RooCode Security Middleware - Enterprise take on security, Proposed by DreamHost.

[ThatChillGuy]

Related GitHub Issue

Closes: # #7912

Roo Code Task Context (Optional)

Description

A complete security middleware system that protects sensitive files and commands from AI access.

What it does:

• BLOCK confidential files/commands completely (no access allowed)
• ASK for user approval before accessing sensitive files/commands/env variables
• Three-tier config system: Project→ Global → Custom YAML configs
• Smart pattern matching: Supports wildcards, directory patterns, exact matches
• Command validation: Handles direct commands, scripting languages, command chaining
• UI integration: Settings panel to manage configs and toggle security on/off

Why it's important:

• Prevents AI from accessing secrets, credentials, financial data, and other confidential information
• Gives users control over what the AI can and cannot access
• Essential for enterprise and sensitive project environments
• Provides flexible security policies through hierarchical configuration

Implementation: Built from scratch including SecurityGuard class, UI components, three-tier YAML config loading, comprehensive test suite, and seamless integration with the task system.

Test Procedure

1. Run npm test - All 3,022 tests should pass ✅
2. Run npm run check-types - TypeScript compilation should be clean ✅
3. Enable Security Middleware in Experimental settings
4. Add custom config path (e.g., ~/custom-security.yaml)
5. Create the custom YAML file with security rules
6. Verify custom rules are enforced alongside global/project rules

Unit Test Results:

• ✅ Test Files: 241 passed | 4 skipped (245)
• ✅ Tests: 3,022 passed | 48 skipped (3,070)
• ✅ Success Rate: 100%

Pre-Submission Checklist

• Issue Linked: This PR is linked to an approved GitHub Issue (see "Related GitHub Issue" above).
• Scope: My changes are focused on the linked issue (one major feature/fix per PR).
• Self-Review: I have performed a thorough self-review of my code.
• Testing: New and/or updated tests have been added to cover my changes (if applicable).
• Documentation Impact: I have considered if my changes require documentation updates (see "Documentation Updates" section below).
• Contribution Guidelines: I have read and agree to the Contributor Guidelines.

Screenshots / Videos

<!--

For UI changes, please provide before-and-after screenshots or a short video of the actual results.
This greatly helps in understanding the visual impact of your changes.
-->

Documentation Updates

Documentation needed for the Security Middleware feature:*

Security Middleware Overview** - Explain what it is and why users would want it

Additional Notes

Get in Touch

Discord- kikin111

---

Important

Introduces a comprehensive security middleware system in RooCode to protect sensitive files and commands from AI access, featuring a new SecurityGuard class, UI components, and a three-tier YAML configuration system.

• Security Middleware:
  • Introduces SecurityGuard class in SecurityGuard.ts to manage AI access to sensitive files and commands.
  • Implements three-tier YAML configuration system (global, project, custom) for security rules.
  • Supports blocking and approval requests for file and command access.
  • Integrates with task system in Task.ts and various tools like executeCommandTool.ts.
• UI and Configuration:
  • Adds UI components for managing security settings in ExperimentalSettings.tsx.
  • Supports custom security config paths and toggling security middleware.
  • Updates settings.json in multiple locales for new security settings.
• Testing and Documentation:
  • Comprehensive test suite in SecurityGuard.spec.ts and related fixtures.
  • Updates to README.md and other documentation for new security features.

^{This description was created by for e0e8d76. You can customize this summary. It will automatically update as commits are pushed.}

[ellipsis-dev]

Typo: It looks like there is an unexpected character '�' at the beginning of the string on this line. Please verify if this is intended or remove it.

Suggested change

	content: `� SECURITY PERMISSION REQUIRED 🔒\n\nThe AI is requesting access to a SENSITIVE file:\n\n📁 File: ${relPath}\n🛡️ Security Pattern: ${securityCheck.pattern}\n⚠️ Risk: This file may contain sensitive information like environment variables, tokens, or credentials.\n\n❓ Do you want to ALLOW the AI to read this sensitive file?\n\n✅ Click AGREE to grant access\n❌ Click REJECT to deny access`,
	content: `SECURITY PERMISSION REQUIRED 🔒\n\nThe AI is requesting access to a SENSITIVE file:\n\n📁 File: ${relPath}\n🛡️ Security Pattern: ${securityCheck.pattern}\n⚠️ Risk: This file may contain sensitive information like environment variables, tokens, or credentials.\n\n❓ Do you want to ALLOW the AI to read this sensitive file?\n\n✅ Click AGREE to grant access\n❌ Click REJECT to deny access`,

[ThatChillGuy]

fixing

[ellipsis-dev]

Typo: Consider replacing "MiddleWare" with "Middleware" for consistent and correct spelling.

Suggested change

	"name": "RooCode Security MiddleWare",
	"name": "RooCode Security Middleware",

[roomote]

Thank you for your contribution! I've reviewed the Security Middleware implementation and found several issues that need attention before this can be merged.

Critical Issues (Must Fix):

1. Merge Conflicts - The PR currently has merge conflicts (status: CONFLICTING) that must be resolved before it can be merged.

2. Excessive Console Logging - The SecurityGuard class contains 45+ console.log statements that should be removed or replaced with a proper logging system before production.

3. Error Handling - Several catch blocks silently swallow errors without proper logging (e.g., lines 289, 337 in SecurityGuard.ts). Errors should at least be logged for debugging.

Important Suggestions (Should Consider):

4. Input Validation - The custom config path from the UI (line 2039 in Task.ts) is used without proper validation, which could lead to path traversal vulnerabilities. Consider adding validation to ensure paths are within expected boundaries.

5. Performance Concerns - The pattern matching in validateCommand() iterates through all patterns for every command. Consider pre-compiling regex patterns and caching them for better performance.

6. Test Coverage - While there are comprehensive unit tests, integration testing for the UI components and three-tier config merging would strengthen the implementation.

Minor Improvements:

7. Code Documentation - Many complex methods lack JSDoc comments explaining their purpose and parameters.

8. Magic Numbers - Hard-coded values (e.g., 1000ms interval at line 1187 in Task.ts) should be configurable constants.

9. TypeScript Types - Several places use 'any' type (e.g., line 2033 in Task.ts) which reduces type safety.

Summary:

This is a valuable feature for enterprise security, but it needs some cleanup before merging. The most critical issue is resolving the merge conflicts. After that, addressing the console logging and error handling would significantly improve code quality.

[ThatChillGuy]

Windows test is failing in the main branch, it's not us. https://github.com/RooCodeInc/Roo-Code/actions/runs/17744622875/job/50426708240