@dcrays/mobook-security-plugin 2.0.4 → 2.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +84 -11
- package/openclaw.plugin.json +2 -2
- package/package.json +10 -2
package/index.js
CHANGED
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
import * as fs from "node:fs";
|
|
2
2
|
import * as path from "node:path";
|
|
3
|
-
import * as os from "node:os";
|
|
4
3
|
|
|
5
4
|
// ============================================================
|
|
6
|
-
// MoBook 安全防护插件 v2.0
|
|
5
|
+
// MoBook 安全防护插件 v2.0
|
|
7
6
|
// 功能:危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 操作审计日志
|
|
8
7
|
// ============================================================
|
|
9
8
|
|
|
10
|
-
const LOG_DIR =
|
|
9
|
+
const LOG_DIR = "/tmp/mobook-security";
|
|
11
10
|
const LOG_FILE = path.join(LOG_DIR, "security.log");
|
|
12
11
|
const ALERT_FILE = path.join(LOG_DIR, "alerts.log");
|
|
13
12
|
|
|
@@ -77,9 +76,9 @@ const DANGEROUS_COMMANDS = [
|
|
|
77
76
|
{ pattern: /\bexport\s+HISTSIZE=0/i, reason: "禁用命令历史", severity: "HIGH" },
|
|
78
77
|
{ pattern: />\s*\/var\/log\//i, reason: "清空系统日志", severity: "CRITICAL" },
|
|
79
78
|
|
|
80
|
-
// ---
|
|
81
|
-
{ pattern:
|
|
82
|
-
{ pattern:
|
|
79
|
+
// --- 加密货币挖矿 ---
|
|
80
|
+
{ pattern: /\bxmrig\b|\bminerd\b|\bcpuminer\b/i, reason: "加密货币挖矿程序", severity: "CRITICAL" },
|
|
81
|
+
{ pattern: /stratum\+tcp:\/\//i, reason: "挖矿矿池连接", severity: "CRITICAL" },
|
|
83
82
|
];
|
|
84
83
|
|
|
85
84
|
const BLOCK_SEVERITIES = new Set(["CRITICAL", "HIGH"]);
|
|
@@ -175,7 +174,7 @@ const SENSITIVE_PATTERNS = [
|
|
|
175
174
|
name: "GitHub Token"
|
|
176
175
|
},
|
|
177
176
|
{
|
|
178
|
-
pattern: /(password|passwd|pwd|secret|token|api_key|apikey|access_key|private_key)\s*[=:]\s*["']?[^\s"',]{6,}/gi,
|
|
177
|
+
pattern: /(password|passwd|pwd|secret_key|secret|token|api_key|apikey|access_key|private_key)\s*[=:]\s*["']?[^\s"',]{6,}/gi,
|
|
179
178
|
replacement: "$1=***已脱敏***",
|
|
180
179
|
name: "密码/密钥字段"
|
|
181
180
|
},
|
|
@@ -184,6 +183,11 @@ const SENSITIVE_PATTERNS = [
|
|
|
184
183
|
replacement: "***内网IP已脱敏***",
|
|
185
184
|
name: "内网IP"
|
|
186
185
|
},
|
|
186
|
+
{
|
|
187
|
+
pattern: /[^\s"']*\/extensions\/mobook-security-plugin[^\s"']*/g,
|
|
188
|
+
replacement: "***插件路径已脱敏***",
|
|
189
|
+
name: "安全插件路径"
|
|
190
|
+
},
|
|
187
191
|
];
|
|
188
192
|
|
|
189
193
|
function sanitizeContent(content) {
|
|
@@ -205,8 +209,8 @@ function sanitizeContent(content) {
|
|
|
205
209
|
if (hasMatch) matches.push(rule.name);
|
|
206
210
|
} else if (rule.replacement) {
|
|
207
211
|
rule.pattern.lastIndex = 0;
|
|
208
|
-
|
|
209
|
-
const replaced = sanitized.replace(rule.pattern,
|
|
212
|
+
const repl = rule.replacement; // 闭包捕获
|
|
213
|
+
const replaced = sanitized.replace(rule.pattern, () => repl);
|
|
210
214
|
if (replaced !== sanitized) {
|
|
211
215
|
matches.push(rule.name);
|
|
212
216
|
sanitized = replaced;
|
|
@@ -508,7 +512,7 @@ function installFetchInterceptor(api) {
|
|
|
508
512
|
// ============================================================
|
|
509
513
|
export default function register(api) {
|
|
510
514
|
log("═══════════════════════════════════════════════════════");
|
|
511
|
-
log(" MoBook 安全防护插件 v2.0
|
|
515
|
+
log(" MoBook 安全防护插件 v2.0 启动");
|
|
512
516
|
log(" 功能: 危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 提示词注入检测 | 操作审计");
|
|
513
517
|
log("═══════════════════════════════════════════════════════");
|
|
514
518
|
log(`插件ID: ${api.id}`);
|
|
@@ -554,6 +558,75 @@ export default function register(api) {
|
|
|
554
558
|
}
|
|
555
559
|
}
|
|
556
560
|
|
|
561
|
+
// ============================================================
|
|
562
|
+
// 插件自保护:禁止访问插件运行时目录
|
|
563
|
+
// ============================================================
|
|
564
|
+
const PROTECTED_PATHS = [
|
|
565
|
+
"mobook-security-plugin",
|
|
566
|
+
"openclaw-security-plugin"
|
|
567
|
+
];
|
|
568
|
+
|
|
569
|
+
const ALLOWED_PATHS = [
|
|
570
|
+
"数传/墨宝/mobook-security-plugin"
|
|
571
|
+
];
|
|
572
|
+
|
|
573
|
+
if (["read", "exec", "edit", "write"].includes(toolName)) {
|
|
574
|
+
const pathValues = [
|
|
575
|
+
params.path || "",
|
|
576
|
+
params.command || "",
|
|
577
|
+
params.file || "",
|
|
578
|
+
params.filePath || "",
|
|
579
|
+
params.file_path || ""
|
|
580
|
+
].join(" ");
|
|
581
|
+
|
|
582
|
+
// 禁止删除安全插件(包括白名单目录也不允许)
|
|
583
|
+
if (toolName === "exec" && PROTECTED_PATHS.some(p => pathValues.includes(p))) {
|
|
584
|
+
if (/\b(rm|trash|unlink|rmdir)\b/.test(params.command || "")) {
|
|
585
|
+
alert(`BLOCKED: 尝试删除安全插件 | cmd: ${(params.command || "").slice(0, 200)}`);
|
|
586
|
+
return {
|
|
587
|
+
block: true,
|
|
588
|
+
blockReason: "🛡️ 安全插件拦截:禁止删除安全插件"
|
|
589
|
+
};
|
|
590
|
+
}
|
|
591
|
+
}
|
|
592
|
+
|
|
593
|
+
// 访问保护路径检查(白名单放行)
|
|
594
|
+
if (PROTECTED_PATHS.some(p => pathValues.includes(p))) {
|
|
595
|
+
if (!ALLOWED_PATHS.some(p => pathValues.includes(p))) {
|
|
596
|
+
alert(`BLOCKED: 尝试访问受保护的插件目录 | tool=${toolName}`);
|
|
597
|
+
return {
|
|
598
|
+
block: true,
|
|
599
|
+
blockReason: "🛡️ 安全插件拦截:该目录为受保护资源,禁止访问"
|
|
600
|
+
};
|
|
601
|
+
}
|
|
602
|
+
log(`DEV_ACCESS: 白名单路径放行 | tool=${toolName}`);
|
|
603
|
+
}
|
|
604
|
+
}
|
|
605
|
+
|
|
606
|
+
// 禁止通过 CLI 关闭/卸载安全插件
|
|
607
|
+
if (toolName === "exec") {
|
|
608
|
+
const cmd = params.command || "";
|
|
609
|
+
if (/openclaw\s+(plugins?\s+)?(disable|remove|uninstall|delete).*mobook-security/i.test(cmd)) {
|
|
610
|
+
alert(`BLOCKED: 尝试关闭/卸载安全插件`);
|
|
611
|
+
return {
|
|
612
|
+
block: true,
|
|
613
|
+
blockReason: "🛡️ 安全插件拦截:禁止关闭或卸载安全插件"
|
|
614
|
+
};
|
|
615
|
+
}
|
|
616
|
+
}
|
|
617
|
+
|
|
618
|
+
// 禁止通过 config 工具关闭插件
|
|
619
|
+
if (toolName === "gateway") {
|
|
620
|
+
const raw = params.raw || params.path || JSON.stringify(params);
|
|
621
|
+
if (/mobook-security-plugin/.test(raw) && /(disable|false|remove|delete)/.test(raw)) {
|
|
622
|
+
alert(`BLOCKED: 尝试通过配置关闭安全插件`);
|
|
623
|
+
return {
|
|
624
|
+
block: true,
|
|
625
|
+
blockReason: "🛡️ 安全插件拦截:禁止通过配置关闭安全插件"
|
|
626
|
+
};
|
|
627
|
+
}
|
|
628
|
+
}
|
|
629
|
+
|
|
557
630
|
return {};
|
|
558
631
|
});
|
|
559
632
|
|
|
@@ -593,6 +666,6 @@ export default function register(api) {
|
|
|
593
666
|
|
|
594
667
|
log("已注册: fetch拦截器(全渠道) + before_tool_call + message_sending + llm_output + message_sent");
|
|
595
668
|
log("═══════════════════════════════════════════════════════");
|
|
596
|
-
log("
|
|
669
|
+
log(" 安全插件 v2.0 启动完成");
|
|
597
670
|
log("═══════════════════════════════════════════════════════");
|
|
598
671
|
}
|
package/openclaw.plugin.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"id": "mobook-security-plugin",
|
|
3
3
|
"name": "MoBook 安全防护插件",
|
|
4
|
-
"version": "2.0.
|
|
5
|
-
"description": "
|
|
4
|
+
"version": "2.0.0",
|
|
5
|
+
"description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
|
|
6
6
|
"entry": "./index.js",
|
|
7
7
|
"type": "plugin",
|
|
8
8
|
"configSchema": {}
|
package/package.json
CHANGED
|
@@ -1,9 +1,17 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dcrays/mobook-security-plugin",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.6",
|
|
4
4
|
"type": "module",
|
|
5
|
-
"description": "
|
|
5
|
+
"description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
|
|
6
6
|
"main": "index.js",
|
|
7
|
+
"files": [
|
|
8
|
+
"index.js",
|
|
9
|
+
"openclaw.plugin.json"
|
|
10
|
+
],
|
|
11
|
+
"publishConfig": {
|
|
12
|
+
"access": "public",
|
|
13
|
+
"registry": "https://registry.npmjs.org/"
|
|
14
|
+
},
|
|
7
15
|
"openclaw": {
|
|
8
16
|
"type": "plugin",
|
|
9
17
|
"id": "mobook-security-plugin",
|