@dcrays/mobook-security-plugin 2.0.6 → 2.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/index.js CHANGED
@@ -437,7 +437,6 @@ function installFetchInterceptor(api) {
437
437
  const reqHeaders = getMergedRequestHeaders(input, init);
438
438
  const reqBodyText = await getRequestBodyText(input, init);
439
439
 
440
- log(`[LLM-REQ #${thisCallId}] ${method} ${url}`, "DEBUG");
441
440
 
442
441
  // ---- 请求侧检查:提示词注入检测(已禁用) ----
443
442
  // const promptInjectionPatterns = [
@@ -480,7 +479,6 @@ function installFetchInterceptor(api) {
480
479
 
481
480
  const respText = extractTextFromResponseBody(respBody, sse);
482
481
  if (!respText) {
483
- log(`[LLM-RESP #${thisCallId}] ${resp.status} ${durationMs}ms (empty body)`, "DEBUG");
484
482
  return resp;
485
483
  }
486
484
 
@@ -494,7 +492,6 @@ function installFetchInterceptor(api) {
494
492
  return makeBlockedResponse(sse, finalText, resp);
495
493
  }
496
494
 
497
- log(`[LLM-RESP #${thisCallId}] ${resp.status} ${durationMs}ms (clean)`, "DEBUG");
498
495
  return resp;
499
496
  };
500
497
 
@@ -511,11 +508,7 @@ function installFetchInterceptor(api) {
511
508
  // 插件注册
512
509
  // ============================================================
513
510
  export default function register(api) {
514
- log("═══════════════════════════════════════════════════════");
515
- log(" MoBook 安全防护插件 v2.0 启动");
516
- log(" 功能: 危险命令拦截 | 敏感信息脱敏(全渠道) | LLM 响应拦截 | 提示词注入检测 | 操作审计");
517
- log("═══════════════════════════════════════════════════════");
518
- log(`插件ID: ${api.id}`);
511
+ log("MoBook 安全防护插件 v2.0 启动");
519
512
 
520
513
  // ---- 安装 Fetch 拦截器(核心:全渠道 LLM 拦截) ----
521
514
  installFetchInterceptor(api);
@@ -526,8 +519,6 @@ export default function register(api) {
526
519
  const params = event?.params || {};
527
520
  const safeParams = sanitizeParamsForLog(params);
528
521
 
529
- log(`TOOL_CALL: tool=${toolName} params=${JSON.stringify(safeParams).slice(0, 500)}`);
530
-
531
522
  // exec 命令安全检查
532
523
  if (toolName === "exec") {
533
524
  const cmd = params.command || "";
@@ -599,7 +590,7 @@ export default function register(api) {
599
590
  blockReason: "🛡️ 安全插件拦截:该目录为受保护资源,禁止访问"
600
591
  };
601
592
  }
602
- log(`DEV_ACCESS: 白名单路径放行 | tool=${toolName}`);
593
+
603
594
  }
604
595
  }
605
596
 
@@ -615,11 +606,11 @@ export default function register(api) {
615
606
  }
616
607
  }
617
608
 
618
- // 禁止通过 config 工具关闭插件
609
+ // 禁止通过 config 工具关闭插件(覆盖所有参数字段)
619
610
  if (toolName === "gateway") {
620
- const raw = params.raw || params.path || JSON.stringify(params);
621
- if (/mobook-security-plugin/.test(raw) && /(disable|false|remove|delete)/.test(raw)) {
622
- alert(`BLOCKED: 尝试通过配置关闭安全插件`);
611
+ const allParams = JSON.stringify(params);
612
+ if (/mobook-security-plugin/.test(allParams) && /(disable|false|remove|delete|uninstall)/.test(allParams)) {
613
+ alert(`BLOCKED: 尝试通过配置关闭安全插件 | params: ${allParams.slice(0, 300)}`);
623
614
  return {
624
615
  block: true,
625
616
  blockReason: "🛡️ 安全插件拦截:禁止通过配置关闭安全插件"
@@ -627,6 +618,28 @@ export default function register(api) {
627
618
  }
628
619
  }
629
620
 
621
+ // 禁止直接编辑 openclaw.json 来关闭插件
622
+ if (["edit", "write", "exec"].includes(toolName)) {
623
+ const pathValues = [params.path || "", params.command || "", params.file || ""].join(" ");
624
+ const isConfigFile = /openclaw\.json/.test(pathValues);
625
+ if (isConfigFile) {
626
+
627
+ // 检查内容是否涉及禁用安全插件
628
+ const contentValues = [
629
+ params.command || "",
630
+ JSON.stringify(params.edits || ""),
631
+ params.content || ""
632
+ ].join(" ");
633
+ if (/mobook-security-plugin/.test(contentValues) && /(false|disable|remove|delete|\[\])/.test(contentValues)) {
634
+ alert(`BLOCKED: 尝试通过直接编辑 openclaw.json 关闭安全插件 | tool=${toolName}`);
635
+ return {
636
+ block: true,
637
+ blockReason: "🛡️ 安全插件拦截:禁止通过修改配置文件关闭安全插件"
638
+ };
639
+ }
640
+ }
641
+ }
642
+
630
643
  return {};
631
644
  });
632
645
 
@@ -657,15 +670,10 @@ export default function register(api) {
657
670
  }
658
671
  });
659
672
 
660
- // ---- Hook 4: message_sent(发送后审计) ----
673
+ // ---- Hook 4: message_sent(仅记录,不再写日志) ----
661
674
  api.on("message_sent", async (event, ctx) => {
662
- const channel = ctx?.channelId || "unknown";
663
- const to = event?.to || "unknown";
664
- log(`MESSAGE_SENT: channel=${channel} to=${to}`);
675
+ // 静默——只保留 hook 注册,不记录常规发送日志
665
676
  });
666
677
 
667
- log("已注册: fetch拦截器(全渠道) + before_tool_call + message_sending + llm_output + message_sent");
668
- log("═══════════════════════════════════════════════════════");
669
- log(" 安全插件 v2.0 启动完成");
670
- log("═══════════════════════════════════════════════════════");
678
+ log("启动完成: fetch拦截器 + before_tool_call + message_sending + llm_output + message_sent");
671
679
  }
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "id": "mobook-security-plugin",
3
3
  "name": "MoBook 安全防护插件",
4
- "version": "2.0.0",
4
+ "version": "2.0.8",
5
5
  "description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "entry": "./index.js",
7
7
  "type": "plugin",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dcrays/mobook-security-plugin",
3
- "version": "2.0.6",
3
+ "version": "2.0.8",
4
4
  "type": "module",
5
5
  "description": "MoBook 企业级安全插件 - 危险命令分级拦截、敏感信息全渠道脱敏(身份证GB11643/银行卡Luhn校验)、LLM响应拦截、操作审计",
6
6
  "main": "index.js",
@@ -16,6 +16,8 @@
16
16
  "type": "plugin",
17
17
  "id": "mobook-security-plugin",
18
18
  "name": "MoBook 安全防护插件",
19
- "extensions": ["./index.js"]
19
+ "extensions": [
20
+ "./index.js"
21
+ ]
20
22
  }
21
23
  }