Denis Parfionovich
1d958b3587
Some checks are pending
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / preflight (push) Waiting to run
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / vps-smoke (push) Waiting to run
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:frustration-matrix,kei-frustration-loop,kei-skill-importer,kei-projects-index,kei-projects-watcher,kei-gdrive-import,kei-leak-matrix,kei-skills,kei-gateway,kei-cron-scheduler,kei-export-trajectories,kei-backend-daytona,kei-d… (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-compute-baremetal,kei-compute-vultr,kei-compute-linode,kei-compute-digitalocean,kei-svc-systemd,kei-llm-bridge-mlx name:hosted-sleep-compute]) (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-diff,kei-scheduler,kei-watch,kei-prune,kei-discover,kei-brain-view,kei-hibernate,kei-ledger-sign,kei-fork name:wave13-15]) (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-git-gitea,kei-git-forgejo,kei-git-gitlab,kei-git-bitbucket,kei-memory-sled,kei-memory-redis,kei-memory-postgres,kei-memory-sqlite,kei-auth-google,kei-auth-apple,kei-auth-magiclink,kei-auth-webauthn,kei-notify-slack,kei-n… (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-ledger,kei-migrate,kei-changelog,kei-memory,kei-store,kei-conflict-scan,kei-refactor-engine,kei-graph-check,kei-shared,kei-dna-index,kei-pet name:core]) (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-machine-probe,kei-llm-ollama,kei-llm-llamacpp,kei-llm-mlx,kei-llm-router,kei-model name:llm-stack]) (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:kei-router,kei-sage,kei-task,kei-chat-store,kei-crossdomain,kei-search-core,kei-content-store,kei-social-store,kei-curator,kei-auth,kei-artifact name:mcp-lbm]) (push) Blocked by required conditions
CI (Forgejo Actions — self-hosted runner on Mac, host mode) / rust-primitives (map[crates:keisei,kei-forge,kei-runtime,kei-runtime-core,kei-atom-discovery,kei-agent-runtime,kei-capability,kei-provision,kei-entity-store,kei-pipe,kei-cache,kei-spawn,kei-replay name:atom-substrate]) (push) Blocked by required conditions
PATENT-LEAK (HIGH):
- hooks/no-python-without-approval.sh: genesis-verify пример → my-project
- docs/encyclopedia/rust-crates-H-N.md: убран термин «Genesis IP, ITAR»
PATENT-LEAK (MEDIUM):
- CHANGELOG: project-vortex → reduced scope
- _blocks/registries (submodule bump): убраны имена приватных
project-specialists из комментария agent-profiles.toml
- docs/encyclopedia/skills-and-agents.md: ML/RL/CfC → ML/RL
CLASSICAL-SAFETY (MEDIUM):
- install/lib-preflight.sh: eval "$version_cmd" → bash -c "..."
(защита от инъекции если providers.toml расширят)
- _primitives/provision-{vultr,hetzner}.sh: /tmp/$$ → mktemp
(устраняет symlink TOCTOU race)
- web-install.sh: chmod 600 + umask 077 на ~/.keisei-install.log
(Forgejo admin creds + токены в логе)
- scripts/regen-counts.sh: eval "$1" → bash -c
NOT FIXED (требуют действий юзера):
- HIGH: @keisei scope не зарегистрирован на npmjs.org — typosquat
возможен пока не задан NPM_TOKEN и не сделан publish
- HIGH: install.keisei.app DNS не настроен — DNS-hijack возможен
- LOW: parfionovich@keilab.io в SECURITY.md, plugin.json, ~40 Cargo
файлах — intentional contact, оставлен
Локальный git author установлен на parfionovich@keilab.io вместо
parfionovichd@icloud.com (только для будущих коммитов в этом репо).
59 lines
3 KiB
Bash
Executable file
59 lines
3 KiB
Bash
Executable file
#!/bin/bash
|
||
# Hard block on python/python3/python2 invocations in Bash tool.
|
||
# RULE 0.2 (Rust First) — Python requires explicit architectural reason.
|
||
# Claude кroнически нарушает RULE 0.2 inline-вызовами python3 для мелких расчётов.
|
||
# Этот хук форсирует: каждый python-вызов = отдельный approval через интерфейс.
|
||
#
|
||
# How to approve: user may add a one-off permission via Claude Code's
|
||
# "allow this command" prompt, OR prefix with RULE02_BYPASS=1.
|
||
# No silent bypass; no shell aliases.
|
||
#
|
||
# Installed: 2026-04-21 after repeated inline python3 abuse
|
||
# (Pantheon CF arithmetic, Gauss-Kuzmin — could have been Rust or awk+bc).
|
||
|
||
INPUT=$(cat)
|
||
CMD=$(printf '%s' "$INPUT" | jq -r '.tool_input.command // empty' 2>/dev/null)
|
||
|
||
[ -z "$CMD" ] && exit 0
|
||
|
||
# Explicit bypass env var (used rarely, visible in command text — not silent)
|
||
if echo "$CMD" | grep -qE 'RULE02_BYPASS=1'; then
|
||
exit 0
|
||
fi
|
||
|
||
# Match python invocations at token boundaries.
|
||
# Catches: python, python3, python2, python3.12, /usr/bin/python3, .venv/bin/python
|
||
# Also heredoc-only patterns: "python3 -c", "python3 << EOF", "python3 script.py"
|
||
# Also: uv run python, poetry run python, pipx run python
|
||
if echo "$CMD" | grep -qE '(^|[[:space:]/"=(|&;`])(python|python2|python3)([0-9]?\.[0-9]+)?([[:space:]]|$)'; then
|
||
cat >&2 <<'EOF'
|
||
═══════════════════════════════════════════════════════════════════
|
||
BLOCKED — Python invocation requires explicit approval (RULE 0.2).
|
||
═══════════════════════════════════════════════════════════════════
|
||
|
||
RULE 0.2 Rust First:
|
||
Python не разрешается по умолчанию. Для "одноразовых расчётов"
|
||
Claude должен предпочитать: Rust (cargo script), awk/bc/dc, jq,
|
||
node, или существующий Rust-код в проекте.
|
||
|
||
Approved alternatives BEFORE retrying:
|
||
• Rust one-shot: write my-project/examples/foo.rs, cargo run
|
||
• Shell math: awk 'BEGIN{printf "%.10f\n", ...}'
|
||
• Arbitrary prec: bc -l / dc
|
||
• JSON munge: jq '.path.to.value'
|
||
• Project Rust: find reusable crate function, call via cargo test
|
||
|
||
If Python is genuinely necessary (existing .py tool, library binding
|
||
that only exists in Python, one of the RULE 0.2 exceptions 1-7):
|
||
1. State the RULE 0.2 exception number in chat.
|
||
2. Re-run the command with prefix: RULE02_BYPASS=1 python3 ...
|
||
3. User will see the bypass marker in the command and can deny.
|
||
|
||
This hook installed 2026-04-21 by user request after repeated
|
||
repeated inline python3 use where Rust would suffice.
|
||
═══════════════════════════════════════════════════════════════════
|
||
EOF
|
||
exit 2
|
||
fi
|
||
|
||
exit 0
|