Alexander Whitestone 8f24d43c08 feat: ML-inspired risk scoring for command approval (#681) ...

Current tier detection uses keyword matching and regex patterns.
This adds path-aware and context-aware risk scoring.

New tools/risk_scoring.py:
- classify_path_risk(): system paths (90), sensitive user paths (75),
  safe paths (10), user paths (50)
- detect_context(): execution vs comment vs documentation vs code block
  (documentation contexts reduce risk score)
- get_operation_risk(): read-only ops (cat/grep/find = 5-10) vs
  destructive ops (rm=70, mkfs=95, kill=45)
- score_command_risk(): multi-factor RiskScore with tier classification
  (SAFE/LOW/MEDIUM/HIGH/CRITICAL), factors list, recommendation
- compare_commands(): side-by-side risk comparison

Key improvements:
- 'cat /etc/passwd' is SAFE (read operation, path irrelevant)
- 'rm /etc/passwd' is CRITICAL (destructive + system path)
- 'rm /tmp/build.log' is MEDIUM (destructive but safe path)
- '# rm -rf /' is LOW (comment context reduces risk)
- 'curl ... | bash' is HIGH (pipe to shell pattern)

Tests: tests/test_risk_scoring.py

Closes #681

2026-04-14 19:20:50 -04:00

..

browser_providers

feat: switch managed browser provider from Browserbase to Browser Use (#5750)

2026-04-07 08:40:22 -04:00

environments

perf(ssh,modal): bulk file sync via tar pipe and tar/base64 archive (#8014)

2026-04-12 06:18:05 +05:30

neutts_samples

refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow

2026-03-17 02:33:12 -07:00

__init__.py

Merge branch 'main' into rewbs/tool-use-charge-to-subscription

2026-03-31 08:48:54 +09:00

ansi_strip.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

approval.py

fix: resolve CI test failures — add missing functions, fix stale tests (#9483)

2026-04-14 01:43:45 -07:00

binary_extensions.py

fix(tools): address PR review — remove _extract_raw_output, BudgetConfig everywhere, read_file hardening

2026-04-08 02:24:32 -07:00

browser_camofox_state.py

feat(browser): add persistent Camofox sessions and VNC URL discovery (salvage #4400) (#4419)

2026-04-01 04:18:50 -07:00

browser_camofox.py

fix: remove 115 verified dead code symbols across 46 production files

2026-04-10 03:44:43 -07:00

browser_tool.py

fix(browser): fix Camofox JS eval endpoint, userId, and package rename (#9774)

2026-04-14 10:21:54 -07:00

budget_config.py

fix: preserve existing thresholds, remove pre-read byte guard

2026-04-08 02:24:32 -07:00

checkpoint_manager.py

fix: normalize checkpoint manager home-relative paths

2026-04-11 14:50:44 -07:00

clarify_tool.py

refactor: add tool_error/tool_result helpers + read_raw_config, migrate 129 callsites

2026-04-07 13:36:38 -07:00

code_execution_tool.py

fix: remove sandbox language from tool descriptions

2026-04-13 04:23:27 -07:00

credential_files.py

refactor: extract shared helpers to deduplicate repeated code patterns (#7917)

2026-04-11 13:59:52 -07:00

cronjob_tools.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

debug_helpers.py

refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821)

2026-04-07 10:25:31 -07:00

delegate_tool.py

fix: list all available toolsets in delegate_task schema description (#8231)

2026-04-12 00:54:35 -07:00

env_passthrough.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

file_operations.py

feat: improve file search UX — fuzzy @ completions, mtime sorting, better suggestions (#9467)

2026-04-13 23:54:45 -07:00

file_tools.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

fuzzy_match.py

fix(patch): harden V4A patch parser and fuzzy match — 9 correctness bugs

2026-04-10 16:47:44 -07:00

homeassistant_tool.py

fix: clean up description escaping, add string-data tests

2026-04-13 04:45:07 -07:00

image_generation_tool.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

interrupt.py

fix: scope tool interrupt signal per-thread to prevent cross-session leaks (#7930)

2026-04-11 14:02:58 -07:00

managed_tool_gateway.py

fix(tools): add debug logging for token refresh and tighten domain check

2026-04-02 12:40:03 +11:00

mcp_oauth.py

fix(approval,mcp): log silent exception handlers, narrow OAuth catches, close server on error

2026-04-10 03:05:04 -07:00

mcp_tool.py

fix: honor interrupts during MCP tool waits

2026-04-13 22:14:55 -07:00

memory_tool.py

fix: nest msvcrt import inside fcntl except block

2026-04-14 10:18:05 -07:00

mixture_of_agents_tool.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

neutts_synth.py

fix(tts): document NeuTTS provider and align install guidance (#1903)

2026-03-18 02:55:30 -07:00

openrouter_client.py

refactor: route ad-hoc LLM consumers through centralized provider router

2026-03-11 20:02:36 -07:00

osv_check.py

feat: OSV malware check for MCP extension packages (#5305)

2026-04-05 12:46:07 -07:00

patch_parser.py

fix(patch): harden V4A patch parser and fuzzy match — 9 correctness bugs

2026-04-10 16:47:44 -07:00

path_security.py

refactor: extract shared helpers to deduplicate repeated code patterns (#7917)

2026-04-11 13:59:52 -07:00

process_registry.py

fix: suppress duplicate completion notifications when agent already consumed output via wait/poll/log (#8228)

2026-04-12 00:36:22 -07:00

registry.py

fix: make tool registry reads thread-safe

2026-04-13 23:52:32 -07:00

risk_scoring.py

feat: ML-inspired risk scoring for command approval (#681)

2026-04-14 19:20:50 -04:00

rl_training_tool.py

refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821)

2026-04-07 10:25:31 -07:00

send_message_tool.py

fix: add platform lock, send retry, message splitting, REST one-shot, shared strip_markdown

2026-04-14 00:11:49 -07:00

session_search_tool.py

fix(session_search): improve truncation to center on actual query matches

2026-04-13 04:54:42 -07:00

skill_manager_tool.py

refactor: extract shared helpers to deduplicate repeated code patterns (#7917)

2026-04-11 13:59:52 -07:00

skills_guard.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

skills_hub.py

feat(skills): centralized skills index — eliminate GitHub API calls for search/install

2026-04-12 16:39:04 -07:00

skills_sync.py

fix(skills): read name from SKILL.md frontmatter in skills_sync

2026-04-11 01:21:20 -07:00

skills_tool.py

feat(plugins): namespaced skill registration for plugin skill bundles

2026-04-14 10:42:58 -07:00

terminal_tool.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

tirith_security.py

chore: fix 154 f-strings, simplify getattr/URL patterns, remove dead code (#3119)

2026-03-25 19:47:58 -07:00

todo_tool.py

fix(tools): enforce ID uniqueness in TODO store during replace operations

2026-04-11 16:22:50 -07:00

tool_backend_helpers.py

Merge branch 'main' into rewbs/tool-use-charge-to-subscription

2026-03-31 08:48:54 +09:00

tool_result_storage.py

fix(tools): neutralize shell injection in _write_to_sandbox via path quoting (#7940)

2026-04-11 14:26:11 -07:00

transcription_tools.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

tts_tool.py

feat(tts): add speed support for Edge TTS and OpenAI TTS

2026-04-12 16:46:18 -07:00

url_safety.py

fix: make safe_url_for_log public, add SSRF redirect guards to base.py cache helpers

2026-04-10 05:04:28 -07:00

vision_tools.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

voice_mode.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

web_tools.py

refactor: remove dead code — 1,784 lines across 77 files (#9180)

2026-04-13 16:32:04 -07:00

website_policy.py

refactor: codebase-wide lint cleanup — unused imports, dead code, and inefficient patterns (#5821)

2026-04-07 10:25:31 -07:00