added some regex based checks for dangerous commands#38
Merged
lifeizhou-ap merged 1 commit intoblock:mainfrom Sep 4, 2024
Merged
added some regex based checks for dangerous commands#38lifeizhou-ap merged 1 commit intoblock:mainfrom
lifeizhou-ap merged 1 commit intoblock:mainfrom
Conversation
baxen
approved these changes
Sep 4, 2024
Collaborator
baxen
left a comment
baxen
left a comment
There was a problem hiding this comment.
LGTM! Left a couple of small detail comments
| bool: True if the command is dangerous, False otherwise. | ||
| """ | ||
| dangerous_patterns = [ | ||
| r"\brm\b", # rm command |
Collaborator
There was a problem hiding this comment.
nit: I think rm on a single file might be fine, but I am scared of rm -r - especially combined with the file path checks below. Wdyt?
Contributor
Author
There was a problem hiding this comment.
better safe than sorry.
There was a problem hiding this comment.
A bit late, but I think it'd be nice to add some user flexibility here, possibly via config setting somewhere. eg: one might also not want to allow curl, http, etc.
| ], | ||
| ) | ||
| def test_dangerous_commands(command): | ||
| assert is_dangerous_command(command) |
Collaborator
There was a problem hiding this comment.
nit: probably want to assert some of the inverse, with safe commands too
Contributor
Author
There was a problem hiding this comment.
that's what the second test does.
lukealvoeiro
added a commit
that referenced
this pull request
Sep 4, 2024
…l-commit-title-pr * origin/main: feat: show available toolkits (#37) adding in ability to provide per repo hints (#32) Apply ruff and add to CI (#40) added some regex based checks for dangerous commands (#38) chore: Update publish github workflow to check package versions before publishing (#19) chore: upgrade ai-exchange dependency (#36) fix: resuming sessions (#35) feat: upgrade `ai-exchange` to version `0.8.3` and fix tests (#34) fix: export metadata.plugins export should have valid module (#30) fix (#24) link to vs code extension (#20) Enable cli options for plugin (#22) Modified the readme to be more friendly to new users (#16) chore: gitignore generated lockfile (#15) add prompts (#11) conditionally publish only when config changes (#9)
lukealvoeiro
pushed a commit
that referenced
this pull request
Sep 9, 2024
lukealvoeiro
added a commit
that referenced
this pull request
Sep 9, 2024
* main: fix: typo in exchange method `rewind` (#54) fix: remove unsafe pop of messages (#47) chore: Update LICENSE (#53) chore(docs): update is_dangerous_command method description (#48) refactor: improve safety rails speed and prompt (#45) feat: make goosehints jinja templated (#43) ci: enforce PR title follows conventional commit (#14) feat: show available toolkits (#37) adding in ability to provide per repo hints (#32) Apply ruff and add to CI (#40) added some regex based checks for dangerous commands (#38) chore: Update publish github workflow to check package versions before publishing (#19) chore: upgrade ai-exchange dependency (#36) fix: resuming sessions (#35) feat: upgrade `ai-exchange` to version `0.8.3` and fix tests (#34) fix: export metadata.plugins export should have valid module (#30) fix (#24) link to vs code extension (#20) Enable cli options for plugin (#22) Modified the readme to be more friendly to new users (#16)
Kvadratni
added a commit
to Kvadratni/goose
that referenced
this pull request
Sep 23, 2024
* origin/main: chore: release 0.9.0 (block#58) fix: goose should track files it reads and not overwrite changes (block#46) docs: Small dev notes for using exchange from source (block#50) fix: typo in exchange method `rewind` (block#54) fix: remove unsafe pop of messages (block#47) chore: Update LICENSE (block#53) chore(docs): update is_dangerous_command method description (block#48) refactor: improve safety rails speed and prompt (block#45) feat: make goosehints jinja templated (block#43) ci: enforce PR title follows conventional commit (block#14) feat: show available toolkits (block#37) adding in ability to provide per repo hints (block#32) Apply ruff and add to CI (block#40) added some regex based checks for dangerous commands (block#38) chore: Update publish github workflow to check package versions before publishing (block#19) # Conflicts: # src/goose/toolkit/developer.py # src/goose/utils/check_shell_command.py # tests/utils/test_check_shell_command.py
lily-de
pushed a commit
that referenced
this pull request
Oct 7, 2024
ahau-square
pushed a commit
that referenced
this pull request
May 2, 2025
cbruyndoncx
pushed a commit
to cbruyndoncx/goose
that referenced
this pull request
Jul 20, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request enhances the safety of shell command execution by introducing a check for dangerous commands and updating the notification messages accordingly. The most important changes include adding a utility function to identify dangerous commands, modifying the shell command execution logic to incorporate this check, and adding tests to validate the new functionality.
Safety Enhancements:
src/goose/utils/check_shell_command.py: Added a new utility functionis_dangerous_commandto identify potentially dangerous shell commands based on predefined patterns.src/goose/toolkit/developer.py: Updated theshellmethod to use theis_dangerous_commandfunction to check for dangerous commands before execution.Notification Improvements:
src/goose/toolkit/developer.py: Changed the status message from "running shell command" to "planning to run shell command" before the danger check, and moved the "running shell command" message to after the check. [1] [2]Testing:
tests/utils/test_check_shell_command.py: Added tests to verify that theis_dangerous_commandfunction correctly identifies dangerous commands and does not flag safe commands.Import Adjustments:
src/goose/toolkit/developer.py: Added an import statement for theis_dangerous_commandfunction.