addressing review comments

charithaT07 · charithaT07 · commit 4a82007e23c3 · 2026-03-09T21:11:34.000+05:30
diff --git a/docs/guide/ci-cd.md b/docs/guide/ci-cd.md
@@ -440,40 +440,3 @@ All actions automatically configure:
 - **`NO_COLOR=1`** — clean log output without ANSI colors
 
 ## Best Practices
-
-### Use Safety Mode
-
-Enable [Safety Mode](/guide/security#operational-security-safety-mode) in CI/CD to prevent accidental destructive operations:
-
-```yaml
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    env:
-      # Prevent accidental deletions
-      SFCC_SAFETY_LEVEL:NO_DELETE
-    steps:
-      - uses: SalesforceCommerceCloud/b2c-developer-tooling/actions/setup@v1
-      - name: Deploy code
-        run: b2c code deploy
-```
-
-**Safety Levels for CI/CD:**
-
-- **`NO_DELETE`** (Recommended for most CI/CD) - Prevents deletions but allows deployments and updates
-- **`NO_UPDATE`** (Strict) - Only allows read and create operations, blocks updates and deletions
-- **`READ_ONLY`** (Monitoring/Reporting) - Only allows read operations
-
-**Example: Production deployment with safety:**
-```yaml
-deploy-production:
-  environment: production
-  env:
-    SFCC_SAFETY_LEVEL: NO_DELETE
-  steps:
-    - name: Deploy
-      run: |
-        b2c code deploy           # ✅ Allowed
-        b2c sandbox start prod    # ✅ Allowed
-        b2c sandbox delete test   # ❌ Blocked by safety mode
-```
diff --git a/docs/guide/security.md b/docs/guide/security.md
@@ -66,28 +66,13 @@ This project uses [NPM trusted publishers](https://docs.npmjs.com/trusted-publis
 
 ## Operational Security: Safety Mode
 
-The CLI includes a **Safety Mode** feature that prevents accidental or unwanted destructive operations. This is particularly important when:
+The CLI includes a **Safety Mode** feature via CLI checks and HTTP middleware that prevents accidental or unwanted destructive operations. This is particularly important when:
 
-- Using the CLI in automated environments (CI/CD pipelines)
 - Providing the CLI as a tool to AI agents/LLMs
 - Working in production environments
 - Training new team members
 - Running commands from untrusted scripts
 
-### How It Works
-
-Safety Mode uses a **hybrid protection approach**:
-
-1. **HTTP Middleware Layer** (Primary Protection)
-   - Intercepts ALL HTTP requests before they're sent
-   - Cannot be bypassed by command-line flags
-   - Works automatically for all commands
-   - LLM-proof: controlled via environment variable
-
-2. **Command-Level Checks** (Better UX)
-   - Provides early, user-friendly error messages
-   - Catches operations before HTTP requests
-
 ### Safety Levels
 
 Configure via the `SFCC_SAFETY_LEVEL` environment variable:
@@ -99,131 +84,23 @@ Configure via the `SFCC_SAFETY_LEVEL` environment variable:
 | `NO_UPDATE` | Prevent deletions and destructive updates | DELETE + reset/stop/restart |
 | `READ_ONLY` | Read-only mode | All writes (POST/PUT/PATCH/DELETE) |
 
-### Usage Examples
+### Usage
 
-#### Development (Allow Everything)
 ```bash
-# No restrictions (default)
-unset SFCC_SAFETY_LEVEL
-# OR
+# Default - no restrictions
 export SFCC_SAFETY_LEVEL=NONE
 
-b2c sandbox delete test-id  # ✅ Allowed
-```
-
-#### CI/CD (Prevent Deletions)
-```bash
-# Prevent accidental deletions in automated environments
+# Prevent deletions
 export SFCC_SAFETY_LEVEL=NO_DELETE
 
-b2c sandbox create --realm test  # ✅ Allowed
-b2c sandbox delete test-id       # ❌ Blocked
-```
-
-#### LLM/Agent Tools (Maximum Protection)
-```bash
-# Prevent AI agents from performing destructive operations
+# Prevent deletions and destructive updates
 export SFCC_SAFETY_LEVEL=NO_UPDATE
 
-b2c sandbox list                 # ✅ Allowed
-b2c sandbox create --realm test  # ✅ Allowed
-b2c sandbox delete test-id       # ❌ Blocked
-b2c sandbox reset test-id        # ❌ Blocked
-```
-
-#### Monitoring/Reporting (Read-Only)
-```bash
-# Absolute read-only mode
+# Read-only mode
 export SFCC_SAFETY_LEVEL=READ_ONLY
-
-b2c sandbox list           # ✅ Allowed
-b2c sandbox get test-id    # ✅ Allowed
-b2c sandbox create test    # ❌ Blocked
-```
-
-### What Gets Blocked
-
-| Safety Level | DELETE | POST (create) | POST (reset) | PUT/PATCH | GET |
-|--------------|--------|---------------|--------------|-----------|-----|
-| **NONE** | ✅ | ✅ | ✅ | ✅ | ✅ |
-| **NO_DELETE** | ❌ | ✅ | ✅ | ✅ | ✅ |
-| **NO_UPDATE** | ❌ | ✅ | ❌ | ✅ | ✅ |
-| **READ_ONLY** | ❌ | ❌ | ❌ | ❌ | ✅ |
-
-### Protected Commands
-
-Safety Mode automatically protects ALL destructive commands across all topics:
-
-- **Sandbox**: `delete`, `reset`, `alias delete`
-- **Account Manager**: `users delete`, `users reset`, `clients delete`
-- **Code**: `delete`
-- **MRT**: `project delete`, `env delete`, `env var delete`, `env redirect delete`, `project notification delete`
-- **SLAS**: `client delete`
-- **eCDN**: All delete operations (certificates, zones, rules, etc.)
-
-### Why Environment Variable?
-
-Environment variables are more secure than command-line flags because:
-
-1. **LLMs Don't Control Them**: When an LLM uses the CLI as a tool, it controls commands and flags but NOT the environment
-2. **Session-Level**: Set once for the entire session/container
-3. **Audit Trail**: Can be logged and monitored in CI/CD
-4. **Cannot Be Bypassed**: Even `--force` flags don't override safety mode
-
-### Error Messages
-
-When an operation is blocked, you'll see clear error messages:
-
-```bash
-export SFCC_SAFETY_LEVEL=NO_DELETE
-b2c sandbox delete test-id
-
-# Error: Cannot delete sandbox: blocked by safety level NO_DELETE.
-#
-# Delete operations are blocked in NO_DELETE mode
-#
-# To allow this operation, unset or change the SFCC_SAFETY_LEVEL environment variable.
-```
-
-### Best Practices
-
-#### For CI/CD Pipelines
-```yaml
-# GitHub Actions example
-- name: Deploy to Production
-  env:
-    SFCC_SAFETY_LEVEL: NO_DELETE  # Prevent accidental deletions
-  run: |
-    b2c code deploy
-    b2c sandbox start production
-```
-
-#### For AI Agent Tools
-```bash
-# Provide CLI to LLMs with safety enabled
-export SFCC_SAFETY_LEVEL=NO_UPDATE
-# LLMs can now read and create, but cannot delete or reset
-```
-
-#### For Production Environments
-```bash
-# Set in shell profile for production access
-echo 'export SFCC_SAFETY_LEVEL=NO_UPDATE' >> ~/.bashrc
-```
-
-### Testing Safety Mode
-
-Verify safety mode is working:
-
-```bash
-export SFCC_SAFETY_LEVEL=NO_DELETE
-b2c sandbox delete fake-id
-
-# Expected: "blocked by safety level NO_DELETE"
-# NOT expected: Authentication error or API call
 ```
 
-For comprehensive testing, see [GitHub Issue #67](https://github.com/SalesforceCommerceCloud/b2c-developer-tooling/issues/67).
+Environment variables are used instead of command-line flags because LLMs control commands and flags, but not the environment.
 
 ## Best Practices
 
diff --git a/packages/b2c-tooling-sdk/src/cli/base-command.ts b/packages/b2c-tooling-sdk/src/cli/base-command.ts
@@ -16,7 +16,7 @@ import type {
   AuthMiddlewareHookOptions,
   AuthMiddlewareHookResult,
 } from './hooks.js';
-import {setLanguage} from '../i18n/index.js';
+import {setLanguage, t} from '../i18n/index.js';
 import {configureLogger, getLogger, type LogLevel, type Logger} from '../logging/index.js';
 import {createExtraParamsMiddleware, createSafetyMiddleware, type ExtraParamsConfig} from '../clients/middleware.js';
 import {getSafetyLevel, describeSafetyLevel} from '../safety/index.js';
@@ -621,7 +621,7 @@ export abstract class BaseCommand<T extends typeof Command> extends Command {
       return; // No restrictions
     }
 
-    const operation = operationDescription || 'this destructive operation';
+    const operation = operationDescription || t('base.destructiveOperation', 'this destructive operation');
 
     // Determine if this operation should be blocked
     // We assume all calls to this method are for destructive operations
@@ -632,11 +632,16 @@ export abstract class BaseCommand<T extends typeof Command> extends Command {
     const shouldBlock = safetyLevel === 'READ_ONLY' || safetyLevel === 'NO_DELETE' || safetyLevel === 'NO_UPDATE';
 
     if (shouldBlock) {
-      this.error(
-        `Cannot ${operation}: blocked by safety level ${safetyLevel}.\n\n` +
-          `${describeSafetyLevel(safetyLevel)}\n\n` +
-          `To allow this operation, unset or change the SFCC_SAFETY_LEVEL environment variable.\n` +
-          `See: https://github.com/SalesforceCommerceCloud/b2c-developer-tooling/issues/67`,
+      return this.error(
+        t(
+          'base.safetyModeBlocked',
+          'Cannot {{operation}}: blocked by safety level {{safetyLevel}}.\n\n{{description}}\n\nTo allow this operation, unset or change the SFCC_SAFETY_LEVEL environment variable.\nSee: https://salesforcecommercecloud.github.io/b2c-developer-tooling/guide/security#operational-security-safety-mode',
+          {
+            operation,
+            safetyLevel,
+            description: describeSafetyLevel(safetyLevel),
+          },
+        ),
         {exit: 1},
       );
     }
