@dcrays/mobook-security-plugin 2.0.6 → 2.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +31 -23
- package/openclaw.plugin.json +1 -1
- package/package.json +4 -2
package/index.js
CHANGED
|
@@ -437,7 +437,6 @@ function installFetchInterceptor(api) {
|
|
|
437
437
|
const reqHeaders = getMergedRequestHeaders(input, init);
|
|
438
438
|
const reqBodyText = await getRequestBodyText(input, init);
|
|
439
439
|
|
|
440
|
-
log(`[LLM-REQ #${thisCallId}] ${method} ${url}`, "DEBUG");
|
|
441
440
|
|
|
442
441
|
// ---- 请求侧检查:提示词注入检测(已禁用) ----
|
|
443
442
|
// const promptInjectionPatterns = [
|
|
@@ -480,7 +479,6 @@ function installFetchInterceptor(api) {
|
|
|
480
479
|
|
|
481
480
|
const respText = extractTextFromResponseBody(respBody, sse);
|
|
482
481
|
if (!respText) {
|
|
483
|
-
log(`[LLM-RESP #${thisCallId}] ${resp.status} ${durationMs}ms (empty body)`, "DEBUG");
|
|
484
482
|
return resp;
|
|
485
483
|
}
|
|
486
484
|
|
|
@@ -494,7 +492,6 @@ function installFetchInterceptor(api) {
|
|
|
494
492
|
return makeBlockedResponse(sse, finalText, resp);
|
|
495
493
|
}
|
|
496
494
|
|
|
497
|
-
log(`[LLM-RESP #${thisCallId}] ${resp.status} ${durationMs}ms (clean)`, "DEBUG");
|
|
498
495
|
return resp;
|
|
499
496
|
};
|
|
500
497
|
|
|
@@ -511,11 +508,7 @@ function installFetchInterceptor(api) {
|
|
|
511
508
|
// 插件注册
|
|
512
509
|
// ============================================================
|
|
513
510
|
export default function register(api) {
|
|
514
|
-
log("
|
|
515
|
-
log(" MoBook 安全防护插件 v2.0 启动");
|
|
516
|
-
log(" 功能: 危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 提示词注入检测 | 操作审计");
|
|
517
|
-
log("═══════════════════════════════════════════════════════");
|
|
518
|
-
log(`插件ID: ${api.id}`);
|
|
511
|
+
log("MoBook 安全防护插件 v2.0 启动");
|
|
519
512
|
|
|
520
513
|
// ---- 安装 Fetch 拦截器(核心:全渠道 LLM 拦截) ----
|
|
521
514
|
installFetchInterceptor(api);
|
|
@@ -526,8 +519,6 @@ export default function register(api) {
|
|
|
526
519
|
const params = event?.params || {};
|
|
527
520
|
const safeParams = sanitizeParamsForLog(params);
|
|
528
521
|
|
|
529
|
-
log(`TOOL_CALL: tool=${toolName} params=${JSON.stringify(safeParams).slice(0, 500)}`);
|
|
530
|
-
|
|
531
522
|
// exec 命令安全检查
|
|
532
523
|
if (toolName === "exec") {
|
|
533
524
|
const cmd = params.command || "";
|
|
@@ -599,7 +590,7 @@ export default function register(api) {
|
|
|
599
590
|
blockReason: "🛡️ 安全插件拦截:该目录为受保护资源,禁止访问"
|
|
600
591
|
};
|
|
601
592
|
}
|
|
602
|
-
|
|
593
|
+
|
|
603
594
|
}
|
|
604
595
|
}
|
|
605
596
|
|
|
@@ -615,11 +606,11 @@ export default function register(api) {
|
|
|
615
606
|
}
|
|
616
607
|
}
|
|
617
608
|
|
|
618
|
-
// 禁止通过 config
|
|
609
|
+
// 禁止通过 config 工具关闭插件(覆盖所有参数字段)
|
|
619
610
|
if (toolName === "gateway") {
|
|
620
|
-
const
|
|
621
|
-
if (/mobook-security-plugin/.test(
|
|
622
|
-
alert(`BLOCKED:
|
|
611
|
+
const allParams = JSON.stringify(params);
|
|
612
|
+
if (/mobook-security-plugin/.test(allParams) && /(disable|false|remove|delete|uninstall)/.test(allParams)) {
|
|
613
|
+
alert(`BLOCKED: 尝试通过配置关闭安全插件 | params: ${allParams.slice(0, 300)}`);
|
|
623
614
|
return {
|
|
624
615
|
block: true,
|
|
625
616
|
blockReason: "🛡️ 安全插件拦截:禁止通过配置关闭安全插件"
|
|
@@ -627,6 +618,28 @@ export default function register(api) {
|
|
|
627
618
|
}
|
|
628
619
|
}
|
|
629
620
|
|
|
621
|
+
// 禁止直接编辑 openclaw.json 来关闭插件
|
|
622
|
+
if (["edit", "write", "exec"].includes(toolName)) {
|
|
623
|
+
const pathValues = [params.path || "", params.command || "", params.file || ""].join(" ");
|
|
624
|
+
const isConfigFile = /openclaw\.json/.test(pathValues);
|
|
625
|
+
if (isConfigFile) {
|
|
626
|
+
|
|
627
|
+
// 检查内容是否涉及禁用安全插件
|
|
628
|
+
const contentValues = [
|
|
629
|
+
params.command || "",
|
|
630
|
+
JSON.stringify(params.edits || ""),
|
|
631
|
+
params.content || ""
|
|
632
|
+
].join(" ");
|
|
633
|
+
if (/mobook-security-plugin/.test(contentValues) && /(false|disable|remove|delete|\[\])/.test(contentValues)) {
|
|
634
|
+
alert(`BLOCKED: 尝试通过直接编辑 openclaw.json 关闭安全插件 | tool=${toolName}`);
|
|
635
|
+
return {
|
|
636
|
+
block: true,
|
|
637
|
+
blockReason: "🛡️ 安全插件拦截:禁止通过修改配置文件关闭安全插件"
|
|
638
|
+
};
|
|
639
|
+
}
|
|
640
|
+
}
|
|
641
|
+
}
|
|
642
|
+
|
|
630
643
|
return {};
|
|
631
644
|
});
|
|
632
645
|
|
|
@@ -657,15 +670,10 @@ export default function register(api) {
|
|
|
657
670
|
}
|
|
658
671
|
});
|
|
659
672
|
|
|
660
|
-
// ---- Hook 4: message_sent
|
|
673
|
+
// ---- Hook 4: message_sent(仅记录,不再写日志) ----
|
|
661
674
|
api.on("message_sent", async (event, ctx) => {
|
|
662
|
-
|
|
663
|
-
const to = event?.to || "unknown";
|
|
664
|
-
log(`MESSAGE_SENT: channel=${channel} to=${to}`);
|
|
675
|
+
// 静默——只保留 hook 注册,不记录常规发送日志
|
|
665
676
|
});
|
|
666
677
|
|
|
667
|
-
log("
|
|
668
|
-
log("═══════════════════════════════════════════════════════");
|
|
669
|
-
log(" 安全插件 v2.0 启动完成");
|
|
670
|
-
log("═══════════════════════════════════════════════════════");
|
|
678
|
+
log("启动完成: fetch拦截器 + before_tool_call + message_sending + llm_output + message_sent");
|
|
671
679
|
}
|
package/openclaw.plugin.json
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dcrays/mobook-security-plugin",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.8",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
|
|
6
6
|
"main": "index.js",
|
|
@@ -16,6 +16,8 @@
|
|
|
16
16
|
"type": "plugin",
|
|
17
17
|
"id": "mobook-security-plugin",
|
|
18
18
|
"name": "MoBook 安全防护插件",
|
|
19
|
-
"extensions": [
|
|
19
|
+
"extensions": [
|
|
20
|
+
"./index.js"
|
|
21
|
+
]
|
|
20
22
|
}
|
|
21
23
|
}
|