- Add docker risk markers config (config/docker_risk_markers.json) and load it in tools permission evaluation. - In docker mode, pre-evaluate run_command/terminal_input: readonly-safe and no-risk -> direct run; otherwise require approval/auto-approval. - Keep docker write_file/edit_file behavior aligned with agreed policy: approval requires review, auto_approval passes directly. - Pass risk markers into auto approval payload and include current working directory context for approval agent. - Fix permission dropdown layout: only use split two-column menu when execution mode section is enabled; remove empty right blank area in docker mode. - Center mobile approval overlay to prevent sheet overflow on small screens.
36 lines
409 B
JSON
36 lines
409 B
JSON
{
|
|
"risk_markers": [
|
|
"rm",
|
|
"rmdir",
|
|
"mv",
|
|
"cp",
|
|
"dd",
|
|
"chmod",
|
|
"chown",
|
|
"chgrp",
|
|
"sudo",
|
|
"su",
|
|
"passwd",
|
|
"useradd",
|
|
"userdel",
|
|
"curl",
|
|
"wget",
|
|
"nc",
|
|
"ncat",
|
|
"scp",
|
|
"rsync",
|
|
".env",
|
|
".ssh",
|
|
"id_rsa",
|
|
"id_ed25519",
|
|
".aws",
|
|
"token",
|
|
"secret",
|
|
">/",
|
|
">>",
|
|
"| sh",
|
|
"| bash",
|
|
"| zsh"
|
|
]
|
|
}
|