@contextfort-ai/openclaw-secure 0.1.7 → 0.1.9

package/monitor/dashboard/public/index.html

@@ -0,0 +1,515 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>ContextFort Security Dashboard</title>
+  <style>
+    *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+    body { background: #09090b; color: #fafafa; font-family: ui-sans-serif, system-ui, -apple-system, sans-serif; min-height: 100vh; display: flex; flex-direction: column; }
+    a { color: #60a5fa; text-decoration: none; }
+
+    /* Nav */
+    .nav { border-bottom: 1px solid rgba(255,255,255,0.1); background: rgba(0,0,0,0.8); backdrop-filter: blur(12px); position: sticky; top: 0; z-index: 10; }
+    .nav-inner { padding: 0 24px; height: 56px; display: flex; align-items: center; justify-content: space-between; }
+    .nav-brand { display: flex; align-items: center; gap: 10px; }
+    .nav-brand .icon { width: 28px; height: 28px; background: #fff; display: flex; align-items: center; justify-content: center; }
+    .nav-brand .icon svg { width: 18px; height: 18px; }
+    .nav-brand span { font-size: 17px; font-weight: 700; letter-spacing: -0.5px; text-transform: uppercase; }
+    .nav-right { display: flex; align-items: center; gap: 12px; }
+    .muted { color: #a1a1aa; font-size: 13px; }
+
+    /* Layout */
+    .layout { display: flex; flex: 1; min-height: calc(100vh - 56px); }
+
+    /* Sidebar */
+    .sidebar { width: 200px; border-right: 1px solid rgba(255,255,255,0.1); background: rgba(255,255,255,0.015); padding: 16px 10px; flex-shrink: 0; }
+    .sidebar-nav { display: flex; flex-direction: column; gap: 2px; }
+    .sidebar-btn { display: flex; align-items: center; gap: 10px; padding: 8px 12px; font-size: 13px; color: #a1a1aa; border: none; background: none; border-radius: 6px; cursor: pointer; width: 100%; text-align: left; transition: all 0.12s; }
+    .sidebar-btn:hover { color: #fff; background: rgba(255,255,255,0.05); }
+    .sidebar-btn.active { color: #fff; background: rgba(255,255,255,0.1); }
+    .sidebar-btn svg { width: 16px; height: 16px; flex-shrink: 0; }
+    .sidebar-label { font-size: 10px; text-transform: uppercase; letter-spacing: 1px; color: #52525b; padding: 16px 12px 6px; }
+
+    /* Main */
+    .main { flex: 1; padding: 28px 32px; overflow-y: auto; }
+
+    /* Buttons */
+    .btn { display: inline-flex; align-items: center; gap: 6px; padding: 6px 12px; font-size: 13px; color: #a1a1aa; border: 1px solid rgba(255,255,255,0.1); border-radius: 6px; background: transparent; cursor: pointer; transition: all 0.15s; }
+    .btn:hover { color: #fff; background: rgba(255,255,255,0.05); }
+    .btn.active { color: #fff; background: rgba(255,255,255,0.1); }
+    .btn-sm { padding: 4px 10px; font-size: 12px; }
+
+    /* Cards */
+    .cards { display: grid; grid-template-columns: repeat(4, 1fr); gap: 16px; margin-bottom: 24px; }
+    .card { border: 1px solid rgba(255,255,255,0.1); border-radius: 8px; padding: 20px; background: rgba(255,255,255,0.02); }
+    .card-label { font-size: 12px; color: #a1a1aa; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 8px; }
+    .card-value { font-size: 28px; font-weight: 700; }
+    .card-sub { font-size: 12px; color: #a1a1aa; margin-top: 4px; }
+
+    /* Guard summary cards on home */
+    .guard-cards { display: grid; grid-template-columns: repeat(5, 1fr); gap: 16px; }
+    .guard-card { border: 1px solid rgba(255,255,255,0.1); border-radius: 8px; padding: 16px; background: rgba(255,255,255,0.02); cursor: pointer; transition: all 0.15s; }
+    .guard-card:hover { background: rgba(255,255,255,0.05); border-color: rgba(255,255,255,0.2); }
+    .guard-card-header { display: flex; align-items: center; gap: 8px; margin-bottom: 10px; }
+    .guard-card-header svg { width: 16px; height: 16px; flex-shrink: 0; }
+    .guard-card-header span { font-size: 14px; font-weight: 600; }
+    .guard-stat { font-size: 12px; color: #a1a1aa; }
+    .guard-stat b { color: #fafafa; }
+    .dot { width: 8px; height: 8px; border-radius: 50%; display: inline-block; }
+    .dot-green { background: #22c55e; box-shadow: 0 0 6px rgba(34,197,94,0.4); }
+    .dot-red { background: #ef4444; box-shadow: 0 0 6px rgba(239,68,68,0.4); }
+    .dot-yellow { background: #eab308; box-shadow: 0 0 6px rgba(234,179,8,0.4); }
+    .dot-gray { background: #52525b; }
+
+    /* Page header */
+    .page-header { margin-bottom: 24px; }
+    .page-header h1 { font-size: 24px; font-weight: 700; }
+    .page-header p { color: #a1a1aa; font-size: 14px; margin-top: 4px; }
+
+    /* Table */
+    .table-wrap { border: 1px solid rgba(255,255,255,0.1); border-radius: 8px; overflow: hidden; }
+    .table-header { padding: 12px 16px; border-bottom: 1px solid rgba(255,255,255,0.1); background: rgba(255,255,255,0.03); display: flex; align-items: center; justify-content: space-between; }
+    .table-header h3 { font-size: 14px; font-weight: 600; }
+    table { width: 100%; border-collapse: collapse; font-size: 13px; }
+    th { text-align: left; padding: 10px 16px; color: #a1a1aa; font-weight: 500; font-size: 12px; text-transform: uppercase; letter-spacing: 0.5px; border-bottom: 1px solid rgba(255,255,255,0.08); background: rgba(255,255,255,0.02); }
+    td { padding: 10px 16px; border-bottom: 1px solid rgba(255,255,255,0.05); vertical-align: top; }
+    tr:hover td { background: rgba(255,255,255,0.02); }
+    .cmd { font-family: ui-monospace, monospace; font-size: 12px; max-width: 400px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; }
+
+    /* Badges */
+    .badge { display: inline-flex; align-items: center; padding: 2px 8px; border-radius: 9999px; font-size: 11px; font-weight: 500; }
+    .badge-green { background: rgba(34,197,94,0.15); color: #4ade80; }
+    .badge-red { background: rgba(239,68,68,0.15); color: #f87171; }
+    .badge-yellow { background: rgba(234,179,8,0.15); color: #facc15; }
+    .badge-blue { background: rgba(59,130,246,0.15); color: #60a5fa; }
+    .badge-gray { background: rgba(255,255,255,0.08); color: #a1a1aa; }
+
+    /* Filter row */
+    .filter-row { display: flex; align-items: center; gap: 12px; }
+    select { background: rgba(255,255,255,0.05); border: 1px solid rgba(255,255,255,0.1); border-radius: 6px; padding: 5px 28px 5px 10px; font-size: 12px; color: #fff; appearance: none; background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='0 0 24 24' fill='none' stroke='%23a1a1aa' stroke-width='2'%3E%3Cpath d='m6 9 6 6 6-6'/%3E%3C/svg%3E"); background-repeat: no-repeat; background-position: right 8px center; }
+
+    /* Checkbox */
+    .check-label { display: flex; align-items: center; gap: 6px; font-size: 12px; color: #a1a1aa; cursor: pointer; user-select: none; }
+    .check-label input { accent-color: #60a5fa; }
+    .check-label:hover { color: #fff; }
+
+    /* Expandable payload */
+    .payload-toggle { cursor: pointer; color: #60a5fa; font-size: 12px; }
+    .payload-toggle:hover { text-decoration: underline; }
+    .payload-content { display: none; margin-top: 6px; padding: 8px 12px; background: rgba(255,255,255,0.03); border-radius: 4px; font-family: ui-monospace, monospace; font-size: 11px; color: #a1a1aa; white-space: pre-wrap; word-break: break-all; max-height: 200px; overflow: auto; }
+    .payload-content.open { display: block; }
+
+    /* Empty state */
+    .empty { text-align: center; padding: 48px 24px; color: #52525b; font-size: 14px; }
+
+    /* Scroll */
+    .table-body { max-height: 600px; overflow-y: auto; }
+
+    /* Responsive */
+    @media (max-width: 900px) {
+      .cards { grid-template-columns: repeat(2, 1fr); }
+      .guard-cards { grid-template-columns: repeat(3, 1fr); }
+      .sidebar { width: 170px; }
+    }
+  </style>
+</head>
+<body>
+
+  <!-- Nav -->
+  <nav class="nav">
+    <div class="nav-inner">
+      <div class="nav-brand">
+        <div class="icon">
+          <svg fill="none" stroke="#000" stroke-width="2" viewBox="0 0 24 24"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>
+        </div>
+        <span>ContextFort</span>
+      </div>
+      <div class="nav-right">
+        <span class="muted" id="lastUpdated"></span>
+        <div style="display:flex;gap:4px;">
+          <button class="btn btn-sm" data-days="7" onclick="setDays(7)">7d</button>
+          <button class="btn btn-sm" data-days="30" onclick="setDays(30)">30d</button>
+          <button class="btn btn-sm active" data-days="365" onclick="setDays(365)">All</button>
+        </div>
+        <button class="btn" onclick="refresh()">
+          <svg style="width:14px;height:14px" fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M21 12a9 9 0 0 0-9-9 9.75 9.75 0 0 0-6.74 2.74L3 8"/><path d="M3 3v5h5"/><path d="M3 12a9 9 0 0 0 9 9 9.75 9.75 0 0 0 6.74-2.74L21 16"/><path d="M16 16h5v5"/></svg>
+          Refresh
+        </button>
+      </div>
+    </div>
+  </nav>
+
+  <div class="layout">
+    <!-- Sidebar -->
+    <aside class="sidebar">
+      <div class="sidebar-nav">
+        <button class="sidebar-btn active" data-page="home" onclick="switchPage('home')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M3 9l9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"/><polyline points="9 22 9 12 15 12 15 22"/></svg>
+          Home
+        </button>
+
+        <div class="sidebar-label">Guards</div>
+
+        <button class="sidebar-btn" data-page="skill" onclick="switchPage('skill')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>
+          Skill Scanner
+          <span class="dot dot-green" id="sb-skill-dot" style="margin-left:auto"></span>
+        </button>
+        <button class="sidebar-btn" data-page="bash" onclick="switchPage('bash')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><polyline points="4 17 10 11 4 5"/><line x1="12" y1="19" x2="20" y2="19"/></svg>
+          Bash Guard
+          <span class="dot dot-green" id="sb-bash-dot" style="margin-left:auto"></span>
+        </button>
+        <button class="sidebar-btn" data-page="pi" onclick="switchPage('pi')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/></svg>
+          Prompt Injection
+          <span class="dot dot-green" id="sb-pi-dot" style="margin-left:auto"></span>
+        </button>
+        <button class="sidebar-btn" data-page="secrets" onclick="switchPage('secrets')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><rect x="3" y="11" width="18" height="11" rx="2" ry="2"/><path d="M7 11V7a5 5 0 0 1 10 0v4"/></svg>
+          Secrets Guard
+          <span class="dot dot-green" id="sb-sec-dot" style="margin-left:auto"></span>
+        </button>
+        <button class="sidebar-btn" data-page="exfil" onclick="switchPage('exfil')">
+          <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M17 3a2.85 2.85 0 1 1 4 4L7.5 20.5 2 22l1.5-5.5Z"/></svg>
+          Exfil Monitor
+          <span class="dot dot-green" id="sb-exfil-dot" style="margin-left:auto"></span>
+        </button>
+      </div>
+    </aside>
+
+    <!-- Main content -->
+    <main class="main">
+
+      <!-- HOME PAGE -->
+      <div id="page-home">
+        <div class="page-header">
+          <h1>Overview</h1>
+          <p>Security status across all protection layers.</p>
+        </div>
+
+        <div class="cards">
+          <div class="card"><div class="card-label">Total Commands</div><div class="card-value" id="ov-total">-</div><div class="card-sub">intercepted by guard</div></div>
+          <div class="card"><div class="card-label">Blocked</div><div class="card-value" id="ov-blocked" style="color:#f87171">-</div><div class="card-sub">dangerous commands stopped</div></div>
+          <div class="card"><div class="card-label">Allow Rate</div><div class="card-value" id="ov-rate" style="color:#4ade80">-</div><div class="card-sub">commands passed all guards</div></div>
+          <div class="card"><div class="card-label">Active Since</div><div class="card-value" id="ov-since" style="font-size:16px">-</div><div class="card-sub">first hook loaded</div></div>
+        </div>
+
+        <div class="guard-cards">
+          <div class="guard-card" onclick="switchPage('skill')">
+            <div class="guard-card-header">
+              <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>
+              <span>Skill Scanner</span>
+              <span class="dot dot-green" id="g-skill-dot" style="margin-left:auto"></span>
+            </div>
+            <div class="guard-stat"><b id="g-skill-blocks">0</b> blocks</div>
+          </div>
+          <div class="guard-card" onclick="switchPage('bash')">
+            <div class="guard-card-header">
+              <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><polyline points="4 17 10 11 4 5"/><line x1="12" y1="19" x2="20" y2="19"/></svg>
+              <span>Bash Guard</span>
+              <span class="dot dot-green" id="g-bash-dot" style="margin-left:auto"></span>
+            </div>
+            <div class="guard-stat"><b id="g-bash-blocks">0</b> blocks</div>
+          </div>
+          <div class="guard-card" onclick="switchPage('pi')">
+            <div class="guard-card-header">
+              <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/></svg>
+              <span>Prompt Injection</span>
+              <span class="dot dot-green" id="g-pi-dot" style="margin-left:auto"></span>
+            </div>
+            <div class="guard-stat"><b id="g-pi-blocks">0</b> blocks</div>
+          </div>
+          <div class="guard-card" onclick="switchPage('secrets')">
+            <div class="guard-card-header">
+              <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><rect x="3" y="11" width="18" height="11" rx="2" ry="2"/><path d="M7 11V7a5 5 0 0 1 10 0v4"/></svg>
+              <span>Secrets Guard</span>
+              <span class="dot dot-green" id="g-sec-dot" style="margin-left:auto"></span>
+            </div>
+            <div class="guard-stat"><b id="g-sec-blocks">0</b> blocks &middot; <b id="g-sec-redactions">0</b> redactions</div>
+          </div>
+          <div class="guard-card" onclick="switchPage('exfil')">
+            <div class="guard-card-header">
+              <svg fill="none" stroke="currentColor" stroke-width="2" viewBox="0 0 24 24"><path d="M17 3a2.85 2.85 0 1 1 4 4L7.5 20.5 2 22l1.5-5.5Z"/></svg>
+              <span>Exfil Monitor</span>
+              <span class="dot dot-green" id="g-exfil-dot" style="margin-left:auto"></span>
+            </div>
+            <div class="guard-stat"><b id="g-exfil-detections">0</b> detections</div>
+          </div>
+        </div>
+      </div>
+
+      <!-- SKILL SCANNER PAGE -->
+      <div id="page-skill" style="display:none">
+        <div class="page-header">
+          <h1>Skill Scanner</h1>
+          <p>Skills cross-indexed and scanned for prompt injection patterns via Haiku.</p>
+        </div>
+        <div class="table-wrap">
+          <div class="table-header">
+            <h3>Events</h3>
+            <div class="filter-row">
+              <label class="check-label"><input type="checkbox" id="skill-blocked-only" onchange="renderGuardPage('skill')"> Only show blocked</label>
+              <label class="check-label"><input type="checkbox" id="skill-server-only" onchange="renderGuardPage('skill')"> Server sent events</label>
+            </div>
+          </div>
+          <div class="table-body" id="skill-table-body"></div>
+        </div>
+      </div>
+
+      <!-- BASH GUARD PAGE -->
+      <div id="page-bash" style="display:none">
+        <div class="page-header">
+          <h1>Bash Guard</h1>
+          <p>Commands blocked by static analysis rules (Tirith engine).</p>
+        </div>
+        <div class="table-wrap">
+          <div class="table-header">
+            <h3>Events</h3>
+            <div class="filter-row">
+              <label class="check-label"><input type="checkbox" id="bash-blocked-only" onchange="renderGuardPage('bash')"> Only show blocked</label>
+              <label class="check-label"><input type="checkbox" id="bash-server-only" onchange="renderGuardPage('bash')"> Server sent events</label>
+            </div>
+          </div>
+          <div class="table-body" id="bash-table-body"></div>
+        </div>
+      </div>
+
+      <!-- PROMPT INJECTION PAGE -->
+      <div id="page-pi" style="display:none">
+        <div class="page-header">
+          <h1>Prompt Injection Guard</h1>
+          <p>Command outputs scanned for prompt injection attempts via local Haiku.</p>
+        </div>
+        <div class="table-wrap">
+          <div class="table-header">
+            <h3>Events</h3>
+            <div class="filter-row">
+              <label class="check-label"><input type="checkbox" id="pi-blocked-only" onchange="renderGuardPage('pi')"> Only show blocked</label>
+              <label class="check-label"><input type="checkbox" id="pi-server-only" onchange="renderGuardPage('pi')"> Server sent events</label>
+            </div>
+          </div>
+          <div class="table-body" id="pi-table-body"></div>
+        </div>
+      </div>
+
+      <!-- SECRETS GUARD PAGE -->
+      <div id="page-secrets" style="display:none">
+        <div class="page-header">
+          <h1>Secrets Guard</h1>
+          <p>Env var leak prevention and output secret redaction.</p>
+        </div>
+        <div class="table-wrap">
+          <div class="table-header">
+            <h3>Events</h3>
+            <div class="filter-row">
+              <label class="check-label"><input type="checkbox" id="secrets-blocked-only" onchange="renderGuardPage('secrets')"> Only show blocked</label>
+              <label class="check-label"><input type="checkbox" id="secrets-server-only" onchange="renderGuardPage('secrets')"> Server sent events</label>
+            </div>
+          </div>
+          <div class="table-body" id="secrets-table-body"></div>
+        </div>
+      </div>
+
+      <!-- EXFIL MONITOR PAGE -->
+      <div id="page-exfil" style="display:none">
+        <div class="page-header">
+          <h1>Exfil Monitor</h1>
+          <p>Detects when sensitive environment variables are transmitted to external servers via curl, wget, or nc.</p>
+        </div>
+        <div class="table-wrap">
+          <div class="table-header">
+            <h3>Events</h3>
+            <div class="filter-row">
+              <label class="check-label"><input type="checkbox" id="exfil-blocked-only" onchange="renderGuardPage('exfil')"> Only show blocked</label>
+              <label class="check-label"><input type="checkbox" id="exfil-server-only" onchange="renderGuardPage('exfil')"> Server sent events</label>
+            </div>
+          </div>
+          <div class="table-body" id="exfil-table-body"></div>
+        </div>
+      </div>
+
+    </main>
+  </div>
+
+<script>
+let currentDays = 365;
+let currentPage = 'home';
+let localEvents = [];
+let serverEvents = [];
+let overviewData = {};
+
+// Guard blocker name mapping
+const GUARD_BLOCKER = { skill: 'skill', bash: 'tirith', pi: 'prompt_injection', secrets: 'env_var' };
+const GUARD_EVENTS = {
+  skill: e => e.blocker === 'skill',
+  bash: e => e.blocker === 'tirith',
+  pi: e => e.blocker === 'prompt_injection',
+  secrets: e => e.blocker === 'env_var' || e.event === 'output_redacted',
+  exfil: e => e.event === 'exfil_attempt',
+};
+const SERVER_GUARD = {
+  skill: e => e.destination === 'supabase' || (e.destination === 'posthog' && e.event && e.event.includes('skill')),
+  bash: e => e.destination === 'posthog' && e.properties?.blocker === 'tirith',
+  pi: e => e.destination === 'posthog' && (e.event === 'output_scan_started' || e.event === 'output_scan_result' || e.properties?.blocker === 'prompt_injection'),
+  secrets: e => e.destination === 'posthog' && (e.properties?.blocker === 'env_var_leak' || e.event === 'output_secrets_redacted'),
+  exfil: e => e.destination === 'posthog' && e.event === 'exfil_attempt',
+};
+
+function setDays(d) {
+  currentDays = d;
+  document.querySelectorAll('[data-days]').forEach(b => b.classList.toggle('active', parseInt(b.dataset.days) === d));
+  refresh();
+}
+
+function switchPage(page) {
+  currentPage = page;
+  document.querySelectorAll('.sidebar-btn').forEach(b => b.classList.toggle('active', b.dataset.page === page));
+  ['home','skill','bash','pi','secrets','exfil'].forEach(p => {
+    document.getElementById('page-' + p).style.display = p === page ? '' : 'none';
+  });
+  if (page !== 'home') renderGuardPage(page);
+}
+
+async function refresh() {
+  try {
+    const [ov, local, server] = await Promise.all([
+      fetch(`/api/overview?days=${currentDays}`).then(r => r.json()),
+      fetch(`/api/events?type=local&days=${currentDays}&limit=5000`).then(r => r.json()),
+      fetch(`/api/events?type=server_send&days=${currentDays}&limit=2000`).then(r => r.json()),
+    ]);
+    localEvents = local.events || [];
+    serverEvents = server.events || [];
+    overviewData = ov;
+    renderOverview(ov);
+    renderSidebarDots(ov);
+    if (currentPage !== 'home') renderGuardPage(currentPage);
+    document.getElementById('lastUpdated').textContent = 'Updated ' + new Date().toLocaleTimeString();
+  } catch (e) {
+    console.error('Refresh failed:', e);
+  }
+}
+
+function renderOverview(ov) {
+  document.getElementById('ov-total').textContent = (ov.total || 0).toLocaleString();
+  document.getElementById('ov-blocked').textContent = (ov.blocked || 0).toLocaleString();
+  const rate = ov.total > 0 ? (((ov.total - ov.blocked) / ov.total) * 100).toFixed(1) : '100.0';
+  document.getElementById('ov-rate').textContent = rate + '%';
+  document.getElementById('ov-since').textContent = ov.activeSince ? timeAgo(ov.activeSince) : 'No data';
+
+  const gs = ov.guardStatus || {};
+  document.getElementById('g-skill-blocks').textContent = gs.skill_scanner?.blocks || 0;
+  document.getElementById('g-bash-blocks').textContent = gs.bash_guard?.blocks || 0;
+  document.getElementById('g-pi-blocks').textContent = gs.prompt_injection?.blocks || 0;
+  document.getElementById('g-sec-blocks').textContent = gs.secrets_guard?.blocks || 0;
+  document.getElementById('g-sec-redactions').textContent = gs.secrets_guard?.redactions || 0;
+  document.getElementById('g-exfil-detections').textContent = gs.exfil_monitor?.detections || 0;
+
+  const hasData = ov.total > 0;
+  setDot('g-skill-dot', hasData, gs.skill_scanner?.blocks > 0);
+  setDot('g-bash-dot', hasData, gs.bash_guard?.blocks > 0);
+  setDot('g-pi-dot', hasData, gs.prompt_injection?.blocks > 0);
+  setDot('g-sec-dot', hasData, (gs.secrets_guard?.blocks > 0) || (gs.secrets_guard?.redactions > 0));
+  setDot('g-exfil-dot', hasData, gs.exfil_monitor?.detections > 0, 'dot-yellow');
+}
+
+function renderSidebarDots(ov) {
+  const gs = ov.guardStatus || {};
+  const hasData = ov.total > 0;
+  setDot('sb-skill-dot', hasData, gs.skill_scanner?.blocks > 0);
+  setDot('sb-bash-dot', hasData, gs.bash_guard?.blocks > 0);
+  setDot('sb-pi-dot', hasData, gs.prompt_injection?.blocks > 0);
+  setDot('sb-sec-dot', hasData, (gs.secrets_guard?.blocks > 0) || (gs.secrets_guard?.redactions > 0));
+  setDot('sb-exfil-dot', hasData, gs.exfil_monitor?.detections > 0, 'dot-yellow');
+}
+
+function setDot(id, hasData, hasBlocks, activeClass) {
+  const el = document.getElementById(id);
+  if (!el) return;
+  el.className = 'dot ' + (hasData ? (hasBlocks ? (activeClass || 'dot-red') : 'dot-green') : 'dot-gray');
+}
+
+function renderGuardPage(guard) {
+  const serverOnly = document.getElementById(guard + '-server-only')?.checked;
+  const blockedOnly = document.getElementById(guard + '-blocked-only')?.checked;
+  const container = document.getElementById(guard + '-table-body');
+
+  if (serverOnly) {
+    // Show server send events filtered to this guard
+    const filtered = serverEvents.filter(SERVER_GUARD[guard] || (() => false));
+    if (filtered.length === 0) {
+      container.innerHTML = '<div class="empty">No server send events for this guard.</div>';
+      return;
+    }
+    container.innerHTML = `<table><thead><tr><th>Time</th><th>Destination</th><th>Event</th><th>Payload</th></tr></thead><tbody>` +
+      filtered.map((e, i) => {
+        const dest = e.destination === 'posthog' ? '<span class="badge badge-blue">PostHog</span>' : '<span class="badge badge-yellow">Supabase</span>';
+        const payloadStr = JSON.stringify(e.properties || e.payload || {}, null, 2);
+        const uid = guard + '-sv-' + i;
+        return `<tr>
+          <td style="white-space:nowrap;color:#a1a1aa">${formatTime(e.ts)}</td>
+          <td>${dest}</td>
+          <td>${esc(e.event || '-')}</td>
+          <td><span class="payload-toggle" onclick="document.getElementById('${uid}').classList.toggle('open')">View payload</span><div class="payload-content" id="${uid}">${esc(payloadStr)}</div></td>
+        </tr>`;
+      }).join('') + '</tbody></table>';
+  } else {
+    // Show all command events; optionally filter to only blocked by this guard
+    const guardBlockerFn = GUARD_EVENTS[guard] || (() => false);
+    let filtered;
+    if (blockedOnly) {
+      filtered = localEvents.filter(e => guardBlockerFn(e));
+    } else {
+      // Show all command_check + command_blocked + output_redacted events
+      filtered = localEvents.filter(e => e.event === 'command_check' || e.event === 'command_blocked' || e.event === 'output_redacted');
+    }
+    if (filtered.length === 0) {
+      container.innerHTML = '<div class="empty">' + (blockedOnly ? 'No blocked events for this guard.' : 'No events yet. Events appear when openclaw-secure is active.') + '</div>';
+      return;
+    }
+    container.innerHTML = `<table><thead><tr><th>Time</th><th>Decision</th><th>Command</th><th>Blocker</th><th>Detail</th></tr></thead><tbody>` +
+      filtered.map(e => {
+        const badge = e.decision === 'block' ? 'badge-red' : e.decision === 'redact' ? 'badge-yellow' : 'badge-green';
+        const label = e.decision === 'block' ? 'Blocked' : e.decision === 'redact' ? 'Redacted' : 'Allowed';
+        const blocker = e.blocker ? esc(e.blocker) : '-';
+        const detail = e.reason ? esc(e.reason) : (e.secrets_count ? `${e.secrets_count} secret(s) redacted` : '');
+        return `<tr>
+          <td style="white-space:nowrap;color:#a1a1aa">${formatTime(e.ts)}</td>
+          <td><span class="badge ${badge}">${label}</span></td>
+          <td class="cmd" title="${esc(e.command || '')}">${esc(e.command || '-')}</td>
+          <td style="font-size:12px">${blocker}</td>
+          <td style="font-size:12px;color:#a1a1aa;max-width:300px;overflow:hidden;text-overflow:ellipsis">${detail}</td>
+        </tr>`;
+      }).join('') + '</tbody></table>';
+  }
+}
+
+function formatTime(ts) {
+  if (!ts) return '-';
+  const d = new Date(ts);
+  const now = new Date();
+  if (d.toDateString() === now.toDateString()) return d.toLocaleTimeString([], { hour: '2-digit', minute: '2-digit', second: '2-digit' });
+  return d.toLocaleDateString([], { month: 'short', day: 'numeric' }) + ' ' + d.toLocaleTimeString([], { hour: '2-digit', minute: '2-digit' });
+}
+
+function timeAgo(ts) {
+  const diff = Date.now() - new Date(ts).getTime();
+  const mins = Math.floor(diff / 60000);
+  if (mins < 1) return 'Just now';
+  if (mins < 60) return mins + 'm ago';
+  const hrs = Math.floor(mins / 60);
+  if (hrs < 24) return hrs + 'h ago';
+  return Math.floor(hrs / 24) + 'd ago';
+}
+
+function esc(s) {
+  if (!s) return '';
+  return String(s).replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;').replace(/"/g,'&quot;');
+}
+
+refresh();
+setInterval(refresh, 10000);
+</script>
+</body>
+</html>