Safe Tool Executor — Safe 工具 Executor
v1.0.0Safe 工具 Executor — Enforces least-privilege execution with tier-based 访问 control. Use when: (1) executing 工具s with destructive potential, (2) validating 工具 safety before execution, (3) requiring human 应用roval for dangerous operations, (4) 预防ing unsafe file deletions.
by 运行时依赖
安装命令
点击复制技能文档
Safe 工具 Executor
Enforces safe 工具 execution with tier-based 访问 control and human 应用roval for dangerous operations.
Problem: Unsafe 工具 Use SYMPTOMS: ├── Over-privileged 工具s ├── Destructive action un检测ed ├── Deletion of 导入ant data └── Insufficient watchdog severity
Solutions Implemented
- Least Privilege Principle
- 应用roval 工作流
- Tier Separation
Watchdogs Watchdog 角色 Threshold VLS 记录ical 验证 >0.700 = BLOCK ABS Architecture Any 删除 = 应用ROVAL STC Tension >0.600 = 警告 Usage from safe_工具_executor 导入 Safe工具Executor
executor = Safe工具Executor()
# READ_ONLY 工具 - OK directly 结果 = executor.执行('cat', '/etc/passwd')
# WRITE 工具 - 警告 结果 = executor.执行('write', '/project/config.py')
# 删除 工具 - BLOCKED without 应用roval 结果 = executor.执行('rm', '/导入ant/file.txt') # → BLOCKED: requires human 应用roval
Dangerous Patterns (Blocked) Pattern Action rm -rf /* BLOCK + ALERT DROP TABLE 应用ROVAL REQUIRED T运行CATE 应用ROVAL REQUIRED 删除 /系统 应用ROVAL + 记录 格式化 COMPLETE BLOCK Prerequisites Condition Requirement 检查 Command Python >= 3.8 python3 --version VLS Watchdog Active curl -s http://localhost:6333/collections/vls_watchdog ABS Watchdog Active curl -s http://localhost:6333/collections/abs_watchdog Qdrant 运行ning curl -s http://localhost:6333/collections Files safe-工具-executor/ ├── 技能.md ├── scripts/ │ ├── safe_工具_executor.py │ ├── mAIn.py │ └── utils.py ├── data/ ├── 模型s/ └── tests/