bookworm-smart-assistant/hooks/rules/ask-patterns.json

{
  "_comment": "需要用户确认的 Bash 命令模式 (ask) — 由 block-dangerous-commands.js 加载",
  "_version": "v4.2-R1",
  "_note": "R1: terraform destroy, DROP TABLE, shred, diskpart, 全表 DELETE, printf|sh 升级为 deny; git push --force 保留为 ask (自动化需要)",
  "patterns": [
    {
      "regex": "git\\s+push\\s+.*--force",
      "flags": "i",
      "reason": "Git 强制推送可能覆盖远端历史"
    },
    {
      "regex": "git\\s+push\\s+-f\\b",
      "flags": "i",
      "reason": "Git 强制推送可能覆盖远端历史"
    },
    {
      "regex": "git\\s+reset\\s+--hard",
      "flags": "i",
      "reason": "Git 硬重置会丢失未提交的更改"
    },
    {
      "regex": "git\\s+clean\\s+-[fd]",
      "flags": "i",
      "reason": "Git clean 会删除未跟踪的文件"
    },
    {
      "regex": "git\\s+checkout\\s+\\.\\s*",
      "flags": "i",
      "reason": "会丢弃所有未暂存的更改"
    },
    {
      "regex": "git\\s+restore\\s+\\.\\s*",
      "flags": "i",
      "reason": "会丢弃所有未暂存的更改"
    },
    {
      "regex": "git\\s+branch\\s+-D\\b",
      "flags": "i",
      "reason": "强制删除分支"
    },
    {
      "regex": "ALTER\\s+TABLE\\s+\\w+\\s+DROP",
      "flags": "i",
      "reason": "表结构破坏性变更"
    },
    {
      "regex": "docker\\s+system\\s+prune\\s+-a",
      "flags": "i",
      "reason": "Docker 全量清理"
    },
    {
      "regex": "kubectl\\s+delete\\s+(?:namespace|ns|deploy)",
      "flags": "i",
      "reason": "K8s 资源删除"
    },
    {
      "regex": "Remove-Item\\s+.*-Recurse",
      "flags": "i",
      "reason": "PowerShell 递归删除"
    },
    {
      "regex": "Stop-Process\\s+.*-Force",
      "flags": "i",
      "reason": "PowerShell 强制终止进程"
    },
    {
      "regex": "Stop-Computer",
      "flags": "i",
      "reason": "PowerShell 关机"
    },
    {
      "regex": "Restart-Computer\\s+.*-Force",
      "flags": "i",
      "reason": "PowerShell 强制重启"
    },
    {
      "regex": "\\bgit\\s+stash\\s+(drop|clear)\\b",
      "reason": "git stash 删除操作可能丢失暂存的工作",
      "flags": "i"
    },
    {
      "regex": "\\bgit\\s+reflog\\s+expire\\b",
      "reason": "git reflog 过期操作可能导致提交不可恢复",
      "flags": "i"
    }
  ]
}
Initial: Bookworm Smart Assistant v6.5.1 (byte-preserved, 809 files, fp 26b83e1b38cdf64a) 2026-04-21 17:57:05 +08:00			`{`
			`"_comment": "需要用户确认的 Bash 命令模式 (ask) — 由 block-dangerous-commands.js 加载",`
			`"_version": "v4.2-R1",`
			`"_note": "R1: terraform destroy, DROP TABLE, shred, diskpart, 全表 DELETE, printf\|sh 升级为 deny; git push --force 保留为 ask (自动化需要)",`
			`"patterns": [`
			`{`
			`"regex": "git\\s+push\\s+.*--force",`
			`"flags": "i",`
			`"reason": "Git 强制推送可能覆盖远端历史"`
			`},`
			`{`
			`"regex": "git\\s+push\\s+-f\\b",`
			`"flags": "i",`
			`"reason": "Git 强制推送可能覆盖远端历史"`
			`},`
			`{`
			`"regex": "git\\s+reset\\s+--hard",`
			`"flags": "i",`
			`"reason": "Git 硬重置会丢失未提交的更改"`
			`},`
			`{`
			`"regex": "git\\s+clean\\s+-[fd]",`
			`"flags": "i",`
			`"reason": "Git clean 会删除未跟踪的文件"`
			`},`
			`{`
			`"regex": "git\\s+checkout\\s+\\.\\s*",`
			`"flags": "i",`
			`"reason": "会丢弃所有未暂存的更改"`
			`},`
			`{`
			`"regex": "git\\s+restore\\s+\\.\\s*",`
			`"flags": "i",`
			`"reason": "会丢弃所有未暂存的更改"`
			`},`
			`{`
			`"regex": "git\\s+branch\\s+-D\\b",`
			`"flags": "i",`
			`"reason": "强制删除分支"`
			`},`
			`{`
			`"regex": "ALTER\\s+TABLE\\s+\\w+\\s+DROP",`
			`"flags": "i",`
			`"reason": "表结构破坏性变更"`
			`},`
			`{`
			`"regex": "docker\\s+system\\s+prune\\s+-a",`
			`"flags": "i",`
			`"reason": "Docker 全量清理"`
			`},`
			`{`
			`"regex": "kubectl\\s+delete\\s+(?:namespace\|ns\|deploy)",`
			`"flags": "i",`
			`"reason": "K8s 资源删除"`
			`},`
			`{`
			`"regex": "Remove-Item\\s+.*-Recurse",`
			`"flags": "i",`
			`"reason": "PowerShell 递归删除"`
			`},`
			`{`
			`"regex": "Stop-Process\\s+.*-Force",`
			`"flags": "i",`
			`"reason": "PowerShell 强制终止进程"`
			`},`
			`{`
			`"regex": "Stop-Computer",`
			`"flags": "i",`
			`"reason": "PowerShell 关机"`
			`},`
			`{`
			`"regex": "Restart-Computer\\s+.*-Force",`
			`"flags": "i",`
			`"reason": "PowerShell 强制重启"`
			`},`
			`{`
			`"regex": "\\bgit\\s+stash\\s+(drop\|clear)\\b",`
			`"reason": "git stash 删除操作可能丢失暂存的工作",`
			`"flags": "i"`
			`},`
			`{`
			`"regex": "\\bgit\\s+reflog\\s+expire\\b",`
			`"reason": "git reflog 过期操作可能导致提交不可恢复",`
			`"flags": "i"`
			`}`
			`]`
			`}`