@dcrays/mobook-security-plugin 2.0.2 → 2.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/index.js CHANGED
@@ -1,12 +1,13 @@
1
1
  import * as fs from "node:fs";
2
2
  import * as path from "node:path";
3
+ import * as os from "node:os";
3
4
 
4
5
  // ============================================================
5
- // OpenClaw 安全防护插件 v2.0.2
6
+ // MoBook 安全防护插件 v2.0.4
6
7
  // 功能:危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 操作审计日志
7
8
  // ============================================================
8
9
 
9
- const LOG_DIR = "/tmp/openclaw-security";
10
+ const LOG_DIR = path.join(os.tmpdir(), "openclaw-security");
10
11
  const LOG_FILE = path.join(LOG_DIR, "security.log");
11
12
  const ALERT_FILE = path.join(LOG_DIR, "alerts.log");
12
13
 
@@ -204,8 +205,8 @@ function sanitizeContent(content) {
204
205
  if (hasMatch) matches.push(rule.name);
205
206
  } else if (rule.replacement) {
206
207
  rule.pattern.lastIndex = 0;
207
- const repl = rule.replacement; // 闭包捕获
208
- const replaced = sanitized.replace(rule.pattern, () => repl);
208
+ // 保留 $1 等反向引用:直接传字符串给 replace,不用箭头函数
209
+ const replaced = sanitized.replace(rule.pattern, rule.replacement);
209
210
  if (replaced !== sanitized) {
210
211
  matches.push(rule.name);
211
212
  sanitized = replaced;
@@ -237,8 +238,8 @@ function sanitizeParamsForLog(params) {
237
238
  // 借鉴 @alicloud/openclaw-security-assistant 的核心技术
238
239
  // ============================================================
239
240
 
240
- const FETCH_WRAPPED_KEY = Symbol.for("openclaw-security-plugin.fetch-wrapped");
241
- const ORIGINAL_FETCH_KEY = Symbol.for("openclaw-security-plugin.original-fetch");
241
+ const FETCH_WRAPPED_KEY = Symbol.for("mobook-security-plugin.fetch-wrapped");
242
+ const ORIGINAL_FETCH_KEY = Symbol.for("mobook-security-plugin.original-fetch");
242
243
 
243
244
  // 保存原始 fetch
244
245
  function saveOriginalFetch() {
@@ -507,7 +508,7 @@ function installFetchInterceptor(api) {
507
508
  // ============================================================
508
509
  export default function register(api) {
509
510
  log("═══════════════════════════════════════════════════════");
510
- log(" OpenClaw 安全防护插件 v2.0.2 启动");
511
+ log(" MoBook 安全防护插件 v2.0.4 启动");
511
512
  log(" 功能: 危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 提示词注入检测 | 操作审计");
512
513
  log("═══════════════════════════════════════════════════════");
513
514
  log(`插件ID: ${api.id}`);
@@ -592,6 +593,6 @@ export default function register(api) {
592
593
 
593
594
  log("已注册: fetch拦截器(全渠道) + before_tool_call + message_sending + llm_output + message_sent");
594
595
  log("═══════════════════════════════════════════════════════");
595
- log(" 安全插件 v2.0.2 启动完成");
596
+ log(" MoBook 安全插件 v2.0.4 启动完成");
596
597
  log("═══════════════════════════════════════════════════════");
597
598
  }
@@ -1,7 +1,7 @@
1
1
  {
2
- "id": "openclaw-security-plugin",
3
- "name": "OpenClaw 安全防护插件",
4
- "version": "2.0.2",
2
+ "id": "mobook-security-plugin",
3
+ "name": "MoBook 安全防护插件",
4
+ "version": "2.0.4",
5
5
  "description": "OpenClaw 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "entry": "./index.js",
7
7
  "type": "plugin",
package/package.json CHANGED
@@ -1,13 +1,13 @@
1
1
  {
2
2
  "name": "@dcrays/mobook-security-plugin",
3
- "version": "2.0.2",
3
+ "version": "2.0.4",
4
4
  "type": "module",
5
5
  "description": "OpenClaw 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "main": "index.js",
7
7
  "openclaw": {
8
8
  "type": "plugin",
9
- "id": "openclaw-security-plugin",
10
- "name": "OpenClaw 安全防护插件",
9
+ "id": "mobook-security-plugin",
10
+ "name": "MoBook 安全防护插件",
11
11
  "extensions": ["./index.js"]
12
12
  }
13
13
  }