@blamejs/exceptd-skills 0.13.33 → 0.13.35

package/lib/collectors/containers.js

@@ -0,0 +1,403 @@
+"use strict";
+
+/**
+ * lib/collectors/containers.js
+ *
+ * Companion collector for the `containers` playbook. Walks the cwd
+ * for Dockerfile / Containerfile, docker-compose, and k8s manifest
+ * files; applies the catalogued indicator predicates against their
+ * contents.
+ *
+ * YAML parsing strategy: heuristic line-scanning, not a full YAML
+ * parser. The catalogued indicators (privileged: true, hostNetwork:
+ * true, runAsUser: 0, etc.) are well-known text patterns whose
+ * misuse is unambiguous at the line level. False positives are rare
+ * — e.g. `# privileged: true` in a comment would match, but those
+ * are also worth surfacing.
+ *
+ * Interface: see lib/collectors/README.md
+ */
+
+const fs = require("node:fs");
+const path = require("node:path");
+
+const COLLECTOR_ID = "containers";
+
+const DEFAULT_MAX_DEPTH = 6;
+const DEFAULT_EXCLUDES = new Set([
+  "node_modules", ".git", "dist", "build", "out",
+  ".venv", "venv", "__pycache__", ".pytest_cache",
+  "target", ".idea", ".vscode",
+]);
+
+const DOCKERFILE_NAMES = new Set(["Dockerfile", "Containerfile"]);
+const DOCKERFILE_EXTS = new Set([".dockerfile", ".containerfile"]);
+const COMPOSE_NAMES = new Set([
+  "docker-compose.yml", "docker-compose.yaml",
+  "compose.yml", "compose.yaml",
+]);
+const COMPOSE_PREFIX = "docker-compose.";   // docker-compose.override.yml etc.
+
+function walkTree(root, opts = {}) {
+  const maxDepth = opts.maxDepth ?? DEFAULT_MAX_DEPTH;
+  const excludes = opts.excludes ?? DEFAULT_EXCLUDES;
+  const out = [];
+  const seen = new Set();
+  function walk(dir, depth) {
+    if (depth > maxDepth) return;
+    let entries;
+    try { entries = fs.readdirSync(dir, { withFileTypes: true }); } catch { return; }
+    for (const entry of entries) {
+      if (excludes.has(entry.name)) continue;
+      const full = path.join(dir, entry.name);
+      let real;
+      try { real = fs.realpathSync(full); } catch { continue; }
+      if (seen.has(real)) continue;
+      seen.add(real);
+      if (entry.isDirectory()) walk(full, depth + 1);
+      else if (entry.isFile()) out.push({ full, rel: path.relative(root, full), name: entry.name });
+    }
+  }
+  walk(root, 0);
+  return out;
+}
+
+function classify(file) {
+  const name = file.name;
+  const ext = path.extname(name).toLowerCase();
+  const lower = name.toLowerCase();
+  const isDockerfile =
+    DOCKERFILE_NAMES.has(name) ||
+    name.endsWith(".Dockerfile") || name.endsWith(".dockerfile") ||
+    DOCKERFILE_EXTS.has(ext) ||
+    lower === "dockerfile" || lower.endsWith(".dockerfile");
+  const isCompose =
+    COMPOSE_NAMES.has(name) ||
+    (lower.startsWith(COMPOSE_PREFIX) && (ext === ".yml" || ext === ".yaml"));
+  const isYaml = ext === ".yml" || ext === ".yaml";
+  return { isDockerfile, isCompose, isYaml };
+}
+
+function readSafe(full, max = 512 * 1024) {
+  try {
+    const s = fs.statSync(full);
+    if (s.size > max) return null;
+    return fs.readFileSync(full, "utf8");
+  } catch { return null; }
+}
+
+/**
+ * Recognise a YAML document as a k8s resource by `apiVersion: ...` +
+ * `kind: ...` lines. Doesn't require full parsing — the two lines
+ * appear at top-level indent.
+ */
+function looksLikeK8sManifest(content) {
+  if (!/^apiVersion:\s+\S/m.test(content)) return false;
+  if (!/^kind:\s+\S/m.test(content)) return false;
+  return true;
+}
+
+function extractKind(content) {
+  const m = content.match(/^kind:\s+([A-Za-z][A-Za-z0-9]*)/m);
+  return m ? m[1] : null;
+}
+
+/**
+ * Dockerfile pattern matchers. Returns { id, hits: [{line, snippet}] }.
+ */
+function scanDockerfile(content, rel) {
+  const lines = content.split(/\r?\n/);
+  const hits = {
+    "dockerfile-from-latest": [],
+    "dockerfile-no-digest-pin": [],
+    "dockerfile-runs-as-root": [],
+    "dockerfile-curl-pipe-bash": [],
+  };
+
+  let sawNonRootUser = false;
+  let sawAnyUser = false;
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const trimmed = line.trim();
+    if (!trimmed || trimmed.startsWith("#")) continue;
+
+    // FROM <image>:latest  OR  FROM <image>  (no tag)  → from-latest
+    // FROM <image>:<tag>  (no @sha256:digest)         → no-digest-pin
+    const fromMatch = trimmed.match(/^FROM\s+(\S+)(?:\s+AS\s+\S+)?/i);
+    if (fromMatch) {
+      const ref = fromMatch[1];
+      // scratch is a special base; skip both checks.
+      if (ref !== "scratch") {
+        const hasDigest = /@sha256:[0-9a-f]{64}/i.test(ref);
+        if (!hasDigest) {
+          hits["dockerfile-no-digest-pin"].push({ file: rel, line: i + 1, snippet: trimmed.slice(0, 120) });
+        }
+        // latest tag check: either explicit :latest OR no tag at all
+        // (Docker defaults to :latest when omitted).
+        const tagMatch = ref.match(/:([^@]+)(?:@|$)/);
+        const tag = tagMatch ? tagMatch[1] : null;
+        if (tag === "latest" || tag === null) {
+          hits["dockerfile-from-latest"].push({ file: rel, line: i + 1, snippet: trimmed.slice(0, 120) });
+        }
+      }
+      continue;
+    }
+
+    // USER directive — looks for explicit non-root user.
+    // Recognises USER <uid>, USER <uid>:<gid>, USER <name>, USER <name>:<group>.
+    // Root forms (all count as root): "root", "0", "root:<anything>",
+    // "0:<anything>". Any other UID/name is non-root.
+    const userMatch = trimmed.match(/^USER\s+(\S+)/i);
+    if (userMatch) {
+      sawAnyUser = true;
+      const u = userMatch[1];
+      const userPart = u.split(":")[0]; // strip optional :group
+      if (userPart !== "0" && userPart !== "root") sawNonRootUser = true;
+      continue;
+    }
+
+    // curl|wget | sh|bash pattern
+    if (
+      /\b(?:curl|wget)\b[^|]*\|\s*(?:sh|bash|zsh)\b/.test(trimmed) ||
+      /\b(?:curl|wget)\b[^&|;]*\s+&&\s+(?:sh|bash)\b/.test(trimmed)
+    ) {
+      hits["dockerfile-curl-pipe-bash"].push({ file: rel, line: i + 1, snippet: trimmed.slice(0, 120) });
+    }
+  }
+
+  // runs-as-root indicator: file fires if NO non-root USER directive
+  // was seen anywhere. (sawAnyUser=false also counts — image defaults
+  // to root.)
+  if (!sawNonRootUser) {
+    hits["dockerfile-runs-as-root"].push({ file: rel, line: 0, snippet: sawAnyUser ? "USER directive sets root/0" : "no USER directive (defaults to root)" });
+  }
+
+  return hits;
+}
+
+/**
+ * docker-compose pattern matchers. Heuristic: match `key: true` /
+ * `key: <value>` lines, capturing the service block path where
+ * possible.
+ */
+function scanCompose(content, rel) {
+  const lines = content.split(/\r?\n/);
+  const hits = {
+    "compose-privileged": [],
+    "compose-cap-add-sys-admin": [],
+    "compose-host-network": [],
+    "compose-docker-sock-mount": [],
+  };
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (/^\s*#/.test(line)) continue;
+    if (/^\s*privileged:\s*true\b/i.test(line)) hits["compose-privileged"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    // compose-host-network: per playbook, fires on any of
+    // network_mode: host, pid: host, ipc: host.
+    if (/^\s*network_mode:\s*['"]?host\b/i.test(line) ||
+        /^\s*pid:\s*['"]?host['"]?\s*$/i.test(line) ||
+        /^\s*ipc:\s*['"]?host['"]?\s*$/i.test(line)) {
+      hits["compose-host-network"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    }
+    // compose-cap-add-sys-admin: per playbook, fires on
+    // SYS_ADMIN, SYS_PTRACE, or SYS_MODULE under cap_add. Either
+    // inline (cap_add: [SYS_ADMIN, SYS_PTRACE]) or multi-line
+    // (cap_add:\n  - SYS_PTRACE).
+    const RISKY_CAPS_RE = /\b(?:CAP_)?(?:SYS_ADMIN|SYS_PTRACE|SYS_MODULE)\b/i;
+    if (/cap_add:.*\[/i.test(line) && RISKY_CAPS_RE.test(line)) {
+      hits["compose-cap-add-sys-admin"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    } else if (/^\s*-\s*['"]?(?:CAP_)?(?:SYS_ADMIN|SYS_PTRACE|SYS_MODULE)\b/i.test(line) &&
+               lines.slice(Math.max(0, i - 5), i).some(l => /cap_add:/i.test(l))) {
+      hits["compose-cap-add-sys-admin"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    }
+    // docker-sock mount: /var/run/docker.sock anywhere in the value
+    if (/\/var\/run\/docker\.sock/.test(line)) {
+      hits["compose-docker-sock-mount"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    }
+  }
+  return hits;
+}
+
+/**
+ * k8s manifest pattern matchers. Heuristic line-scanning + kind-
+ * level guards (e.g. ClusterRoleBinding for cluster-admin check).
+ */
+function scanK8s(content, rel) {
+  const lines = content.split(/\r?\n/);
+  const kind = extractKind(content);
+  const hits = {
+    "k8s-privileged": [],
+    "k8s-host-namespaces": [],
+    "k8s-run-as-root": [],
+    "k8s-hostpath-sensitive": [],
+    "k8s-image-latest": [],
+    "k8s-cluster-admin-binding": [],
+  };
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (/^\s*#/.test(line)) continue;
+    if (/^\s*privileged:\s*true\b/i.test(line)) hits["k8s-privileged"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    if (/^\s*(hostNetwork|hostPID|hostIPC):\s*true\b/.test(line)) hits["k8s-host-namespaces"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    // k8s-run-as-root: per playbook, fires on runAsUser: 0 OR
+    // runAsNonRoot: false. (The "runAsUser unset AND image runs as
+    // root" clause requires image inspection the collector can't do
+    // without a container runtime; leave that to the runner when
+    // operator-supplied image-inspection evidence is available.)
+    if (/^\s*runAsUser:\s*0\b/.test(line) ||
+        /^\s*runAsNonRoot:\s*false\b/.test(line)) {
+      hits["k8s-run-as-root"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    }
+    // hostPath sensitive: /, /etc, /var/lib/docker, /proc, /sys
+    const hpMatch = line.match(/^\s*path:\s*['"]?(\/(?:etc|proc|sys|var\/lib\/docker|var\/run|root|home)?\/?)['"]?\s*$/);
+    if (hpMatch && lines.slice(Math.max(0, i - 3), i).some(l => /hostPath:/i.test(l))) {
+      hits["k8s-hostpath-sensitive"].push({ file: rel, line: i + 1, snippet: line.trim() });
+    }
+    // image: ...:latest OR image: ... (no tag, defaults to latest)
+    // Allow optional leading `-` from a YAML list item: `- image: ...`.
+    const imageMatch = line.match(/^\s*-?\s*image:\s*['"]?([^'"@\s]+)(?:@[^'"]+)?['"]?\s*$/);
+    if (imageMatch) {
+      const ref = imageMatch[1];
+      const tagMatch = ref.match(/:([^/]+)$/);
+      const tag = tagMatch ? tagMatch[1] : null;
+      // Skip if @sha256:... pinned (the full regex captured ref without @-suffix).
+      const hasDigest = /@sha256:[0-9a-f]{64}/.test(line);
+      if (!hasDigest && (tag === "latest" || tag === null)) {
+        hits["k8s-image-latest"].push({ file: rel, line: i + 1, snippet: line.trim() });
+      }
+    }
+  }
+
+  // ClusterRoleBinding referencing cluster-admin
+  if (kind === "ClusterRoleBinding" || kind === "RoleBinding") {
+    if (/name:\s*['"]?cluster-admin['"]?/m.test(content)) {
+      hits["k8s-cluster-admin-binding"].push({ file: rel, line: 0, snippet: `${kind} binds cluster-admin` });
+    }
+  }
+
+  return hits;
+}
+
+function collect({ cwd = process.cwd(), env = process.env, args = {} } = {}) {
+  const errors = [];
+  const startTime = Date.now();
+  const root = path.resolve(cwd);
+
+  let files;
+  try { files = walkTree(root); }
+  catch (e) { errors.push({ kind: "walk_failed", reason: e.message }); files = []; }
+
+  const dockerfiles = [];
+  const composeFiles = [];
+  const k8sManifests = [];
+  for (const f of files) {
+    const c = classify(f);
+    if (c.isDockerfile) dockerfiles.push(f);
+    if (c.isCompose) composeFiles.push(f);
+    if (c.isYaml && !c.isCompose) {
+      const content = readSafe(f.full);
+      if (content && looksLikeK8sManifest(content)) k8sManifests.push({ ...f, content });
+    }
+  }
+
+  // Aggregate hits per indicator.
+  const allHits = {};
+  for (const id of [
+    "dockerfile-from-latest", "dockerfile-no-digest-pin", "dockerfile-runs-as-root", "dockerfile-curl-pipe-bash",
+    "compose-privileged", "compose-cap-add-sys-admin", "compose-host-network", "compose-docker-sock-mount",
+    "k8s-privileged", "k8s-host-namespaces", "k8s-run-as-root", "k8s-hostpath-sensitive",
+    "k8s-image-latest", "k8s-cluster-admin-binding",
+  ]) allHits[id] = [];
+
+  for (const f of dockerfiles) {
+    const content = readSafe(f.full);
+    if (!content) {
+      errors.push({ artifact_id: "dockerfile-content", kind: "read_failed", reason: `${f.rel}: read returned null` });
+      continue;
+    }
+    const fileHits = scanDockerfile(content, f.rel);
+    for (const [id, list] of Object.entries(fileHits)) allHits[id].push(...list);
+  }
+  for (const f of composeFiles) {
+    const content = readSafe(f.full);
+    if (!content) {
+      errors.push({ artifact_id: "compose-files", kind: "read_failed", reason: `${f.rel}: read returned null` });
+      continue;
+    }
+    const fileHits = scanCompose(content, f.rel);
+    for (const [id, list] of Object.entries(fileHits)) allHits[id].push(...list);
+  }
+  for (const f of k8sManifests) {
+    const fileHits = scanK8s(f.content, f.rel);
+    for (const [id, list] of Object.entries(fileHits)) allHits[id].push(...list);
+  }
+
+  // signal_overrides — flip every indicator the collector can decide
+  // deterministically. (k8s-no-seccomp-profile / psa-policy-* /
+  // network-policies-absent require cluster-API access the collector
+  // doesn't have; leave them unflipped so the runner returns
+  // inconclusive rather than a forced miss.)
+  const signal_overrides = {};
+  for (const [id, list] of Object.entries(allHits)) {
+    signal_overrides[id] = list.length > 0 ? "hit" : "miss";
+  }
+
+  const summarize = (list, limit = 5) => {
+    if (list.length === 0) return "0 hits";
+    const sample = list.slice(0, limit).map(h => `${h.file}:${h.line}`).join(", ");
+    return `${list.length} hit(s): ${sample}${list.length > limit ? ", …" : ""}`;
+  };
+
+  const artifacts = {
+    "dockerfile-inventory": {
+      value: dockerfiles.length ? dockerfiles.map(f => f.rel).join(", ") : "no Dockerfiles found",
+      captured: true,
+    },
+    "dockerfile-content": {
+      value: dockerfiles.length
+        ? `${dockerfiles.length} file(s) scanned; per-indicator hits: ` +
+          [
+            `from-latest=${summarize(allHits["dockerfile-from-latest"])}`,
+            `no-digest-pin=${summarize(allHits["dockerfile-no-digest-pin"])}`,
+            `runs-as-root=${summarize(allHits["dockerfile-runs-as-root"])}`,
+            `curl-pipe-bash=${summarize(allHits["dockerfile-curl-pipe-bash"])}`,
+          ].join("; ")
+        : "no Dockerfile content to scan",
+      captured: true,
+    },
+    "compose-files": {
+      value: composeFiles.length ? composeFiles.map(f => f.rel).join(", ") : "no docker-compose files found",
+      captured: true,
+    },
+    "k8s-manifests": {
+      value: k8sManifests.length
+        ? k8sManifests.map(f => `${f.rel} (kind=${extractKind(f.content) || "?"})`).join(", ")
+        : "no k8s manifests found",
+      captured: true,
+    },
+  };
+
+  return {
+    precondition_checks: {
+      "container-tooling-available": true,
+    },
+    artifacts,
+    signal_overrides,
+    collector_meta: {
+      collector_id: COLLECTOR_ID,
+      collector_version: "2026-05-20",
+      platform: process.platform,
+      captured_at: new Date().toISOString(),
+      cwd: root,
+      duration_ms: Date.now() - startTime,
+      files_walked: files.length,
+      dockerfiles_found: dockerfiles.length,
+      compose_files_found: composeFiles.length,
+      k8s_manifests_found: k8sManifests.length,
+    },
+    collector_errors: errors,
+  };
+}
+
+module.exports = { playbook_id: COLLECTOR_ID, collect };

package/lib/collectors/kernel.js

@@ -0,0 +1,159 @@
+"use strict";
+
+/**
+ * lib/collectors/kernel.js
+ *
+ * Companion collector for the `kernel` playbook. Establishes
+ * preconditions (linux-platform / uname-available) and captures the
+ * kernel release string for the kver-in-affected-range indicator.
+ *
+ * Scope: Linux only. On macOS / Windows the playbook's linux-platform
+ * precondition halts at preflight; the collector reports that
+ * truthfully so the operator sees the visibility gap without the
+ * runner having to re-derive it.
+ *
+ * Interface: see lib/collectors/README.md
+ */
+
+const { execFileSync } = require("node:child_process");
+const path = require("node:path");
+
+const COLLECTOR_ID = "kernel";
+
+function runUname(arg) {
+  try {
+    const out = execFileSync("uname", [arg], { encoding: "utf8", stdio: ["ignore", "pipe", "pipe"], timeout: 5000 });
+    return { ok: true, value: out.trim() };
+  } catch (e) {
+    return { ok: false, reason: (e && e.message) || String(e) };
+  }
+}
+
+function collect({ cwd = process.cwd(), env = process.env, args = {} } = {}) {
+  const errors = [];
+
+  // Precondition 1: linux-platform. Use process.platform first
+  // (Node-derived, always available); cross-check against uname -s
+  // when available.
+  const linuxPlatform = process.platform === "linux";
+
+  // Precondition 2: uname-available. Pure capability check.
+  const unameR = runUname("-r");
+  const unameAvailable = unameR.ok;
+  if (!unameAvailable && linuxPlatform) {
+    errors.push({
+      kind: "command_unavailable",
+      reason: `\`uname -r\` failed on linux: ${unameR.reason}`,
+    });
+  }
+
+  // Artifact: kernel-release. The exact string returned by `uname -r`,
+  // e.g. "5.15.0-69-generic". When uname is unavailable, the artifact
+  // is captured=false with the reason; the runner treats the
+  // dependent indicators as inconclusive.
+  const artifacts = {};
+  if (unameR.ok) {
+    artifacts["kernel-release"] = { value: unameR.value, captured: true };
+  } else {
+    artifacts["kernel-release"] = {
+      value: null,
+      captured: false,
+      reason: linuxPlatform
+        ? `uname -r failed: ${unameR.reason}`
+        : `non-linux platform (${process.platform}); uname not invoked`,
+    };
+  }
+
+  // Optional artifact: cmdline. Not always required but useful for
+  // KASLR / unpriv-userns / unpriv-bpf indicator evaluation. Read
+  // from /proc directly so we don't fork another process.
+  if (linuxPlatform) {
+    try {
+      const fs = require("node:fs");
+      const cmdline = fs.readFileSync("/proc/cmdline", "utf8").trim();
+      artifacts["kernel-cmdline"] = { value: cmdline, captured: true };
+    } catch (e) {
+      errors.push({
+        artifact_id: "kernel-cmdline",
+        kind: "read_failed",
+        reason: `/proc/cmdline read failed: ${e.message}`,
+      });
+    }
+    // sysctl snapshot for kernel.unprivileged_userns_clone +
+    // kernel.unprivileged_bpf_disabled when readable.
+    try {
+      const fs = require("node:fs");
+      const sysctls = {};
+      const paths = [
+        "/proc/sys/kernel/unprivileged_userns_clone",
+        "/proc/sys/kernel/unprivileged_bpf_disabled",
+        "/proc/sys/kernel/randomize_va_space",
+      ];
+      for (const p of paths) {
+        try {
+          sysctls[path.basename(p)] = fs.readFileSync(p, "utf8").trim();
+        } catch {
+          // Best-effort; a missing file usually means the sysctl
+          // doesn't exist on this kernel.
+        }
+      }
+      if (Object.keys(sysctls).length) {
+        artifacts["sysctl-snapshot"] = { value: JSON.stringify(sysctls), captured: true };
+      }
+    } catch (e) {
+      errors.push({
+        artifact_id: "sysctl-snapshot",
+        kind: "read_failed",
+        reason: e.message,
+      });
+    }
+  }
+
+  // Signal overrides: we can't decide kver-in-affected-range without
+  // the CVE-affected-version catalog (the runner does that
+  // correlation). But we CAN flip the deterministic indicators that
+  // read directly off the sysctl snapshot.
+  const signal_overrides = {};
+  const sysctl = artifacts["sysctl-snapshot"];
+  if (sysctl && sysctl.captured) {
+    let parsed = null;
+    try { parsed = JSON.parse(sysctl.value); } catch {}
+    if (parsed) {
+      // kaslr-disabled: randomize_va_space < 2 (0 = off, 1 = partial, 2 = full).
+      if (parsed.randomize_va_space != null) {
+        const v = parseInt(parsed.randomize_va_space, 10);
+        signal_overrides["kaslr-disabled"] = (v < 2) ? "hit" : "miss";
+      }
+      // unpriv-userns-enabled: clone == 1 means enabled (risky).
+      if (parsed.unprivileged_userns_clone != null) {
+        const v = parseInt(parsed.unprivileged_userns_clone, 10);
+        signal_overrides["unpriv-userns-enabled"] = (v === 1) ? "hit" : "miss";
+      }
+      // unpriv-bpf-allowed: bpf_disabled == 0 means unprivileged BPF
+      // is allowed (risky).
+      if (parsed.unprivileged_bpf_disabled != null) {
+        const v = parseInt(parsed.unprivileged_bpf_disabled, 10);
+        signal_overrides["unpriv-bpf-allowed"] = (v === 0) ? "hit" : "miss";
+      }
+    }
+  }
+
+  return {
+    precondition_checks: {
+      "linux-platform": linuxPlatform,
+      "uname-available": unameAvailable,
+    },
+    artifacts,
+    signal_overrides,
+    collector_meta: {
+      collector_id: COLLECTOR_ID,
+      collector_version: "2026-05-20",
+      platform: process.platform,
+      captured_at: new Date().toISOString(),
+      cwd,
+    },
+    collector_errors: errors,
+  };
+}
+
+module.exports = { playbook_id: COLLECTOR_ID, collect };