Security Check

Verify shell commands are classified correctly:

• CRITICAL: rm -rf /, mkfs, dd if=, format commands
• HIGH: python -c, node -e, docker run, PowerShell -enc, eval(), exec()
• MEDIUM: Package installs, git push, service restarts
• LOW: Read-only operations (ls, cat, git status)
• Check classifyShellRisk() in src/security/policy.ts

4. Output Guard Patterns

Verify LLM output scanning covers:

• XSS: <script>, javascript: URIs, event handlers (onload=, onerror=)
• Code execution: eval(), Function(), import(), child_process
• SQL injection: DROP TABLE, DELETE FROM, UNION SELECT
• Destructive commands: rm -rf /
• Check src/security/output-guard.ts

5. Memory Integrity

Verify memory system is tamper-resistant:

• MemCells have SHA-256 checksums via computeChecksum()
• verifyChecksum() detects tampering
• loadMemCells() validates JSON with isMemCell() type guard
• Injection scanning on write (blocks score >= 4)

6. Authentication and Crypto

Verify cryptographic operations:

• HMAC comparison uses timingSafeEqual with hex validation
• Vault uses XChaCha20-Poly1305 (via @noble/ciphers)
• Vault key file restricted to mode 0o600
• Atomic write-then-rename for vault and cache operations