pi-x · Pi Extensions Directory

Safety notes

Review required
Collection of Pi UX/status/thinking-mode extensions. Interesting, but mixed repo needs per-extension review.

This is a first-pass static screen, not a formal audit. It flags patterns worth reading before install.

MEDIUM · token_access

PLAN.md

- Security hardening (token/permission model).
- **Security concerns** (local socket misuse) → document local trust boundary; plan token auth for later.

CRITICAL · sudo

README.md

- [`interactive-bash`](extensions/interactive-bash/README.md) — Runs selected user `!` commands in a true interactive terminal (stdin works for prompts, sudo password entry, and in

MEDIUM · network_download

README.md

- [`http`](extensions/http/README.md) — Adds an `http` tool backed by Node native fetch, with HTTPie-like structured request fields, curl-compatible args support, and optional web-

HIGH · system_write

extensions/safe-mode/index.ts

MEDIUM · token_access

extensions/safe-mode/policy.ts

const token = argv[i]!;
if (token === "-o" || token === "--output" || token.startsWith("--output=")) return false;
const token = argv[i]!;

CRITICAL · rm_rf_rootish

extensions/safe-mode/policy.test.ts

expect(decide("yolo", "bash", { command: "rm -rf /tmp/x" }).action).toBe("confirm");
expect(decide("yolo", "bash", { command: "rm -rf /tmp/x" }, PROJECT_ROOT, true).action).toBe("allow");

CRITICAL · sudo

extensions/safe-mode/policy.test.ts

HIGH · system_write

extensions/safe-mode/policy.test.ts

MEDIUM · token_access

extensions/safe-mode/bash-policy/analyze.ts

const REDIRECT_TOKEN_TYPES = new Set([
if (item.type === "Redirect" || isStandaloneRedirectToken(item)) redirects.push(item);
function isStandaloneRedirectToken(node: any): boolean {

CRITICAL · sudo

extensions/safe-mode/bash-policy/shared/command-lists.ts

extensions/http/package.json

{
  "typecheck": "tsc --noEmit --target ES2022 --module nodenext --moduleResolution nodenext --skipLibCheck index.ts"
}