-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecurity-gate-deny-export.json
More file actions
122 lines (122 loc) · 3.27 KB
/
security-gate-deny-export.json
File metadata and controls
122 lines (122 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
{
"generatedAt": "2026-04-08T17:14:22.343Z",
"mode": "dry-run",
"source": {
"kind": "scenario",
"scenarioId": "security-gate-deny",
"scenarioLabel": "Security Gate Deny"
},
"summary": {
"status": "ready",
"stepCount": 1,
"stepWarningCount": 0,
"traceIssueCount": 0,
"decision": null,
"canEnableLocalExecution": true
},
"messages": [],
"config": {
"label": "Security Gate",
"filePath": "C:\\Workspace\\Tracegate\\src\\fixtures\\hook-configs\\security-gate.json",
"valid": true,
"issues": []
},
"event": {
"label": "Pre Tool Use Dangerous Command",
"eventName": "preToolUse",
"filePath": "C:\\Workspace\\Tracegate\\src\\fixtures\\event-payloads\\pre-tool-use-dangerous-command.json",
"parseError": null,
"rawPayload": {
"sessionId": "sess_demo_001",
"toolCallId": "tool_002",
"toolName": "bash",
"toolArgs": "{\"command\":\"rm -rf ./customer-data\",\"cwd\":\"/tmp/demo-workspace\"}",
"origin": "user-request"
}
},
"normalizedPayload": {
"eventName": "preToolUse",
"raw": {
"sessionId": "sess_demo_001",
"toolCallId": "tool_002",
"toolName": "bash",
"toolArgs": "{\"command\":\"rm -rf ./customer-data\",\"cwd\":\"/tmp/demo-workspace\"}",
"origin": "user-request"
},
"rawObject": {
"sessionId": "sess_demo_001",
"toolCallId": "tool_002",
"toolName": "bash",
"toolArgs": "{\"command\":\"rm -rf ./customer-data\",\"cwd\":\"/tmp/demo-workspace\"}",
"origin": "user-request"
},
"payloadShape": "record",
"toolName": {
"raw": "bash",
"value": "bash"
},
"toolArgs": {
"raw": "{\"command\":\"rm -rf ./customer-data\",\"cwd\":\"/tmp/demo-workspace\"}",
"value": {
"command": "rm -rf ./customer-data",
"cwd": "/tmp/demo-workspace"
},
"source": "json-string",
"parseError": null
},
"decision": {
"value": null,
"isKnown": false
}
},
"steps": [
{
"stepIndex": 0,
"hookIndex": 0,
"eventName": "preToolUse",
"description": "Deny obviously destructive shell commands",
"status": "planned",
"command": {
"command": "node",
"args": ["../demo-scripts/deny-destructive-shell.mjs"],
"cwd": "C:\\Workspace\\Tracegate\\src\\fixtures\\hook-configs",
"env": {},
"timeoutMs": 1500
},
"commandSource": "base",
"warnings": [],
"decision": null,
"execution": null
}
],
"trace": {
"eventName": "preToolUse",
"entries": [
{
"level": "info",
"code": "payload.record",
"message": "Payload normalized from an object value."
},
{
"level": "info",
"code": "toolArgs.parsed-json",
"message": "toolArgs JSON string parsed successfully."
},
{
"level": "info",
"code": "simulation.plan-built",
"message": "Built a dry-run plan with 1 hook step(s)."
},
{
"level": "info",
"code": "simulation.step-planned",
"message": "Planned step 1 for preToolUse."
},
{
"level": "info",
"code": "simulation.dry-run",
"message": "Dry-run only: step 1 was not executed."
}
]
}
}