mirror of
https://github.com/getcompanion-ai/co-mono.git
synced 2026-04-15 21:03:19 +00:00
6f7c10e323
- Add setEditorText() and getEditorText() to HookUIContext for prompt generator pattern - custom() now accepts async factories for fire-and-forget work - Add CancellableLoader component to tui package - Add BorderedLoader component for hooks with cancel UI - Export HookAPI, HookContext, HookFactory from main package - Update all examples to import from packages instead of relative paths - Update hooks.md and custom-tools.md documentation fixes #350
34 lines
1,002 B
TypeScript
34 lines
1,002 B
TypeScript
/**
|
|
* Permission Gate Hook
|
|
*
|
|
* Prompts for confirmation before running potentially dangerous bash commands.
|
|
* Patterns checked: rm -rf, sudo, chmod/chown 777
|
|
*/
|
|
|
|
import type { HookAPI } from "@mariozechner/pi-coding-agent";
|
|
|
|
export default function (pi: HookAPI) {
|
|
const dangerousPatterns = [/\brm\s+(-rf?|--recursive)/i, /\bsudo\b/i, /\b(chmod|chown)\b.*777/i];
|
|
|
|
pi.on("tool_call", async (event, ctx) => {
|
|
if (event.toolName !== "bash") return undefined;
|
|
|
|
const command = event.input.command as string;
|
|
const isDangerous = dangerousPatterns.some((p) => p.test(command));
|
|
|
|
if (isDangerous) {
|
|
if (!ctx.hasUI) {
|
|
// In non-interactive mode, block by default
|
|
return { block: true, reason: "Dangerous command blocked (no UI for confirmation)" };
|
|
}
|
|
|
|
const choice = await ctx.ui.select(`⚠️ Dangerous command:\n\n ${command}\n\nAllow?`, ["Yes", "No"]);
|
|
|
|
if (choice !== "Yes") {
|
|
return { block: true, reason: "Blocked by user" };
|
|
}
|
|
}
|
|
|
|
return undefined;
|
|
});
|
|
}
|