codecrucible-synth/dist/core/security/claude-code-security.d.ts

Production-Ready AI Development Platform with Multi-Voice Synthesis, Smithery MCP Integration, Enterprise Security, and Zero-Timeout Reliability

/**
 * Claude Code-inspired Security System
 * Based on research of Claude Code security patterns (2024-2025)
 *
 * Key principles from Claude Code:
 * 1. User consent for potentially dangerous operations
 * 2. Path validation and CWD restrictions
 * 3. Command whitelisting with user approval for outliers
 * 4. Context-aware security rather than blanket blocking
 * 5. Audit logging for security monitoring
 */
import { EventEmitter } from 'events';
export interface SecurityContext {
    operation: string;
    filePath?: string;
    command?: string;
    userInput: string;
    workingDirectory: string;
    timestamp: Date;
}
export interface SecurityDecision {
    action: 'allow' | 'block' | 'askUser';
    reason: string;
    riskLevel: 'low' | 'medium' | 'high' | 'critical';
    requiresConsent?: boolean;
    suggestedActions?: string[];
}
export interface UserConsentRequest {
    id: string;
    context: SecurityContext;
    decision: SecurityDecision;
    message: string;
    options: ConsentOption[];
}
export interface ConsentOption {
    id: string;
    label: string;
    description: string;
    action: 'allow' | 'deny' | 'modify';
}
export interface SecurityPolicy {
    allowedPaths: string[];
    blockedPaths: string[];
    requireConsentForPaths: string[];
    whitelistedCommands: string[];
    dangerousCommands: string[];
    requireConsentForCommands: string[];
    allowedFileExtensions: string[];
    dangerousFileExtensions: string[];
    requireConsentForExtensions: string[];
    developmentKeywords: string[];
    sqlKeywords: string[];
    systemCommands: string[];
}
/**
 * Claude Code-inspired security system that prioritizes user consent over blanket blocking
 */
export declare class ClaudeCodeSecurity extends EventEmitter {
    private workingDirectory;
    private policy;
    private auditLog;
    private pendingConsentRequests;
    constructor(workingDirectory?: string);
    private createDefaultPolicy;
    /**
     * Main security evaluation method - Claude Code inspired
     */
    evaluateSecurity(context: SecurityContext): Promise<SecurityDecision>;
    private evaluatePathSecurity;
    private evaluateCommandSecurity;
    private evaluateContentSecurity;
    /**
     * Determine if content is in a development context
     */
    private isDevelopmentContext;
    /**
     * Determine if content is in a SQL/database context
     */
    private isSQLContext;
    /**
     * Determine if content is in a system administration context
     */
    private isSystemContext;
    /**
     * Check if content is requesting file modifications
     */
    private isFileModificationRequest;
    private matchesPattern;
    /**
     * Create user consent request (Claude Code pattern)
     */
    requestUserConsent(context: SecurityContext, decision: SecurityDecision): Promise<UserConsentRequest>;
    private formatConsentMessage;
    private createConsentOptions;
    /**
     * Get security audit log
     */
    getAuditLog(limit?: number): SecurityContext[];
    /**
     * Clear audit log (for privacy)
     */
    clearAuditLog(): void;
    /**
     * Update security policy
     */
    updatePolicy(updates: Partial<SecurityPolicy>): void;
}
//# sourceMappingURL=claude-code-security.d.ts.map