MCPxelMCPxel
Co-Pilot / 辅助式
更新于 24 days ago

claude-setup

Ffront-depiction
0.0k
front-depiction/claude-setup
78
Agent 评分

💡 摘要

该项目为Claude Code工具使用提供基于模式的建议和权限控制。

🎯 适合人群

软件开发人员代码审查员DevOps工程师技术团队负责人质量保证测试人员

🤖 AI 吐槽:看起来很能打,但别让配置把人劝退。

安全分析严重风险

风险:Critical。建议检查:是否执行 shell/命令行指令。以最小权限运行,并在生产环境启用前审计代码与依赖。

.claude

Pattern-based suggestions and guardrails for Claude Code tool usage via PreToolUse/PostToolUse hooks.

Overview

The pattern-detector system hooks into Claude Code's PreToolUse and PostToolUse events to provide:

  • Context-aware suggestions when patterns are detected in tool inputs
  • Permission controls (ask/deny) for dangerous operations
  • Automatic skill recommendations based on code patterns

Patterns

Patterns are markdown files in .claude/patterns/ with YAML frontmatter that match against tool inputs:

---
name: prefer-option-over-null
description: Suggest Option type instead of null/undefined
event: PostToolUse
tool: Edit|Write
glob: "**/*.ts"
pattern: "\bnull\b|\bundefined\b"
action: context
level: info
tag: code-smell
---

Use `Option<A>` from Effect instead of `null` or `undefined`:

```typescript
// Avoid
const findUser = (id: string): User | null => ...

// Prefer
const findUser = (id: string): Option.Option<User> => ...

## Pattern Schema

Frontmatter fields (from `patterns/schema.ts`):

- `name`: Unique identifier for the pattern
- `description`: Human-readable description
- `event`: "PreToolUse" | "PostToolUse" (default: PostToolUse)
- `tool`: Regex matching tool names (default: ".*")
- `glob`: Optional glob pattern for file paths (e.g., "**/*.ts")
- `pattern`: Regex matching tool input content (command, new_string, content, etc.)
- `action`: "context" | "ask" | "deny" (default: context)
- `level`: "critical" | "high" | "medium" | "warning" | "info" (default: info)
- `tag`: Optional XML tag for context blocks (default: "pattern-suggestion")

### Actions

- `context`: Add suggestion to PostToolUse response
- `ask`: Prompt user for permission (PreToolUse only)
- `deny`: Block the operation with reason (PreToolUse only)

### Content Matching

The pattern detector searches these fields in order:
1. `command` (Bash)
2. `new_string` (Edit)
3. `content` (Write)
4. `pattern` (Grep)
5. `query` (WebSearch)
6. `url` (WebFetch)
7. `prompt` (WebFetch)

Falls back to JSON.stringify(tool_input) if none match.

## Testing

`test/TestClaude.ts` provides tool shape constructors for testing patterns:

```typescript
import * as TestClaude from "./.claude/test/TestClaude"
import { runPatternDetector } from "./.claude/hooks/pattern-detector"

// Create pre/post hook inputs
const bashHook = TestClaude.Bash({ command: "rm -rf /" })
const editHook = TestClaude.Edit({
  file_path: "/foo.ts",
  old_string: "old",
  new_string: "null"
})

// Test against patterns
const output = await runPatternDetector(bashHook.pre)
// or
const output = await runPatternDetector(editHook.post)

Each tool constructor returns { pre, post } shapes with correct tool_name and hook_event_name.

Files

  • hooks/pattern-detector.ts: Main hook implementation (PreToolUse/PostToolUse)
  • patterns/schema.ts: Pattern frontmatter Schema definitions
  • patterns/TEMPLATE.md: Template for new patterns
  • patterns/dangerous-commands/: PreToolUse ask/deny patterns
  • patterns/code-smells/: PostToolUse context suggestions
  • test/TestClaude.ts: Tool shape constructors for testing
  • CLAUDE.md: Project guidelines referencing pattern system
五维分析
清晰度8/10
创新性7/10
实用性9/10
完整性7/10
可维护性8/10
优缺点分析

优点

  • 通过模式检测增强代码安全性。
  • 提供上下文感知的建议。
  • 允许对风险操作进行权限控制。

缺点

  • 需要维护模式文件。
  • 可能会给新用户带来复杂性。
  • 依赖于Claude Code工具。

相关技能

ccmp

A
toolCo-Pilot / 辅助式
86/ 100

“看起来很能打,但别让配置把人劝退。”

查看测评

claude-mods

A
toolCo-Pilot / 辅助式
86/ 100

“看起来很能打,但别让配置把人劝退。”

查看测评

agentic-qe

A
toolCo-Pilot / 辅助式
86/ 100

“看起来很能打,但别让配置把人劝退。”

查看测评

免责声明:本内容来源于 GitHub 开源项目,仅供展示和评分分析使用。

版权归原作者所有 front-depiction.