bookworm-smart-assistant/hooks/rules/deny-patterns.json

{
  "_comment": "绝对禁止的 Bash 命令模式 (deny) — 由 block-dangerous-commands.js 加载",
  "_version": "v4.0-RT7",
  "patterns": [
    {
      "regex": "rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+.*[\\/\\\\~]",
      "flags": "i",
      "reason": "递归删除根目录或家目录"
    },
    {
      "regex": "rm\\s+.*--recursive",
      "flags": "i",
      "reason": "递归删除(长选项)"
    },
    {
      "regex": "rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+\\.(?:[/\\\\]\\S*)?\\s*$",
      "flags": "im",
      "reason": "递归删除当前目录 (仅匹配 . 或 ./ 而非 .dotdir)"
    },
    {
      "regex": "rm\\s+(?:-[a-z]+\\s+)*-[a-z]*r[a-z]*\\s+\\*",
      "flags": "i",
      "reason": "递归删除通配符匹配"
    },
    {
      "regex": "mkfs\\.",
      "flags": "i",
      "reason": "格式化磁盘"
    },
    {
      "regex": "\\bdd\\b.*of=\\/dev\\/",
      "flags": "i",
      "reason": "直写磁盘设备"
    },
    {
      "regex": ">\\s*\\/dev\\/sd[a-z]",
      "flags": "i",
      "reason": "重定向到磁盘设备"
    },
    {
      "regex": ":\\(\\)\\{\\s*:\\|:&\\s*\\};:",
      "flags": "i",
      "reason": "Fork bomb"
    },
    {
      "regex": "\\w+\\(\\)\\s*\\{\\s*\\w+\\s*\\|\\s*\\w+\\s*&\\s*\\}\\s*;\\s*\\w+",
      "flags": "i",
      "reason": "Fork bomb 变体"
    },
    {
      "regex": "chmod\\s+-R\\s+777\\s+\\/",
      "flags": "i",
      "reason": "递归修改根目录权限"
    },
    {
      "regex": "format\\s+[cC]:",
      "flags": "i",
      "reason": "格式化 C 盘"
    },
    {
      "regex": "rd\\s+\\/s\\s+\\/q\\s+[cC]:",
      "flags": "i",
      "reason": "递归删除 C 盘"
    },
    {
      "regex": "Remove-Item\\s+(?=.*-Recurse)(?=.*-Force).*[A-Za-z]:\\\\",
      "flags": "i",
      "reason": "PowerShell 递归强制删除驱动器根目录"
    },
    {
      "regex": "Remove-Item\\s+(?=.*-Recurse)(?=.*-Force).*\\\\\\\\",
      "flags": "i",
      "reason": "PowerShell 递归强制删除 UNC 路径"
    },
    {
      "regex": "Format-Volume",
      "flags": "i",
      "reason": "PowerShell 格式化磁盘卷"
    },
    {
      "regex": "Clear-Disk",
      "flags": "i",
      "reason": "PowerShell 清除整个磁盘"
    },
    {
      "regex": "Initialize-Disk.*-RemoveData",
      "flags": "i",
      "reason": "PowerShell 初始化磁盘并清除数据"
    },
    {
      "regex": "DROP\\s+DATABASE",
      "flags": "i",
      "reason": "删除整个数据库"
    },
    {
      "regex": "TRUNCATE\\s+TABLE",
      "flags": "i",
      "reason": "清空表全部数据"
    },
    {
      "regex": "curl\\s+.*\\|\\s*(?:ba)?sh",
      "flags": "i",
      "reason": "从网络下载并直接执行脚本"
    },
    {
      "regex": "wget\\s+.*\\|\\s*(?:ba)?sh",
      "flags": "i",
      "reason": "从网络下载并直接执行脚本"
    },
    {
      "regex": "echo\\s+\\S+\\s*\\|\\s*base64\\s+(?:-d|--decode)\\s*\\|\\s*(?:ba)?sh",
      "flags": "i",
      "reason": "Base64 解码管道执行(混淆攻击)"
    },
    {
      "regex": "find\\s+.*-delete",
      "flags": "i",
      "reason": "find -delete 递归删除"
    },
    {
      "regex": "find\\s+.*-exec\\s+rm",
      "flags": "i",
      "reason": "find -exec rm 递归删除"
    },
    {
      "regex": "xargs\\s+rm\\s+-r",
      "flags": "i",
      "reason": "xargs rm -r 递归删除"
    },
    {
      "regex": "rsync\\s+.*--delete.*/",
      "flags": "i",
      "reason": "rsync --delete 危险同步"
    },
    {
      "regex": "curl\\s+.*\\|\\s*(?:python|node|perl|ruby)",
      "flags": "i",
      "reason": "从网络下载管道到脚本解释器"
    },
    {
      "regex": "wget\\s+.*\\|\\s*(?:python|node|perl|ruby)",
      "flags": "i",
      "reason": "从网络下载管道到脚本解释器"
    },
    {
      "regex": "chmod\\s+000\\s+/",
      "flags": "i",
      "reason": "chmod 000 锁定根目录权限"
    },
    {
      "regex": "iptables\\s+-F",
      "flags": "i",
      "reason": "iptables 刷空防火墙规则"
    },
    {
      "regex": "(?:cp|mv|install)\\s+.*\\.claude[/\\\\](?:hooks|scripts|constitution)[/\\\\]",
      "flags": "i",
      "reason": "cp/mv/install 覆盖 .claude 核心基础设施文件"
    },
    {
      "regex": "(?:cp|mv|install|ln)\\s+.*\\.claude[/\\\\](?:settings\\.json|feature-flags\\.json|\\.credentials\\.json|skills-index\\.json)",
      "flags": "i",
      "reason": "cp/mv/ln 覆盖 .claude 核心配置文件"
    },
    {
      "regex": "(?:truncate|unlink)\\s+.*\\.claude[/\\\\]",
      "flags": "i",
      "reason": "truncate/unlink 破坏 .claude 基础设施文件"
    },
    {
      "regex": "node\\s+(?:-e|--eval)\\s+.*(?:writeFile|writeFileSync|appendFile|appendFileSync).*\\.claude",
      "flags": "i",
      "reason": "P2-RT3: 通过 node -e 脚本 API 写入 .claude 基础设施文件"
    },
    {
      "regex": "python[23]?\\s+(?:-c)\\s+.*(?:open|write).*\\.claude",
      "flags": "i",
      "reason": "P2-RT3: 通过 python -c 脚本 API 写入 .claude 基础设施文件"
    },
    {
      "regex": "powershell.*(?:Set-Content|Add-Content|Out-File).*\\.claude",
      "flags": "i",
      "reason": "P2-RT3: 通过 PowerShell 写入 .claude 基础设施文件"
    },
    {
      "regex": "\\beval\\s+[\"']?\\$\\(",
      "flags": "",
      "reason": "RT-7: eval 执行命令替换 (代码注入)"
    },
    {
      "regex": "\\beval\\s+[\"']?\\$[A-Z_]",
      "flags": "",
      "reason": "RT-7: eval 执行变量内容 (代码注入)"
    },
    {
      "regex": "\\$\\{![^}]+\\}",
      "flags": "",
      "reason": "RT-7: Bash 间接变量引用 (代码注入)"
    },
    {
      "regex": "npm\\s+publish",
      "flags": "i",
      "reason": "RT-7: npm 发布应走 CI/CD Pipeline"
    },
    {
      "regex": "terraform\\s+destroy",
      "flags": "i",
      "reason": "R1: Terraform 销毁基础设施 (从 ask 升级为 deny)"
    },
    {
      "regex": "DROP\\s+TABLE",
      "flags": "i",
      "reason": "R1: 删除数据表 (从 ask 升级为 deny)"
    },
    {
      "regex": "\\bshred\\b",
      "flags": "i",
      "reason": "R1: shred 安全删除不可恢复 (从 ask 升级为 deny)"
    },
    {
      "regex": "\\bdiskpart\\b",
      "flags": "i",
      "reason": "R1: diskpart 磁盘分区高危操作 (从 ask 升级为 deny)"
    },
    {
      "regex": "DELETE\\s+FROM\\s+\\w+\\s*(?:;|$)",
      "flags": "i",
      "reason": "R1: 全表 DELETE 无 WHERE 条件 (从 ask 升级为 deny)"
    },
    {
      "regex": "printf\\s+.*\\|\\s*(?:ba)?sh",
      "flags": "i",
      "reason": "R1: printf 管道到 shell 执行 (编码绕过防护)"
    }
  ]
}
Initial: Bookworm Smart Assistant v6.5.1 (byte-preserved, 809 files, fp 26b83e1b38cdf64a) 2026-04-21 17:57:05 +08:00			`{`
			`"_comment": "绝对禁止的 Bash 命令模式 (deny) — 由 block-dangerous-commands.js 加载",`
			`"_version": "v4.0-RT7",`
			`"patterns": [`
			`{`
			`"regex": "rm\\s+(?:-[a-z]+\\s+)-[a-z]r[a-z]\\s+.[\\/\\\\~]",`
			`"flags": "i",`
			`"reason": "递归删除根目录或家目录"`
			`},`
			`{`
			`"regex": "rm\\s+.*--recursive",`
			`"flags": "i",`
			`"reason": "递归删除(长选项)"`
			`},`
			`{`
			`"regex": "rm\\s+(?:-[a-z]+\\s+)-[a-z]r[a-z]\\s+\\.(?:[/\\\\]\\S)?\\s*$",`
			`"flags": "im",`
			`"reason": "递归删除当前目录 (仅匹配 . 或 ./ 而非 .dotdir)"`
			`},`
			`{`
			`"regex": "rm\\s+(?:-[a-z]+\\s+)-[a-z]r[a-z]\\s+\\",`
			`"flags": "i",`
			`"reason": "递归删除通配符匹配"`
			`},`
			`{`
			`"regex": "mkfs\\.",`
			`"flags": "i",`
			`"reason": "格式化磁盘"`
			`},`
			`{`
			`"regex": "\\bdd\\b.*of=\\/dev\\/",`
			`"flags": "i",`
			`"reason": "直写磁盘设备"`
			`},`
			`{`
			`"regex": ">\\s*\\/dev\\/sd[a-z]",`
			`"flags": "i",`
			`"reason": "重定向到磁盘设备"`
			`},`
			`{`
			`"regex": ":\\(\\)\\{\\s:\\\|:&\\s\\};:",`
			`"flags": "i",`
			`"reason": "Fork bomb"`
			`},`
			`{`
			`"regex": "\\w+\\(\\)\\s\\{\\s\\w+\\s\\\|\\s\\w+\\s&\\s\\}\\s;\\s\\w+",`
			`"flags": "i",`
			`"reason": "Fork bomb 变体"`
			`},`
			`{`
			`"regex": "chmod\\s+-R\\s+777\\s+\\/",`
			`"flags": "i",`
			`"reason": "递归修改根目录权限"`
			`},`
			`{`
			`"regex": "format\\s+[cC]:",`
			`"flags": "i",`
			`"reason": "格式化 C 盘"`
			`},`
			`{`
			`"regex": "rd\\s+\\/s\\s+\\/q\\s+[cC]:",`
			`"flags": "i",`
			`"reason": "递归删除 C 盘"`
			`},`
			`{`
			`"regex": "Remove-Item\\s+(?=.-Recurse)(?=.-Force).*[A-Za-z]:\\\\",`
			`"flags": "i",`
			`"reason": "PowerShell 递归强制删除驱动器根目录"`
			`},`
			`{`
			`"regex": "Remove-Item\\s+(?=.-Recurse)(?=.-Force).*\\\\\\\\",`
			`"flags": "i",`
			`"reason": "PowerShell 递归强制删除 UNC 路径"`
			`},`
			`{`
			`"regex": "Format-Volume",`
			`"flags": "i",`
			`"reason": "PowerShell 格式化磁盘卷"`
			`},`
			`{`
			`"regex": "Clear-Disk",`
			`"flags": "i",`
			`"reason": "PowerShell 清除整个磁盘"`
			`},`
			`{`
			`"regex": "Initialize-Disk.*-RemoveData",`
			`"flags": "i",`
			`"reason": "PowerShell 初始化磁盘并清除数据"`
			`},`
			`{`
			`"regex": "DROP\\s+DATABASE",`
			`"flags": "i",`
			`"reason": "删除整个数据库"`
			`},`
			`{`
			`"regex": "TRUNCATE\\s+TABLE",`
			`"flags": "i",`
			`"reason": "清空表全部数据"`
			`},`
			`{`
			`"regex": "curl\\s+.\\\|\\s(?:ba)?sh",`
			`"flags": "i",`
			`"reason": "从网络下载并直接执行脚本"`
			`},`
			`{`
			`"regex": "wget\\s+.\\\|\\s(?:ba)?sh",`
			`"flags": "i",`
			`"reason": "从网络下载并直接执行脚本"`
			`},`
			`{`
			`"regex": "echo\\s+\\S+\\s\\\|\\sbase64\\s+(?:-d\|--decode)\\s\\\|\\s(?:ba)?sh",`
			`"flags": "i",`
			`"reason": "Base64 解码管道执行(混淆攻击)"`
			`},`
			`{`
			`"regex": "find\\s+.*-delete",`
			`"flags": "i",`
			`"reason": "find -delete 递归删除"`
			`},`
			`{`
			`"regex": "find\\s+.*-exec\\s+rm",`
			`"flags": "i",`
			`"reason": "find -exec rm 递归删除"`
			`},`
			`{`
			`"regex": "xargs\\s+rm\\s+-r",`
			`"flags": "i",`
			`"reason": "xargs rm -r 递归删除"`
			`},`
			`{`
			`"regex": "rsync\\s+.--delete./",`
			`"flags": "i",`
			`"reason": "rsync --delete 危险同步"`
			`},`
			`{`
			`"regex": "curl\\s+.\\\|\\s(?:python\|node\|perl\|ruby)",`
			`"flags": "i",`
			`"reason": "从网络下载管道到脚本解释器"`
			`},`
			`{`
			`"regex": "wget\\s+.\\\|\\s(?:python\|node\|perl\|ruby)",`
			`"flags": "i",`
			`"reason": "从网络下载管道到脚本解释器"`
			`},`
			`{`
			`"regex": "chmod\\s+000\\s+/",`
			`"flags": "i",`
			`"reason": "chmod 000 锁定根目录权限"`
			`},`
			`{`
			`"regex": "iptables\\s+-F",`
			`"flags": "i",`
			`"reason": "iptables 刷空防火墙规则"`
			`},`
			`{`
			`"regex": "(?:cp\|mv\|install)\\s+.*\\.claude[/\\\\](?:hooks\|scripts\|constitution)[/\\\\]",`
			`"flags": "i",`
			`"reason": "cp/mv/install 覆盖 .claude 核心基础设施文件"`
			`},`
			`{`
			`"regex": "(?:cp\|mv\|install\|ln)\\s+.*\\.claude[/\\\\](?:settings\\.json\|feature-flags\\.json\|\\.credentials\\.json\|skills-index\\.json)",`
			`"flags": "i",`
			`"reason": "cp/mv/ln 覆盖 .claude 核心配置文件"`
			`},`
			`{`
			`"regex": "(?:truncate\|unlink)\\s+.*\\.claude[/\\\\]",`
			`"flags": "i",`
			`"reason": "truncate/unlink 破坏 .claude 基础设施文件"`
			`},`
			`{`
			`"regex": "node\\s+(?:-e\|--eval)\\s+.(?:writeFile\|writeFileSync\|appendFile\|appendFileSync).\\.claude",`
			`"flags": "i",`
			`"reason": "P2-RT3: 通过 node -e 脚本 API 写入 .claude 基础设施文件"`
			`},`
			`{`
			`"regex": "python[23]?\\s+(?:-c)\\s+.(?:open\|write).\\.claude",`
			`"flags": "i",`
			`"reason": "P2-RT3: 通过 python -c 脚本 API 写入 .claude 基础设施文件"`
			`},`
			`{`
			`"regex": "powershell.(?:Set-Content\|Add-Content\|Out-File).\\.claude",`
			`"flags": "i",`
			`"reason": "P2-RT3: 通过 PowerShell 写入 .claude 基础设施文件"`
			`},`
			`{`
			`"regex": "\\beval\\s+[\"']?\\$\\(",`
			`"flags": "",`
			`"reason": "RT-7: eval 执行命令替换 (代码注入)"`
			`},`
			`{`
			`"regex": "\\beval\\s+[\"']?\\$[A-Z_]",`
			`"flags": "",`
			`"reason": "RT-7: eval 执行变量内容 (代码注入)"`
			`},`
			`{`
			`"regex": "\\$\\{![^}]+\\}",`
			`"flags": "",`
			`"reason": "RT-7: Bash 间接变量引用 (代码注入)"`
			`},`
			`{`
			`"regex": "npm\\s+publish",`
			`"flags": "i",`
			`"reason": "RT-7: npm 发布应走 CI/CD Pipeline"`
			`},`
			`{`
			`"regex": "terraform\\s+destroy",`
			`"flags": "i",`
			`"reason": "R1: Terraform 销毁基础设施 (从 ask 升级为 deny)"`
			`},`
			`{`
			`"regex": "DROP\\s+TABLE",`
			`"flags": "i",`
			`"reason": "R1: 删除数据表 (从 ask 升级为 deny)"`
			`},`
			`{`
			`"regex": "\\bshred\\b",`
			`"flags": "i",`
			`"reason": "R1: shred 安全删除不可恢复 (从 ask 升级为 deny)"`
			`},`
			`{`
			`"regex": "\\bdiskpart\\b",`
			`"flags": "i",`
			`"reason": "R1: diskpart 磁盘分区高危操作 (从 ask 升级为 deny)"`
			`},`
			`{`
			`"regex": "DELETE\\s+FROM\\s+\\w+\\s*(?:;\|$)",`
			`"flags": "i",`
			`"reason": "R1: 全表 DELETE 无 WHERE 条件 (从 ask 升级为 deny)"`
			`},`
			`{`
			`"regex": "printf\\s+.\\\|\\s(?:ba)?sh",`
			`"flags": "i",`
			`"reason": "R1: printf 管道到 shell 执行 (编码绕过防护)"`
			`}`
			`]`
			`}`