841cd32c66
Settings.json: 16 scoped Bash grants (was 6 wildcards), 26-pattern deny list (was 5). CVE mapping: all 9 OpenClaw CVEs mapped to specific defenses with layer documentation. Scan results: posture Grade D (expected without llm-security), deep scan 0 critical/high. Hooks README: Option A — document llm-security hooks, recommend plugin installation. README: evidence-based security section with scan data and verification instructions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
78 lines
1.5 KiB
JSON
78 lines
1.5 KiB
JSON
{
|
|
"permissions": {
|
|
"allow": [
|
|
"Bash(git:*)",
|
|
"Bash(ls:*)",
|
|
"Bash(pwd)",
|
|
"Bash(date)",
|
|
"Bash(wc:*)",
|
|
"Bash(cat:*)",
|
|
"Bash(head:*)",
|
|
"Bash(tail:*)",
|
|
"Bash(echo:*)",
|
|
"Bash(node:*)",
|
|
"Bash(npx:*)",
|
|
"Bash(mkdir:*)",
|
|
"Bash(cp:*)",
|
|
"Bash(mv:*)",
|
|
"Bash(touch:*)",
|
|
"Bash(diff:*)",
|
|
"Read",
|
|
"Glob",
|
|
"Grep"
|
|
],
|
|
"deny": [
|
|
"Bash(rm -rf /)",
|
|
"Bash(rm -rf ~)",
|
|
"Bash(rm -rf $HOME)",
|
|
"Bash(sudo *)",
|
|
"Bash(chmod 777 *)",
|
|
"Bash(chmod -R 777 *)",
|
|
"Bash(curl*|*bash)",
|
|
"Bash(curl*|*sh)",
|
|
"Bash(wget*|*bash)",
|
|
"Bash(wget*|*sh)",
|
|
"Bash(base64*|*bash)",
|
|
"Bash(base64*|*sh)",
|
|
"Bash(eval *)",
|
|
"Bash(mkfs*)",
|
|
"Bash(dd if=*)",
|
|
"Bash(> /dev/sda*)",
|
|
"Bash(shutdown*)",
|
|
"Bash(reboot*)",
|
|
"Bash(init 0*)",
|
|
"Bash(init 6*)",
|
|
"Bash(:(){:|:&};:*)",
|
|
"Bash(nc -e*)",
|
|
"Bash(ncat -e*)",
|
|
"Bash(python*-c*import*socket*)",
|
|
"Bash(export*_KEY=*)",
|
|
"Bash(export*_TOKEN=*)",
|
|
"Bash(export*_SECRET=*)"
|
|
]
|
|
},
|
|
"hooks": {
|
|
"PreToolUse": [
|
|
{
|
|
"matcher": "Bash",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "bash hooks/pre-tool-use.sh"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"PostToolUse": [
|
|
{
|
|
"matcher": "Bash",
|
|
"hooks": [
|
|
{
|
|
"type": "command",
|
|
"command": "bash hooks/post-tool-use.sh"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|