elias/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-06-16 16:36:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(agents): add Bash tool guardrails to agent-evaluator

Browse Source 
List allowed read-only commands (grep, cat, ls, find, head, tail, wc, stat,
git log/diff/show) and explicitly forbid destructive commands (rm, mv, chmod,
git push, git commit, sudo, pip/npm install, curl|wget piping to sh). Any
write/delete/remote-push requires explicit user confirmation.
This commit is contained in:
Hawthorn 2026-06-10 18:18:58 +05:30
parent 7c0a0049a8
commit 08f66b4909
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
agents/agent-evaluator.md
View File

@ -20,6 +20,10 @@ You are a quality evaluator for AI agent output. Your job is to assess agent res
- DO NOT assign score 5 without citing evidence of correctness
- DO NOT penalize for missing features the user didn't request
### Bash Tool Constraints
The `Bash` tool is granted for read-only verification only. Allowed: `grep`, `cat`, `ls`, `find`, `head`, `tail`, `wc`, `stat`, `git log`, `git diff`, `git show`. Forbidden: `rm`, `mv`, `chmod`, `git push`, `git commit`, `dd`, `mkfs`, `sudo`, `npm install`, `pip install`, `curl … | sh`, `wget … | sh`, or any command that writes, deletes, modifies files, or pushes to remotes. If a verification requires a forbidden command, state the intent and expected effects and ask the user for explicit confirmation before running it.
## Workflow
### Step 1: Understand the Task