feat: implement command family filtering in policy engine

Author: yanurag-dev

ROADMAP.md

@@ -7,12 +7,12 @@ This roadmap tracks the progress of the Sandforge Agent Sandbox based on [ARCHIT
 
 - [x] **1.1 Project Scaffolding**: Go workspace, directory structure, and `go.mod`.
 - [x] **1.2 Core API Contracts**: Define `SandboxSpec`, `ExecRequest`, and `SandboxBackend` interfaces.
-- [ ] **1.3 Policy Engine**:
+- [x] **1.3 Policy Engine**:
     - [x] Filesystem path validation (whitelist logic) [#1](https://github.com/yanurag-dev/sandforge/issues/1).
     - [x] Network mode enforcement (Offline/Fetch/Full) [#2](https://github.com/yanurag-dev/sandforge/issues/2).
     - [x] Resource limit validation (CPU/Memory/Disk) [#2](https://github.com/yanurag-dev/sandforge/issues/2).
-    - [ ] Command family filtering [#3](https://github.com/yanurag-dev/sandforge/issues/3).
-- [ ] **1.4 Testing**: Unit tests for policy enforcement.
+    - [x] Command family filtering [#3](https://github.com/yanurag-dev/sandforge/issues/3).
+- [x] **1.4 Testing**: Unit tests for policy enforcement.
 
 ## Phase 2: Orchestration & Mocking
 *Goal: Build the state machine that manages sandbox lifecycles.*

internal/policy/engine.go

@@ -13,6 +13,7 @@ var (
 	ErrPathNotAbs            = errors.New("host path must be an absolute path")
 	ErrResourceLimitExceeded = errors.New("requested resource exceeds policy limits")
 	ErrInvalidNetworkMode    = errors.New("requested network mode is not allowed")
+	ErrForbiddenCommand      = errors.New("command is not allowed by policy")
 )
 
 type Engine struct {
@@ -22,6 +23,7 @@ type Engine struct {
 	MaxMemoryMb         int
 	MaxDiskGb           int
 	AllowedNetworkModes []string
+	AllowedCommands     []string
 }
 
 func (e *Engine) EvaluateMount(mount api.WorkspaceMount) error {
@@ -90,3 +92,23 @@ func (e *Engine) EvaluateSandbox(spec api.SandboxSpec) error {
 	}
 	return nil
 }
+
+func (e *Engine) EvaluateExec (req api.ExecRequest) error {
+	if len(req.Command) == 0 {
+		return errors.New("no command provided")
+	}
+
+	binary := req.Command[0]
+	allowed := false 
+	for _, command := range e.AllowedCommands {
+		if binary == command {
+			allowed = true
+			break
+		}
+	}
+
+	if !allowed {
+		return ErrForbiddenCommand
+	}
+	return nil
+}

internal/policy/engine_test.go

@@ -1,6 +1,7 @@
 package policy
 
 import (
+	"errors"
 	"os"
 	"path/filepath"
 	"testing"
@@ -184,3 +185,56 @@ func TestEvaluateSandbox(t *testing.T) {
 		})
 	}
 }
+
+func TestEvaluateExec(t *testing.T) {
+	engine := &Engine{
+		AllowedCommands: []string{"git", "npm", "ls"},
+	}
+
+	tests := []struct {
+		name      string
+		command   []string
+		wantError error
+	}{
+		{
+			name:      "Allowed command (git)",
+			command:   []string{"git", "push"},
+			wantError: nil,
+		},
+		{
+			name:      "Allowed command (npm)",
+			command:   []string{"npm", "test"},
+			wantError: nil,
+		},
+		{
+			name:      "Forbidden command (sudo)",
+			command:   []string{"sudo", "rm", "-rf", "/"},
+			wantError: ErrForbiddenCommand,
+		},
+		{
+			name:      "Empty command slice",
+			command:   []string{},
+			wantError: errors.New("no command provided"),
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			req := api.ExecRequest{
+				Command: tt.command,
+			}
+			err := engine.EvaluateExec(req)
+
+			if tt.name == "Empty command slice" {
+				if err == nil || err.Error() != tt.wantError.Error() {
+					t.Errorf("EvaluateExec() error = %v, wantError %v", err, tt.wantError)
+				}
+				return
+			}
+
+			if err != tt.wantError {
+				t.Errorf("EvaluateExec() error = %v, wantError %v", err, tt.wantError)
+			}
+		})
+	}
+}