1pub const ALWAYS_BLOCKED_COMMANDS: &[&str] = &[
3 "rm",
4 "rmdir",
5 "del",
6 "format",
7 "fdisk",
8 "mkfs",
9 "dd",
10 "shred",
11 "wipe",
12 "srm",
13 "unlink",
14 "chmod",
15 "chown",
16 "passwd",
17 "usermod",
18 "userdel",
19 "systemctl",
20 "service",
21 "kill",
22 "killall",
23 "pkill",
24 "reboot",
25 "shutdown",
26 "halt",
27 "poweroff",
28 "sudo",
29 "su",
30 "doas",
31 "runas",
32 "mount",
33 "umount",
34 "fsck",
35 "tune2fs", "iptables",
37 "ufw",
38 "firewalld", "crontab",
40 "at", "podman",
42 "kubectl", ];
44
45pub const NETWORK_COMMANDS: &[&str] = &[
47 "wget", "ftp", "scp", "rsync", "ssh", "telnet", "nc", "ncat", "socat",
48];
49
50pub const ALLOWED_COMMANDS: &[&str] = &[
52 "ls",
54 "pwd",
55 "cat",
56 "head",
57 "tail",
58 "grep",
59 "find",
60 "wc",
61 "sort",
62 "uniq",
63 "cut",
64 "awk",
65 "sed",
66 "echo",
67 "printf",
68 "seq",
69 "basename",
70 "dirname",
71 "date",
72 "cal",
73 "bc",
74 "expr",
75 "test",
76 "[",
77 "]",
78 "true",
79 "false",
80 "sleep",
81 "which",
82 "type",
83 "file",
84 "stat",
85 "du",
86 "df",
87 "ps",
88 "top",
89 "htop",
90 "tree",
91 "less",
92 "more",
93 "tac",
94 "rev",
95 "tr",
96 "fold",
97 "paste",
98 "join",
99 "comm",
100 "diff",
101 "patch",
102 "gzip",
103 "gunzip",
104 "bzip2",
105 "bunzip2",
106 "xz",
107 "unxz",
108 "tar",
109 "zip",
110 "unzip",
111 "shasum",
112 "md5sum",
113 "sha256sum",
114 "sha512sum", "git",
117 "hg",
118 "svn",
119 "git-lfs",
120 "make",
122 "cmake",
123 "ninja",
124 "meson",
125 "bazel",
126 "buck2",
127 "scons",
128 "waf",
129 "xcodebuild",
130 "cargo",
132 "rustc",
133 "rustfmt",
134 "rustup",
135 "clippy",
136 "cargo-clippy",
137 "cargo-fmt",
138 "cargo-build",
139 "cargo-test",
140 "cargo-run",
141 "cargo-check",
142 "cargo-doc",
143 "npm",
145 "yarn",
146 "pnpm",
147 "bun",
148 "npx",
149 "node",
150 "yarnpkg",
151 "npm-run",
152 "npm-test",
153 "npm-start",
154 "npm-build",
155 "npm-lint",
156 "npm-install",
157 "yarn-test",
158 "yarn-start",
159 "yarn-build",
160 "yarn-lint",
161 "yarn-install",
162 "pnpm-test",
163 "pnpm-start",
164 "pnpm-build",
165 "pnpm-lint",
166 "pnpm-install",
167 "bun-test",
168 "bun-start",
169 "bun-build",
170 "bun-lint",
171 "bun-install",
172 "bun-run",
173 "python",
175 "python3",
176 "pip",
177 "pip3",
178 "virtualenv",
179 "venv",
180 "conda",
181 "pytest",
182 "python-m-pytest",
183 "python3-m-pytest",
184 "python-m-pip",
185 "python3-m-pip",
186 "python-m-venv",
187 "python3-m-venv",
188 "black",
189 "flake8",
190 "mypy",
191 "pylint",
192 "isort",
193 "ruff",
194 "bandit",
195 "java",
197 "javac",
198 "jar",
199 "jarsigner",
200 "javadoc",
201 "jmap",
202 "jstack",
203 "jstat",
204 "jinfo",
205 "mvn",
206 "gradle",
207 "gradlew",
208 "./gradlew",
209 "mvnw",
210 "./mvnw",
211 "mvn-test",
212 "mvn-compile",
213 "mvn-package",
214 "mvn-install",
215 "mvn-clean",
216 "gradle-test",
217 "gradle-build",
218 "gradle-check",
219 "gradle-run",
220 "gradle-clean",
221 "go",
223 "gofmt",
224 "goimports",
225 "golint",
226 "go-test",
227 "go-build",
228 "go-run",
229 "go-mod",
230 "golangci-lint",
231 "go-doc",
232 "go-vet",
233 "go-install",
234 "go-clean",
235 "gcc",
237 "g++",
238 "clang",
239 "clang++",
240 "clang-cl",
241 "cpp",
242 "cc",
243 "c++",
244 "gcc-ar",
245 "gcc-nm",
246 "gcc-ranlib",
247 "ld",
248 "lld",
249 "gold",
250 "bfdld",
251 "make",
252 "cmake",
253 "ninja",
254 "autotools",
255 "autoconf",
256 "automake",
257 "libtool",
258 "pkg-config",
259 "pkgconfig",
260 "pytest",
262 "jest",
263 "mocha",
264 "jasmine",
265 "karma",
266 "chai",
267 "sinon",
268 "vitest",
269 "cypress",
270 "selenium",
271 "playwright",
272 "testcafe",
273 "tape",
274 "ava",
275 "qunit",
276 "junit",
277 "googletest",
278 "catch2",
279 "benchmark",
280 "hyperfine",
281 "eslint",
283 "prettier",
284 "tslint",
285 "jshint",
286 "jscs",
287 "stylelint",
288 "htmlhint",
289 "jsonlint",
290 "yamllint",
291 "toml-check",
292 "markdownlint",
293 "remark-cli",
294 "shellcheck",
295 "hadolint",
296 "rustfmt",
297 "gofmt",
298 "black",
299 "isort",
300 "ruff",
301 "clang-format",
302 "clang-tidy",
303 "doxygen",
305 "sphinx",
306 "mkdocs",
307 "hugo",
308 "jekyll",
309 "gatsby",
310 "next",
311 "nuxt",
312 "vuepress",
313 "docusaurus",
314 "storybook",
315 "gitbook",
316 "readthedocs",
317 "pandoc",
318 "mdbook",
319 "mdBook",
320 "docker",
322 "docker-compose",
323 "docker-buildx",
324 "podman",
325 "buildah",
326 "docker-build",
327 "docker-run",
328 "docker-ps",
329 "docker-images",
330 "docker-inspect",
331 "docker-exec",
332 "docker-logs",
333 "docker-stats",
334 "docker-system",
335 "docker-network",
336 "sqlite3",
338 "mysql",
339 "psql",
340 "mongosh",
341 "redis-cli",
342 "redis-server",
343 "aws",
345 "gcloud",
346 "az",
347 "kubectl",
348 "helm",
349 "terraform",
350 "tf",
351 "terragrunt",
352 "serverless",
353 "sls",
354 "pulumi",
355 "cdk",
356 "sam",
357 "localstack",
358 "minikube",
359 "gitleaks",
361 "trivy",
362 "snyk",
363 "npm-audit",
364 "pip-audit",
365 "cargo-audit",
366 "bandit",
367 "safety",
368 "pipenv",
369 "poetry",
370 "perf",
372 "strace",
373 "ltrace",
374 "valgrind",
375 "gdb",
376 "lldb",
377 "sar",
378 "iostat",
379 "vmstat",
380 "htop",
381 "iotop",
382 "nethogs",
383 "iftop",
384 "speedtest-cli",
385 "ab",
386 "wrk",
387 "hey",
388 "gh",
390 "gitlab-ci",
391 "bitbucket",
392 "azure-pipelines",
393 "circleci",
394 "jenkins",
395 "drone",
396 "buildkite",
397 "travis",
398 "appveyor",
399 "composer",
401 "pear",
402 "gem",
403 "rbenv",
404 "rvm",
405 "nvm",
406 "nodenv",
407 "pyenv",
408 "rbenv",
409 "sdkman",
410 "jenv",
411 "lein",
412 "boot",
413 "mix",
414 "rebar3",
415 "erl",
416 "elixir",
417 "webpack",
419 "rollup",
420 "vite",
421 "parcel",
422 "esbuild",
423 "snowpack",
424 "turbo",
425 "swc",
426 "babel",
427 "postcss",
428 "sass",
429 "scss",
430 "less",
431 "stylus",
432 "tailwindcss",
433 "xcodebuild",
435 "fastlane",
436 "gradle",
437 "./gradlew",
438 "cordova",
439 "ionic",
440 "react-native",
441 "flutter",
442 "expo",
443 "capacitor",
444];