diff --git a/cmd/server/app/network/controller/agentcontroller/script.go b/cmd/server/app/network/controller/agentcontroller/script.go
index 13f406492b4834409b160258ef637d756b37c4ed..4aa4971a2d5f5b1713cf906b3dc63655aa80faaa 100644
--- a/cmd/server/app/network/controller/agentcontroller/script.go
+++ b/cmd/server/app/network/controller/agentcontroller/script.go
@@ -3,7 +3,7 @@
  * PilotGo licensed under the Mulan Permissive Software License, Version 2.
  * See LICENSE file for more details.
  * Author: linjieren <linjieren@kylinos.cn>
- * Date: Thu Jul 25 16:18:53 2024 +0800
+ * Date: Thu Jul 28 14:36:20 2024 +0800
  */
 package agentcontroller
 
@@ -72,7 +72,6 @@ func containsDangerousCommand(content string) bool {
 		matched, err := regexp.MatchString(pattern, content)
 		if err != nil {
 			logger.Error("Error matching pattern %s: %v\n", pattern, err)
-			// TODO
 			continue
 		}
 		if matched {
@@ -82,6 +81,27 @@ func containsDangerousCommand(content string) bool {
 	return false
 }
 
+func findDangerousCommandsPos(content string) ([][]int, []string) {
+    var positions [][]int
+    var matchedCommands []string
+
+    for _, pattern := range dangerousCommandsList {
+        re, err := regexp.Compile(pattern)
+        if err != nil {
+            logger.Error("Error compiling pattern %s: %v\n", pattern, err)
+            continue
+        }
+        matches := re.FindAllStringIndex(content, -1)
+        for _, match := range matches {
+            start, end := match[0], match[1]-1
+            positions = append(positions, []int{start, end})
+            matchedCommands = append(matchedCommands, content[start:end+1])
+            // 记录高危命令
+        }
+    }
+    return positions, matchedCommands
+}
+
 var dangerousCommandsList = []string{
 	`.*rm\s+-[r,f,rf].*`,
 	`.*lvremove\s+-f.*`,