plugin-scanner 2.0.126__tar.gz → 2.0.127__tar.gz

{plugin_scanner-2.0.126 → plugin_scanner-2.0.127}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plugin-scanner
-Version: 2.0.126
+Version: 2.0.127
 Summary: Lint, verify, and gate plugin ecosystems for maintainers, CI, and publish workflows.
 Project-URL: Homepage, https://github.com/hashgraph-online/ai-plugin-scanner
 Project-URL: Repository, https://github.com/hashgraph-online/ai-plugin-scanner

{plugin_scanner-2.0.126 → plugin_scanner-2.0.127}/dashboard/package.json

@@ -5,7 +5,7 @@
   "type": "module",
   "scripts": {
     "build": "vite build",
-    "test": "tsx src/guard-api.test.ts"
+    "test": "tsx src/guard-api.test.ts && tsx src/approval-center-layout.test.ts"
   },
   "dependencies": {
     "react": "^19.2.0",

{plugin_scanner-2.0.126 → plugin_scanner-2.0.127}/dashboard/src/app.tsx

@@ -321,6 +321,42 @@ export function App() {
           });
         }
       }}
+      onBulkApprove={async (ids) => {
+        const results = await Promise.allSettled(
+          ids.map((id) =>
+            resolveRequest({ requestId: id, action: "allow", scope: "once", reason: "" })
+          )
+        );
+        const succeeded = results.filter((r) => r.status === "fulfilled").length;
+        const failed = results.length - succeeded;
+        const label =
+          failed === 0
+            ? `${succeeded} item${succeeded !== 1 ? "s" : ""} approved.`
+            : `${succeeded} approved, ${failed} failed. Retry the failed items manually.`;
+        setResolutionMessage(label);
+        navigate("/");
+        const [snapshotResult, receiptsResult, policiesResult] = await Promise.allSettled([fetchRuntimeSnapshot(), fetchReceipts(), fetchPolicies()]);
+        if (snapshotResult.status === "fulfilled") {
+          setRuntime({ kind: "ready", snapshot: snapshotResult.value });
+          setRequests({ kind: "ready", items: snapshotResult.value.items });
+        }
+        if (receiptsResult.status === "fulfilled") {
+          setReceipts({ kind: "ready", items: receiptsResult.value });
+        } else {
+          setReceipts({
+            kind: "error",
+            message: receiptsResult.reason instanceof Error ? receiptsResult.reason.message : "Unable to load local approval history."
+          });
+        }
+        if (policiesResult.status === "fulfilled") {
+          setPolicies({ kind: "ready", items: policiesResult.value });
+        } else {
+          setPolicies({
+            kind: "error",
+            message: policiesResult.reason instanceof Error ? policiesResult.reason.message : "Unable to load saved approvals."
+          });
+        }
+      }}
       fleetContent={
         runtime.kind === "ready" ? (
           <FleetWorkspace

plugin_scanner-2.0.127/dashboard/src/approval-center-layout.test.ts

@@ -0,0 +1,188 @@
+import {
+  resolveEnvelopeDisplayText,
+  resolveStoppedCommandText,
+  resolveTerminalLabel,
+  displayArtifactName,
+} from "./approval-center-utils";
+import type { GuardActionEnvelope, GuardApprovalRequest } from "./guard-types";
+
+function assert(condition: boolean, message: string): void {
+  if (!condition) {
+    throw new Error(message);
+  }
+}
+
+const BASE_ENVELOPE: GuardActionEnvelope = {
+  schema_version: 1,
+  action_id: "act-layout-test",
+  harness: "claude-code",
+  event_name: "tool_call",
+  action_type: "harness_start",
+  workspace: null,
+  workspace_hash: null,
+  tool_name: null,
+  command: null,
+  prompt_excerpt: null,
+  target_paths: [],
+  network_hosts: [],
+  mcp_server: null,
+  mcp_tool: null,
+  package_manager: null,
+  package_name: null,
+  script_name: null,
+  raw_payload_redacted: {}
+};
+
+const BASE_REQUEST: GuardApprovalRequest = {
+  request_id: "request-layout-test",
+  harness: "claude-code",
+  artifact_id: "claude-code:project:bash",
+  artifact_name: "bash",
+  artifact_type: "command",
+  artifact_hash: "sha256-layout",
+  publisher: null,
+  policy_action: "require-reapproval",
+  recommended_scope: "artifact",
+  changed_fields: ["first_seen"],
+  source_scope: "project",
+  config_path: "./claude.json",
+  launch_target: "git status",
+  transport: "stdio",
+  review_command: "hol-guard approvals approve request-layout-test",
+  approval_url: "http://127.0.0.1:4781/approvals/request-layout-test",
+  status: "pending",
+  resolution_action: null,
+  resolution_scope: null,
+  reason: null,
+  created_at: "2026-04-11T12:00:00Z",
+  resolved_at: null,
+  action_envelope_json: null
+};
+
+const shellEnvelope: GuardActionEnvelope = {
+  ...BASE_ENVELOPE,
+  action_type: "shell_command",
+  command: "git diff HEAD~1 -- src/"
+};
+
+const shellRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: shellEnvelope
+};
+
+assert(
+  resolveStoppedCommandText(shellRequest).length > 0,
+  "T493: CTA section has non-empty command text for shell_command item (CTA content available above fold)"
+);
+
+assert(
+  resolveStoppedCommandText(shellRequest) === "git diff HEAD~1 -- src/",
+  "T494: resolveStoppedCommandText returns the envelope command for shell_command item"
+);
+
+const longCommand = "a".repeat(200);
+const longCommandEnvelope: GuardActionEnvelope = {
+  ...BASE_ENVELOPE,
+  action_type: "shell_command",
+  command: longCommand
+};
+const longCommandRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: longCommandEnvelope
+};
+
+assert(
+  resolveStoppedCommandText(longCommandRequest) === longCommand,
+  "T495: resolveStoppedCommandText does not truncate a 200-character command string"
+);
+
+assert(
+  resolveStoppedCommandText(longCommandRequest).length === 200,
+  "T495: 200-char command preserved at full length"
+);
+
+const harnessStartEnvelope: GuardActionEnvelope = { ...BASE_ENVELOPE, action_type: "harness_start" };
+assert(
+  resolveEnvelopeDisplayText(harnessStartEnvelope) === null,
+  "T496: resolveEnvelopeDisplayText returns null for harness_start — no raw content displayed"
+);
+
+assert(
+  displayArtifactName(BASE_REQUEST) === "bash",
+  "T497: displayArtifactName returns artifact_name when present"
+);
+
+const requestNoName: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  artifact_name: "",
+  artifact_id: "claude-code:project:fallback-id"
+};
+assert(
+  displayArtifactName(requestNoName) === "claude-code:project:fallback-id",
+  "T497: displayArtifactName falls back to artifact_id when name is empty"
+);
+
+const requestNoNameOrId: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  artifact_name: "",
+  artifact_id: ""
+};
+assert(
+  displayArtifactName(requestNoNameOrId) === "this action",
+  "T497: displayArtifactName falls back to 'this action' when both name and id are empty"
+);
+
+assert(
+  resolveTerminalLabel(shellRequest) === "Command",
+  "T479: resolveTerminalLabel returns 'Command' for shell_command action type"
+);
+
+const promptRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: { ...BASE_ENVELOPE, action_type: "prompt", prompt_excerpt: "Ignore instructions" }
+};
+assert(
+  resolveTerminalLabel(promptRequest) === "Prompt excerpt",
+  "T480: resolveTerminalLabel returns 'Prompt excerpt' for prompt action type"
+);
+
+const fileReadRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: { ...BASE_ENVELOPE, action_type: "file_read", target_paths: ["/etc/hosts"] }
+};
+assert(
+  resolveTerminalLabel(fileReadRequest) === "File path",
+  "T481: resolveTerminalLabel returns 'File path' for file_read action type"
+);
+
+const mcpRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: { ...BASE_ENVELOPE, action_type: "mcp_tool", mcp_server: "my-server", mcp_tool: "fetch" }
+};
+assert(
+  resolveTerminalLabel(mcpRequest) === "MCP server / tool",
+  "T482: resolveTerminalLabel returns 'MCP server / tool' for mcp_tool action type"
+);
+
+const packageRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: { ...BASE_ENVELOPE, action_type: "package_script", package_manager: "npm", package_name: "lodash", script_name: null }
+};
+assert(
+  resolveTerminalLabel(packageRequest) === "Package",
+  "T483: resolveTerminalLabel returns 'Package' for package_script action type"
+);
+
+const networkRequest: GuardApprovalRequest = {
+  ...BASE_REQUEST,
+  action_envelope_json: { ...BASE_ENVELOPE, action_type: "network_request", network_hosts: ["api.example.com"] }
+};
+assert(
+  resolveTerminalLabel(networkRequest) === "Network destination",
+  "T484: resolveTerminalLabel returns 'Network destination' for network_request action type"
+);
+
+assert(
+  resolveTerminalLabel(BASE_REQUEST) === "Stopped command",
+  "T479-T484: resolveTerminalLabel returns 'Stopped command' when no envelope present"
+);

{plugin_scanner-2.0.126 → plugin_scanner-2.0.127}/dashboard/src/approval-center-layout.tsx

@@ -38,8 +38,18 @@ import {
   harnessDisplayName,
   resolveDecisionV2Title,
   resolveDecisionV2Detail,
-  resolveStoppedCommandText
+  resolveStoppedCommandText,
+  displayArtifactName,
+  resolveTerminalLabel,
+  scopeLabel
 } from "./approval-center-utils";
+import {
+  WhyThisPaused,
+  ApproveConsequence,
+  BlockConsequence,
+  KeyboardHints,
+  ConfirmModal
+} from "./approval-center-review-cards";
 import type {
   GuardApprovalRequest,
   GuardArtifactDiff,
@@ -94,6 +104,7 @@ type LayoutProps = {
     workspace?: string;
     reason: string;
   }) => void;
+  onBulkApprove?: (ids: string[]) => void;
 };
 
 const scopeOptions: Array<{ value: DecisionScope; label: string; description: string }> = [
@@ -105,6 +116,7 @@ const scopeOptions: Array<{ value: DecisionScope; label: string; description: st
 ];
 
 const commonScopeValues = new Set<DecisionScope>(["artifact", "workspace"]);
+const broadScopeValues = new Set<DecisionScope>(["publisher", "harness", "global"]);
 const queuePageSize = 8;
 export function ApprovalCenterLayout(props: LayoutProps) {
   const queuedItems = props.requests.kind === "ready" ? props.requests.items : [];
@@ -143,6 +155,7 @@ export function ApprovalCenterLayout(props: LayoutProps) {
                 onOpenRequest={props.onOpenRequest}
                 onGoHome={props.onGoHome}
                 onResolve={props.onResolve}
+                onBulkApprove={props.onBulkApprove}
               />
             )}
           </div>
@@ -182,6 +195,7 @@ function QueueWorkspace(props: {
   onOpenRequest: (requestId: string) => void;
   onGoHome: () => void;
   onResolve: LayoutProps["onResolve"];
+  onBulkApprove?: (ids: string[]) => void;
 }) {
   if (props.requests.kind === "loading") {
     return (
@@ -225,6 +239,7 @@ function QueueWorkspace(props: {
         activeRequestId={props.activeRequestId}
         items={props.requests.items}
         onOpenRequest={props.onOpenRequest}
+        onBulkApprove={props.onBulkApprove}
       />
     </div>
   );
@@ -244,7 +259,7 @@ function QueueHeader(props: {
           Review Queue
         </h1>
         <p className="max-w-2xl text-sm leading-relaxed text-muted-foreground">
-          HOL Guard paused the action below before it ran. Review the command or tool, then approve it once or keep it blocked.
+          HOL Guard paused this before it ran. Review what was stopped, then approve or block it.
         </p>
       </div>
       <div className="flex flex-wrap gap-2">
@@ -260,6 +275,7 @@ function QueueBrowser(props: {
   activeRequestId: string | null;
   items: GuardApprovalRequest[];
   onOpenRequest: (requestId: string) => void;
+  onBulkApprove?: (ids: string[]) => void;
 }) {
   const [searchTerm, setSearchTerm] = useState("");
   const [harnessFilter, setHarnessFilter] = useState("all");
@@ -311,8 +327,37 @@ function QueueBrowser(props: {
     setPage((value) => Math.min(totalPages, value + 1));
   }, [totalPages]);
 
+  const isReadOnlyItem = useCallback((item: GuardApprovalRequest) =>
+    item.policy_action !== "block" &&
+    (item.action_envelope_json?.action_type === "file_read" || item.artifact_type === "file_read_request"),
+  []);
+
+  const bulkReadOnlyItems = useMemo(
+    () => filteredItems.filter(isReadOnlyItem),
+    [filteredItems, isReadOnlyItem]
+  );
+  const showBulkApprove =
+    props.onBulkApprove !== undefined &&
+    filteredItems.length > 0 &&
+    bulkReadOnlyItems.length === filteredItems.length;
+
+  const handleBulkApprove = useCallback(() => {
+    props.onBulkApprove?.(filteredItems.map((item) => item.request_id));
+  }, [props.onBulkApprove, filteredItems]);
+
   return (
     <section className="border-t border-slate-200/70 pt-6">
+      {showBulkApprove && (
+        <div className="mb-4">
+          <button
+            type="button"
+            onClick={handleBulkApprove}
+            className="rounded-full border border-brand-blue/30 bg-white px-4 py-2 text-sm font-medium text-brand-blue shadow-sm transition-colors hover:bg-brand-blue/5"
+          >
+            Approve all read-only actions ({filteredItems.length})
+          </button>
+        </div>
+      )}
       <div className="flex flex-col gap-4 lg:flex-row lg:items-start lg:justify-between">
         <div>
           <SectionLabel>Other waiting actions</SectionLabel>
@@ -424,6 +469,7 @@ function DecisionWorkspace(props: {
   const [reason, setReason] = useState("approved in local approval center");
   const [submitting, setSubmitting] = useState<"allow" | "block" | null>(null);
   const [errorMessage, setErrorMessage] = useState<string | null>(null);
+  const [confirmPending, setConfirmPending] = useState<"allow" | "block" | null>(null);
 
   useEffect(() => {
     if (props.detail.kind === "ready") {
@@ -456,6 +502,57 @@ function DecisionWorkspace(props: {
     [props.onResolve, readyRequestId, readyWorkspace, reason, scope]
   );
 
+  const handleRequestResolve = useCallback(
+    (action: "allow" | "block") => {
+      if (broadScopeValues.has(scope)) {
+        setConfirmPending(action);
+      } else {
+        void handleResolve(action);
+      }
+    },
+    [scope, handleResolve]
+  );
+
+  const handleConfirmResolve = useCallback(() => {
+    if (confirmPending !== null) {
+      void handleResolve(confirmPending);
+      setConfirmPending(null);
+    }
+  }, [confirmPending, handleResolve]);
+
+  const handleCancelConfirm = useCallback(() => {
+    setConfirmPending(null);
+  }, []);
+
+  useEffect(() => {
+    if (props.detail.kind !== "ready") return;
+    const onKeyDown = (event: KeyboardEvent) => {
+      if (submitting !== null) return;
+      if (confirmPending !== null) {
+        if (event.key === "Enter") {
+          handleConfirmResolve();
+          return;
+        }
+        if (event.key === "Escape") {
+          handleCancelConfirm();
+          return;
+        }
+        return;
+      }
+      const target = event.target as HTMLElement;
+      if (
+        target.tagName === "INPUT" ||
+        target.tagName === "TEXTAREA" ||
+        target.tagName === "SELECT" ||
+        target.isContentEditable
+      ) return;
+      if (event.key === "a" || event.key === "A") handleRequestResolve("allow");
+      else if (event.key === "b" || event.key === "B") handleRequestResolve("block");
+    };
+    window.addEventListener("keydown", onKeyDown);
+    return () => window.removeEventListener("keydown", onKeyDown);
+  }, [props.detail.kind, submitting, handleRequestResolve, confirmPending, handleConfirmResolve, handleCancelConfirm]);
+
   if (props.detail.kind === "loading") {
     return (
       <div className="space-y-4">
@@ -481,6 +578,14 @@ function DecisionWorkspace(props: {
   const broadScopeOpts = scopeOptions.filter((option) => !commonScopeValues.has(option.value));
   return (
     <div className="guard-surface-in space-y-4">
+      {confirmPending !== null && (
+        <ConfirmModal
+          action={confirmPending}
+          scopeLabel={scopeLabel(scope)}
+          onConfirm={handleConfirmResolve}
+          onCancel={handleCancelConfirm}
+        />
+      )}
       <RuleBuilder
         item={item}
         scope={scope}
@@ -491,7 +596,7 @@ function DecisionWorkspace(props: {
         broadScopeOptions={broadScopeOpts}
         onScopeChange={setScope}
         onReasonChange={setReason}
-        onResolve={handleResolve}
+        onResolve={handleRequestResolve}
       />
       <WhatChanged item={item} diff={diff} receipt={receipt} policy={policy} />
     </div>
@@ -547,11 +652,9 @@ function WhatChanged(props: { item: GuardApprovalRequest; diff: GuardArtifactDif
       <summary className="flex cursor-pointer select-none items-center justify-between gap-3 text-sm font-medium text-brand-dark [&::-webkit-details-marker]:hidden">
         <span className="flex items-center gap-2">
           <span className="text-brand-blue transition-transform duration-200 group-open:rotate-90">›</span>
-          Review technical evidence
-        </span>
-        <span className="hidden rounded-full bg-surface-1 px-3 py-1 font-mono text-[11px] text-muted-foreground sm:inline">
-            saved details
+          Technical details
         </span>
+        <Badge tone="warning">{artifactTypeLabel(item.artifact_type)}</Badge>
       </summary>
       <div className="mt-4 space-y-3 border-l-2 border-brand-blue/10 pl-4">
         <p className="text-sm leading-relaxed text-brand-dark/70">{buildStoppedReason(item, receipt)}</p>
@@ -591,37 +694,45 @@ function RuleBuilder(props: {
 }) {
   const previewText = getRulePreviewText(props.item, props.scope);
   const allowLabel = props.scope === "artifact" ? "Approve once" : "Approve and remember";
+  const retryInstruction = props.item.decision_v2_json?.retry_instruction ?? null;
+
+  const handleAllow = useCallback(() => props.onResolve("allow"), [props.onResolve]);
+  const handleBlock = useCallback(() => props.onResolve("block"), [props.onResolve]);
+
   return (
     <section className="guard-surface-in relative overflow-hidden rounded-[2rem] border border-brand-blue/15 bg-[radial-gradient(circle_at_top_left,rgba(85,153,254,0.12),transparent_32%),linear-gradient(135deg,#ffffff_0%,#ffffff_58%,rgba(85,153,254,0.08)_100%)] p-5 shadow-[0_20px_60px_rgba(63,65,116,0.08)] sm:p-6 lg:p-7">
       <div className="pointer-events-none absolute right-8 top-8 h-24 w-24 rounded-full bg-brand-green/20 blur-3xl" />
-      <div className="relative grid gap-6 lg:grid-cols-[minmax(0,1fr)_330px] lg:items-start">
-        <div>
-          <div className="flex flex-wrap items-center gap-2">
-            <Tag tone="blue">HOL Guard</Tag>
-            <Tag tone="slate">{harnessDisplayName(props.item.harness)}</Tag>
-            <PolicyBadge action={props.item.policy_action} />
-          </div>
-          <div className="mt-4 max-w-3xl">
-            <SectionLabel>Needs your decision</SectionLabel>
-            <h3 className="mt-2 text-2xl font-semibold tracking-tight text-brand-dark sm:text-3xl">
-              {buildDecisionTitle(props.item)}
-            </h3>
-            <p className="mt-3 max-w-2xl text-sm leading-6 text-brand-dark/70">
-              {buildPauseLine(props.item)}
-            </p>
-          </div>
+      <div className="relative">
+        <div className="flex flex-wrap items-center gap-2">
+          <Tag tone="blue">HOL Guard</Tag>
+          <Tag tone="slate">{harnessDisplayName(props.item.harness)}</Tag>
+          <PolicyBadge action={props.item.policy_action} />
         </div>
+        <div className="mt-4 max-w-3xl">
+          <SectionLabel>Needs your decision</SectionLabel>
+          <h3 className="mt-2 text-2xl font-semibold tracking-tight text-brand-dark sm:text-3xl">
+            {buildDecisionTitle(props.item)}
+          </h3>
+          <p className="mt-3 max-w-2xl text-sm leading-6 text-brand-dark/70">
+            {buildPauseLine(props.item)}
+          </p>
+        </div>
+      </div>
+
+      <div className="relative mt-5">
         <DecisionActionPanel
           allowLabel={allowLabel}
           previewText={previewText}
           submitting={props.submitting}
           isBlocked={props.item.policy_action === "block"}
-          onAllow={() => props.onResolve("allow")}
-          onBlock={() => props.onResolve("block")}
+          retryInstruction={retryInstruction}
+          onAllow={handleAllow}
+          onBlock={handleBlock}
         />
       </div>
 
       <DecisionSteps activeStep={props.submitting === null ? 1 : 3} />
+      <KeyboardHints />
 
       <div className="relative mt-6 grid gap-6 xl:grid-cols-[minmax(0,1.08fr)_minmax(340px,0.92fr)] xl:items-start">
         <BlockedActionCard item={props.item} />
@@ -699,6 +810,7 @@ function DecisionActionPanel(props: {
   previewText: string;
   submitting: "allow" | "block" | null;
   isBlocked: boolean;
+  retryInstruction: string | null;
   onAllow: () => void;
   onBlock: () => void;
 }) {
@@ -708,6 +820,10 @@ function DecisionActionPanel(props: {
       <p className="mt-2 text-sm leading-6 text-brand-dark/70">
         {props.previewText}
       </p>
+      <div className="mt-3 grid gap-1.5">
+        <ApproveConsequence retryInstruction={props.retryInstruction} />
+        <BlockConsequence />
+      </div>
       <div className="mt-4 grid gap-2">
         <ActionButton variant="success" onClick={props.onAllow} disabled={props.submitting !== null}>
           {props.submitting === "allow" ? "Saving…" : (props.isBlocked ? "Allow — override block" : props.allowLabel)}
@@ -817,7 +933,6 @@ function BlockedActionCard(props: { item: GuardApprovalRequest }) {
       <div className="p-4">
         <div className="flex flex-wrap items-center justify-between gap-2">
           <SectionLabel>What was stopped</SectionLabel>
-          <Badge tone="warning">{artifactTypeLabel(props.item.artifact_type)}</Badge>
         </div>
         <h4 className="mt-2 text-xl font-semibold tracking-tight text-brand-dark">
           {actionDisplayTitle(props.item)}
@@ -836,7 +951,7 @@ function BlockedActionCard(props: { item: GuardApprovalRequest }) {
             <span className="h-2.5 w-2.5 rounded-full bg-brand-blue" />
             <span className="h-2.5 w-2.5 rounded-full bg-brand-green" />
             <span className="ml-2 font-mono text-[10px] uppercase tracking-[0.22em] text-white/45">
-              Stopped command
+              {resolveTerminalLabel(props.item)}
             </span>
             <span className="ml-auto">
               <CopyCommandButton command={launchText} />
@@ -846,6 +961,7 @@ function BlockedActionCard(props: { item: GuardApprovalRequest }) {
             {launchText}
           </pre>
         </div>
+        <WhyThisPaused item={props.item} />
         {isBlocked && (
           <div className="mt-3 rounded-[1rem] border border-brand-purple/20 bg-brand-purple/[0.05] px-3 py-2.5">
             <p className="text-sm leading-6 text-brand-purple">
@@ -937,10 +1053,6 @@ function PolicyBadge(props: { action: string }) {
   return <Badge tone={tone}>{policyActionLabel(props.action)}</Badge>;
 }
 
-function displayArtifactName(item: GuardApprovalRequest): string {
-  return item.artifact_name || item.artifact_id || "this action";
-}
-
 function simplifyRiskHeadline(headline: string, harness: string): string {
   const lowerHeadline = headline.toLowerCase();
   if (lowerHeadline.includes("sensitive native tool action") || lowerHeadline.includes("destructive shell command")) {