Expand description
Command safety detection module
Implements granular command safety evaluation based on subcommands and options, following patterns from OpenAI’s Codex project.
Features:
- Safe-by-default subcommand allowlists (e.g.,
gitonly allowsbranch|status|log) - Per-option blacklists (e.g.,
findforbids-delete,-exec) - Shell chain parsing for
bash -lc "..."scripts - Windows/PowerShell-specific dangerous command detection
- Recursive dangerous command detection with
sudounwrapping - Audit logging for compliance
- LRU caching for performance
Re-exports§
pub use audit::AuditEntry;pub use audit::SafetyAuditLogger;pub use cache::SafetyDecisionCache;pub use command_db::CommandDatabase;pub use dangerous_commands::command_might_be_dangerous;pub use safe_command_registry::SafeCommandRegistry;pub use safe_command_registry::SafetyDecision;pub use shell_parser::parse_bash_lc_commands;pub use unified::EvaluationReason;pub use unified::EvaluationResult;pub use unified::PolicyAwareEvaluator;pub use unified::UnifiedCommandEvaluator;
Modules§
- audit
- Audit logging for command safety decisions.
- cache
- Caching layer for command safety decisions.
- command_
db - Command database: comprehensive safe command rules organized by category.
- dangerous_
commands - Detection of dangerous commands that should never be executed.
- safe_
command_ registry - Safe command registry: defines which commands and subcommands are safe to execute.
- shell_
parser - Shell script parser for
bash -lcand similar commands. - unified
- Unified Command Evaluator - Phase 5
Functions§
- is_
safe_ command - Evaluates if a command is safe to execute. Returns true if the command passes all safety checks.
- shell_
string_ might_ be_ dangerous - Evaluate a shell command string by parsing it into subcommands and checking each with the centralized dangerous-command detector.
- validate_
command_ safety - Validates that a command is safe to execute.