@dcrays/mobook-security-plugin 2.0.4 → 2.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/index.js CHANGED
@@ -1,13 +1,12 @@
1
1
  import * as fs from "node:fs";
2
2
  import * as path from "node:path";
3
- import * as os from "node:os";
4
3
 
5
4
  // ============================================================
6
- // MoBook 安全防护插件 v2.0.4
5
+ // MoBook 安全防护插件 v2.0
7
6
  // 功能:危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 操作审计日志
8
7
  // ============================================================
9
8
 
10
- const LOG_DIR = path.join(os.tmpdir(), "openclaw-security");
9
+ const LOG_DIR = "/tmp/mobook-security";
11
10
  const LOG_FILE = path.join(LOG_DIR, "security.log");
12
11
  const ALERT_FILE = path.join(LOG_DIR, "alerts.log");
13
12
 
@@ -77,9 +76,9 @@ const DANGEROUS_COMMANDS = [
77
76
  { pattern: /\bexport\s+HISTSIZE=0/i, reason: "禁用命令历史", severity: "HIGH" },
78
77
  { pattern: />\s*\/var\/log\//i, reason: "清空系统日志", severity: "CRITICAL" },
79
78
 
80
- // --- 加密货币挖矿(运行时构建正则,避免静态扫描误报) ---
81
- { pattern: new RegExp('\\b' + ['xmr','ig'].join('') + '\\b|\\b' + ['mine','rd'].join('') + '\\b|\\b' + ['cpum','iner'].join('') + '\\b', 'i'), reason: "加密货币挖矿程序", severity: "CRITICAL" },
82
- { pattern: new RegExp(['stra','tum'].join('') + '\\+tcp:\\/\\/', 'i'), reason: "挖矿矿池连接", severity: "CRITICAL" },
79
+ // --- 加密货币挖矿 ---
80
+ { pattern: /\bxmrig\b|\bminerd\b|\bcpuminer\b/i, reason: "加密货币挖矿程序", severity: "CRITICAL" },
81
+ { pattern: /stratum\+tcp:\/\//i, reason: "挖矿矿池连接", severity: "CRITICAL" },
83
82
  ];
84
83
 
85
84
  const BLOCK_SEVERITIES = new Set(["CRITICAL", "HIGH"]);
@@ -175,7 +174,7 @@ const SENSITIVE_PATTERNS = [
175
174
  name: "GitHub Token"
176
175
  },
177
176
  {
178
- pattern: /(password|passwd|pwd|secret|token|api_key|apikey|access_key|private_key)\s*[=:]\s*["']?[^\s"',]{6,}/gi,
177
+ pattern: /(password|passwd|pwd|secret_key|secret|token|api_key|apikey|access_key|private_key)\s*[=:]\s*["']?[^\s"',]{6,}/gi,
179
178
  replacement: "$1=***已脱敏***",
180
179
  name: "密码/密钥字段"
181
180
  },
@@ -184,6 +183,11 @@ const SENSITIVE_PATTERNS = [
184
183
  replacement: "***内网IP已脱敏***",
185
184
  name: "内网IP"
186
185
  },
186
+ {
187
+ pattern: /[^\s"']*\/extensions\/mobook-security-plugin[^\s"']*/g,
188
+ replacement: "***插件路径已脱敏***",
189
+ name: "安全插件路径"
190
+ },
187
191
  ];
188
192
 
189
193
  function sanitizeContent(content) {
@@ -205,8 +209,8 @@ function sanitizeContent(content) {
205
209
  if (hasMatch) matches.push(rule.name);
206
210
  } else if (rule.replacement) {
207
211
  rule.pattern.lastIndex = 0;
208
- // 保留 $1 等反向引用:直接传字符串给 replace,不用箭头函数
209
- const replaced = sanitized.replace(rule.pattern, rule.replacement);
212
+ const repl = rule.replacement; // 闭包捕获
213
+ const replaced = sanitized.replace(rule.pattern, () => repl);
210
214
  if (replaced !== sanitized) {
211
215
  matches.push(rule.name);
212
216
  sanitized = replaced;
@@ -508,7 +512,7 @@ function installFetchInterceptor(api) {
508
512
  // ============================================================
509
513
  export default function register(api) {
510
514
  log("═══════════════════════════════════════════════════════");
511
- log(" MoBook 安全防护插件 v2.0.4 启动");
515
+ log(" MoBook 安全防护插件 v2.0 启动");
512
516
  log(" 功能: 危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 提示词注入检测 | 操作审计");
513
517
  log("═══════════════════════════════════════════════════════");
514
518
  log(`插件ID: ${api.id}`);
@@ -554,6 +558,75 @@ export default function register(api) {
554
558
  }
555
559
  }
556
560
 
561
+ // ============================================================
562
+ // 插件自保护:禁止访问插件运行时目录
563
+ // ============================================================
564
+ const PROTECTED_PATHS = [
565
+ "mobook-security-plugin",
566
+ "openclaw-security-plugin"
567
+ ];
568
+
569
+ const ALLOWED_PATHS = [
570
+ "数传/墨宝/mobook-security-plugin"
571
+ ];
572
+
573
+ if (["read", "exec", "edit", "write"].includes(toolName)) {
574
+ const pathValues = [
575
+ params.path || "",
576
+ params.command || "",
577
+ params.file || "",
578
+ params.filePath || "",
579
+ params.file_path || ""
580
+ ].join(" ");
581
+
582
+ // 禁止删除安全插件(包括白名单目录也不允许)
583
+ if (toolName === "exec" && PROTECTED_PATHS.some(p => pathValues.includes(p))) {
584
+ if (/\b(rm|trash|unlink|rmdir)\b/.test(params.command || "")) {
585
+ alert(`BLOCKED: 尝试删除安全插件 | cmd: ${(params.command || "").slice(0, 200)}`);
586
+ return {
587
+ block: true,
588
+ blockReason: "🛡️ 安全插件拦截:禁止删除安全插件"
589
+ };
590
+ }
591
+ }
592
+
593
+ // 访问保护路径检查(白名单放行)
594
+ if (PROTECTED_PATHS.some(p => pathValues.includes(p))) {
595
+ if (!ALLOWED_PATHS.some(p => pathValues.includes(p))) {
596
+ alert(`BLOCKED: 尝试访问受保护的插件目录 | tool=${toolName}`);
597
+ return {
598
+ block: true,
599
+ blockReason: "🛡️ 安全插件拦截:该目录为受保护资源,禁止访问"
600
+ };
601
+ }
602
+ log(`DEV_ACCESS: 白名单路径放行 | tool=${toolName}`);
603
+ }
604
+ }
605
+
606
+ // 禁止通过 CLI 关闭/卸载安全插件
607
+ if (toolName === "exec") {
608
+ const cmd = params.command || "";
609
+ if (/openclaw\s+(plugins?\s+)?(disable|remove|uninstall|delete).*mobook-security/i.test(cmd)) {
610
+ alert(`BLOCKED: 尝试关闭/卸载安全插件`);
611
+ return {
612
+ block: true,
613
+ blockReason: "🛡️ 安全插件拦截:禁止关闭或卸载安全插件"
614
+ };
615
+ }
616
+ }
617
+
618
+ // 禁止通过 config 工具关闭插件
619
+ if (toolName === "gateway") {
620
+ const raw = params.raw || params.path || JSON.stringify(params);
621
+ if (/mobook-security-plugin/.test(raw) && /(disable|false|remove|delete)/.test(raw)) {
622
+ alert(`BLOCKED: 尝试通过配置关闭安全插件`);
623
+ return {
624
+ block: true,
625
+ blockReason: "🛡️ 安全插件拦截:禁止通过配置关闭安全插件"
626
+ };
627
+ }
628
+ }
629
+
557
630
  return {};
558
631
  });
559
632
 
@@ -593,6 +666,6 @@ export default function register(api) {
593
666
 
594
667
  log("已注册: fetch拦截器(全渠道) + before_tool_call + message_sending + llm_output + message_sent");
595
668
  log("═══════════════════════════════════════════════════════");
596
- log(" MoBook 安全插件 v2.0.4 启动完成");
669
+ log(" 安全插件 v2.0 启动完成");
597
670
  log("═══════════════════════════════════════════════════════");
598
671
  }
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "id": "mobook-security-plugin",
3
3
  "name": "MoBook 安全防护插件",
4
- "version": "2.0.4",
5
- "description": "OpenClaw 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
4
+ "version": "2.0.0",
5
+ "description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "entry": "./index.js",
7
7
  "type": "plugin",
8
8
  "configSchema": {}
package/package.json CHANGED
@@ -1,9 +1,17 @@
1
1
  {
2
2
  "name": "@dcrays/mobook-security-plugin",
3
- "version": "2.0.4",
3
+ "version": "2.0.6",
4
4
  "type": "module",
5
- "description": "OpenClaw 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
5
+ "description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "main": "index.js",
7
+ "files": [
8
+ "index.js",
9
+ "openclaw.plugin.json"
10
+ ],
11
+ "publishConfig": {
12
+ "access": "public",
13
+ "registry": "https://registry.npmjs.org/"
14
+ },
7
15
  "openclaw": {
8
16
  "type": "plugin",
9
17
  "id": "mobook-security-plugin",