Expand description
Command safety analysis for shell execution
This module provides pre-execution analysis of shell commands to detect potentially dangerous patterns and prevent accidental damage.
§Command prefix classification
classify_command maps a token slice to its canonical command prefix.
The prefix is the portion of the command that identifies what action is
being taken, stripped of flags and extra positional arguments.
The arity dictionary COMMAND_ARITY encodes, for each known prefix, how
many positional (non-flag) words after the base command word form the
prefix. Flags (tokens that start with -) never count toward arity.
§Examples
| Input tokens | Arity | Canonical prefix |
|---|---|---|
["git", "status", "-s"] | 1 | "git status" |
["git", "checkout", "main"] | 2 | "git checkout" |
["npm", "run", "dev"] | 2 | "npm run" |
["docker", "compose", "up"] | 2 | "docker compose" |
["cargo", "check", "--workspace"] | 1 | "cargo check" |
Ported from opencode packages/opencode/src/permission/arity.ts.
Structs§
- Safety
Analysis - Result of analyzing a command
Enums§
- Command
Category - Categorize commands into groups
- Safety
Level - Safety classification of a command
Statics§
- COMMAND_
ARITY - Arity dictionary: maps a command prefix (space-separated, lowercase) to the number of positional (non-flag) words, including the base command word, that form the canonical prefix.
Functions§
- analyze_
command - Analyze a shell command for safety
- categorize_
command - Get the category of a command
- classify_
command - Return the canonical command prefix for a slice of command tokens.
- extract_
primary_ command - Parse a command and extract the primary command name
- path_
escapes_ workspace - Check if a path escapes the workspace
- prefix_
allow_ matches - Return
truewhen an allow-rulepattern(a command-prefix string such as"git status") matches the concretecommandstring using the arity-aware prefix classification fromclassify_command.