JSPM

@xiaopin44/sec-command-warning

1.0.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 25
  • Score
    100M100P100Q59766F
  • License MIT

Detect dangerous shell commands (rm -rf, DROP TABLE, git force push, etc.) before they execute. CLI tool for CI/CD and development security.

Package Exports

  • @xiaopin44/sec-command-warning
  • @xiaopin44/sec-command-warning/check.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@xiaopin44/sec-command-warning) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

sec-command-warning 🛡️

Detect dangerous shell commands before they execute.

Inspired by Claude Code's built-in destructive command detection. Catches rm -rf, DROP TABLE, git push --force, and 15+ other dangerous patterns.

Quick Start

npx sec-command-warning "git push --force"
# ⚠️  ⚠️  ⚠️  DANGEROUS COMMAND DETECTED
#    Warning: 可能覆盖远程历史

npx sec-command-warning "npm install"
# ✅ Command looks safe

Install

npm install -g @xiaodi/sec-command-warning
# or
npm install --save-dev @xiaodi/sec-command-warning

Usage

CLI

# Basic check
sec-warn "rm -rf ./node_modules"
sec-command-warning "DROP TABLE users"

# JSON output
sec-warn --json "git push --force"

# Read from stdin
echo "rm -rf /" | sec-warn --stdin

# Interpret exit codes
sec-warn --exit "grep foo file.txt" 1
# ℹ️  无匹配

API (Node.js)

import { checkWarning, interpretExit } from 'sec-command-warning'

// Check a command
console.log(checkWarning('rm -rf /'))
// { warning: '可能递归强制删除文件', severity: 'medium' }

// Interpret exit code
console.log(interpretExit('grep foo file.txt', 1))
// { isError: false, message: '无匹配' }

Detected Patterns (18)

Category Patterns
Git reset --hard, push --force, clean -f, checkout ., restore ., stash drop/clear, branch -D, --no-verify, --amend
Files rm -rf, rm -r, rm -f
Database DROP TABLE/DATABASE/SCHEMA, DELETE FROM (full table)
Infra kubectl delete, terraform destroy, docker rm/system prune
Access chmod -R 0000

Exit Codes

Code Meaning
0 Safe command
1 Dangerous pattern detected
2 Usage error

CI/CD Integration

# GitHub Actions example
- name: Check for dangerous commands in PR
  run: |
    git diff main...HEAD | grep '^+' | sed 's/^+//' | npx sec-command-warning --stdin

License

MIT