The dangerous command protection system now includes intelligent exemptions for safe developer tools. This prevents false positives when running linters, formatters, type checkers, and other QA tools that may modify files but are not destructive in a dangerous way.
The following developer tools are automatically exempted from dangerous command detection:
- ruff - Python linter and formatter
- black - Python code formatter
- isort - Python import sorter
- autopep8 - Python code formatter
- yapf - Python formatter
- mypy - Static type checker
- pylint - Code analysis tool
- flake8 - Style guide enforcement
- bandit - Security linter
- pyright - Static type checker
- pycodestyle - Style checker
- pydocstyle - Docstring checker
- pytest - Testing framework
- eslint - Linter
- prettier - Code formatter
- tslint - TypeScript linter
- stylelint - CSS linter
- jest - Testing framework
- mocha - Testing framework
- vitest - Testing framework
- cargo - Package manager (fmt, clippy, test)
- rustfmt - Code formatter
- clippy - Linter
- gofmt - Code formatter
- goimports - Import formatter
- golint - Linter
- go - Go toolchain (fmt, test)
- clang-format - Code formatter
- clang-tidy - Linter
- prettier - Multi-language formatter
- editorconfig - Editor configuration
The system uses two detection methods:
- Pattern Matching: Fast regex-based detection of common tool invocations
- Fallback Checks: Secondary checks for tools invoked via language runtimes
Safe tool invocations that no longer trigger dangerous command warnings include:
# Python tools
ruff check --fix .
python -m black src/
./.venv/Scripts/python.exe -m mypy --strict .
# JavaScript tools
eslint --fix src/
npx prettier --write .
# Rust tools
cargo fmt
cargo clippy --fix
# Go tools
gofmt -w .
go fmt ./...Without dev tool exemptions, commands like ruff --fix might trigger dangerous command patterns because:
- They modify files automatically
- They use flags that suggest destructive operations
- Pattern matching could confuse them with actual dangerous commands
With dev tool exemptions:
- QA tools are recognized and allowed
- Actual dangerous commands (like
rm -rf) are still blocked - Developers can use their normal workflows without interruption
- Developers running code formatters and linters locally without false alarms.
- Continuous integration pipelines that invoke static analysis tools.
- Automated build steps that run test suites and code quality checks before deployment.
Developer tool exemptions are enabled by default and require no configuration. The system automatically:
- Detects dev tool invocations
- Allows them to proceed
- Logs them at DEBUG level (not WARNING)
The exemption logic is implemented in CommandExtractionService.is_safe_dev_tool_command():
- Quick pattern match for performance
- Tool name extraction from various invocation styles
- Support for wrapped invocations (python -m tool, npx tool, etc.)
Developer tools are considered safe because:
- They operate on code/configuration files within the project
- They follow established coding standards
- They are essential for development workflows
- They don't delete entire directories or rewrite git history
Actual dangerous operations like:
rm -rf /git reset --hardgit push --force- Windows recursive deletion commands
...are still properly detected and blocked.
If you need to add additional safe tools, you can:
- Submit a PR to add the tool to
CommandExtractionService._SAFE_DEV_TOOLS - Or open an issue describing the tool and why it should be exempted