Problem: No automated tests exist. The permission tiers and command denylist are exactly the safety-critical logic that should be tested.
Where: new tests/ dir. Targets: jarvis/plugins/registry.py, jarvis/plugins/base.py, jarvis/core/permissions.py.
Approach: Add pytest. Cover:
- Registry loads plugins and registers tools
@tool + consume_pending assigns plugin names
- Permission gating returns the correct tier
- Denylist blocks catastrophic commands (
rm -rf /, format c:, fork bombs) regardless of mode
Acceptance:
pytest runs green locally
- Denylist tests prove dangerous commands are blocked
Difficulty: help wanted (foundational).
Problem: No automated tests exist. The permission tiers and command denylist are exactly the safety-critical logic that should be tested.
Where: new
tests/dir. Targets:jarvis/plugins/registry.py,jarvis/plugins/base.py,jarvis/core/permissions.py.Approach: Add pytest. Cover:
@tool+consume_pendingassigns plugin namesrm -rf /,format c:, fork bombs) regardless of modeAcceptance:
pytestruns green locallyDifficulty: help wanted (foundational).