destructive_command_guard 0.4.3

A Claude Code hook that blocks destructive commands before they execute
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378

//! Tests for robot mode (`--robot` flag and `DCG_ROBOT` env var).
//!
//! Robot mode provides a unified, machine-friendly interface for AI agents:
//! - Always outputs JSON to stdout
//! - Silent stderr (no rich formatting, no ANSI codes)
//! - Standardized exit codes:
//!   - 0: Success / Allow
//!   - 1: Command denied/blocked
//!   - 2: Warning (with --fail-on warn)
//!   - 3: Configuration error
//!   - 4: Parse/input error
//!   - 5: IO error

use std::path::PathBuf;
use std::process::Command;

/// Path to the dcg binary.
fn dcg_binary() -> PathBuf {
    if let Some(path) = std::env::var_os("CARGO_BIN_EXE_dcg") {
        return PathBuf::from(path);
    }

    let mut path = std::env::current_exe().unwrap();
    path.pop(); // Remove test binary name
    path.pop(); // Remove deps/
    path.push("dcg");
    path
}

/// Run a dcg command and return stdout, stderr, exit code.
fn run_dcg(args: &[&str]) -> (String, String, i32) {
    let binary = dcg_binary();
    let output = Command::new(&binary)
        .args(args)
        .output()
        .unwrap_or_else(|e| panic!("failed to run dcg at {}: {}", binary.display(), e));

    let stdout = String::from_utf8_lossy(&output.stdout).to_string();
    let stderr = String::from_utf8_lossy(&output.stderr).to_string();
    let exit_code = output.status.code().unwrap_or(-1);

    (stdout, stderr, exit_code)
}

/// Run a dcg command with environment variable set.
fn run_dcg_with_env(args: &[&str], key: &str, value: &str) -> (String, String, i32) {
    let binary = dcg_binary();
    let output = Command::new(&binary)
        .args(args)
        .env(key, value)
        .output()
        .unwrap_or_else(|e| panic!("failed to run dcg at {}: {}", binary.display(), e));

    let stdout = String::from_utf8_lossy(&output.stdout).to_string();
    let stderr = String::from_utf8_lossy(&output.stderr).to_string();
    let exit_code = output.status.code().unwrap_or(-1);

    (stdout, stderr, exit_code)
}

// =============================================================================
// Robot Mode Flag Tests
// =============================================================================

#[test]
fn test_robot_flag_enables_json_output() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", "git status"]);

    assert_eq!(exit_code, 0, "robot mode should exit 0 for allowed command");

    // Robot mode should produce JSON
    let json: serde_json::Value =
        serde_json::from_str(&stdout).expect("robot mode should produce valid JSON");

    assert!(json.is_object(), "robot mode should output JSON object");
    assert!(json.get("command").is_some(), "should have command field");
    assert!(json.get("decision").is_some(), "should have decision field");
}

#[test]
fn test_robot_flag_denied_command_exit_code() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", "git reset --hard"]);

    // In robot mode with test subcommand, denied commands exit 1
    assert_eq!(exit_code, 1, "robot mode should exit 1 for denied command");

    // Should still have JSON output
    let json: serde_json::Value =
        serde_json::from_str(&stdout).expect("robot mode should produce valid JSON");

    assert_eq!(json["decision"], "deny", "decision should be deny");
}

#[test]
fn test_robot_flag_no_ansi_codes() {
    let (stdout, stderr, _) = run_dcg(&["--robot", "test", "git reset --hard"]);

    // Neither stdout nor stderr should contain ANSI escape sequences
    assert!(
        !stdout.contains("\x1b["),
        "robot mode stdout should not contain ANSI codes\nstdout: {stdout}"
    );
    assert!(
        !stderr.contains("\x1b["),
        "robot mode stderr should not contain ANSI codes\nstderr: {stderr}"
    );
}

#[test]
fn test_robot_flag_silent_stderr() {
    let (_stdout, stderr, _) = run_dcg(&["--robot", "test", "git reset --hard"]);

    // In robot mode, stderr should be empty or minimal (no rich TUI output)
    // Note: Some progress info might still appear, but no decorative output
    assert!(
        !stderr.contains("╭") && !stderr.contains("╰") && !stderr.contains("│"),
        "robot mode should not have box-drawing characters in stderr\nstderr: {stderr}"
    );
}

// =============================================================================
// DCG_ROBOT Environment Variable Tests
// =============================================================================

#[test]
fn test_dcg_robot_env_enables_json_output() {
    let (stdout, _stderr, exit_code) = run_dcg_with_env(&["test", "git status"], "DCG_ROBOT", "1");

    assert_eq!(
        exit_code, 0,
        "DCG_ROBOT=1 should exit 0 for allowed command"
    );

    // Should produce JSON like --robot flag
    let json: serde_json::Value =
        serde_json::from_str(&stdout).expect("DCG_ROBOT=1 should produce valid JSON");

    assert!(json.is_object(), "DCG_ROBOT=1 should output JSON object");
}

#[test]
fn test_dcg_robot_env_denied_exit_code() {
    let (_stdout, _stderr, exit_code) =
        run_dcg_with_env(&["test", "git reset --hard"], "DCG_ROBOT", "1");

    assert_eq!(exit_code, 1, "DCG_ROBOT=1 should exit 1 for denied command");
}

#[test]
fn test_dcg_robot_env_no_ansi_codes() {
    let (stdout, stderr, _) = run_dcg_with_env(&["test", "git reset --hard"], "DCG_ROBOT", "1");

    assert!(
        !stdout.contains("\x1b["),
        "DCG_ROBOT=1 stdout should not contain ANSI codes"
    );
    assert!(
        !stderr.contains("\x1b["),
        "DCG_ROBOT=1 stderr should not contain ANSI codes"
    );
}

// =============================================================================
// Robot Mode JSON Structure Tests
// =============================================================================

#[test]
fn test_robot_mode_json_has_agent_info() {
    let (stdout, _stderr, _) = run_dcg(&["--robot", "test", "git reset --hard"]);

    let json: serde_json::Value = serde_json::from_str(&stdout).expect("should produce valid JSON");

    // Robot mode should include agent detection info
    if let Some(agent) = json.get("agent") {
        assert!(agent.is_object(), "agent should be an object");
    }
}

#[test]
fn test_robot_mode_json_has_severity() {
    let (stdout, _stderr, _) = run_dcg(&["--robot", "test", "git reset --hard"]);

    let json: serde_json::Value = serde_json::from_str(&stdout).expect("should produce valid JSON");

    if json["decision"] == "deny" {
        assert!(
            json.get("severity").is_some(),
            "denied commands should include severity"
        );
    }
}

#[test]
fn test_robot_mode_json_has_rule_id() {
    let (stdout, _stderr, _) = run_dcg(&["--robot", "test", "git reset --hard"]);

    let json: serde_json::Value = serde_json::from_str(&stdout).expect("should produce valid JSON");

    if json["decision"] == "deny" {
        assert!(
            json.get("rule_id").is_some(),
            "denied commands should include rule_id"
        );
        assert!(
            json.get("pack_id").is_some(),
            "denied commands should include pack_id"
        );
    }
}

// =============================================================================
// Exit Code Tests
// =============================================================================

#[test]
fn test_robot_mode_exit_0_allowed() {
    let safe_commands = ["ls -la", "git status", "echo hello", "cat /etc/hosts"];

    for cmd in safe_commands {
        let (_stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", cmd]);

        assert_eq!(
            exit_code, 0,
            "robot mode should exit 0 for allowed command: {cmd}"
        );
    }
}

#[test]
fn test_robot_mode_exit_1_denied() {
    let dangerous_commands = [
        "git reset --hard",
        "git clean -fd",
        "rm -rf /",
        "git push --force origin main",
    ];

    for cmd in dangerous_commands {
        let (_stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", cmd]);

        assert_eq!(
            exit_code, 1,
            "robot mode should exit 1 for denied command: {cmd}"
        );
    }
}

// =============================================================================
// Comparison: Robot Mode vs Hook Mode
// =============================================================================

#[test]
fn test_robot_mode_vs_hook_mode_exit_codes() {
    // Robot mode with test subcommand should use standardized exit codes
    // Hook mode (piped JSON input) follows Claude Code protocol (always exit 0)

    // Robot mode: denied = exit 1
    let (_stdout, _stderr, robot_exit) = run_dcg(&["--robot", "test", "git reset --hard"]);
    assert_eq!(robot_exit, 1, "robot mode denied should exit 1");

    // Robot mode: allowed = exit 0
    let (_stdout, _stderr, robot_exit) = run_dcg(&["--robot", "test", "git status"]);
    assert_eq!(robot_exit, 0, "robot mode allowed should exit 0");
}

// =============================================================================
// Robot Mode with Different Commands
// =============================================================================

#[test]
fn test_robot_mode_explain_command() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "explain", "git reset --hard"]);

    assert_eq!(exit_code, 0, "robot mode explain should exit 0");

    let json: serde_json::Value =
        serde_json::from_str(&stdout).expect("robot mode explain should produce valid JSON");

    assert!(json.is_object(), "explain should output JSON object");
}

#[test]
fn test_robot_mode_packs_command() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "packs"]);

    assert_eq!(exit_code, 0, "robot mode packs should exit 0");

    let json: serde_json::Value =
        serde_json::from_str(&stdout).expect("robot mode packs should produce valid JSON");

    assert!(json.get("packs").is_some(), "should have packs array");
}

// =============================================================================
// Edge Cases
// =============================================================================

#[test]
fn test_robot_mode_empty_command() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", ""]);

    // Empty command should be handled gracefully
    assert!(
        exit_code == 0 || exit_code == 4,
        "empty command should exit 0 (allow) or 4 (parse error), got: {exit_code}"
    );

    // If there's output, it should be valid JSON
    if !stdout.trim().is_empty() {
        let _: serde_json::Value =
            serde_json::from_str(&stdout).expect("output should be valid JSON");
    }
}

#[test]
fn test_robot_mode_whitespace_command() {
    let (stdout, _stderr, exit_code) = run_dcg(&["--robot", "test", "   "]);

    // Whitespace-only command should be handled gracefully
    assert!(
        exit_code == 0 || exit_code == 4,
        "whitespace command should exit 0 or 4, got: {exit_code}"
    );

    if !stdout.trim().is_empty() {
        let _: serde_json::Value =
            serde_json::from_str(&stdout).expect("output should be valid JSON");
    }
}

#[test]
fn test_robot_mode_complex_command() {
    // Complex commands with pipes, redirects, etc.
    let (stdout, _stderr, exit_code) = run_dcg(&[
        "--robot",
        "test",
        "cat file.txt | grep pattern > output.txt",
    ]);

    // Should handle complex commands without crashing
    assert!(
        exit_code == 0 || exit_code == 1,
        "complex command should exit 0 or 1, got: {exit_code}"
    );

    let json: serde_json::Value = serde_json::from_str(&stdout).expect("should produce valid JSON");
    assert!(json.is_object(), "should be JSON object");
}

// =============================================================================
// Consistency Tests
// =============================================================================

#[test]
fn test_robot_flag_and_env_produce_same_result() {
    let cmd = "git reset --hard";

    let (stdout_flag, _stderr_flag, exit_flag) = run_dcg(&["--robot", "test", cmd]);
    let (stdout_env, _stderr_env, exit_env) = run_dcg_with_env(&["test", cmd], "DCG_ROBOT", "1");

    // Both should have same exit code
    assert_eq!(
        exit_flag, exit_env,
        "--robot flag and DCG_ROBOT=1 should have same exit code"
    );

    // Both should produce valid JSON
    let json_flag: serde_json::Value =
        serde_json::from_str(&stdout_flag).expect("--robot should produce valid JSON");
    let json_env: serde_json::Value =
        serde_json::from_str(&stdout_env).expect("DCG_ROBOT=1 should produce valid JSON");

    // Decision should match
    assert_eq!(
        json_flag["decision"], json_env["decision"],
        "decision should match between flag and env var"
    );
}