agent-os/templates/policies/secure-coding.yaml at master · imran-siddique/agent-os · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# Secure Coding Policy Template
# Prevents common security vulnerabilities in code

kernel:
  version: "1.0"
  mode: strict
  template: secure-coding

description: |
  Comprehensive security policy for preventing common coding vulnerabilities.
  Recommended for all production code.

signals:
  enabled:
    - SIGSTOP   # Pause for human review
    - SIGKILL   # Terminate on critical violation

policies:
  # ============================================
  # SQL Injection Prevention
  # ============================================
  - name: sql_injection_prevention
    description: Block raw SQL string concatenation
    severity: critical
    deny:
      - patterns:
          # String concatenation in SQL
          - '["\']\s*\+\s*\w+\s*\+\s*["\'].*(?:SELECT|INSERT|UPDATE|DELETE|DROP)'
          - 'f["\'].*(?:SELECT|INSERT|UPDATE|DELETE|DROP).*\{.*\}'
          - '\.format\(.*\).*(?:SELECT|INSERT|UPDATE|DELETE|DROP)'
    action: SIGKILL
    message: "Use parameterized queries instead of string concatenation"

  # ============================================
  # Destructive Operations
  # ============================================
  - name: destructive_sql
    description: Block destructive SQL operations
    severity: critical
    deny:
      - patterns:
          - '\bDROP\s+(TABLE|DATABASE|INDEX|VIEW|SCHEMA)\b'
          - '\bTRUNCATE\s+TABLE\b'
          - '\bDELETE\s+FROM\s+\w+\s*;'  # DELETE without WHERE
    action: SIGKILL
    message: "Destructive SQL operations blocked"

  # ============================================
  # Command Injection Prevention
  # ============================================
  - name: command_injection_prevention
    description: Block shell command execution with user input
    severity: critical
    deny:
      - patterns:
          - 'os\.system\s*\('
          - 'subprocess\.call\s*\(\s*["\'][^"\']*\$'
          - 'eval\s*\('
          - 'exec\s*\('
          - 'child_process\.exec\s*\('
    action: SIGKILL
    message: "Use safe alternatives like subprocess.run with shell=False"

  # ============================================
  # Path Traversal Prevention
  # ============================================
  - name: path_traversal_prevention
    description: Block path traversal patterns
    severity: high
    deny:
      - patterns:
          - '\.\./\.\.'
          - '\.\.\\\.\\'
          - '%2e%2e%2f'
          - '%252e%252e%252f'
    action: SIGKILL
    message: "Path traversal attempt detected"

  # ============================================
  # Insecure Randomness
  # ============================================
  - name: insecure_randomness
    description: Flag use of weak random generators for security
    severity: medium
    deny:
      - patterns:
          - 'Math\.random\s*\(\)'  # JavaScript
          - 'random\.random\s*\('  # Python (in security context)
          - 'rand\s*\(\)'          # C/C++
    action: SIGSTOP
    message: "Use cryptographically secure random (secrets, crypto.randomBytes)"

  # ============================================
  # Hardcoded Credentials
  # ============================================
  - name: hardcoded_credentials
    description: Block hardcoded passwords and secrets
    severity: critical
    deny:
      - patterns:
          - '(?i)(password|passwd|pwd)\s*[:=]\s*["\'][^"\']{4,}["\']'
          - '(?i)(api[_-]?key|apikey)\s*[:=]\s*["\'][A-Za-z0-9]{16,}["\']'
          - '(?i)(secret[_-]?key)\s*[:=]\s*["\'][^"\']{16,}["\']'
          - '(?i)(access[_-]?token)\s*[:=]\s*["\'][^"\']{16,}["\']'
          # Common API key patterns
          - 'sk-[A-Za-z0-9]{32,}'   # OpenAI
          - 'ghp_[A-Za-z0-9]{36}'   # GitHub
          - 'AKIA[A-Z0-9]{16}'      # AWS
    action: SIGKILL
    message: "Use environment variables or secret management"

  # ============================================
  # Insecure Protocols
  # ============================================
  - name: insecure_protocols
    description: Flag use of insecure protocols
    severity: medium
    deny:
      - patterns:
          - 'http://'              # Non-HTTPS
          - 'ftp://'               # Unencrypted FTP
          - 'telnet://'            # Telnet
    exceptions:
      - 'http://localhost'
      - 'http://127.0.0.1'
    action: SIGSTOP
    message: "Use secure protocols (HTTPS, SFTP, SSH)"

  # ============================================
  # Dangerous File Operations
  # ============================================
  - name: dangerous_file_ops
    description: Block dangerous file system operations
    severity: high
    deny:
      - patterns:
          - 'rm\s+-rf\s+/'
          - 'shutil\.rmtree\s*\(["\']/'
          - 'chmod\s+777'
          - 'chmod\s+\+s'
    action: SIGKILL
    message: "Dangerous file operation blocked"

audit:
  enabled: true
  log_path: "./logs/security-audit.log"
  include:
    - all_violations
    - policy_checks
    - signals
  retention_days: 90

notifications:
  on_block: true
  on_warning: true
  webhook: null  # Optional: https://your-webhook.com/alerts