@cc-audit/cc-audit 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +41 -0
- package/bin/cc-audit +17 -0
- package/package.json +42 -0
- package/src/index.js +76 -0
package/README.md
ADDED
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
# @cc-audit/cc-audit
|
|
2
|
+
|
|
3
|
+
Security auditor for Claude Code skills, hooks, and MCP servers.
|
|
4
|
+
|
|
5
|
+
## Installation
|
|
6
|
+
|
|
7
|
+
```bash
|
|
8
|
+
# Run directly with npx
|
|
9
|
+
npx @cc-audit/cc-audit ./my-skill/
|
|
10
|
+
|
|
11
|
+
# Or install globally
|
|
12
|
+
npm install -g @cc-audit/cc-audit
|
|
13
|
+
cc-audit ./my-skill/
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
## Usage
|
|
17
|
+
|
|
18
|
+
```bash
|
|
19
|
+
# Audit a Claude Code skill directory
|
|
20
|
+
cc-audit ./my-skill/
|
|
21
|
+
|
|
22
|
+
# Watch for changes
|
|
23
|
+
cc-audit watch ./my-skill/
|
|
24
|
+
|
|
25
|
+
# Output as JSON
|
|
26
|
+
cc-audit --format json ./my-skill/
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
## Supported Platforms
|
|
30
|
+
|
|
31
|
+
- macOS (Apple Silicon and Intel)
|
|
32
|
+
- Linux (x64, ARM64, musl/Alpine)
|
|
33
|
+
- Windows (x64)
|
|
34
|
+
|
|
35
|
+
## Documentation
|
|
36
|
+
|
|
37
|
+
For full documentation, visit the [GitHub repository](https://github.com/ryo-ebata/cc-audit).
|
|
38
|
+
|
|
39
|
+
## License
|
|
40
|
+
|
|
41
|
+
MIT
|
package/bin/cc-audit
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
|
|
3
|
+
const { execFileSync } = require('child_process');
|
|
4
|
+
const { getBinaryPath } = require('../src/index.js');
|
|
5
|
+
|
|
6
|
+
const binaryPath = getBinaryPath();
|
|
7
|
+
|
|
8
|
+
try {
|
|
9
|
+
execFileSync(binaryPath, process.argv.slice(2), {
|
|
10
|
+
stdio: 'inherit',
|
|
11
|
+
});
|
|
12
|
+
} catch (error) {
|
|
13
|
+
if (error.status !== undefined) {
|
|
14
|
+
process.exit(error.status);
|
|
15
|
+
}
|
|
16
|
+
throw error;
|
|
17
|
+
}
|
package/package.json
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@cc-audit/cc-audit",
|
|
3
|
+
"version": "0.4.1",
|
|
4
|
+
"description": "Security auditor for Claude Code skills, hooks, and MCP servers",
|
|
5
|
+
"keywords": [
|
|
6
|
+
"claude",
|
|
7
|
+
"claude-code",
|
|
8
|
+
"security",
|
|
9
|
+
"audit",
|
|
10
|
+
"mcp",
|
|
11
|
+
"skills"
|
|
12
|
+
],
|
|
13
|
+
"author": "Ryo Ebata",
|
|
14
|
+
"license": "MIT",
|
|
15
|
+
"repository": {
|
|
16
|
+
"type": "git",
|
|
17
|
+
"url": "https://github.com/ryo-ebata/cc-audit.git"
|
|
18
|
+
},
|
|
19
|
+
"homepage": "https://github.com/ryo-ebata/cc-audit",
|
|
20
|
+
"bugs": {
|
|
21
|
+
"url": "https://github.com/ryo-ebata/cc-audit/issues"
|
|
22
|
+
},
|
|
23
|
+
"bin": {
|
|
24
|
+
"cc-audit": "./bin/cc-audit"
|
|
25
|
+
},
|
|
26
|
+
"main": "./src/index.js",
|
|
27
|
+
"files": [
|
|
28
|
+
"bin",
|
|
29
|
+
"src"
|
|
30
|
+
],
|
|
31
|
+
"engines": {
|
|
32
|
+
"node": ">=16"
|
|
33
|
+
},
|
|
34
|
+
"optionalDependencies": {
|
|
35
|
+
"@cc-audit/darwin-arm64": "0.4.1",
|
|
36
|
+
"@cc-audit/darwin-x64": "0.4.1",
|
|
37
|
+
"@cc-audit/linux-arm64": "0.4.1",
|
|
38
|
+
"@cc-audit/linux-x64": "0.4.1",
|
|
39
|
+
"@cc-audit/linux-x64-musl": "0.4.1",
|
|
40
|
+
"@cc-audit/win32-x64": "0.4.1"
|
|
41
|
+
}
|
|
42
|
+
}
|
package/src/index.js
ADDED
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
const path = require('path');
|
|
2
|
+
const fs = require('fs');
|
|
3
|
+
|
|
4
|
+
const PLATFORMS = {
|
|
5
|
+
'darwin-arm64': '@cc-audit/darwin-arm64',
|
|
6
|
+
'darwin-x64': '@cc-audit/darwin-x64',
|
|
7
|
+
'linux-arm64': '@cc-audit/linux-arm64',
|
|
8
|
+
'linux-x64': '@cc-audit/linux-x64',
|
|
9
|
+
'win32-x64': '@cc-audit/win32-x64',
|
|
10
|
+
};
|
|
11
|
+
|
|
12
|
+
function isMusl() {
|
|
13
|
+
if (process.platform !== 'linux') return false;
|
|
14
|
+
|
|
15
|
+
try {
|
|
16
|
+
const output = require('child_process').execSync('ldd --version 2>&1', {
|
|
17
|
+
encoding: 'utf8',
|
|
18
|
+
});
|
|
19
|
+
return output.includes('musl');
|
|
20
|
+
} catch {
|
|
21
|
+
try {
|
|
22
|
+
const release = fs.readFileSync('/etc/os-release', 'utf8');
|
|
23
|
+
return release.includes('Alpine');
|
|
24
|
+
} catch {
|
|
25
|
+
return false;
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
function getPlatformPackage() {
|
|
31
|
+
const platform = process.platform;
|
|
32
|
+
const arch = process.arch;
|
|
33
|
+
|
|
34
|
+
if (platform === 'linux' && arch === 'x64' && isMusl()) {
|
|
35
|
+
return '@cc-audit/linux-x64-musl';
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
const key = `${platform}-${arch}`;
|
|
39
|
+
const pkg = PLATFORMS[key];
|
|
40
|
+
|
|
41
|
+
if (!pkg) {
|
|
42
|
+
throw new Error(
|
|
43
|
+
`Unsupported platform: ${platform}-${arch}\n` +
|
|
44
|
+
`Supported platforms: ${Object.keys(PLATFORMS).join(', ')}, linux-x64-musl`
|
|
45
|
+
);
|
|
46
|
+
}
|
|
47
|
+
|
|
48
|
+
return pkg;
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
function getBinaryPath() {
|
|
52
|
+
const pkg = getPlatformPackage();
|
|
53
|
+
|
|
54
|
+
try {
|
|
55
|
+
const pkgPath = require.resolve(`${pkg}/package.json`);
|
|
56
|
+
const pkgDir = path.dirname(pkgPath);
|
|
57
|
+
const binaryName =
|
|
58
|
+
process.platform === 'win32' ? 'cc-audit.exe' : 'cc-audit';
|
|
59
|
+
const binaryPath = path.join(pkgDir, 'bin', binaryName);
|
|
60
|
+
|
|
61
|
+
if (!fs.existsSync(binaryPath)) {
|
|
62
|
+
throw new Error(`Binary not found: ${binaryPath}`);
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
return binaryPath;
|
|
66
|
+
} catch (error) {
|
|
67
|
+
if (error.code === 'MODULE_NOT_FOUND') {
|
|
68
|
+
throw new Error(
|
|
69
|
+
`Platform package not installed: ${pkg}\n` + `Run: npm install ${pkg}`
|
|
70
|
+
);
|
|
71
|
+
}
|
|
72
|
+
throw error;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
module.exports = { getBinaryPath, getPlatformPackage };
|