Skip to content

feat: add YARA scanning#305

Merged
sarahxsanders merged 19 commits intomainfrom
hackathon
Mar 12, 2026
Merged

feat: add YARA scanning#305
sarahxsanders merged 19 commits intomainfrom
hackathon

Conversation

@sarahxsanders
Copy link
Contributor

@sarahxsanders sarahxsanders commented Feb 28, 2026
edited
Loading

just prefacing that this is not officially yara scanning, it's yara-like JS regex rules rather than the real YARA C library to avoid native binary dependencies

v1 of wizard security hardening. adds YARA-style scanning hooks:

  • yara-scanner.ts enforces 14 security rules covering PII leakage, hardcoded secrets, autocapture/config violations, prompt injection, secret exfiltration, destructive filesystem operations, and supply chain risks
  • scanner is wired into agent via PreToolUse and PostToolUse w/ yara-hooks.ts
  • pre-hooks block dangerous Bash commands before execution
  • post-hooks detect violations in written code, prompt injection in read content, and scan downloaded skill files
  • uses JS regex YARA-style scans

Hardening (latest changes)

was doing some more testing and came across some things that could make this better before shipping:

  • fail-closed error handling all hook catch blocks now block/revert/terminate instead of silently allowing. if the scanner errors, the command is denied, not permitted
  • input size cap scan content is truncated to 100KB to prevent pathological regex performance
  • rm -r -f bypass fix destructive_rm rule now catches separated flags (rm -r -f, rm -f -r), not just combined (rm -rf)
  • severity prioritization hooks now act on the highest-severity match, not the first one encountered

Testing

  • unit tests passed
  • ran the wizard locally and confirmed YARA hooks were active via log:
grep YARA /tmp/posthog-wizard.log
[YARA] Scanning 8 files in skill directory: .claude/skills/posthog-integration-android

@github-actions
Copy link

github-actions bot commented Feb 28, 2026

🧙 Wizard CI

Run the Wizard CI and test your changes against wizard-workbench example apps by replying with a GitHub comment using one of the following commands:

Test all apps:

  • /wizard-ci all

Test all apps in a directory:

  • /wizard-ci android
  • /wizard-ci angular
  • /wizard-ci astro
  • /wizard-ci django
  • /wizard-ci fastapi
  • /wizard-ci flask
  • /wizard-ci javascript-node
  • /wizard-ci javascript-web
  • /wizard-ci laravel
  • /wizard-ci next-js
  • /wizard-ci nuxt
  • /wizard-ci python
  • /wizard-ci rails
  • /wizard-ci react-native
  • /wizard-ci react-router
  • /wizard-ci sveltekit
  • /wizard-ci swift
  • /wizard-ci tanstack-router
  • /wizard-ci tanstack-start
  • /wizard-ci vue

Test an individual app:

  • /wizard-ci android/Jetchat
  • /wizard-ci angular/angular-saas
  • /wizard-ci astro/astro-hybrid-marketing
Show more apps
  • /wizard-ci astro/astro-ssr-docs
  • /wizard-ci astro/astro-static-marketing
  • /wizard-ci astro/astro-view-transitions-marketing
  • /wizard-ci django/django3-saas
  • /wizard-ci fastapi/fastapi3-ai-saas
  • /wizard-ci flask/flask3-social-media
  • /wizard-ci javascript-node/express-todo
  • /wizard-ci javascript-node/fastify-blog
  • /wizard-ci javascript-node/hono-links
  • /wizard-ci javascript-node/koa-notes
  • /wizard-ci javascript-node/native-http-contacts
  • /wizard-ci javascript-web/saas-dashboard
  • /wizard-ci laravel/laravel12-saas
  • /wizard-ci next-js/15-app-router-saas
  • /wizard-ci next-js/15-app-router-todo
  • /wizard-ci next-js/15-pages-router-saas
  • /wizard-ci next-js/15-pages-router-todo
  • /wizard-ci nuxt/movies-nuxt-3-6
  • /wizard-ci nuxt/movies-nuxt-4
  • /wizard-ci python/meeting-summarizer
  • /wizard-ci rails/fizzy
  • /wizard-ci react-native/expo-react-native-hacker-news
  • /wizard-ci react-native/react-native-saas
  • /wizard-ci react-router/react-router-v7-project
  • /wizard-ci react-router/rrv7-starter
  • /wizard-ci react-router/saas-template
  • /wizard-ci react-router/shopper
  • /wizard-ci sveltekit/CMSaasStarter
  • /wizard-ci swift/hackers-ios
  • /wizard-ci tanstack-router/tanstack-router-code-based-saas
  • /wizard-ci tanstack-router/tanstack-router-file-based-saas
  • /wizard-ci tanstack-start/tanstack-start-saas
  • /wizard-ci vue/movies

Results will be posted here when complete.

@sarahxsanders sarahxsanders reopened this Feb 28, 2026
@sarahxsanders sarahxsanders changed the title feat: wizard policies feat: add YARA scanning Mar 4, 2026
@sarahxsanders sarahxsanders mentioned this pull request Mar 4, 2026
Merged
@sarahxsanders sarahxsanders marked this pull request as ready for review March 4, 2026 22:47
@sarahxsanders sarahxsanders requested a review from a team March 4, 2026 22:47
@edwinyjlim
Copy link
Member

edwinyjlim commented Mar 4, 2026

rebase on the latest since a lot has changed

@sarahxsanders sarahxsanders force-pushed the hackathon branch 3 times, most recently from 1a585cd to e68d3af Compare March 4, 2026 23:51
joshsny
joshsny reviewed Mar 5, 2026
View reviewed changes
Copy link
Collaborator

@joshsny joshsny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is really nice! 👌

edwinyjlim
edwinyjlim approved these changes Mar 5, 2026
View reviewed changes
Copy link
Member

@edwinyjlim edwinyjlim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

okay this is great!

I think the biggest thing is deciding which file is the single source for defining the rules.

The other note is how can we see the output of all the scanner results in one place? Should we have a --scan-report argument that prints out the results from memory?

We'll need something like this for local testing and CI

── YARA Scanner Summary ──
✓ 12 tool calls scanned, 2 violations detected

  [BLOCKED] secret_exfiltration_via_command (CRITICAL) — PreToolUse:Bash
  [REVERTED] pii_in_capture_call (HIGH) — PostToolUse:Write

No violations: ✓ 10 clean scans

@sarahxsanders
Copy link
Contributor Author

sarahxsanders commented Mar 5, 2026

thank you @edwinyjlim!! cleaned it up 🧼

@sarahxsanders sarahxsanders requested review from a team and edwinyjlim March 5, 2026 22:04
gewenyu99
gewenyu99 approved these changes Mar 10, 2026
View reviewed changes
Copy link
Contributor

@gewenyu99 gewenyu99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noice

@sarahxsanders sarahxsanders merged commit 6f4fb52 into main Mar 12, 2026
16 checks passed
@sarahxsanders sarahxsanders deleted the hackathon branch March 12, 2026 00:04
@releaser-wizard releaser-wizard bot mentioned this pull request Mar 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joshsny joshsny joshsny left review comments

@gewenyu99 gewenyu99 gewenyu99 approved these changes

@edwinyjlim edwinyjlim Awaiting requested review from edwinyjlim

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sarahxsanders @edwinyjlim @joshsny @gewenyu99