visor/examples/ai-with-bash.yaml at main · probelabs/visor · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
# Example Visor configuration demonstrating bash command execution in AI checks
version: "1.0"

# Global AI provider configuration
ai_provider: anthropic
ai_model: claude-3-sonnet

steps:
  # Example 1: Simple - Enable bash with default safe commands
  git-status-analysis:
    type: ai
    prompt: |
      Analyze the current git repository status:
      - Check for uncommitted changes
      - Review the current branch
      - List recent commits
      - Identify any potential issues
    ai:
      provider: anthropic
      model: claude-3-opus
      allowBash: true  # Simple one-line enable
    on: ["pr_opened", "pr_updated"]
    tags: ["git", "analysis"]

  # Example 2: Advanced - Custom allow/deny lists for npm commands
  npm-audit-check:
    type: ai
    prompt: |
      Run npm audit and analyze the security vulnerabilities:
      - Check for high/critical vulnerabilities
      - Review outdated dependencies
      - Suggest remediation steps
    ai:
      provider: google
      model: gemini-2.0-flash-exp
      allowBash: true
      bashConfig:
        allow:
          - 'npm audit --json'
          - 'npm outdated --json'
          - 'npm list --depth=0'
        timeout: 60000  # 60 second timeout
    on: ["pr_opened"]
    tags: ["security", "npm"]

  # Example 3: Advanced - Test execution with custom config
  test-runner-analysis:
    type: ai
    prompt: |
      Run the test suite and analyze the results:
      - Execute all tests
      - Identify failing tests
      - Review code coverage
      - Suggest improvements
    ai:
      provider: anthropic
      allowBash: true
      bashConfig:
        allow:
          - 'npm test'
          - 'npm run test:coverage'
        deny:
          - 'npm install'  # Explicitly block installation
        timeout: 300000  # 5 minute timeout for tests
        workingDirectory: '.'
    on: ["pr_opened", "pr_updated"]
    tags: ["tests", "coverage"]

  # Example 4: Advanced - Build and lint with timeouts
  build-lint-check:
    type: ai
    prompt: |
      Run build and lint checks:
      - Execute the build process
      - Run ESLint
      - Check TypeScript compilation
      - Review any errors or warnings
    ai:
      provider: openai
      model: gpt-4
      allowBash: true
      bashConfig:
        allow:
          - 'npm run build'
          - 'npm run lint'
          - 'tsc --noEmit'
        timeout: 180000  # 3 minute timeout
    on: ["pr_opened"]
    tags: ["build", "lint"]

  # Example 5: Expert - Custom commands only (no defaults)
  custom-commands-only:
    type: ai
    prompt: "Run custom analysis commands with strict control"
    ai:
      provider: anthropic
      allowBash: true
      bashConfig:
        disableDefaultAllow: true  # Disable default safe commands
        disableDefaultDeny: false  # Keep dangerous command blocklist
        allow:
          - 'custom-tool analyze'
          - 'custom-tool report'
        timeout: 30000
    on: ["manual"]
    tags: ["custom", "advanced"]

  # Example 6: Simple - File system analysis with defaults
  filesystem-analysis:
    type: ai
    prompt: |
      Analyze the project file structure:
      - List all source files
      - Check file sizes
      - Review directory structure
      - Identify any organizational issues
    ai:
      provider: anthropic
      allowBash: true  # Uses default safe commands (ls, find, etc.)
    on: ["pr_opened"]
    tags: ["filesystem", "structure"]

  # Example 7: Dynamic - Bash config from dependency output (ai_bash_config_js)
  dynamic-bash-from-skills:
    type: ai
    depends_on: [build-config]
    prompt: "Help the user with their request using available commands"
    ai:
      provider: anthropic
      allowBash: true
      bashConfig:
        allow: ['gh:*']  # Static baseline commands
    ai_bash_config_js: |
      // Dynamically extend bash config from build-config output
      // Active skills declare their allowed/disallowed commands
      return outputs['build-config']?.bash_config ?? {};
    on: ["manual"]
    tags: ["dynamic", "skills"]

output:
  pr_comment:
    enabled: true
    group_by: check