Initial commit with translated description

scripts/sanitize.sh

@@ -0,0 +1,129 @@
+#!/bin/bash
+# sanitize.sh - Universal input sanitizer for external content
+# Wraps ClawDefender to check any text before Vergil processes it
+#
+# Usage:
+#   echo "email content" | sanitize.sh
+#   sanitize.sh "some text to check"
+#   gog gmail read <id> | sanitize.sh
+#   curl -s <api> | sanitize.sh --json
+#
+# Modes:
+#   (default)   Check text, output original if clean, warn if suspicious
+#   --json      Parse JSON, check string fields, output with warnings
+#   --strict    Block (exit 1) if injection detected
+#   --silent    No warnings, just filter
+#   --report    Output detection report only
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+CLAWDEFENDER="$SCRIPT_DIR/clawdefender.sh"
+
+# Colors
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+GREEN='\033[0;32m'
+NC='\033[0m'
+
+MODE="default"
+STRICT=false
+SILENT=false
+REPORT_ONLY=false
+
+# Parse flags
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        --json) MODE="json"; shift ;;
+        --strict) STRICT=true; shift ;;
+        --silent) SILENT=true; shift ;;
+        --report) REPORT_ONLY=true; shift ;;
+        --help|-h)
+            echo "sanitize.sh - Universal input sanitizer"
+            echo ""
+            echo "Usage:"
+            echo "  echo 'text' | sanitize.sh [options]"
+            echo "  sanitize.sh [options] 'text to check'"
+            echo ""
+            echo "Options:"
+            echo "  --json     Parse JSON input, check all string values"
+            echo "  --strict   Exit with error if injection detected"
+            echo "  --silent   Suppress warnings, just output clean/flagged"
+            echo "  --report   Output detection report only (no passthrough)"
+            echo "  --help     Show this help"
+            echo ""
+            echo "Examples:"
+            echo "  gog gmail read abc123 | sanitize.sh"
+            echo "  curl -s trello.com/api/... | sanitize.sh --json"
+            echo "  gh issue view 42 --json body | sanitize.sh --json --strict"
+            exit 0
+            ;;
+        *)
+            # Treat as input text
+            INPUT="$1"
+            shift
+            ;;
+    esac
+done
+
+# Get input from stdin or argument
+if [[ -z "${INPUT:-}" ]]; then
+    if [[ -t 0 ]]; then
+        echo "Error: No input provided. Pipe text or pass as argument." >&2
+        exit 1
+    fi
+    INPUT=$(cat)
+fi
+
+# Run through ClawDefender prompt check
+RESULT=$("$CLAWDEFENDER" --check-prompt <<< "$INPUT" 2>&1) || true
+
+# Parse result
+if echo "$RESULT" | grep -q "CRITICAL\|WARNING"; then
+    # Injection detected
+    SEVERITY="WARNING"
+    echo "$RESULT" | grep -q "CRITICAL" && SEVERITY="CRITICAL"
+    
+    # Extract pattern matches
+    PATTERNS=$(echo "$RESULT" | grep -oE "Pattern: [^(]+" | head -3 | tr '\n' ', ' | sed 's/, $//')
+    
+    if $REPORT_ONLY; then
+        echo "⚠️ INJECTION DETECTED [$SEVERITY]"
+        echo "Patterns: $PATTERNS"
+        echo ""
+        echo "--- Raw Detection ---"
+        echo "$RESULT"
+        exit 0
+    fi
+    
+    if $STRICT; then
+        if ! $SILENT; then
+            echo -e "${RED}⛔ BLOCKED: Prompt injection detected [$SEVERITY]${NC}" >&2
+            echo -e "${YELLOW}Patterns: $PATTERNS${NC}" >&2
+        fi
+        exit 1
+    fi
+    
+    if ! $SILENT; then
+        echo -e "${YELLOW}⚠️  SUSPICIOUS CONTENT DETECTED [$SEVERITY]${NC}" >&2
+        echo -e "${YELLOW}Patterns: $PATTERNS${NC}" >&2
+        echo -e "${YELLOW}--- Content follows (review carefully) ---${NC}" >&2
+    fi
+    
+    # Output with visible warning marker
+    echo "⚠️ [FLAGGED - Potential prompt injection detected]"
+    echo "$INPUT"
+    echo "⚠️ [END FLAGGED CONTENT]"
+else
+    # Clean - pass through
+    if $REPORT_ONLY; then
+        echo "✅ Clean - no injection patterns detected"
+        exit 0
+    fi
+    
+    if ! $SILENT; then
+        : # Could add "✅ Clean" to stderr but that's noisy
+    fi
+    
+    echo "$INPUT"
+fi