docs: add AI automation security documentation and safeguards

- Add AI-driven remediation safeguards section to README.md with example config for workspace allowlists, command limits, and policy signing
- Document AI automation hardening and supply-chain verification in SECURITY.md
- Add Windsurf-specific flags (skip-connectivity-check, cleanup-ide-servers, no-client-config) to create code command
- Implement data sharing consent prompts before sending environment context to AI providers
- Add action

Author: CodeMonkeyCybersecurity

README.md

@@ -102,6 +102,32 @@ eos create wazuh              # SIEM and threat detection
 eos create bionicgpt          # Private AI assistant with RAG
 eos create ollama             # Local LLM runtime
 
+## AI-driven remediation safeguards
+
+- Environment analysis now sanitizes outputs, redacts credential-like tokens, and prompts for operator consent before sharing summaries with Anthropic/OpenAI.
+- Action execution is constrained by a local policy that enforces workspace allowlists, command/argument limits, and records every action in `.eos-ai-audit/actions.log`.
+- `--auto-fix` requires a signed policy file unless you confirm each action interactively.
+
+Example `~/.config/eos/ai-config.yaml` fragment:
+
+```yaml
+action_security:
+  workspace_allowlist:
+    - /opt/eos
+  allowed_commands:
+    - docker
+    - systemctl
+    - terraform
+data_sharing:
+  include_secret_files: false
+  redact_sensitive: true
+  require_consent: true
+policy_secrets:
+  - deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeefdeadbeef
+```
+
+Auto-fix policies are JSON documents signed with one of the `policy_secrets`. Point `--auto-fix-policy` at the signed file when using `--auto-fix` to enable unattended remediation.
+
 # Web Services
 eos create mattermost         # Team collaboration
 eos create hecate             # Reverse proxy (Caddy-based)

SECURITY.md

@@ -19,3 +19,15 @@ Use this section to tell people how to report a vulnerability.
 Tell them where to go, how often they can expect to get an update on a
 reported vulnerability, what to expect if the vulnerability is accepted or
 declined, etc.
+
+## AI automation hardening
+
+- Every AI action is validated against a canonical workspace allowlist, command deny-list, and size/argument limits before execution. All actions (success or failure) are recorded with timestamps in `.eos-ai-audit/actions.log` for post-incident forensics.
+- Environment analysis now skips `.env`, `*.pem`, kubeconfig and other high-risk files unless the operator explicitly opts in. Sanitized summaries replace raw contents and the CLI displays a consent banner before sharing any context with Anthropic/OpenAI.
+- Auto-remediation requires an HMAC-signed policy (`--auto-fix-policy`) to bypass per-action confirmation even when `--auto-fix` is provided.
+
+## Supply-chain verification
+
+- `pkg/remotecode/install.go` downloads installers to a temporary file, enforces a pinned SHA-256 (override via `ClaudeInstallerSHA256`/`CLAUDE_INSTALLER_SHA256`), and provides offline/manual fallback instructions when HTTPS fails.
+- `install.sh` now maintains explicit checksum tables for every artifact (Go toolchains, GitHub CLI GPG key, etc.) and refuses to proceed if a checksum mismatches or is missing.
+- `test/install_checksum_table_test.go` keeps the checksum map honest by ensuring every entry is a 64-character hex digest.

cmd/create/code.go

@@ -76,6 +76,14 @@ func init() {
 	// Network flags
 	CreateCodeCmd.Flags().StringSlice("allowed-networks", []string{},
 		"Additional CIDR ranges to allow SSH from (e.g., 203.0.113.0/24)")
+
+	// Windsurf-specific flags
+	CreateCodeCmd.Flags().Bool("skip-connectivity-check", false,
+		"Skip Windsurf domain connectivity check (use if you know connectivity works)")
+	CreateCodeCmd.Flags().Bool("cleanup-ide-servers", false,
+		"Clean up old IDE server versions to recover disk space")
+	CreateCodeCmd.Flags().Bool("no-client-config", false,
+		"Skip generating SSH config for client machine")
 }
 
 func runCreateCode(rc *eos_io.RuntimeContext, cmd *cobra.Command, args []string) error {
@@ -134,6 +142,19 @@ func runCreateCode(rc *eos_io.RuntimeContext, cmd *cobra.Command, args []string)
 		config.SkipCodex = skipCodex
 	}
 
+	// Windsurf-specific flags
+	if skipConnCheck, err := cmd.Flags().GetBool("skip-connectivity-check"); err == nil {
+		config.SkipConnectivityCheck = skipConnCheck
+	}
+
+	if cleanupServers, err := cmd.Flags().GetBool("cleanup-ide-servers"); err == nil {
+		config.CleanupIDEServers = cleanupServers
+	}
+
+	if noClientConfig, err := cmd.Flags().GetBool("no-client-config"); err == nil && noClientConfig {
+		config.GenerateClientConfig = false
+	}
+
 	logger.Info("Starting remote IDE development setup",
 		zap.String("user", config.User),
 		zap.Int("max_sessions", config.MaxSessions),