bookworm-smart-assistant/hooks/rules/rules-compiled.json

{"generated":"2026-04-16T16:28:54.644Z","sources":{"ask-patterns.json":{"mtime":1774938915176.4019,"size":2358,"count":16},"credential-patterns.json":{"mtime":1772177321000,"size":933,"count":6},"deny-patterns.json":{"mtime":1774939731772.2805,"size":6654,"count":46},"mcp-tool-classification.json":{"mtime":1774435129282.1284,"size":1003,"count":0},"sensitive-content-deny.json":{"mtime":1775955777632.6755,"size":159,"count":0},"sensitive-content.json":{"mtime":1773322750000,"size":1651,"count":12},"sensitive-paths.json":{"mtime":1776184646441.7893,"size":4770,"count":36},"sensitive-redirect.json":{"mtime":1774873964973.9507,"size":2049,"count":12}},"rules":{"ask-patterns":[{"regex":"git\\s+push\\s+.*--force","flags":"i","reason":"Git 强制推送可能覆盖远端历史"},{"regex":"git\\s+push\\s+-f\\b","flags":"i","reason":"Git 强制推送可能覆盖远端历史"},{"regex":"git\\s+reset\\s+--hard","flags":"i","reason":"Git 硬重置会丢失未提交的更改"},{"regex":"git\\s+clean\\s+-[fd]","flags":"i","reason":"Git clean 会删除未跟踪的文件"},{"regex":"git\\s+checkout\\s+\\.\\s*","flags":"i","reason":"会丢弃所有未暂存的更改"},{"regex":"git\\s+restore\\s+\\.\\s*","flags":"i","reason":"会丢弃所有未暂存的更改"},{"regex":"git\\s+branch\\s+-D\\b","flags":"i","reason":"强制删除分支"},{"regex":"ALTER\\s+TABLE\\s+\\w+\\s+DROP","flags":"i","reason":"表结构破坏性变更"},{"regex":"docker\\s+system\\s+prune\\s+-a","flags":"i","reason":"Docker 全量清理"},{"regex":"kubectl\\s+delete\\s+(?:namespace|ns|deploy)","flags":"i","reason":"K8s 资源删除"},{"regex":"Remove-Item\\s+.*-Recurse","flags":"i","reason":"PowerShell 递归删除"},{"regex":"Stop-Process\\s+.*-Force","flags":"i","reason":"PowerShell 强制终止进程"},{"regex":"Stop-Computer","flags":"i","reason":"PowerShell 关机"},{"regex":"Restart-Computer\\s+.*-Force","flags":"i","reason":"PowerShell 强制重启"},{"regex":"\\bgit\\s+stash\\s+(drop|clear)\\b","reason":"git stash 删除操作可能丢失暂存的工作","flags":"i"},{"regex":"\\bgit\\s+reflog\\s+expire\\b","reason":"git reflog 过期操作可能导致提交不可恢复","flags":"i"}],"credential-patterns":[{"regex":"(?:password|passwd)=\\S{6,}","flags":"i","reason":"命令中包含明文密码"},{"regex":"(?:secret|token|api[-_]?key)=(?:eyJ|sk-|ghp_|glpat-)\\S{10,}","flags":"i","reason":"命令中包含 API Token"},{"regex":"Authorization:\\s*Bearer\\s+\\S{20,}","flags":"i","reason":"命令中包含 Bearer Token"},{"regex":"AKIA[0-9A-Z]{16}","flags":"i","reason":"命令中包含 AWS Access Key"},{"regex":"sk-ant-[a-zA-Z0-9_-]{20,}","flags":"","reason":"命令中包含 Anthropic API Key"},{"regex":"~.[a-zA-Z0-9_-]{34}","flags":"","reason":"命令中可能包含 Azure AD Client Secret"}],"deny-patterns":[{"regex":"rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+.*[\\/\\\\~]","flags":"i","reason":"递归删除根目录或家目录"},{"regex":"rm\\s+.*--recursive","flags":"i","reason":"递归删除(长选项)"},{"regex":"rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+\\.(?:[/\\\\]\\S*)?\\s*$","flags":"im","reason":"递归删除当前目录 (仅匹配 . 或 ./ 而非 .dotdir)"},{"regex":"rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+\\*","flags":"i","reason":"递归删除通配符匹配"},{"regex":"mkfs\\.","flags":"i","reason":"格式化磁盘"},{"regex":"\\bdd\\b.*of=\\/dev\\/","flags":"i","reason":"直写磁盘设备"},{"regex":">\\s*\\/dev\\/sd[a-z]","flags":"i","reason":"重定向到磁盘设备"},{"regex":":\\(\\)\\{\\s*:\\|:&\\s*\\};:","flags":"i","reason":"Fork bomb"},{"regex":"\\w+\\(\\)\\s*\\{\\s*\\w+\\s*\\|\\s*\\w+\\s*&\\s*\\}\\s*;\\s*\\w+","flags":"i","reason":"Fork bomb 变体"},{"regex":"chmod\\s+-R\\s+777\\s+\\/","flags":"i","reason":"递归修改根目录权限"},{"regex":"format\\s+[cC]:","flags":"i","reason":"格式化 C 盘"},{"regex":"rd\\s+\\/s\\s+\\/q\\s+[cC]:","flags":"i","reason":"递归删除 C 盘"},{"regex":"Remove-Item\\s+(?=.*-Recurse)(?=.*-Force).*[A-Za-z]:\\\\","flags":"i","reason":"PowerShell 递归强制删除驱动器根目录"},{"regex":"Remove-It