conduct-cli 0.5.4__tar.gz → 0.5.6__tar.gz

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.5.4
+Version: 0.5.6
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "conduct-cli"
-version = "0.5.4"
+version = "0.5.6"
 description = "CLI for Conduct AI — install agents, manage projects, run tests"
 readme = "README.md"
 license = { text = "MIT" }

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli/api.py

@@ -31,7 +31,7 @@ def req(method: str, url: str, hdrs: dict, body=None, timeout: int = 30) -> dict
             detail = json.loads(raw).get("detail", raw)
         except Exception:
             detail = raw
-        print(f"{RED}HTTP {e.code}: {detail}{RESET}")
+        print(f"{RED}HTTP {e.code}: {detail} [{url}]{RESET}")
         sys.exit(1)
     except (socket.timeout, TimeoutError):
         print(f"{RED}Request timed out: {url}{RESET}")
@@ -50,7 +50,7 @@ def req_text(method: str, url: str, hdrs: dict, body_text: str, timeout: int = 3
             detail = json.loads(raw).get("detail", raw)
         except Exception:
             detail = raw
-        print(f"{RED}HTTP {e.code}: {detail}{RESET}")
+        print(f"{RED}HTTP {e.code}: {detail} [{url}]{RESET}")
         sys.exit(1)
     except (socket.timeout, TimeoutError):
         print(f"{RED}Request timed out: {url}{RESET}")

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli/guard.py

@@ -245,6 +245,17 @@ def _api_url(cfg: dict) -> str:
 # ── MCP registration ──────────────────────────────────────────────────────────
 
 # Tools that support mcpServers JSON — only write if the config file already exists
+def _vscode_mcp_paths() -> list[tuple[Path, str]]:
+    """VS Code Copilot MCP config locations (macOS + Linux). Only if Copilot is installed."""
+    ext_dir = Path.home() / ".vscode" / "extensions"
+    if not ext_dir.exists() or not any(p.name.startswith("github.copilot") for p in ext_dir.iterdir() if p.is_dir()):
+        return []
+    candidates = [
+        Path.home() / "Library" / "Application Support" / "Code" / "User" / "mcp.json",
+        Path.home() / ".config" / "Code" / "User" / "mcp.json",
+    ]
+    return [(p, "VS Code Copilot") for p in candidates if p.parent.exists()]
+
 _MCP_TARGETS = [
     (Path.home() / ".claude"   / "settings.json", "Claude Code"),
     (Path.home() / ".cursor"   / "mcp.json",       "Cursor"),
@@ -267,8 +278,9 @@ def _register_mcp(workspace_id: str, member_token: str, api_url: str) -> None:
     if shutil.which("booster"):
         servers["agent-booster"] = {"command": "booster", "args": ["serve"]}
 
+    targets = list(_MCP_TARGETS) + _vscode_mcp_paths()
     found_any = False
-    for cfg_path, label in _MCP_TARGETS:
+    for cfg_path, label in targets:
         if not cfg_path.exists():
             continue
         found_any = True
@@ -382,7 +394,7 @@ def _req(method: str, url: str, body=None, token: str = None, api_key: str = Non
             detail = json.loads(raw).get("detail", raw)
         except Exception:
             detail = raw
-        print(f"{RED}HTTP {e.code}: {detail}{RESET}")
+        print(f"{RED}HTTP {e.code}: {detail} [{url}]{RESET}")
         sys.exit(1)
     except Exception:
         print(f"{RED}Could not reach ConductAI API. Check your connection.{RESET}")
@@ -395,6 +407,13 @@ def _save_policy(policy: dict):
     POLICY_PATH.write_text(json.dumps(policy, indent=2))
 
 
+def _load_policy() -> dict:
+    try:
+        return json.loads(POLICY_PATH.read_text())
+    except Exception:
+        return {"rules": []}
+
+
 # ── since-string parser ───────────────────────────────────────────────────────
 
 def _parse_since(since_str: str) -> str:
@@ -530,15 +549,6 @@ def cmd_guard_install(args):
     user_email     = result.get("user_email") or ""
     clerk_user_id  = result.get("clerk_user_id") or ""
 
-    # Check if Security Loop module is installed for this workspace
-    security_emit = False
-    try:
-        sec = _req("GET", f"{server}/secure/installed?workspace_id={workspace_id}", api_key=api_key)
-        if sec.get("installed"):
-            security_emit = True
-    except Exception:
-        pass
-
     # Persona selection — prompt once, skip if already chosen
     _ensure_persona(workspace_id, api_key, server)
 
@@ -551,11 +561,8 @@ def cmd_guard_install(args):
         "clerk_user_id":         clerk_user_id,
         "api_key":               api_key,
         "api_url":               server,
-        "security_emit_enabled": security_emit,
         "last_synced_at":        _time.time(),
     })
-    if security_emit:
-        print(f"  {GREEN}Security Loop:{RESET} installed — classifier active")
 
     # Download policies
     try:
@@ -783,7 +790,8 @@ def cmd_guard_sync(args):
     # Persona selection — prompt once, skip if already chosen
     _ensure_persona(workspace_id, api_key, base_url)
 
-    print(f"Syncing policy…")
+    dry_run = getattr(args, "dry_run", False)
+    print(f"{'[dry-run] ' if dry_run else ''}Syncing policy…")
 
     try:
         policy = _req(
@@ -794,28 +802,49 @@ def cmd_guard_sync(args):
     except Exception as e:
         print(f"Guard sync skipped: {e}", file=sys.stderr)
         sys.exit(0)
+
+    rules = policy.get("rules", [])
+    rule_count = len(rules)
+
+    if dry_run:
+        current_policy = _load_policy()
+        current_rules = {r["rule_id"]: r for r in current_policy.get("rules", [])}
+        new_rules = {r["rule_id"]: r for r in rules}
+
+        added   = [r for r in new_rules   if r not in current_rules]
+        removed = [r for r in current_rules if r not in new_rules]
+        changed = [
+            r for r in new_rules
+            if r in current_rules and new_rules[r].get("action") != current_rules[r].get("action")
+        ]
+
+        print(f"\n  {BOLD}Dry run — no files written{RESET}")
+        print(f"  Rules in policy: {rule_count}")
+        if added:
+            print(f"\n  {GREEN}+ Added ({len(added)}){RESET}")
+            for rid in added:
+                r = new_rules[rid]
+                print(f"      {rid}  [{r.get('action','?').upper()}]")
+        if removed:
+            print(f"\n  {RED}- Removed ({len(removed)}){RESET}")
+            for rid in removed:
+                print(f"      {rid}")
+        if changed:
+            print(f"\n  ~ Changed action ({len(changed)})")
+            for rid in changed:
+                old_a = current_rules[rid].get("action", "?")
+                new_a = new_rules[rid].get("action", "?")
+                print(f"      {rid}  {old_a} → {new_a}")
+        if not added and not removed and not changed:
+            print(f"  {GREEN}No changes{RESET}")
+        return
+
     _save_policy(policy)
-    rule_count = len(policy.get("rules", []))
     print(f"  {GREEN}Policy refreshed:{RESET} {rule_count} rule(s)")
 
     if getattr(args, "cursor", False):
         _write_cursorrules(policy)
 
-    # Re-check Security Loop install status
-    try:
-        sec = _req("GET", f"{base_url}/secure/installed?workspace_id={workspace_id}", api_key=api_key)
-        cfg["security_emit_enabled"] = bool(sec.get("installed"))
-        _save_guard_config(cfg)
-        if sec.get("installed"):
-            print(f"  {GREEN}Security Loop:{RESET} installed — classifier active")
-            try:
-                policies = _req("GET", f"{base_url}/secure/policies?workspace_id={workspace_id}", api_key=api_key)
-                policy_count = len(policies) if isinstance(policies, list) else 0
-                print(f"  {GREEN}Security Loop policies:{RESET} {policy_count} rule(s) synced")
-            except Exception:
-                pass
-    except Exception:
-        pass
 
     # Refresh hook script + re-register in all tools
     hook_path = GUARD_DIR / "hook.py"
@@ -1263,6 +1292,7 @@ def register_guard_parser(sub):
     # conduct guard sync
     sync_p = guard_sub.add_parser("sync", help="Refresh policy and re-scan for AI tools")
     sync_p.add_argument("--cursor", action="store_true", help="Write active Guard policies to .cursorrules")
+    sync_p.add_argument("--dry-run", action="store_true", help="Preview policy changes without writing anything")
 
     # conduct guard status
     guard_sub.add_parser("status", help="Show today's spend and violations")

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli/guardmcp.py

@@ -139,12 +139,31 @@ def _load_config() -> dict:
     return {}
 
 
-_sync_lock = threading.Lock()
+_DAEMON_URL   = "http://127.0.0.1:7878"
+_sync_lock    = threading.Lock()
 _SYNC_INTERVAL = 300  # 5 minutes
 
 
+def _daemon_alive() -> bool:
+    try:
+        urllib.request.urlopen(f"{_DAEMON_URL}/health", timeout=0.3)
+        return True
+    except Exception:
+        return False
+
+
 def _maybe_sync() -> None:
-    """If config is stale (>5 min since last sync), run `conduct guard sync` in background."""
+    """Sync policy: daemon (instant) → conduct guard sync (every 5 min). Never raises."""
+    try:
+        if _daemon_alive():
+            cfg = _load_config()
+            ws_id = cfg.get("workspace_id", "")
+            if ws_id:
+                with urllib.request.urlopen(f"{_DAEMON_URL}/policy?workspace_id={ws_id}", timeout=1) as r:
+                    POLICY_PATH.write_text(r.read().decode())
+            return
+    except Exception:
+        pass  # fall through to CLI sync
     cfg = _load_config()
     last_sync = cfg.get("last_synced_at", 0)
     if time.time() - last_sync < _SYNC_INTERVAL:
@@ -153,11 +172,7 @@ def _maybe_sync() -> None:
         return  # another thread is already syncing
     def _run():
         try:
-            subprocess.run(
-                ["conduct", "guard", "sync"],
-                timeout=15,
-                capture_output=True,
-            )
+            subprocess.run(["conduct", "guard", "sync"], timeout=15, capture_output=True)
         except Exception:
             pass
         finally:
@@ -192,12 +207,11 @@ def _post_audit_event(
     token: str,
     ai_tool: str,
 ) -> None:
-    """Fire-and-forget: post a guard audit event to the Conduct API."""
+    """Fire-and-forget: queue event via daemon (batch) or direct API fallback."""
     if not workspace_id:
         return
-    cfg     = _load_config()
-    api_url = cfg.get("api_url", "https://api.conductai.ai").rstrip("/")
-    payload = json.dumps({
+    cfg = _load_config()
+    event = {
         "workspace_id":    workspace_id,
         "clerk_user_id":   cfg.get("user_email", ""),
         "user_email":      cfg.get("user_email", ""),
@@ -207,15 +221,26 @@ def _post_audit_event(
         "decision":        decision,
         "rule_id":         rule_id,
         "hook_session_id": _SESSION_ID,
-    }).encode()
+    }
     try:
-        req = urllib.request.Request(
-            f"{api_url}/guard/events",
-            data=payload,
-            headers={
-                "Content-Type":  "application/json",
-                "Authorization": f"Bearer {token}",
-            },
+        # Fast path: daemon batches events, reducing API calls 30:1
+        if _daemon_alive():
+            body = json.dumps(event).encode()
+            req  = urllib.request.Request(
+                f"{_DAEMON_URL}/event", data=body,
+                headers={"Content-Type": "application/json"}, method="POST",
+            )
+            urllib.request.urlopen(req, timeout=1)
+            return
+    except Exception:
+        pass
+    # Fallback: direct API post
+    try:
+        api_url = cfg.get("api_url", "https://api.conductai.ai").rstrip("/")
+        body    = json.dumps(event).encode()
+        req     = urllib.request.Request(
+            f"{api_url}/guard/events", data=body,
+            headers={"Content-Type": "application/json", "Authorization": f"Bearer {token}"},
             method="POST",
         )
         urllib.request.urlopen(req, timeout=5)

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli/hook_template.py

@@ -2,6 +2,7 @@
 """ConductGuard PreToolUse hook — enforces team policies, tracks all tool calls."""
 import json
 import re
+import shlex
 import subprocess
 import sys
 import time
@@ -39,8 +40,19 @@ VERSION_CACHE_TTL   = 60   # 1 minute — matches server poll window
 WARNED_RULES_PATH   = GUARD_DIR / "warned_rules.json"
 
 
+_DAEMON_URL = "http://127.0.0.1:7878"
+
+
+def _daemon_alive() -> bool:
+    try:
+        with urllib.request.urlopen(f"{_DAEMON_URL}/health", timeout=0.3):
+            return True
+    except Exception:
+        return False
+
+
 def _maybe_sync_policy():
-    """Check server policy version once per minute; re-download if stale. Never raises."""
+    """Sync policy from daemon (instant) or remote API (once per minute). Never raises."""
     try:
         cfg = json.loads(CONFIG_PATH.read_text()) if CONFIG_PATH.exists() else {}
         workspace_id = cfg.get("workspace_id")
@@ -48,18 +60,25 @@ def _maybe_sync_policy():
         api_url      = cfg.get("api_url", "https://api.conductai.ai").rstrip("/")
         if not workspace_id:
             return
-        # Check cache TTL
+
+        # Fast path: daemon is running — it keeps policy fresh via WebSocket push
+        if _daemon_alive():
+            url = f"{_DAEMON_URL}/policy?workspace_id={workspace_id}"
+            with urllib.request.urlopen(url, timeout=1) as resp:
+                remote = json.loads(resp.read())
+            POLICY_PATH.write_text(json.dumps(remote, indent=2))
+            return
+
+        # Slow path: no daemon — poll remote API once per minute
         if VERSION_CACHE_PATH.exists():
             cache = json.loads(VERSION_CACHE_PATH.read_text())
             if time.time() - cache.get("ts", 0) < VERSION_CACHE_TTL:
                 return
-        # Fetch current version from server
         url = f"{api_url}/guard/policies/sync?workspace_id={workspace_id}"
         req = urllib.request.Request(url, headers={"Authorization": f"Bearer {api_key}"} if api_key else {})
         with urllib.request.urlopen(req, timeout=2) as resp:
             remote = json.loads(resp.read())
         remote_version = remote.get("version", "")
-        # Compare to local
         local_version = ""
         if POLICY_PATH.exists():
             local_version = json.loads(POLICY_PATH.read_text()).get("version", "")
@@ -109,6 +128,35 @@ def _fetch_budget_status():
 try:
     from conduct_cli.guard import _check_policy
 except Exception:
+    def _bash_operator_signature(command):
+        """Extract argv[0] + subcommand + flag tokens per shell segment.
+        Skips quoted argument values so patterns don't match content inside --body/-m strings.
+        Returns space-joined signature across segments.
+        """
+        if not command:
+            return ""
+        segments = re.split(r'&&|\|\||\|(?!\|)|;', command)
+        parts = []
+        for seg in segments:
+            try:
+                tokens = shlex.split(seg.strip())
+            except ValueError:
+                continue
+            if not tokens:
+                continue
+            sig = [tokens[0]]
+            i = 1
+            # Subcommand: only barewords (no whitespace means wasn't a quoted multi-word value)
+            if i < len(tokens) and not tokens[i].startswith("-") and " " not in tokens[i]:
+                sig.append(tokens[i])
+                i += 1
+            # Flags: only real flag tokens, not flag-like strings inside quoted content
+            for t in tokens[i:]:
+                if t.startswith("-") and " " not in t:
+                    sig.append(t)
+            parts.append(" ".join(sig))
+        return " ; ".join(parts)
+
     def _check_policy(tool_name, tool_input, tokens_before=0):
         """Return (matched_rule, action, rule_id, message) or (None, 'allow', None, None)."""
         if not POLICY_PATH.exists():
@@ -119,7 +167,13 @@ except Exception:
             return None, "allow", None, None
 
         rules      = policy.get("rules", [])
-        input_text = json.dumps(tool_input)
+        # For Bash, match against operator signature (argv[0] + subcommand + flags) — not raw JSON.
+        # Prevents false positives where dangerous patterns appear inside quoted argument values
+        # (e.g. `gh issue create --body "...rm -rf..."` should not match no-rm-rf).
+        if tool_name == "Bash" and tool_input.get("command"):
+            input_text = _bash_operator_signature(tool_input["command"])
+        else:
+            input_text = json.dumps(tool_input)
         path_fields = [str(tool_input.get(f, "")) for f in ["file_path", "path", "command"]]
 
         for rule in rules:

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli/main.py

@@ -2858,6 +2858,77 @@ def _check_guard_setup(command: str) -> None:
     )
 
 
+
+def cmd_skill(args):
+    """conduct skill list | install <slug> | uninstall <slug>"""
+    skill_command = getattr(args, "skill_command", None)
+    server, workspace, api_key, token = _require_auth(args)
+
+    headers = {"Content-Type": "application/json"}
+    if api_key:
+        headers["X-Api-Key"] = api_key
+    elif token:
+        headers["Authorization"] = f"Bearer {token}"
+
+    def _req(method, path, expect=None):
+        url = f"{server}{path}"
+        req = urllib.request.Request(url, headers=headers, method=method)
+        try:
+            with urllib.request.urlopen(req, timeout=10) as r:
+                data = json.loads(r.read())
+            return data
+        except urllib.error.HTTPError as e:
+            body = e.read().decode()
+            try:
+                msg = json.loads(body).get("detail", body)
+            except Exception:
+                msg = body
+            print(f"{RED}Error {e.code}: {msg}{RESET}")
+            sys.exit(1)
+
+    if skill_command == "list":
+        data = _req("GET", f"/compliance/packs/available?workspace_id={workspace}")
+        installed_data = _req("GET", f"/compliance/packs/installed?workspace_id={workspace}")
+        installed = set(installed_data.get("installed", []))
+
+        packs = data.get("packs", [])
+        if not packs:
+            print("No skill packs available.")
+            return
+
+        print(f"\n{'Slug':<20} {'Name':<22} {'Tier':<8} {'Rules':<7} Status")
+        print("─" * 70)
+        for p in packs:
+            slug   = p.get("slug", "")
+            name   = p.get("name", "")
+            tier   = p.get("tier", "")
+            rules  = len(p.get("rules", []))
+            status = f"{GREEN}installed{RESET}" if slug in installed else f"{GRAY}available{RESET}"
+            print(f"{slug:<20} {name:<22} {tier:<8} {rules:<7} {status}")
+        print()
+
+    elif skill_command == "install":
+        slug = getattr(args, "slug", None)
+        if not slug:
+            print(f"{RED}Usage: conduct skill install <slug>{RESET}")
+            sys.exit(1)
+        _req("POST", f"/compliance/packs/{slug}/install?workspace_id={workspace}")
+        print(f"{GREEN}✓{RESET} Installed {BOLD}{slug}{RESET}")
+        print(f"  Run {BOLD}conduct guard sync{RESET} to push the updated policy to your hook.")
+
+    elif skill_command == "uninstall":
+        slug = getattr(args, "slug", None)
+        if not slug:
+            print(f"{RED}Usage: conduct skill uninstall <slug>{RESET}")
+            sys.exit(1)
+        _req("DELETE", f"/compliance/packs/{slug}/uninstall?workspace_id={workspace}")
+        print(f"{GREEN}✓{RESET} Uninstalled {BOLD}{slug}{RESET}")
+        print(f"  Run {BOLD}conduct guard sync{RESET} to push the updated policy to your hook.")
+
+    else:
+        print("Usage: conduct skill <list|install|uninstall> [slug]")
+
+
 def main():
     _auto_update()
 
@@ -2998,6 +3069,15 @@ def main():
     mcp_sub = mcp_p.add_subparsers(dest="mcp_command")
     mcp_sub.add_parser("install", help="Register conduct-mcp in Claude Code and Codex")
 
+    # conduct skill
+    skill_p = sub.add_parser("skill", help="Manage Guard skill packs")
+    skill_sub = skill_p.add_subparsers(dest="skill_command")
+    skill_sub.add_parser("list", help="List available and installed skill packs")
+    skill_install_p = skill_sub.add_parser("install", help="Install a skill pack")
+    skill_install_p.add_argument("slug", help="Pack slug, e.g. conduct-owasp")
+    skill_uninstall_p = skill_sub.add_parser("uninstall", help="Uninstall a skill pack")
+    skill_uninstall_p.add_argument("slug", help="Pack slug, e.g. conduct-owasp")
+
     # conduct sync
     sub.add_parser("sync", help="Sync Guard policies (and Security Loop policies if installed)")
 
@@ -3091,6 +3171,8 @@ def main():
             cmd_mcp_install(args)
         else:
             mcp_p.print_help()
+    elif args.command == "skill":
+        cmd_skill(args)
     elif args.command == "sync":
         cmd_sync(args)
     elif args.command == "test-guard":

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: conduct-cli
-Version: 0.5.4
+Version: 0.5.6
 Summary: CLI for Conduct AI — install agents, manage projects, run tests
 Author-email: Conduct AI <hello@conductai.ai>
 License: MIT

{conduct_cli-0.5.4 → conduct_cli-0.5.6}/src/conduct_cli.egg-info/SOURCES.txt

@@ -19,6 +19,7 @@ src/conduct_cli.egg-info/dependency_links.txt
 src/conduct_cli.egg-info/entry_points.txt
 src/conduct_cli.egg-info/requires.txt
 src/conduct_cli.egg-info/top_level.txt
+tests/test_bash_operator_signature.py
 tests/test_guard_policy.py
 tests/test_guard_savings.py
 tests/test_hook_syntax.py

conduct_cli-0.5.6/tests/test_bash_operator_signature.py

@@ -0,0 +1,82 @@
+"""Tests for _bash_operator_signature — fixes #728 false positives."""
+import re
+import shlex
+
+
+def _bash_operator_signature(command):
+    """Same logic as hook_template.py. Kept inline for unit testing."""
+    if not command:
+        return ""
+    segments = re.split(r'&&|\|\||\|(?!\|)|;', command)
+    parts = []
+    for seg in segments:
+        try:
+            tokens = shlex.split(seg.strip())
+        except ValueError:
+            continue
+        if not tokens:
+            continue
+        sig = [tokens[0]]
+        i = 1
+        # Subcommand: next token only if it's a bareword (no whitespace = wasn't a multi-word quoted value)
+        if i < len(tokens) and not tokens[i].startswith("-") and " " not in tokens[i]:
+            sig.append(tokens[i])
+            i += 1
+        # Flags only if they're real flags (no whitespace = not embedded in quoted content)
+        for t in tokens[i:]:
+            if t.startswith("-") and " " not in t:
+                sig.append(t)
+        parts.append(" ".join(sig))
+    return " ; ".join(parts)
+
+
+def assert_match(pattern, command, should_match):
+    sig = _bash_operator_signature(command)
+    matched = bool(re.search(pattern, sig, re.IGNORECASE))
+    assert matched is should_match, f"{command!r} → sig={sig!r}, pattern={pattern!r}, expected={should_match}, got={matched}"
+
+
+def test_rm_rf_actual_command_fires():
+    assert_match(r"\brm\s+-rf\b", "rm -rf /tmp/build", True)
+
+
+def test_rm_rf_in_gh_body_does_not_fire():
+    assert_match(r"\brm\s+-rf\b", 'gh issue create --body "contains rm -rf example"', False)
+
+
+def test_rm_rf_in_git_commit_does_not_fire():
+    assert_match(r"\brm\s+-rf\b", 'git commit -m "fix: remove rm -rf call from script"', False)
+
+
+def test_force_push_fires():
+    assert_match(r"git\s+push.*--force", "git push --force origin main", True)
+
+
+def test_force_push_in_commit_does_not_fire():
+    assert_match(r"git\s+push.*--force", 'git commit -m "add force-push docs"', False)
+
+
+def test_vercel_prod_fires():
+    assert_match(r"vercel.*--prod", "vercel deploy --prod", True)
+
+
+def test_vercel_prod_in_echo_does_not_fire():
+    assert_match(r"vercel.*--prod", 'echo "vercel deploy --prod example"', False)
+
+
+def test_chained_rm_rf_fires():
+    assert_match(r"\brm\s+-rf\b", "git add . && rm -rf node_modules", True)
+
+
+def test_chained_rm_in_commit_does_not_fire():
+    assert_match(r"\brm\s+-rf\b", 'git add . && git commit -m "rm -rf cleanup"', False)
+
+
+def test_empty_command():
+    assert _bash_operator_signature("") == ""
+
+
+def test_unterminated_quote_does_not_crash():
+    # Should skip the segment, not raise
+    sig = _bash_operator_signature('git commit -m "unterminated')
+    assert isinstance(sig, str)