npm - @congzhen/changewayguard - Versions diffs - 6.8.12 - Mend

@congzhen/changewayguard 6.8.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (329) hide show

package/LICENSE +21 -0
package/README.md +270 -0
package/dashboard-dist/api/104.index.js +1420 -0
package/dashboard-dist/api/104.index.js.map +1 -0
package/dashboard-dist/api/113.index.js +496 -0
package/dashboard-dist/api/113.index.js.map +1 -0
package/dashboard-dist/api/18.index.js +67 -0
package/dashboard-dist/api/18.index.js.map +1 -0
package/dashboard-dist/api/217.index.js +44 -0
package/dashboard-dist/api/217.index.js.map +1 -0
package/dashboard-dist/api/222.index.js +90 -0
package/dashboard-dist/api/222.index.js.map +1 -0
package/dashboard-dist/api/25.index.js +3562 -0
package/dashboard-dist/api/25.index.js.map +1 -0
package/dashboard-dist/api/280.index.js +206 -0
package/dashboard-dist/api/280.index.js.map +1 -0
package/dashboard-dist/api/369.index.js +115 -0
package/dashboard-dist/api/369.index.js.map +1 -0
package/dashboard-dist/api/377.index.js +1176 -0
package/dashboard-dist/api/377.index.js.map +1 -0
package/dashboard-dist/api/411.index.js +4250 -0
package/dashboard-dist/api/411.index.js.map +1 -0
package/dashboard-dist/api/424.index.js +135 -0
package/dashboard-dist/api/424.index.js.map +1 -0
package/dashboard-dist/api/573.index.js +806 -0
package/dashboard-dist/api/573.index.js.map +1 -0
package/dashboard-dist/api/598.index.js +328 -0
package/dashboard-dist/api/598.index.js.map +1 -0
package/dashboard-dist/api/62.index.js +4151 -0
package/dashboard-dist/api/62.index.js.map +1 -0
package/dashboard-dist/api/67.index.js +23383 -0
package/dashboard-dist/api/67.index.js.map +1 -0
package/dashboard-dist/api/678.index.js +2734 -0
package/dashboard-dist/api/678.index.js.map +1 -0
package/dashboard-dist/api/698.index.js +1896 -0
package/dashboard-dist/api/698.index.js.map +1 -0
package/dashboard-dist/api/720.index.js +98 -0
package/dashboard-dist/api/720.index.js.map +1 -0
package/dashboard-dist/api/830.index.js +95 -0
package/dashboard-dist/api/830.index.js.map +1 -0
package/dashboard-dist/api/831.index.js +99 -0
package/dashboard-dist/api/831.index.js.map +1 -0
package/dashboard-dist/api/84.index.js +64 -0
package/dashboard-dist/api/84.index.js.map +1 -0
package/dashboard-dist/api/900.index.js +65 -0
package/dashboard-dist/api/900.index.js.map +1 -0
package/dashboard-dist/api/917.index.js +88 -0
package/dashboard-dist/api/917.index.js.map +1 -0
package/dashboard-dist/api/948.index.js +64 -0
package/dashboard-dist/api/948.index.js.map +1 -0
package/dashboard-dist/api/953.index.js +67 -0
package/dashboard-dist/api/953.index.js.map +1 -0
package/dashboard-dist/api/975.index.js +374 -0
package/dashboard-dist/api/975.index.js.map +1 -0
package/dashboard-dist/api/drizzle/sqlite/0000_short_captain_stacy.sql +70 -0
package/dashboard-dist/api/drizzle/sqlite/0001_closed_magus.sql +10 -0
package/dashboard-dist/api/drizzle/sqlite/0002_agent_capability_observation.sql +38 -0
package/dashboard-dist/api/drizzle/sqlite/0003_auth_magic_link.sql +28 -0
package/dashboard-dist/api/drizzle/sqlite/0004_static_scan_fields.sql +8 -0
package/dashboard-dist/api/drizzle/sqlite/0005_gateway_activity.sql +24 -0
package/dashboard-dist/api/drizzle/sqlite/0006_sour_marauders.sql +41 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0000_snapshot.json +460 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0001_snapshot.json +536 -0
package/dashboard-dist/api/drizzle/sqlite/meta/0006_snapshot.json +1249 -0
package/dashboard-dist/api/drizzle/sqlite/meta/_journal.json +55 -0
package/dashboard-dist/api/index.js +27340 -0
package/dashboard-dist/api/index.js.map +1 -0
package/dashboard-dist/api/package.json +16 -0
package/dashboard-dist/api/sourcemap-register.cjs +1 -0
package/dashboard-dist/web/assets/index-CqWIeBTD.js +158 -0
package/dashboard-dist/web/assets/index-Dw7--9q4.css +1 -0
package/dashboard-dist/web/changeway-logo.png +0 -0
package/dashboard-dist/web/favicon.svg +29 -0
package/dashboard-dist/web/index.html +14 -0
package/dashboard-dist/web/logo.svg +16 -0
package/dist/agent/auth.d.ts +37 -0
package/dist/agent/auth.d.ts.map +1 -0
package/dist/agent/auth.js +151 -0
package/dist/agent/auth.js.map +1 -0
package/dist/agent/behavior-detector.d.ts +150 -0
package/dist/agent/behavior-detector.d.ts.map +1 -0
package/dist/agent/behavior-detector.js +573 -0
package/dist/agent/behavior-detector.js.map +1 -0
package/dist/agent/business-reporter.d.ts +114 -0
package/dist/agent/business-reporter.d.ts.map +1 -0
package/dist/agent/business-reporter.js +359 -0
package/dist/agent/business-reporter.js.map +1 -0
package/dist/agent/config-sync.d.ts +70 -0
package/dist/agent/config-sync.d.ts.map +1 -0
package/dist/agent/config-sync.js +133 -0
package/dist/agent/config-sync.js.map +1 -0
package/dist/agent/config.d.ts +97 -0
package/dist/agent/config.d.ts.map +1 -0
package/dist/agent/config.js +359 -0
package/dist/agent/config.js.map +1 -0
package/dist/agent/content-injection-scanner.d.ts +35 -0
package/dist/agent/content-injection-scanner.d.ts.map +1 -0
package/dist/agent/content-injection-scanner.js +270 -0
package/dist/agent/content-injection-scanner.js.map +1 -0
package/dist/agent/engine-log-writer.d.ts +6 -0
package/dist/agent/engine-log-writer.d.ts.map +1 -0
package/dist/agent/engine-log-writer.js +18 -0
package/dist/agent/engine-log-writer.js.map +1 -0
package/dist/agent/env.d.ts +19 -0
package/dist/agent/env.d.ts.map +1 -0
package/dist/agent/env.js +43 -0
package/dist/agent/env.js.map +1 -0
package/dist/agent/event-reporter.d.ts +87 -0
package/dist/agent/event-reporter.d.ts.map +1 -0
package/dist/agent/event-reporter.js +315 -0
package/dist/agent/event-reporter.js.map +1 -0
package/dist/agent/file-watcher.d.ts +50 -0
package/dist/agent/file-watcher.d.ts.map +1 -0
package/dist/agent/file-watcher.js +135 -0
package/dist/agent/file-watcher.js.map +1 -0
package/dist/agent/fs-utils.d.ts +22 -0
package/dist/agent/fs-utils.d.ts.map +1 -0
package/dist/agent/fs-utils.js +41 -0
package/dist/agent/fs-utils.js.map +1 -0
package/dist/agent/gateway-manager.d.ts +59 -0
package/dist/agent/gateway-manager.d.ts.map +1 -0
package/dist/agent/gateway-manager.js +583 -0
package/dist/agent/gateway-manager.js.map +1 -0
package/dist/agent/hook-types.d.ts +276 -0
package/dist/agent/hook-types.d.ts.map +1 -0
package/dist/agent/hook-types.js +51 -0
package/dist/agent/hook-types.js.map +1 -0
package/dist/agent/index.d.ts +8 -0
package/dist/agent/index.d.ts.map +1 -0
package/dist/agent/index.js +8 -0
package/dist/agent/index.js.map +1 -0
package/dist/agent/prompt-gate.d.ts +13 -0
package/dist/agent/prompt-gate.d.ts.map +1 -0
package/dist/agent/prompt-gate.js +28 -0
package/dist/agent/prompt-gate.js.map +1 -0
package/dist/agent/prompt-input.d.ts +9 -0
package/dist/agent/prompt-input.d.ts.map +1 -0
package/dist/agent/prompt-input.js +158 -0
package/dist/agent/prompt-input.js.map +1 -0
package/dist/agent/prompt-output.d.ts +4 -0
package/dist/agent/prompt-output.d.ts.map +1 -0
package/dist/agent/prompt-output.js +19 -0
package/dist/agent/prompt-output.js.map +1 -0
package/dist/agent/runner.d.ts +23 -0
package/dist/agent/runner.d.ts.map +1 -0
package/dist/agent/runner.js +154 -0
package/dist/agent/runner.js.map +1 -0
package/dist/agent/sanitizer.d.ts +10 -0
package/dist/agent/sanitizer.d.ts.map +1 -0
package/dist/agent/sanitizer.js +175 -0
package/dist/agent/sanitizer.js.map +1 -0
package/dist/agent/scan-activity.d.ts +18 -0
package/dist/agent/scan-activity.d.ts.map +1 -0
package/dist/agent/scan-activity.js +32 -0
package/dist/agent/scan-activity.js.map +1 -0
package/dist/agent/types.d.ts +177 -0
package/dist/agent/types.d.ts.map +1 -0
package/dist/agent/types.js +5 -0
package/dist/agent/types.js.map +1 -0
package/dist/agent/workspace-scanner.d.ts +35 -0
package/dist/agent/workspace-scanner.d.ts.map +1 -0
package/dist/agent/workspace-scanner.js +137 -0
package/dist/agent/workspace-scanner.js.map +1 -0
package/dist/dashboard-launcher.d.ts +52 -0
package/dist/dashboard-launcher.d.ts.map +1 -0
package/dist/dashboard-launcher.js +363 -0
package/dist/dashboard-launcher.js.map +1 -0
package/dist/gateway/activity.d.ts +52 -0
package/dist/gateway/activity.d.ts.map +1 -0
package/dist/gateway/activity.js +111 -0
package/dist/gateway/activity.js.map +1 -0
package/dist/gateway/config.d.ts +50 -0
package/dist/gateway/config.d.ts.map +1 -0
package/dist/gateway/config.js +200 -0
package/dist/gateway/config.js.map +1 -0
package/dist/gateway/gateway/activity.d.ts +52 -0
package/dist/gateway/gateway/activity.d.ts.map +1 -0
package/dist/gateway/gateway/activity.js +111 -0
package/dist/gateway/gateway/activity.js.map +1 -0
package/dist/gateway/gateway/config.d.ts +50 -0
package/dist/gateway/gateway/config.d.ts.map +1 -0
package/dist/gateway/gateway/config.js +200 -0
package/dist/gateway/gateway/config.js.map +1 -0
package/dist/gateway/gateway/handlers/anthropic.d.ts +12 -0
package/dist/gateway/gateway/handlers/anthropic.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/anthropic.js +254 -0
package/dist/gateway/gateway/handlers/anthropic.js.map +1 -0
package/dist/gateway/gateway/handlers/gemini.d.ts +12 -0
package/dist/gateway/gateway/handlers/gemini.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/gemini.js +101 -0
package/dist/gateway/gateway/handlers/gemini.js.map +1 -0
package/dist/gateway/gateway/handlers/models.d.ts +4 -0
package/dist/gateway/gateway/handlers/models.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/models.js +36 -0
package/dist/gateway/gateway/handlers/models.js.map +1 -0
package/dist/gateway/gateway/handlers/openai.d.ts +16 -0
package/dist/gateway/gateway/handlers/openai.d.ts.map +1 -0
package/dist/gateway/gateway/handlers/openai.js +254 -0
package/dist/gateway/gateway/handlers/openai.js.map +1 -0
package/dist/gateway/gateway/index.d.ts +27 -0
package/dist/gateway/gateway/index.d.ts.map +1 -0
package/dist/gateway/gateway/index.js +293 -0
package/dist/gateway/gateway/index.js.map +1 -0
package/dist/gateway/gateway/mapping-store.d.ts +38 -0
package/dist/gateway/gateway/mapping-store.d.ts.map +1 -0
package/dist/gateway/gateway/mapping-store.js +74 -0
package/dist/gateway/gateway/mapping-store.js.map +1 -0
package/dist/gateway/gateway/restorer.d.ts +63 -0
package/dist/gateway/gateway/restorer.d.ts.map +1 -0
package/dist/gateway/gateway/restorer.js +284 -0
package/dist/gateway/gateway/restorer.js.map +1 -0
package/dist/gateway/gateway/sanitizer.d.ts +17 -0
package/dist/gateway/gateway/sanitizer.d.ts.map +1 -0
package/dist/gateway/gateway/sanitizer.js +228 -0
package/dist/gateway/gateway/sanitizer.js.map +1 -0
package/dist/gateway/gateway/types.d.ts +53 -0
package/dist/gateway/gateway/types.d.ts.map +1 -0
package/dist/gateway/gateway/types.js +5 -0
package/dist/gateway/gateway/types.js.map +1 -0
package/dist/gateway/handlers/anthropic.d.ts +12 -0
package/dist/gateway/handlers/anthropic.d.ts.map +1 -0
package/dist/gateway/handlers/anthropic.js +254 -0
package/dist/gateway/handlers/anthropic.js.map +1 -0
package/dist/gateway/handlers/gemini.d.ts +12 -0
package/dist/gateway/handlers/gemini.d.ts.map +1 -0
package/dist/gateway/handlers/gemini.js +101 -0
package/dist/gateway/handlers/gemini.js.map +1 -0
package/dist/gateway/handlers/models.d.ts +4 -0
package/dist/gateway/handlers/models.d.ts.map +1 -0
package/dist/gateway/handlers/models.js +36 -0
package/dist/gateway/handlers/models.js.map +1 -0
package/dist/gateway/handlers/openai.d.ts +16 -0
package/dist/gateway/handlers/openai.d.ts.map +1 -0
package/dist/gateway/handlers/openai.js +254 -0
package/dist/gateway/handlers/openai.js.map +1 -0
package/dist/gateway/index.d.ts +27 -0
package/dist/gateway/index.d.ts.map +1 -0
package/dist/gateway/index.js +293 -0
package/dist/gateway/index.js.map +1 -0
package/dist/gateway/mapping-store.d.ts +38 -0
package/dist/gateway/mapping-store.d.ts.map +1 -0
package/dist/gateway/mapping-store.js +74 -0
package/dist/gateway/mapping-store.js.map +1 -0
package/dist/gateway/restorer.d.ts +63 -0
package/dist/gateway/restorer.d.ts.map +1 -0
package/dist/gateway/restorer.js +284 -0
package/dist/gateway/restorer.js.map +1 -0
package/dist/gateway/sanitizer.d.ts +17 -0
package/dist/gateway/sanitizer.d.ts.map +1 -0
package/dist/gateway/sanitizer.js +228 -0
package/dist/gateway/sanitizer.js.map +1 -0
package/dist/gateway/types.d.ts +53 -0
package/dist/gateway/types.d.ts.map +1 -0
package/dist/gateway/types.js +5 -0
package/dist/gateway/types.js.map +1 -0
package/dist/index.d.ts +19 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +2084 -0
package/dist/index.js.map +1 -0
package/dist/memory/index.d.ts +5 -0
package/dist/memory/index.d.ts.map +1 -0
package/dist/memory/index.js +5 -0
package/dist/memory/index.js.map +1 -0
package/dist/memory/store.d.ts +82 -0
package/dist/memory/store.d.ts.map +1 -0
package/dist/memory/store.js +194 -0
package/dist/memory/store.js.map +1 -0
package/dist/platform-client/index.d.ts +63 -0
package/dist/platform-client/index.d.ts.map +1 -0
package/dist/platform-client/index.js +294 -0
package/dist/platform-client/index.js.map +1 -0
package/dist/platform-client/types.d.ts +109 -0
package/dist/platform-client/types.d.ts.map +1 -0
package/dist/platform-client/types.js +3 -0
package/dist/platform-client/types.js.map +1 -0
package/gateway/activity.d.ts +52 -0
package/gateway/activity.d.ts.map +1 -0
package/gateway/activity.js +111 -0
package/gateway/activity.js.map +1 -0
package/gateway/config.d.ts +50 -0
package/gateway/config.d.ts.map +1 -0
package/gateway/config.js +200 -0
package/gateway/config.js.map +1 -0
package/gateway/handlers/anthropic.d.ts +12 -0
package/gateway/handlers/anthropic.d.ts.map +1 -0
package/gateway/handlers/anthropic.js +254 -0
package/gateway/handlers/anthropic.js.map +1 -0
package/gateway/handlers/gemini.d.ts +12 -0
package/gateway/handlers/gemini.d.ts.map +1 -0
package/gateway/handlers/gemini.js +101 -0
package/gateway/handlers/gemini.js.map +1 -0
package/gateway/handlers/models.d.ts +4 -0
package/gateway/handlers/models.d.ts.map +1 -0
package/gateway/handlers/models.js +36 -0
package/gateway/handlers/models.js.map +1 -0
package/gateway/handlers/openai.d.ts +16 -0
package/gateway/handlers/openai.d.ts.map +1 -0
package/gateway/handlers/openai.js +254 -0
package/gateway/handlers/openai.js.map +1 -0
package/gateway/index.d.ts +27 -0
package/gateway/index.d.ts.map +1 -0
package/gateway/index.js +293 -0
package/gateway/index.js.map +1 -0
package/gateway/mapping-store.d.ts +38 -0
package/gateway/mapping-store.d.ts.map +1 -0
package/gateway/mapping-store.js +74 -0
package/gateway/mapping-store.js.map +1 -0
package/gateway/restorer.d.ts +63 -0
package/gateway/restorer.d.ts.map +1 -0
package/gateway/restorer.js +284 -0
package/gateway/restorer.js.map +1 -0
package/gateway/sanitizer.d.ts +17 -0
package/gateway/sanitizer.d.ts.map +1 -0
package/gateway/sanitizer.js +228 -0
package/gateway/sanitizer.js.map +1 -0
package/gateway/types.d.ts +53 -0
package/gateway/types.d.ts.map +1 -0
package/gateway/types.js +5 -0
package/gateway/types.js.map +1 -0
package/openclaw.plugin.json +86 -0
package/package.json +74 -0
package/samples/Untitled +1 -0
package/samples/clean-email.txt +20 -0
package/samples/test-document.md +53 -0
package/samples/test-email-popup.txt +44 -0
package/samples/test-email.txt +32 -0
package/samples/test-webpage.html +51 -0
package/scripts/enterprise-enroll.sh +89 -0
package/scripts/enterprise-unenroll.sh +75 -0

package/dist/agent/content-injection-scanner.js ADDED Viewed

@@ -0,0 +1,270 @@
+/**
+ * Content-based prompt injection scanner.
+ *
+ * Pure/sync regex scanner — no network, no dependencies.
+ * Scans tool result text (file contents, web fetches) for injection patterns.
+ *
+ * Two-tier design:
+ *   HIGH confidence — a single match triggers detection
+ *   MEDIUM confidence — requires 2+ distinct categories to trigger
+ */
+const PATTERNS = [
+    // ── HIGH confidence (single match triggers) ────────────────────
+    // INSTRUCTION_OVERRIDE
+    {
+        regex: /ignore\s+(?:all\s+)?(?:previous|prior|above|earlier|preceding)\s+(?:instructions?|guidelines?|rules?|prompts?|directions?)/i,
+        label: "ignore previous instructions",
+        category: "INSTRUCTION_OVERRIDE",
+        confidence: "high",
+    },
+    {
+        regex: /disregard\s+(?:your\s+)?(?:current|previous|prior|all)\s+(?:task|instructions?|guidelines?|rules?|directions?)/i,
+        label: "disregard current task/instructions",
+        category: "INSTRUCTION_OVERRIDE",
+        confidence: "high",
+    },
+    {
+        regex: /override\s+(?:all\s+)?(?:previous|prior|system)\s+(?:instructions?|rules?|prompts?)/i,
+        label: "override previous instructions",
+        category: "INSTRUCTION_OVERRIDE",
+        confidence: "high",
+    },
+    // FAKE_SYSTEM_MESSAGE
+    {
+        regex: /\bSYSTEM\s*(?:ALERT|MESSAGE|NOTICE|PROMPT|OVERRIDE)\s*:/i,
+        label: "SYSTEM ALERT/MESSAGE:",
+        category: "FAKE_SYSTEM_MESSAGE",
+        confidence: "high",
+    },
+    {
+        regex: /\[SYSTEM\]\s*[Nn]ew\s+instructions?/i,
+        label: "[SYSTEM] New instructions",
+        category: "FAKE_SYSTEM_MESSAGE",
+        confidence: "high",
+    },
+    {
+        regex: /NOTE\s+TO\s+(?:AI|THE)\s+(?:ASSISTANT|MODEL|AGENT)\s*:/i,
+        label: "NOTE TO AI ASSISTANT:",
+        category: "FAKE_SYSTEM_MESSAGE",
+        confidence: "high",
+    },
+    // CONCEALMENT_DIRECTIVE
+    {
+        regex: /DO\s+NOT\s+(?:DISPLAY|SHOW|REVEAL|MENTION|PRINT|OUTPUT)\s+(?:TO\s+(?:THE\s+)?USER|THIS|THESE)/i,
+        label: "DO NOT DISPLAY TO USER",
+        category: "CONCEALMENT_DIRECTIVE",
+        confidence: "high",
+    },
+    {
+        regex: /do\s+not\s+mention\s+these\s+instructions/i,
+        label: "do not mention these instructions",
+        category: "CONCEALMENT_DIRECTIVE",
+        confidence: "high",
+    },
+    {
+        regex: /hide\s+(?:this|these)\s+(?:instructions?|commands?|from\s+the\s+user)/i,
+        label: "hide instructions from user",
+        category: "CONCEALMENT_DIRECTIVE",
+        confidence: "high",
+    },
+    // COMMAND_EXECUTION
+    {
+        regex: /execute\s+the\s+following\s+(?:shell\s+)?command/i,
+        label: "execute the following shell command",
+        category: "COMMAND_EXECUTION",
+        confidence: "high",
+    },
+    {
+        regex: /\bcurl\s+(?:-[A-Za-z0-9]+\s+)*['"]?https?:\/\/\S+/i,
+        label: "curl https://...",
+        category: "COMMAND_EXECUTION",
+        confidence: "high",
+    },
+    {
+        regex: /\bwget\s+(?:-[A-Za-z0-9]+\s+)*['"]?https?:\/\/\S+/i,
+        label: "wget https://...",
+        category: "COMMAND_EXECUTION",
+        confidence: "high",
+    },
+    {
+        regex: /run\s+(?:this|the\s+following)\s+(?:bash|shell|terminal)\s+command/i,
+        label: "run this bash/shell command",
+        category: "COMMAND_EXECUTION",
+        confidence: "high",
+    },
+    // DATA_EXFILTRATION
+    {
+        regex: /send\s+(?:the\s+)?(?:contents?|data|file|output|results?)\s+(?:to|of)\s+(?:https?:\/\/|this\s+(?:url|server|endpoint))/i,
+        label: "send contents to URL",
+        category: "DATA_EXFILTRATION",
+        confidence: "high",
+    },
+    {
+        regex: /(?:post|upload|exfiltrate|transmit)\s+(?:to|the\s+data\s+to)\s+https?:\/\//i,
+        label: "post/upload to URL",
+        category: "DATA_EXFILTRATION",
+        confidence: "high",
+    },
+    // ── MEDIUM confidence (requires 2+ distinct categories) ────────
+    // MODE_SWITCHING
+    {
+        regex: /you\s+are\s+now\s+in\s+(?:debug|developer|admin|maintenance|test)\s+mode/i,
+        label: "you are now in debug mode",
+        category: "MODE_SWITCHING",
+        confidence: "medium",
+    },
+    {
+        regex: /(?:entering|switch\s+to|activate)\s+(?:debug|developer|admin|maintenance|unrestricted)\s+mode/i,
+        label: "entering debug/developer mode",
+        category: "MODE_SWITCHING",
+        confidence: "medium",
+    },
+    // TASK_HIJACKING
+    {
+        regex: /your\s+new\s+task\s+is\s*:/i,
+        label: "your new task is:",
+        category: "TASK_HIJACKING",
+        confidence: "medium",
+    },
+    {
+        regex: /new\s+instructions?\s+received/i,
+        label: "new instructions received",
+        category: "TASK_HIJACKING",
+        confidence: "medium",
+    },
+    {
+        regex: /instead\s*,?\s+(?:you\s+should|please|now)\s+(?:do|perform|execute)/i,
+        label: "instead do/perform",
+        category: "TASK_HIJACKING",
+        confidence: "medium",
+    },
+    // ROLE_ASSUMPTION
+    {
+        regex: /(?:act|behave)\s+(?:as\s+if\s+)?normally/i,
+        label: "act normally",
+        category: "ROLE_ASSUMPTION",
+        confidence: "medium",
+    },
+    {
+        regex: /pretend\s+(?:that\s+)?these\s+instructions?\s+came\s+from\s+the\s+user/i,
+        label: "pretend instructions came from user",
+        category: "ROLE_ASSUMPTION",
+        confidence: "medium",
+    },
+    {
+        regex: /you\s+(?:are|must)\s+(?:now\s+)?(?:a|an|acting\s+as)\s+(?:helpful|unrestricted|unfiltered)/i,
+        label: "you are now unrestricted",
+        category: "ROLE_ASSUMPTION",
+        confidence: "medium",
+    },
+    // INSTRUCTION_OVERRIDE (medium)
+    {
+        regex: /bypass\s+(?:all\s+)?(?:security|safety)\s+(?:measures?|checks?|filters?|protocols?)/i,
+        label: "bypass security measures",
+        category: "INSTRUCTION_OVERRIDE",
+        confidence: "medium",
+    },
+    // DATA_EXFILTRATION (medium) — shell substitution reading sensitive files
+    {
+        regex: /\$\([^)]*(?:\.ssh|\.aws|\.gnupg|\.env\b|\.pem|\.key\b|id_rsa|id_ed25519|id_ecdsa|credentials|keychain|\/etc\/passwd|\/etc\/shadow)[^)]*\)/i,
+        label: "shell substitution reading sensitive file",
+        category: "DATA_EXFILTRATION",
+        confidence: "medium",
+    },
+    {
+        regex: /`[^`]*(?:\.ssh|\.aws|\.gnupg|\.env\b|\.pem|\.key\b|id_rsa|id_ed25519|id_ecdsa|credentials|keychain|\/etc\/passwd|\/etc\/shadow)[^`]*`/i,
+        label: "backtick substitution reading sensitive file",
+        category: "DATA_EXFILTRATION",
+        confidence: "medium",
+    },
+];
+// =============================================================================
+// Category → DetectionRiskType Mapping
+// =============================================================================
+const CATEGORY_TO_RISK_TYPE = {
+    INSTRUCTION_OVERRIDE: "PROMPT_INJECTION",
+    MODE_SWITCHING: "PROMPT_INJECTION",
+    FAKE_SYSTEM_MESSAGE: "PROMPT_INJECTION",
+    CONCEALMENT_DIRECTIVE: "PROMPT_INJECTION",
+    COMMAND_EXECUTION: "COMMAND_EXECUTION",
+    TASK_HIJACKING: "PROMPT_INJECTION",
+    ROLE_ASSUMPTION: "PROMPT_INJECTION",
+    DATA_EXFILTRATION: "DATA_EXFILTRATION",
+};
+// =============================================================================
+// Redact
+// =============================================================================
+/**
+ * Replace all injection matches in `text` with `__REDACTED_BY_CHANGEWAYGUARD_DUE_TO_{riskType}__`.
+ * Returns the redacted text and structured findings.
+ */
+export function redactContent(text) {
+    if (!text || text.length === 0) {
+        return { redacted: text, findings: [] };
+    }
+    const findings = [];
+    let redacted = text;
+    for (const entry of PATTERNS) {
+        const globalRegex = new RegExp(entry.regex.source, entry.regex.flags.includes("g") ? entry.regex.flags : entry.regex.flags + "g");
+        const riskType = CATEGORY_TO_RISK_TYPE[entry.category];
+        redacted = redacted.replace(globalRegex, (matched) => {
+            findings.push({
+                riskLevel: (entry.confidence === "high" ? "high" : "medium"),
+                riskType,
+                riskContent: matched,
+                reason: `Matched injection pattern: "${entry.label}" (${entry.category})`,
+            });
+            return `__REDACTED_BY_CHANGEWAYGUARD_DUE_TO_${riskType}__`;
+        });
+    }
+    return { redacted, findings };
+}
+// =============================================================================
+// Scanner
+// =============================================================================
+export function scanForInjection(text) {
+    if (!text || text.length === 0) {
+        return { detected: false, matches: [], distinctCategories: [], summary: "", findings: [] };
+    }
+    const matches = [];
+    const categorySet = new Set();
+    let hasHigh = false;
+    for (const entry of PATTERNS) {
+        const execResult = entry.regex.exec(text);
+        if (execResult) {
+            matches.push({
+                pattern: entry.label,
+                category: entry.category,
+                confidence: entry.confidence,
+                matchedText: execResult[0],
+            });
+            categorySet.add(entry.category);
+            if (entry.confidence === "high")
+                hasHigh = true;
+        }
+    }
+    const distinctCategories = [...categorySet];
+    // Detection criteria:
+    //   - Any HIGH confidence match, OR
+    //   - 2+ distinct categories from MEDIUM matches
+    const mediumCategories = new Set(matches.filter((m) => m.confidence === "medium").map((m) => m.category));
+    const detected = hasHigh || mediumCategories.size >= 2;
+    let summary = "";
+    if (detected) {
+        const patternList = matches.map((m) => `"${m.pattern}"`).join(", ");
+        summary =
+            `Detected ${matches.length} injection pattern(s) across ${distinctCategories.length} ` +
+                `categor${distinctCategories.length === 1 ? "y" : "ies"}: ${distinctCategories.join(", ")}. ` +
+                `Matched patterns: ${patternList}`;
+    }
+    const findings = detected
+        ? matches.map((m) => ({
+            riskLevel: (m.confidence === "high" ? "high" : "medium"),
+            riskType: CATEGORY_TO_RISK_TYPE[m.category],
+            riskContent: m.matchedText,
+            reason: `Matched injection pattern: "${m.pattern}" (${m.category})`,
+        }))
+        : [];
+    return { detected, matches, distinctCategories, summary, findings };
+}
+//# sourceMappingURL=content-injection-scanner.js.map

package/dist/agent/content-injection-scanner.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"content-injection-scanner.js","sourceRoot":"","sources":["../../agent/content-injection-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AA4CH,MAAM,QAAQ,GAAmB;IAC/B,kEAAkE;IAElE,uBAAuB;IACvB;QACE,KAAK,EAAE,6HAA6H;QACpI,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE,sBAAsB;QAChC,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,iHAAiH;QACxH,KAAK,EAAE,qCAAqC;QAC5C,QAAQ,EAAE,sBAAsB;QAChC,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,sFAAsF;QAC7F,KAAK,EAAE,gCAAgC;QACvC,QAAQ,EAAE,sBAAsB;QAChC,UAAU,EAAE,MAAM;KACnB;IAED,sBAAsB;IACtB;QACE,KAAK,EAAE,0DAA0D;QACjE,KAAK,EAAE,uBAAuB;QAC9B,QAAQ,EAAE,qBAAqB;QAC/B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,sCAAsC;QAC7C,KAAK,EAAE,2BAA2B;QAClC,QAAQ,EAAE,qBAAqB;QAC/B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,yDAAyD;QAChE,KAAK,EAAE,uBAAuB;QAC9B,QAAQ,EAAE,qBAAqB;QAC/B,UAAU,EAAE,MAAM;KACnB;IAED,wBAAwB;IACxB;QACE,KAAK,EAAE,gGAAgG;QACvG,KAAK,EAAE,wBAAwB;QAC/B,QAAQ,EAAE,uBAAuB;QACjC,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,4CAA4C;QACnD,KAAK,EAAE,mCAAmC;QAC1C,QAAQ,EAAE,uBAAuB;QACjC,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,wEAAwE;QAC/E,KAAK,EAAE,6BAA6B;QACpC,QAAQ,EAAE,uBAAuB;QACjC,UAAU,EAAE,MAAM;KACnB;IAED,oBAAoB;IACpB;QACE,KAAK,EAAE,mDAAmD;QAC1D,KAAK,EAAE,qCAAqC;QAC5C,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,oDAAoD;QAC3D,KAAK,EAAE,kBAAkB;QACzB,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,oDAAoD;QAC3D,KAAK,EAAE,kBAAkB;QACzB,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,qEAAqE;QAC5E,KAAK,EAAE,6BAA6B;QACpC,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IAED,oBAAoB;IACpB;QACE,KAAK,EAAE,yHAAyH;QAChI,KAAK,EAAE,sBAAsB;QAC7B,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IACD;QACE,KAAK,EAAE,6EAA6E;QACpF,KAAK,EAAE,oBAAoB;QAC3B,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,MAAM;KACnB;IAED,kEAAkE;IAElE,iBAAiB;IACjB;QACE,KAAK,EAAE,2EAA2E;QAClF,KAAK,EAAE,2BAA2B;QAClC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,gGAAgG;QACvG,KAAK,EAAE,+BAA+B;QACtC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,QAAQ;KACrB;IAED,iBAAiB;IACjB;QACE,KAAK,EAAE,6BAA6B;QACpC,KAAK,EAAE,mBAAmB;QAC1B,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,iCAAiC;QACxC,KAAK,EAAE,2BAA2B;QAClC,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,sEAAsE;QAC7E,KAAK,EAAE,oBAAoB;QAC3B,QAAQ,EAAE,gBAAgB;QAC1B,UAAU,EAAE,QAAQ;KACrB;IAED,kBAAkB;IAClB;QACE,KAAK,EAAE,2CAA2C;QAClD,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,iBAAiB;QAC3B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,yEAAyE;QAChF,KAAK,EAAE,qCAAqC;QAC5C,QAAQ,EAAE,iBAAiB;QAC3B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,6FAA6F;QACpG,KAAK,EAAE,0BAA0B;QACjC,QAAQ,EAAE,iBAAiB;QAC3B,UAAU,EAAE,QAAQ;KACrB;IAED,gCAAgC;IAChC;QACE,KAAK,EAAE,sFAAsF;QAC7F,KAAK,EAAE,0BAA0B;QACjC,QAAQ,EAAE,sBAAsB;QAChC,UAAU,EAAE,QAAQ;KACrB;IAED,0EAA0E;IAC1E;QACE,KAAK,EAAE,4IAA4I;QACnJ,KAAK,EAAE,2CAA2C;QAClD,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,QAAQ;KACrB;IACD;QACE,KAAK,EAAE,wIAAwI;QAC/I,KAAK,EAAE,8CAA8C;QACrD,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,QAAQ;KACrB;CACF,CAAC;AAEF,gFAAgF;AAChF,uCAAuC;AACvC,gFAAgF;AAEhF,MAAM,qBAAqB,GAAiD;IAC1E,oBAAoB,EAAE,kBAAkB;IACxC,cAAc,EAAE,kBAAkB;IAClC,mBAAmB,EAAE,kBAAkB;IACvC,qBAAqB,EAAE,kBAAkB;IACzC,iBAAiB,EAAE,mBAAmB;IACtC,cAAc,EAAE,kBAAkB;IAClC,eAAe,EAAE,kBAAkB;IACnC,iBAAiB,EAAE,mBAAmB;CACvC,CAAC;AAEF,gFAAgF;AAChF,SAAS;AACT,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,IAAY;IACxC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,QAAQ,GAAuB,EAAE,CAAC;IACxC,IAAI,QAAQ,GAAG,IAAI,CAAC;IAEpB,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QAClI,MAAM,QAAQ,GAAG,qBAAqB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAEvD,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,OAAO,EAAE,EAAE;YACnD,QAAQ,CAAC,IAAI,CAAC;gBACZ,SAAS,EAAE,CAAC,KAAK,CAAC,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAc;gBACzE,QAAQ;gBACR,WAAW,EAAE,OAAO;gBACpB,MAAM,EAAE,+BAA+B,KAAK,CAAC,KAAK,MAAM,KAAK,CAAC,QAAQ,GAAG;aAC1E,CAAC,CAAC;YACH,OAAO,uCAAuC,QAAQ,IAAI,CAAC;QAC7D,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAChC,CAAC;AAED,gFAAgF;AAChF,UAAU;AACV,gFAAgF;AAEhF,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,kBAAkB,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC7F,CAAC;IAED,MAAM,OAAO,GAAqB,EAAE,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAqB,CAAC;IACjD,IAAI,OAAO,GAAG,KAAK,CAAC;IAEpB,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,KAAK,CAAC,KAAK;gBACpB,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,WAAW,EAAE,UAAU,CAAC,CAAC,CAAC;aAC3B,CAAC,CAAC;YACH,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,KAAK,CAAC,UAAU,KAAK,MAAM;gBAAE,OAAO,GAAG,IAAI,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,kBAAkB,GAAG,CAAC,GAAG,WAAW,CAAC,CAAC;IAE5C,sBAAsB;IACtB,oCAAoC;IACpC,iDAAiD;IACjD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAC9B,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CACxE,CAAC;IACF,MAAM,QAAQ,GAAG,OAAO,IAAI,gBAAgB,CAAC,IAAI,IAAI,CAAC,CAAC;IAEvD,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpE,OAAO;YACL,YAAY,OAAO,CAAC,MAAM,gCAAgC,kBAAkB,CAAC,MAAM,GAAG;gBACtF,UAAU,kBAAkB,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC7F,qBAAqB,WAAW,EAAE,CAAC;IACvC,CAAC;IAED,MAAM,QAAQ,GAAuB,QAAQ;QAC3C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAClB,SAAS,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAc;YACrE,QAAQ,EAAE,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC3C,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,MAAM,EAAE,+BAA+B,CAAC,CAAC,OAAO,MAAM,CAAC,CAAC,QAAQ,GAAG;SACpE,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,kBAAkB,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtE,CAAC"}

package/dist/agent/engine-log-writer.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * Persist a single engine request/response log line.
+ * Best-effort only: logging must never affect hook flow.
+ */
+export declare function appendEngineLogLine(message: string): void;
+//# sourceMappingURL=engine-log-writer.d.ts.map

package/dist/agent/engine-log-writer.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"engine-log-writer.d.ts","sourceRoot":"","sources":["../../agent/engine-log-writer.ts"],"names":[],"mappings":"AAMA;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAOzD"}

package/dist/agent/engine-log-writer.js ADDED Viewed

@@ -0,0 +1,18 @@
+import fs from "node:fs";
+import path from "node:path";
+import { openclawHome } from "./env.js";
+const ENGINE_LOG_PATH = path.join(openclawHome, "logs", "moltguard-engine.log");
+/**
+ * Persist a single engine request/response log line.
+ * Best-effort only: logging must never affect hook flow.
+ */
+export function appendEngineLogLine(message) {
+    try {
+        fs.mkdirSync(path.dirname(ENGINE_LOG_PATH), { recursive: true });
+        fs.appendFileSync(ENGINE_LOG_PATH, `[${new Date().toISOString()}] ${message}\n`);
+    }
+    catch {
+        // ignore file logging errors
+    }
+}
+//# sourceMappingURL=engine-log-writer.js.map

package/dist/agent/engine-log-writer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"engine-log-writer.js","sourceRoot":"","sources":["../../agent/engine-log-writer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,EAAE,sBAAsB,CAAC,CAAC;AAEhF;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACjE,EAAE,CAAC,cAAc,CAAC,eAAe,EAAE,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,OAAO,IAAI,CAAC,CAAC;IACnF,CAAC;IAAC,MAAM,CAAC;QACP,6BAA6B;IAC/B,CAAC;AACH,CAAC"}

package/dist/agent/env.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * Centralized environment variable access for MoltGuard.
+ *
+ * This module is the ONLY place that reads `process.env` so that
+ * modules performing network calls never contain env access in the
+ * same source unit.  This avoids false-positive "credential
+ * harvesting" alerts from OpenClaw's skill scanner.
+ */
+export declare const openclawHome: string;
+export declare const isDev: boolean;
+export declare const envCoreUrl: string | undefined;
+export declare const defaultCoreUrl: string;
+export declare const envApiKey: string;
+/**
+ * Sets environment variables at runtime. Centralised here so that files
+ * making network calls never contain env access directly.
+ */
+export declare function setEnv(key: string, value: string): void;
+//# sourceMappingURL=env.d.ts.map

package/dist/agent/env.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../agent/env.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AASH,eAAO,MAAM,YAAY,EAAE,MACwC,CAAC;AAMpE,eAAO,MAAM,KAAK,EAAE,OAIuC,CAAC;AAS5D,eAAO,MAAM,UAAU,EAAE,MAAM,GAAG,SAAmC,CAAC;AAEtE,eAAO,MAAM,cAAc,EAAE,MACyB,CAAC;AAMvD,eAAO,MAAM,SAAS,EAAE,MAAqC,CAAC;AAM9D;;;GAGG;AACH,wBAAgB,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAEvD"}

package/dist/agent/env.js ADDED Viewed

@@ -0,0 +1,43 @@
+/**
+ * Centralized environment variable access for MoltGuard.
+ *
+ * This module is the ONLY place that reads `process.env` so that
+ * modules performing network calls never contain env access in the
+ * same source unit.  This avoids false-positive "credential
+ * harvesting" alerts from OpenClaw's skill scanner.
+ */
+import os from "node:os";
+import path from "node:path";
+// ---------------------------------------------------------------------------
+// OpenClaw home directory
+// ---------------------------------------------------------------------------
+export const openclawHome = process.env.OPENCLAW_HOME || path.join(os.homedir(), ".openclaw");
+// ---------------------------------------------------------------------------
+// Development mode
+// ---------------------------------------------------------------------------
+export const isDev = process.env.NODE_ENV === "development" ||
+    process.env.OG_DEV === "1" ||
+    process.env.OG_DEV === "true" ||
+    (process.env.OG_CORE_URL?.includes("localhost") ?? false);
+// ---------------------------------------------------------------------------
+// Core URL
+// ---------------------------------------------------------------------------
+const DEV_CORE_URL = "http://localhost:53666";
+const PROD_CORE_URL = "http://10.16.148.67:53666";
+export const envCoreUrl = process.env.OG_CORE_URL;
+export const defaultCoreUrl = envCoreUrl ?? (isDev ? DEV_CORE_URL : PROD_CORE_URL);
+// ---------------------------------------------------------------------------
+// API key (optional env override)
+// ---------------------------------------------------------------------------
+export const envApiKey = process.env.OG_API_KEY ?? "";
+// ---------------------------------------------------------------------------
+// Environment variable setter (for dashboard-launcher runtime config)
+// ---------------------------------------------------------------------------
+/**
+ * Sets environment variables at runtime. Centralised here so that files
+ * making network calls never contain env access directly.
+ */
+export function setEnv(key, value) {
+    process.env[key] = value;
+}
+//# sourceMappingURL=env.js.map

package/dist/agent/env.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"env.js","sourceRoot":"","sources":["../../agent/env.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,8EAA8E;AAC9E,0BAA0B;AAC1B,8EAA8E;AAE9E,MAAM,CAAC,MAAM,YAAY,GACvB,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,CAAC,CAAC;AAEpE,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,MAAM,CAAC,MAAM,KAAK,GAChB,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;IACtC,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,GAAG;IAC1B,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM;IAC7B,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,CAAC;AAE5D,8EAA8E;AAC9E,WAAW;AACX,8EAA8E;AAE9E,MAAM,YAAY,GAAG,wBAAwB,CAAC;AAC9C,MAAM,aAAa,GAAG,2BAA2B,CAAC;AAElD,MAAM,CAAC,MAAM,UAAU,GAAuB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;AAEtE,MAAM,CAAC,MAAM,cAAc,GACzB,UAAU,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;AAEvD,8EAA8E;AAC9E,kCAAkC;AAClC,8EAA8E;AAE9E,MAAM,CAAC,MAAM,SAAS,GAAW,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,EAAE,CAAC;AAE9D,8EAA8E;AAC9E,sEAAsE;AACtE,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,UAAU,MAAM,CAAC,GAAW,EAAE,KAAa;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;AAC3B,CAAC"}

package/dist/agent/event-reporter.d.ts ADDED Viewed

@@ -0,0 +1,87 @@
+/**
+ * EventReporter - Handles batched event reporting to Core.
+ *
+ * Responsibilities:
+ *   1. Queue non-blocking events and flush them in batches (100ms window)
+ *   2. Send blocking events synchronously and return block decisions
+ *   3. Handle network failures gracefully (fail-open)
+ *   4. Truncate large content to avoid timeouts
+ */
+import type { CoreCredentials } from "./config.js";
+import type { Logger } from "./types.js";
+import type { HookType, HookEventData } from "./hook-types.js";
+export type BlockDecision = {
+    block: true;
+    reason: string;
+    findings?: Array<{
+        riskLevel: string;
+        riskType: string;
+        reason: string;
+    }>;
+};
+export type EventReporterConfig = {
+    coreUrl: string;
+    pluginVersion: string;
+    /** Timeout for API calls in ms */
+    timeoutMs?: number;
+    /** Whether to enable batching (default: true) */
+    enableBatching?: boolean;
+};
+export declare class EventReporter {
+    private config;
+    private log;
+    private credentials;
+    /** Sequence counter per session */
+    private sessionSeq;
+    /** Run ID per session */
+    private sessionRunId;
+    /** Event queue for batching */
+    private queue;
+    /** Flush timer */
+    private flushTimer;
+    /** Whether we're currently flushing */
+    private flushing;
+    constructor(config: EventReporterConfig, log: Logger);
+    /** Set Core credentials for authenticated API calls */
+    setCredentials(credentials: CoreCredentials | null): void;
+    /** Set or get run ID for a session */
+    setRunId(sessionKey: string, runId: string): void;
+    getRunId(sessionKey: string): string | undefined;
+    /** Clear session state */
+    clearSession(sessionKey: string): void;
+    /**
+     * Report an event. For blocking hooks, this is synchronous and may return
+     * a block decision. For non-blocking hooks, this queues the event for batching.
+     */
+    report(sessionKey: string, hookType: HookType, data: HookEventData, blocking?: boolean): Promise<BlockDecision | undefined>;
+    /**
+     * Send a single event synchronously (for blocking hooks).
+     * Returns a block decision if Core says to block, undefined otherwise.
+     */
+    private reportSync;
+    /**
+     * Queue an event for batched sending.
+     */
+    private queueEvent;
+    /**
+     * Flush all queued events to Core.
+     */
+    flush(): Promise<void>;
+    /**
+     * Send a batch of events for a single session.
+     */
+    private sendBatch;
+    /**
+     * Get next sequence number for a session.
+     */
+    private getNextSeq;
+    /**
+     * Sanitize event data: truncate large content, remove secrets.
+     */
+    private sanitizeEventData;
+    /**
+     * Stop the reporter and flush remaining events.
+     */
+    stop(): Promise<void>;
+}
+//# sourceMappingURL=event-reporter.d.ts.map

package/dist/agent/event-reporter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"event-reporter.d.ts","sourceRoot":"","sources":["../../agent/event-reporter.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,YAAY,CAAC;AACzC,OAAO,KAAK,EACV,QAAQ,EAER,aAAa,EAId,MAAM,iBAAiB,CAAC;AAuBzB,MAAM,MAAM,aAAa,GAAG;IAC1B,KAAK,EAAE,IAAI,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,KAAK,CAAC;QACf,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;CACJ,CAAC;AAMF,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,CAAC;IACtB,kCAAkC;IAClC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iDAAiD;IACjD,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAMF,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAgC;IAC9C,OAAO,CAAC,GAAG,CAAS;IACpB,OAAO,CAAC,WAAW,CAAgC;IAEnD,mCAAmC;IACnC,OAAO,CAAC,UAAU,CAA6B;IAE/C,yBAAyB;IACzB,OAAO,CAAC,YAAY,CAA6B;IAEjD,+BAA+B;IAC/B,OAAO,CAAC,KAAK,CAGL;IAER,kBAAkB;IAClB,OAAO,CAAC,UAAU,CAA+B;IAEjD,uCAAuC;IACvC,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,EAAE,mBAAmB,EAAE,GAAG,EAAE,MAAM;IAUpD,uDAAuD;IACvD,cAAc,CAAC,WAAW,EAAE,eAAe,GAAG,IAAI,GAAG,IAAI;IAIzD,sCAAsC;IACtC,QAAQ,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAIjD,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS;IAIhD,0BAA0B;IAC1B,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAKtC;;;OAGG;IACG,MAAM,CACV,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,aAAa,EACnB,QAAQ,GAAE,OAAe,GACxB,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;IA0BrC;;;OAGG;YACW,UAAU;IAoExB;;OAEG;IACH,OAAO,CAAC,UAAU;IAwBlB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAyC5B;;OAEG;YACW,SAAS;IAqDvB;;OAEG;IACH,OAAO,CAAC,UAAU;IAMlB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAkCzB;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;CAO5B"}