AI.Tools.Shell.Util (fnord v0.8.27)

View Source

Utility functions for shell command validation and security checking.

This module provides functions to analyze shell commands for potentially dangerous syntax that could be used for command injection or other security vulnerabilities.

Summary

Functions

contains_disallowed_syntax?(cmd)

Checks if a shell command contains disallowed syntax.

Functions

contains_disallowed_syntax?(cmd)

@spec contains_disallowed_syntax?(binary()) :: boolean()

Checks if a shell command contains disallowed syntax.

Returns true if the command contains dangerous patterns like:

  • Pipes, redirection, or logical operators
  • Command substitution or process substitution
  • Unbalanced quotes or shell escape sequences
  • Dangerous characters like newlines, NUL bytes, or zero-width spaces

Examples

iex> AI.Tools.Shell.Util.contains_disallowed_syntax?("ls -l")
false

iex> AI.Tools.Shell.Util.contains_disallowed_syntax?("ls | grep foo")
true

iex> AI.Tools.Shell.Util.contains_disallowed_syntax?("echo 'safe | quoted'")
false