Interface ShellSafetyRule

A shell safety rule with a human-readable name, detection regex, and explanation of why it's forbidden.

interface ShellSafetyRule {
    id: string;
    description: string;
    pattern: RegExp;
    rationale: string;
}

Properties

id: string

Short identifier for the rule (e.g. 'nested-param-expansion').

description: string

Human-readable description of what this rule detects.

pattern: RegExp

Regex that detects the forbidden pattern in shell code.

rationale: string

Explanation of why this pattern is dangerous in sandboxed execution.