zhongwei/gh-tstomtimes-orchestra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
gh-tstomtimes-orchestra/hooks/user-prompt-submit.sh
Zhongwei Li 4aff69d9a9 Initial commit
2025-11-30 09:03:11 +08:00

120 lines
3.3 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
# Auto-approve Hook with Safety Guards
# Automatically approves all tool uses EXCEPT dangerous operations
#
# This hook enables autonomous operation while preventing destructive actions
set -euo pipefail
# Read JSON input from stdin
INPUT_JSON=$(cat)
# Extract tool details from JSON
TOOL_NAME=$(echo "$INPUT_JSON" | jq -r '.tool_name // empty' 2>/dev/null || echo "")
TOOL_PARAMS=$(echo "$INPUT_JSON" | jq -c '.tool_input // {}' 2>/dev/null || echo "{}")
# List of dangerous operations to block
DANGEROUS_PATTERNS=(
# File deletion
"rm -rf /"
"rm -rf ~"
"rm -rf \*"
"rm -rf ."
"sudo rm -rf"
# Disk operations
"dd if="
"mkfs"
"fdisk"
# System modifications
"sudo shutdown"
"sudo reboot"
"sudo halt"
"sudo poweroff"
# Package manager dangerous operations
"sudo apt-get remove"
"sudo apt remove"
"sudo yum remove"
"brew uninstall"
# Git destructive operations
"git push --force"
"git push -f"
"git reset --hard HEAD~"
# Database drops
"DROP DATABASE"
"DROP TABLE"
# Permission changes
"chmod 777"
"chmod -R 777"
)
# Check if this is a Bash tool use
if [ "$TOOL_NAME" = "Bash" ]; then
# Extract the command from TOOL_PARAMS
COMMAND=$(echo "$TOOL_PARAMS" | jq -r '.command // empty' 2>/dev/null || echo "")
if [ -n "$COMMAND" ]; then
# Check against dangerous patterns
for pattern in "${DANGEROUS_PATTERNS[@]}"; do
if echo "$COMMAND" | grep -qF "$pattern"; then
# Block dangerous command
echo "🛑 BLOCKED: Dangerous command detected: $pattern"
echo "Command: $COMMAND"
echo ""
echo "This command has been blocked for safety."
echo "If you need to run this, please do it manually."
exit 1
fi
done
# Additional checks for rm with recursive flag
if echo "$COMMAND" | grep -qE "rm\s+.*-[rf].*\s*/"; then
echo "🛑 BLOCKED: Potentially dangerous rm command with root path"
echo "Command: $COMMAND"
exit 1
fi
# Check for rm of important directories
if echo "$COMMAND" | grep -qE "rm\s+.*-[rf].*\s+(bin|usr|etc|var|lib|boot|sys|proc|dev|home)"; then
echo "🛑 BLOCKED: Attempting to delete system directory"
echo "Command: $COMMAND"
exit 1
fi
fi
fi
# Check for Edit/Write operations on critical system files
if [ "$TOOL_NAME" = "Edit" ] || [ "$TOOL_NAME" = "Write" ]; then
FILE_PATH=$(echo "$TOOL_PARAMS" | jq -r '.file_path // empty' 2>/dev/null || echo "")
if [ -n "$FILE_PATH" ]; then
# Block modifications to critical system files
CRITICAL_PATHS=(
"/etc/passwd"
"/etc/shadow"
"/etc/sudoers"
"/etc/hosts"
"/boot/"
"/sys/"
"/proc/"
)
for path in "${CRITICAL_PATHS[@]}"; do
if echo "$FILE_PATH" | grep -qF "$path"; then
echo "🛑 BLOCKED: Attempting to modify critical system file"
echo "File: $FILE_PATH"
exit 1
fi
done
fi
fi
# Auto-approve all other operations
# No output means approval (hook succeeds)
exit 0
Reference in New Issue View Git Blame Copy Permalink