (j >= args.length)
+            return true;
+        const sub = args[j].toLowerCase();
+        if (!READONLY_SUB[root].has(sub))
+            return false;
+        const subArgs = args.slice(j + 1);
+        if (root === 'git' && sub === 'remote')
+            return !subArgs.some((a) => BLOCKED_GIT_REMOTE.has(a.toLowerCase()));
+        if (root === 'git' && sub === 'branch')
+            return !subArgs.some((a) => BLOCKED_GIT_BRANCH.has(a));
+        return true;
+    }
+    return true;
+}
+export function isShellCommandReadOnly(command) {
+    if (typeof command !== 'string' || !command.trim())
+        return false;
+    const segs = splitCommands(command);
+    return segs.length > 0 && segs.every(cmdIsReadOnly);
+}
+// ── Asıl güvenlik motoru ───────────────────────────────────────────────────
+export function checkCommand(rawCommand) {
+    const command = stripShellWrapper(String(rawCommand || ''));
+    const roots = getCommandRoots(command);
+    // 1) Command substitution -> HARD DENY
+    if (detectCommandSubstitution(command)) {
+        return { decision: 'deny', reason: 'Komut ikamesi ($(), <(), backtick) güvenlik nedeniyle engellendi', roots };
+    }
+    // 2) Tehlikeli blocklist -> HARD DENY
+    for (const d of DANGER) {
+        try {
+            if (d.re instanceof RegExp && d.re.test(command))
+                return { decision: 'deny', reason: d.reason, roots };
+        }
+        catch { }
+    }
+    // 3) Read-only -> izinsiz geç
+    if (isShellCommandReadOnly(command))
+        return { decision: 'allow', reason: 'read-only', roots };
+    // 4) Kullanıcı allowlist'i (tüm kökler onaylıysa) -> izinsiz geç
+    const approved = loadApproved();
+    if (roots.length > 0 && roots.every((r) => approved.has(r))) {
+        return { decision: 'allow', reason: 'kullanıcı onaylı', roots };
+    }
+    // 5) Kalan -> onay iste
+    return { decision: 'confirm', roots };
+}

package/dist/commands.js

@@ -10,6 +10,7 @@ import * as usage from './usage.js';
 import { runCompact, contextPercent, autoCompactThreshold } from './compact.js';
 import { cmdDesc, setLang, saveLang, getLang } from './i18n.js';
 import { loadSkills, getSkills, getSkillsDir, installSkill, updateSkill, removeSkill, getRegistry } from './skills.js';
+import { getApprovedCommands, approveCommands, unapproveCommands, clearApproved } from './cmdsec.js';
 import { isLearnEnabled, setLearnEnabled, getLearnFile, getLearnCount } from './learn.js';
 export const COMMANDS = [
     { name: '/help', desc: 'komutları ve ipuçlarını göster' },
@@ -36,6 +37,7 @@ export const COMMANDS = [
     { name: '/dream', desc: 'arka planda hafızayı konsolide et (.wormclaude/memory.md)' },
     { name: '/learn', desc: 'web-öğrenme datasını göster / aç-kapa (eğitim için)' },
     { name: '/copy', desc: 'son yaniti panoya kopyala (/copy all = tum sohbet)' },
+    { name: '/izinler', desc: 'onayli shell komutlarini yonet (list/add/remove/clear)' },
     { name: '/export', desc: 'sohbeti dosyaya kaydet' },
     { name: '/resume', desc: 'en son kaydedilen oturumu yükle' },
     { name: '/quit', desc: 'çıkış' },
@@ -537,6 +539,30 @@ export async function runSlashCommand(input, ctx) {
                 : 'Pano aracı yok (win: clip · mac: pbcopy · linux: xclip/wl-copy). /export ile dosyaya kaydedebilirsin.');
             return true;
         }
+        case '/izinler': {
+            const sub = (arg.split(/\s+/)[0] || '').toLowerCase();
+            const vals = arg.split(/\s+/).slice(1).filter(Boolean);
+            if (sub === 'add' && vals.length) {
+                const n = approveCommands(vals);
+                ctx.note(n > 0 ? `✓ ${n} komut onaylandı: ${vals.join(', ')}` : 'Belirtilenler zaten onaylıydı.');
+            }
+            else if (sub === 'remove' && vals.length) {
+                const n = unapproveCommands(vals);
+                ctx.note(n > 0 ? `✓ ${n} komut onaydan çıkarıldı.` : 'Belirtilenler onaylı listede yoktu.');
+            }
+            else if (sub === 'clear') {
+                clearApproved();
+                ctx.note('✓ Tüm onaylı komutlar temizlendi.');
+            }
+            else {
+                const list = getApprovedCommands();
+                const body = list.length ? list.map((c) => `  • ${c}`).join('\n') : '  (henüz yok — "Evet, hep" seçince eklenir)';
+                ctx.note(`Onaylı shell komutları (${list.length}) — bunlar onaysız çalışır:\n${body}\n\n` +
+                    `Kullanım:\n  /izinler              → listele\n  /izinler add git npm  → onayla\n  /izinler remove git   → çıkar\n  /izinler clear        → hepsini temizle\n` +
+                    `(Tehlikeli komutlar — rm -rf /, fork bomb vb. — onaylasan da engellenir.)`);
+            }
+            return true;
+        }
         case '/export': {
             fs.mkdirSync(SESSION_DIR, { recursive: true });
             const file = path.join(SESSION_DIR, `session-${tsStamp()}.json`);

package/dist/extensions.js

@@ -0,0 +1,143 @@
+// Extension sistemi — wormclaude-extension.json (manifest) + commands/**/*.toml + context dosyası.
+// Namespaced slash komutları (/conductor:setup, /git:smart-commit) + excludeTools desteği.
+//
+//   extensions/<ad>/
+//     wormclaude-extension.json   { name, version, contextFileName?, excludeTools? }
+//     commands/<ns>/<cmd>.toml     → /<ns>:<cmd>   (description = "...", prompt = """...""")
+//     commands/<cmd>.toml          → /<cmd>        (namespace yoksa)
+//     <contextFileName>            (opsiyonel; aktifken context'e yüklenebilir)
+//     templates/ ...               (opsiyonel; komutlar Read ile kullanır)
+import * as fs from 'node:fs';
+import * as os from 'node:os';
+import * as path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { resolveInjections } from './injections.js';
+let EXTENSIONS = [];
+// Pakete gömülü extensions (npm ile gelir) + kullanıcı + proje dizinleri.
+const BUNDLED_DIR = path.join(path.dirname(fileURLToPath(import.meta.url)), '..', 'extensions');
+const USER_DIR = path.join(os.homedir(), '.wormclaude', 'extensions');
+const PROJECT_DIR = path.join(process.cwd(), '.wormclaude', 'extensions');
+// Minimal TOML: yalnızca `description = "..."` ve `prompt = """..."""` (veya tek satır) okur.
+function parseToml(raw) {
+    let description = '';
+    let prompt = '';
+    const dm = raw.match(/^\s*description\s*=\s*(?:"([^"]*)"|'([^']*)')/m);
+    if (dm)
+        description = (dm[1] ?? dm[2] ?? '').trim();
+    const pMulti = raw.match(/prompt\s*=\s*"""([\s\S]*?)"""/);
+    if (pMulti) {
+        prompt = pMulti[1].replace(/^\r?\n/, '').replace(/\s+$/, '');
+    }
+    else {
+        const pSingle = raw.match(/^\s*prompt\s*=\s*"([\s\S]*?)"\s*$/m);
+        if (pSingle)
+            prompt = pSingle[1];
+    }
+    return { description, prompt };
+}
+function walkCommands(commandsDir, extName, extDir, ns, out) {
+    let entries = [];
+    try {
+        entries = fs.readdirSync(commandsDir, { withFileTypes: true });
+    }
+    catch {
+        return;
+    }
+    for (const e of entries) {
+        const full = path.join(commandsDir, e.name);
+        if (e.isDirectory()) {
+            walkCommands(full, extName, extDir, ns ? `${ns}:${e.name}` : e.name, out);
+        }
+        else if (e.name.endsWith('.toml')) {
+            let raw = '';
+            try {
+                raw = fs.readFileSync(full, 'utf8');
+            }
+            catch {
+                continue;
+            }
+            const { description, prompt } = parseToml(raw);
+            if (!prompt)
+                continue;
+            const base = e.name.replace(/\.toml$/, '');
+            const name = ns ? `${ns}:${base}` : base;
+            out.push({ name, description: description || name, prompt, ext: extName, dir: extDir });
+        }
+    }
+}
+function scanExtDir(dir) {
+    let entries = [];
+    try {
+        entries = fs.readdirSync(dir, { withFileTypes: true });
+    }
+    catch {
+        return;
+    }
+    for (const e of entries) {
+        if (!e.isDirectory())
+            continue;
+        const extDir = path.join(dir, e.name);
+        let manifest = {};
+        try {
+            manifest = JSON.parse(fs.readFileSync(path.join(extDir, 'wormclaude-extension.json'), 'utf8'));
+        }
+        catch {
+            continue;
+        }
+        const name = String(manifest.name || e.name).trim();
+        const commands = [];
+        walkCommands(path.join(extDir, 'commands'), name, extDir, '', commands);
+        const ctxName = manifest.contextFileName;
+        let contextFile;
+        if (ctxName && fs.existsSync(path.join(extDir, ctxName)))
+            contextFile = path.join(extDir, ctxName);
+        const ext = {
+            name,
+            version: String(manifest.version || '0.0.0'),
+            dir: extDir,
+            contextFile,
+            excludeTools: Array.isArray(manifest.excludeTools) ? manifest.excludeTools.map(String) : [],
+            commands,
+        };
+        // Proje > kullanıcı > gömülü: aynı ada sahip extension override edilir.
+        const i = EXTENSIONS.findIndex((x) => x.name === name);
+        if (i >= 0)
+            EXTENSIONS[i] = ext;
+        else
+            EXTENSIONS.push(ext);
+    }
+}
+export function loadExtensions() {
+    EXTENSIONS = [];
+    scanExtDir(BUNDLED_DIR); // gömülü
+    scanExtDir(USER_DIR); // kullanıcı geneli
+    scanExtDir(PROJECT_DIR); // proje (en yüksek öncelik)
+    return EXTENSIONS;
+}
+export function getExtensions() { return EXTENSIONS; }
+export function getExtCommands() { return EXTENSIONS.flatMap((x) => x.commands); }
+export function getExtCommand(name) {
+    return getExtCommands().find((c) => c.name === name);
+}
+export function getExcludedTools() {
+    return [...new Set(EXTENSIONS.flatMap((x) => x.excludeTools))];
+}
+// Komut prompt'unu çözer: !{komut} (shell çıktısı, cmdsec'li) · @{dosya} (içerik) · {{args}}.
+// {{args}} placeholder'ı yoksa kullanıcı argümanı sona eklenir.
+export function buildExtCommandPrompt(cmd, args) {
+    const a = args || '';
+    const hasArgsPlaceholder = cmd.prompt.includes('{{args}}');
+    let p;
+    try {
+        p = resolveInjections(cmd.prompt, { args: a, cwd: process.cwd(), contextName: cmd.name });
+    }
+    catch (e) {
+        p = cmd.prompt + `\n\n[injection hatası: ${e?.message || e}]`;
+    }
+    if (!hasArgsPlaceholder && a.trim()) {
+        p += `\n\n## User input\n\n${a.trim()}`;
+    }
+    return (`Extension base directory: ${cmd.dir}\n` +
+        `(You may Read files here — templates/, context, assets — as needed to complete this command.)\n\n` +
+        p);
+}

package/dist/injections.js

@@ -0,0 +1,108 @@
+// Komut şablonu injection'ları — extension komutlarında dinamik içerik.
+// Gemini/Blackbox CLI injectionParser + shellProcessor + atFileProcessor'dan uyarlandı.
+//   {{args}}   -> kullanıcı argümanı (ham; !{} içinde shell-escape'li)
+//   !{komut}   -> shell çıktısı gömer (cmdsec güvenlik kontrolüyle)
+//   @{dosya}   -> dosya içeriği gömer (cwd'ye göre)
+import { execSync } from 'node:child_process';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { checkCommand, escapeShellArg } from './cmdsec.js';
+const ARGS = '{{args}}';
+const SHELL_TRIG = '!{';
+const FILE_TRIG = '@{';
+// Brace-sayan parser (injectionParser.js — temiz, birebir).
+export function extractInjections(prompt, trigger, contextName) {
+    const injections = [];
+    let index = 0;
+    while (index < prompt.length) {
+        const startIndex = prompt.indexOf(trigger, index);
+        if (startIndex === -1)
+            break;
+        let i = startIndex + trigger.length;
+        let depth = 1;
+        let closed = false;
+        while (i < prompt.length) {
+            const ch = prompt[i];
+            if (ch === '{')
+                depth++;
+            else if (ch === '}') {
+                depth--;
+                if (depth === 0) {
+                    injections.push({ content: prompt.substring(startIndex + trigger.length, i).trim(), startIndex, endIndex: i + 1 });
+                    index = i + 1;
+                    closed = true;
+                    break;
+                }
+            }
+            i++;
+        }
+        if (!closed) {
+            const ctx = contextName ? ` ('${contextName}')` : '';
+            throw new Error(`Geçersiz injection${ctx}: ${trigger} kapanmamış (index ${startIndex}). Süslü parantezler dengeli olmalı.`);
+        }
+    }
+    return injections;
+}
+function runShell(cmd, cwd) {
+    const chk = checkCommand(cmd);
+    if (chk.decision === 'deny')
+        return `[engellendi: ${chk.reason || 'tehlikeli komut'}]`;
+    try {
+        const out = execSync(cmd, {
+            cwd, encoding: 'utf8', timeout: 30000, maxBuffer: 1024 * 1024,
+            windowsHide: true, stdio: ['ignore', 'pipe', 'pipe'],
+        });
+        return String(out).trim();
+    }
+    catch (e) {
+        const o = (e?.stdout ? String(e.stdout) : '') + (e?.stderr ? String(e.stderr) : '');
+        return (o.trim() || `[komut hatası: ${e?.message || e}]`);
+    }
+}
+function readFileInjection(p, cwd) {
+    try {
+        const abs = path.isAbsolute(p) ? p : path.resolve(cwd, p);
+        const data = fs.readFileSync(abs, 'utf8');
+        return `--- ${p} ---\n${data}\n--- /${p} ---`;
+    }
+    catch {
+        return `[dosya okunamadı: ${p}]`;
+    }
+}
+// Bir injection türünü çözer; resolver(content) çıktıyı döndürür.
+function replaceTrigger(text, trigger, resolver, ctx) {
+    const injs = extractInjections(text, trigger, ctx);
+    if (injs.length === 0)
+        return text;
+    let out = '';
+    let last = 0;
+    for (const inj of injs) {
+        out += text.substring(last, inj.startIndex);
+        out += resolver(inj.content);
+        last = inj.endIndex;
+    }
+    out += text.substring(last);
+    return out;
+}
+// Şablonu çöz: !{komut} -> shell çıktısı, @{dosya} -> dosya, {{args}} -> argüman.
+export function resolveInjections(text, opts = {}) {
+    const args = opts.args ?? '';
+    const cwd = opts.cwd ?? process.cwd();
+    const ctx = opts.contextName;
+    let out = text;
+    // 1) !{komut}: içindeki {{args}} shell-escape'li, sonra cmdsec ile çalıştır.
+    if (out.includes(SHELL_TRIG)) {
+        const shell = process.platform === 'win32' ? 'cmd' : 'bash';
+        out = replaceTrigger(out, SHELL_TRIG, (cmd) => {
+            const resolved = cmd.split(ARGS).join(escapeShellArg(args, shell));
+            return runShell(resolved, cwd);
+        }, ctx);
+    }
+    // 2) @{dosya}: içindeki {{args}} ham, sonra oku.
+    if (out.includes(FILE_TRIG)) {
+        out = replaceTrigger(out, FILE_TRIG, (p) => readFileInjection(p.split(ARGS).join(args), cwd), ctx);
+    }
+    // 3) Kalan {{args}} -> ham argüman.
+    out = out.split(ARGS).join(args);
+    return out;
+}

package/dist/theme.js

@@ -8,4 +8,4 @@ export const theme = {
     green: '#4ade80',
     errorRed: '#ff6b6b',
 };
-export const VERSION = '1.0.12';
+export const VERSION = '1.0.14';