will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(skills): hash installer audit commands for shell runner telemetry

Browse Source
This commit is contained in:
William Valentin
2026-02-12 22:20:14 -08:00
parent d3647567ee
commit 43b584257f
3 changed files with 729 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/plans/state.json
+76 -2
View File
@@ -1503,6 +1503,80 @@
"src/cli/skills.test.ts"
],
"test_status": "pnpm typecheck + pnpm test:run src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"installer_execution_global_policy_gate": {
"status": "completed",
"description": "Added a global skills execution policy gate (`skills.installation_execution`) with default disabled behavior, wiring install/execute CLI flows to return deterministic `execution_policy_disabled` receipts unless config explicitly enables execution",
"files_modified": [
"src/config/schema.ts",
"src/config/schema.test.ts",
"src/cli/skills.ts",
"src/cli/skills.test.ts",
"config/default.yaml"
],
"test_status": "pnpm typecheck + pnpm test:run src/config/schema.test.ts src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"installer_execution_policy_help_text": {
"status": "completed",
"description": "Improved user-facing execution guidance by documenting config gate requirements in CLI option help text and adding explicit render output when policy blocks installer execution",
"files_modified": [
"src/cli/skills.ts",
"src/cli/skills.test.ts"
],
"test_status": "pnpm typecheck + pnpm test:run src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"shell_runner_rollout_controls": {
"status": "completed",
"description": "Added explicit config-gated rollout control for shell runner usage (`skills.allow_shell_runner` default false), with deterministic CLI guard errors for install/execute when `--runner shell` is requested without policy enablement",
"files_modified": [
"src/config/schema.ts",
"src/config/schema.test.ts",
"src/cli/skills.ts",
"src/cli/skills.test.ts",
"config/default.yaml"
],
"test_status": "pnpm typecheck + pnpm test:run src/config/schema.test.ts src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"shell_runner_command_allowlist": {
"status": "completed",
"description": "Added command-level shell runner allowlisting via `skills.shell_runner_allowlist` patterns, wiring install/execute shell runs to block non-matching commands with deterministic `allowlist_blocked` receipt reasons",
"files_modified": [
"src/config/schema.ts",
"src/config/schema.test.ts",
"src/cli/skills.ts",
"src/cli/skills.test.ts",
"config/default.yaml"
],
"test_status": "pnpm typecheck + pnpm test:run src/config/schema.test.ts src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"shell_runner_audit_telemetry": {
"status": "completed",
"description": "Added deterministic shell-runner audit telemetry hooks using existing audit tool events, emitting policy denials and per-command outcomes for install/execute shell flows via `emitShellRunnerAuditEvents(...)`",
"files_modified": [
"src/cli/skills.ts",
"src/cli/skills.test.ts"
],
"test_status": "pnpm typecheck + pnpm test:run src/config/schema.test.ts src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"skills_installer_dedicated_audit_events": {
"status": "completed",
"description": "Added dedicated audit event types (`skills.installer.execution_blocked`, `skills.installer.command_result`) and migrated shell-runner telemetry emission from generic tool events to richer skills installer event contracts",
"files_modified": [
"src/audit/types.ts",
"src/audit/logger.ts",
"src/cli/skills.ts",
"src/cli/skills.test.ts"
],
"test_status": "pnpm typecheck + pnpm test:run src/cli/skills.test.ts + pnpm test:run + pnpm lint (warnings only, 0 errors) + pnpm build passing"
},
"skills_installer_audit_command_redaction_hashing": {
"status": "completed",
"description": "Hardened skills installer audit payload safety by hashing command strings and sanitizing potentially sensitive spawn-error reason details before emitting shell-runner command-result telemetry",
"files_modified": [
"src/cli/skills.ts",
"src/cli/skills.test.ts"
],
"test_status": "pnpm typecheck + pnpm test:run src/cli/skills.test.ts + pnpm test:run + pnpm lint + pnpm build passing"
}
}
}
@@ -1531,7 +1605,7 @@
},
"overall_progress": {
"total_test_count": 1560,
"total_test_count": 1575,
"all_tests_passing": true,
"p0_completion": "3/3 (100%)",
"p1_completion": "4/4 (100%)",
@@ -1551,7 +1625,7 @@
"gmail_auth_cli": "flynn gmail-auth command implemented with OAuth2 flow, doctor check, config routed to Telegram",
"native_audio_support": "completed — smart routing for native audio (Gemini/OpenAI/GitHub) vs Whisper transcription fallback",
"remaining_phases_completion": "Phase 1: 3/3 (100%) — context levels, command registry, memory structure. Phase 2: 2/2 (100%) — component registry, confidence routing. Phase 3: 2/2 (100%) — adaptive memory/compaction, truthfulness/autonomy hardening",
"next_up": "Skills infrastructure follow-up: define policy/autonomy model for safely enabling real installer execution beyond the current execution-disabled default"
"next_up": "Skills infrastructure follow-up: define phased enablement criteria for shell runner (allowlist governance, telemetry review, and rollout guardrails) now that audit command strings are hashed"
},
"soul_md_and_cron_create": {
"date": "2026-02-11",