UNPKG

aiwg

Version:

Deployment tool and support utility for AI context. Copies agents, skills, commands, rules, and behaviors into the paths each AI platform reads (Claude Code, Codex, Copilot, Cursor, Warp, OpenClaw, and 6 more) so one source of truth works across 10 platfo

aiwg.io

jmagly/aiwg

37 lines 1.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
/** * Path-emission allowlist for AGENTS.md link-index entries. * * Per ADR-1 §2 (security mitigation R2): the generator MUST only emit `Path:` values * that match a path produced by the AIWG-owned PROVIDER_PATHS map plus the canonical * `~/.agents/skills/` cross-provider user-scope target. Files deployed by project-local * manifests at non-AIWG paths are not indexed. This closes the link-redirect attack * surface where a malicious project-local artifact could cite a shadow file outside * AIWG's path-map domain. */ /** * Result of an allowlist check. */ export interface AllowlistResult { ok: boolean; /** Reason path was rejected; empty when ok=true */ rejectedFor: string; /** True when the path matched a user-scope prefix (~/...) */ isUserScope: boolean; } /** * Check whether a path is allowed in an AGENTS.md link-index entry. * * Accepts both relative project-scope paths and absolute user-scope paths * (rooted in homedir()). Rejects all other paths. * * Path normalization: * - Backslashes are converted to forward slashes for cross-platform compatibility. * - Leading `./` is stripped. * - `..` segments anywhere in the path cause rejection (prevents escaping the project root). */ export declare function checkPathAllowed(inputPath: string): AllowlistResult; export declare const ALLOWLIST_INTERNALS: { AIWG_PATH_PREFIXES_RELATIVE: readonly string[]; AIWG_PATH_PREFIXES_USER: readonly string[]; }; //# sourceMappingURL=allowlist.d.ts.map