Add agnostic risk assessment for environment variable references

- Add IsAgnostic property to RiskAssessment and CommandRule models
- Update RiskCombiner to defer to AI when regex assessment is agnostic
- Change env var reference rules to be agnostic (defer to AI analysis)
- Add env-var-reference-powershell and env-var-reference-bash rules
- Regex no longer pre-judges env var usage, AI determines leak risk

Author: gfraiteur

src/PostSharp.Engineering.BuildTools/Mcp/Models/CommandRule.cs

@@ -40,4 +40,10 @@ public sealed class CommandRule
     /// If null, the rule applies whenever the pattern matches.
     /// </summary>
     public Func<CommandContext, bool>? Condition { get; init; }
+
+    /// <summary>
+    /// Gets a value indicating whether this rule is agnostic (defers to AI analysis).
+    /// When true, matching this rule will not influence the risk assessment - only AI will determine risk.
+    /// </summary>
+    public bool IsAgnostic { get; init; }
 }

src/PostSharp.Engineering.BuildTools/Mcp/Models/RiskAssessment.cs

@@ -41,6 +41,12 @@ public sealed class RiskAssessment
     /// </summary>
     public string? RuleName { get; init; }
 
+    /// <summary>
+    /// Gets a value indicating whether this assessment is agnostic (defers to AI analysis).
+    /// When true, this regex-based assessment should be ignored and only AI assessment used.
+    /// </summary>
+    public bool IsAgnostic { get; init; }
+
     public static RiskAssessment Default( string reason )
     {
         return new RiskAssessment

src/PostSharp.Engineering.BuildTools/Mcp/Services/CommandRules.cs

@@ -290,9 +290,30 @@ public static class CommandRules
         {
             Name = "export-env-variables",
             Pattern = new Regex( @"\$env:\w+\s*=", RegexOptions.IgnoreCase ),
-            RiskLevel = RiskLevel.High,
+            RiskLevel = RiskLevel.Low,
+            Recommendation = Recommendation.Approve,
+            Reason = "Setting environment variables - deferring to AI to determine if secrets are exposed",
+            IsAgnostic = true
+        },
+
+        new CommandRule
+        {
+            Name = "env-var-reference-powershell",
+            Pattern = new Regex( @"\$env:\w+", RegexOptions.IgnoreCase ),
+            RiskLevel = RiskLevel.Low,
+            Recommendation = Recommendation.Approve,
+            Reason = "Environment variable reference detected - deferring to AI to determine if leaked",
+            IsAgnostic = true
+        },
+
+        new CommandRule
+        {
+            Name = "env-var-reference-bash",
+            Pattern = new Regex( @"\$\{?\w+\}?", RegexOptions.None ),
+            RiskLevel = RiskLevel.Low,
             Recommendation = Recommendation.Approve,
-            Reason = "Setting environment variables - ensure no secrets are being exposed"
+            Reason = "Potential environment variable reference detected - deferring to AI analysis",
+            IsAgnostic = true
         }
     };
 

src/PostSharp.Engineering.BuildTools/Mcp/Services/RegexRuleEngine.cs

@@ -58,7 +58,8 @@ public Task<RiskAssessment> EvaluateAsync(
                 Level = rule.RiskLevel,
                 Recommendation = rule.Recommendation,
                 Reason = rule.Reason,
-                RuleName = rule.Name
+                RuleName = rule.Name,
+                IsAgnostic = rule.IsAgnostic
             } );
         }
 

src/PostSharp.Engineering.BuildTools/Mcp/Services/RiskCombiner.cs

@@ -18,6 +18,12 @@ public static class RiskCombiner
     /// <returns>A combined risk assessment with the maximum risk level and most restrictive recommendation.</returns>
     public static RiskAssessment Combine( RiskAssessment aiAssessment, RiskAssessment regexAssessment )
     {
+        // If regex assessment is agnostic, use only AI assessment
+        if ( regexAssessment.IsAgnostic )
+        {
+            return aiAssessment;
+        }
+
         // Take the maximum (most restrictive) risk level
         var maxLevel = (RiskLevel) Math.Max( (int) aiAssessment.Level, (int) regexAssessment.Level );