@goplus/agentguard 1.1.3 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -2
- package/dist/action/index.d.ts.map +1 -1
- package/dist/action/index.js +3 -1
- package/dist/action/index.js.map +1 -1
- package/dist/adapters/hermes.d.ts +25 -0
- package/dist/adapters/hermes.d.ts.map +1 -0
- package/dist/adapters/hermes.js +131 -0
- package/dist/adapters/hermes.js.map +1 -0
- package/dist/adapters/index.d.ts +1 -0
- package/dist/adapters/index.d.ts.map +1 -1
- package/dist/adapters/index.js +3 -1
- package/dist/adapters/index.js.map +1 -1
- package/dist/adapters/openclaw-plugin.d.ts +12 -1
- package/dist/adapters/openclaw-plugin.d.ts.map +1 -1
- package/dist/adapters/openclaw-plugin.js +165 -9
- package/dist/adapters/openclaw-plugin.js.map +1 -1
- package/dist/cli.js +236 -0
- package/dist/cli.js.map +1 -1
- package/dist/cloud/client.d.ts +22 -0
- package/dist/cloud/client.d.ts.map +1 -1
- package/dist/cloud/client.js +61 -2
- package/dist/cloud/client.js.map +1 -1
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +4 -2
- package/dist/config.js.map +1 -1
- package/dist/feed/cron.d.ts +25 -0
- package/dist/feed/cron.d.ts.map +1 -0
- package/dist/feed/cron.js +173 -0
- package/dist/feed/cron.js.map +1 -0
- package/dist/feed/selfcheck.d.ts +36 -0
- package/dist/feed/selfcheck.d.ts.map +1 -0
- package/dist/feed/selfcheck.js +198 -0
- package/dist/feed/selfcheck.js.map +1 -0
- package/dist/feed/state.d.ts +14 -0
- package/dist/feed/state.d.ts.map +1 -0
- package/dist/feed/state.js +57 -0
- package/dist/feed/state.js.map +1 -0
- package/dist/feed/types.d.ts +102 -0
- package/dist/feed/types.d.ts.map +1 -0
- package/dist/feed/types.js +15 -0
- package/dist/feed/types.js.map +1 -0
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -1
- package/dist/index.js.map +1 -1
- package/dist/installers.js +0 -1
- package/dist/installers.js.map +1 -1
- package/dist/runtime/protect.d.ts.map +1 -1
- package/dist/runtime/protect.js +6 -1
- package/dist/runtime/protect.js.map +1 -1
- package/dist/tests/adapter.test.js +146 -0
- package/dist/tests/adapter.test.js.map +1 -1
- package/dist/tests/feed-cloud.test.d.ts +2 -0
- package/dist/tests/feed-cloud.test.d.ts.map +1 -0
- package/dist/tests/feed-cloud.test.js +93 -0
- package/dist/tests/feed-cloud.test.js.map +1 -0
- package/dist/tests/feed-cron.test.d.ts +2 -0
- package/dist/tests/feed-cron.test.d.ts.map +1 -0
- package/dist/tests/feed-cron.test.js +78 -0
- package/dist/tests/feed-cron.test.js.map +1 -0
- package/dist/tests/feed-selfcheck.test.d.ts +2 -0
- package/dist/tests/feed-selfcheck.test.d.ts.map +1 -0
- package/dist/tests/feed-selfcheck.test.js +118 -0
- package/dist/tests/feed-selfcheck.test.js.map +1 -0
- package/dist/tests/installer.test.js +3 -1
- package/dist/tests/installer.test.js.map +1 -1
- package/dist/tests/integration.test.js +211 -1
- package/dist/tests/integration.test.js.map +1 -1
- package/dist/tests/runtime-cloud.test.js +30 -2
- package/dist/tests/runtime-cloud.test.js.map +1 -1
- package/dist/tests/smoke.test.js +141 -7
- package/dist/tests/smoke.test.js.map +1 -1
- package/docs/hermes.md +70 -0
- package/package.json +1 -1
- package/skills/agentguard/README.md +12 -0
- package/skills/agentguard/SKILL.md +104 -3
- package/skills/agentguard/hermes-hooks.yaml +31 -0
- package/skills/agentguard/package.json +1 -1
- package/skills/agentguard/scripts/auto-scan.js +3 -2
- package/skills/agentguard/scripts/hermes-hook.js +201 -0
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const node_test_1 = require("node:test");
|
|
7
|
+
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
|
+
const node_http_1 = require("node:http");
|
|
9
|
+
const client_js_1 = require("../cloud/client.js");
|
|
10
|
+
function startServer(handler) {
|
|
11
|
+
return new Promise((resolve) => {
|
|
12
|
+
const server = (0, node_http_1.createServer)(handler);
|
|
13
|
+
server.listen(0, '127.0.0.1', () => {
|
|
14
|
+
const { port } = server.address();
|
|
15
|
+
resolve({ url: `http://127.0.0.1:${port}`, server });
|
|
16
|
+
});
|
|
17
|
+
});
|
|
18
|
+
}
|
|
19
|
+
(0, node_test_1.describe)('cloud client — feed methods', () => {
|
|
20
|
+
let baseUrl;
|
|
21
|
+
let server;
|
|
22
|
+
let lastRequest = null;
|
|
23
|
+
let nextResponse = { status: 200, body: {} };
|
|
24
|
+
(0, node_test_1.before)(async () => {
|
|
25
|
+
const started = await startServer(async (req, res) => {
|
|
26
|
+
const chunks = [];
|
|
27
|
+
for await (const chunk of req)
|
|
28
|
+
chunks.push(chunk);
|
|
29
|
+
const raw = Buffer.concat(chunks).toString('utf8');
|
|
30
|
+
lastRequest = { url: req.url, method: req.method, body: raw ? JSON.parse(raw) : undefined };
|
|
31
|
+
res.statusCode = nextResponse.status;
|
|
32
|
+
res.setHeader('content-type', 'application/json');
|
|
33
|
+
res.end(JSON.stringify(nextResponse.body));
|
|
34
|
+
});
|
|
35
|
+
baseUrl = started.url;
|
|
36
|
+
server = started.server;
|
|
37
|
+
});
|
|
38
|
+
(0, node_test_1.after)(() => {
|
|
39
|
+
server.close();
|
|
40
|
+
});
|
|
41
|
+
(0, node_test_1.it)('pullAdvisories returns advisories on 200', async () => {
|
|
42
|
+
nextResponse = {
|
|
43
|
+
status: 200,
|
|
44
|
+
body: {
|
|
45
|
+
success: true,
|
|
46
|
+
data: {
|
|
47
|
+
advisories: [
|
|
48
|
+
{
|
|
49
|
+
id: 'AGS-2026-1',
|
|
50
|
+
ecosystem: 'skill',
|
|
51
|
+
severity: 'high',
|
|
52
|
+
summary: 's',
|
|
53
|
+
detailsMd: '',
|
|
54
|
+
affected: [{ namePattern: 'foo' }],
|
|
55
|
+
publishedAt: '2026-05-13T00:00:00Z',
|
|
56
|
+
},
|
|
57
|
+
],
|
|
58
|
+
},
|
|
59
|
+
},
|
|
60
|
+
};
|
|
61
|
+
const client = new client_js_1.AgentGuardCloudClient({ cloudUrl: baseUrl, apiKey: 'ag_live_x' });
|
|
62
|
+
const result = await client.pullAdvisories('2026-05-12T00:00:00Z');
|
|
63
|
+
strict_1.default.equal(result?.length, 1);
|
|
64
|
+
strict_1.default.equal(result?.[0].id, 'AGS-2026-1');
|
|
65
|
+
strict_1.default.match(lastRequest.url, /\/api\/v1\/feed\/advisories\?since=/);
|
|
66
|
+
});
|
|
67
|
+
(0, node_test_1.it)('pullAdvisories returns null on 404 (older Cloud)', async () => {
|
|
68
|
+
nextResponse = { status: 404, body: { success: false, error: { message: 'Not found' } } };
|
|
69
|
+
const client = new client_js_1.AgentGuardCloudClient({ cloudUrl: baseUrl, apiKey: 'ag_live_x' });
|
|
70
|
+
const result = await client.pullAdvisories();
|
|
71
|
+
strict_1.default.equal(result, null);
|
|
72
|
+
});
|
|
73
|
+
(0, node_test_1.it)('pullAdvisories throws on other errors', async () => {
|
|
74
|
+
nextResponse = { status: 500, body: { success: false, error: { message: 'boom' } } };
|
|
75
|
+
const client = new client_js_1.AgentGuardCloudClient({ cloudUrl: baseUrl, apiKey: 'ag_live_x' });
|
|
76
|
+
await strict_1.default.rejects(() => client.pullAdvisories(), (err) => err instanceof client_js_1.CloudRequestError && err.status === 500);
|
|
77
|
+
});
|
|
78
|
+
(0, node_test_1.it)('reportSelfCheck POSTs the advisoryId + matches', async () => {
|
|
79
|
+
nextResponse = { status: 200, body: { success: true, data: {} } };
|
|
80
|
+
const client = new client_js_1.AgentGuardCloudClient({ cloudUrl: baseUrl, apiKey: 'ag_live_x' });
|
|
81
|
+
await client.reportSelfCheck('AGS-2026-1', [{ path: '/tmp/skills/bad', matchedBy: 'namePattern' }], { elapsedMs: 12 });
|
|
82
|
+
strict_1.default.equal(lastRequest.method, 'POST');
|
|
83
|
+
strict_1.default.match(lastRequest.url, /\/api\/v1\/feed\/self-check-report$/);
|
|
84
|
+
strict_1.default.equal(lastRequest.body.advisoryId, 'AGS-2026-1');
|
|
85
|
+
strict_1.default.equal(lastRequest.body.matches.length, 1);
|
|
86
|
+
});
|
|
87
|
+
(0, node_test_1.it)('reportSelfCheck swallows 404 silently', async () => {
|
|
88
|
+
nextResponse = { status: 404, body: { success: false, error: { message: 'no sink yet' } } };
|
|
89
|
+
const client = new client_js_1.AgentGuardCloudClient({ cloudUrl: baseUrl, apiKey: 'ag_live_x' });
|
|
90
|
+
await strict_1.default.doesNotReject(() => client.reportSelfCheck('AGS-x', [{ path: '/tmp/x', matchedBy: 'sha256' }]));
|
|
91
|
+
});
|
|
92
|
+
});
|
|
93
|
+
//# sourceMappingURL=feed-cloud.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"feed-cloud.test.js","sourceRoot":"","sources":["../../src/tests/feed-cloud.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAwD;AACxD,gEAAwC;AACxC,yCAAsD;AAEtD,kDAA8E;AAI9E,SAAS,WAAW,CAAC,OAAgB;IACnC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,IAAA,wBAAY,EAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE;YACjC,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,EAAiB,CAAC;YACjD,OAAO,CAAC,EAAE,GAAG,EAAE,oBAAoB,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,IAAA,oBAAQ,EAAC,6BAA6B,EAAE,GAAG,EAAE;IAC3C,IAAI,OAAe,CAAC;IACpB,IAAI,MAAc,CAAC;IACnB,IAAI,WAAW,GAA2D,IAAI,CAAC;IAC/E,IAAI,YAAY,GAAsC,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAEhF,IAAA,kBAAM,EAAC,KAAK,IAAI,EAAE;QAChB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;YACnD,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,GAAG;gBAAE,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC,CAAC;YAC5D,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACnD,WAAW,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;YAC5F,GAAG,CAAC,UAAU,GAAG,YAAY,CAAC,MAAM,CAAC;YACrC,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;YAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC;QACtB,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAK,EAAC,GAAG,EAAE;QACT,MAAM,CAAC,KAAK,EAAE,CAAC;IACjB,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QACxD,YAAY,GAAG;YACb,MAAM,EAAE,GAAG;YACX,IAAI,EAAE;gBACJ,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE;oBACJ,UAAU,EAAE;wBACV;4BACE,EAAE,EAAE,YAAY;4BAChB,SAAS,EAAE,OAAO;4BAClB,QAAQ,EAAE,MAAM;4BAChB,OAAO,EAAE,GAAG;4BACZ,SAAS,EAAE,EAAE;4BACb,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;4BAClC,WAAW,EAAE,sBAAsB;yBACpC;qBACF;iBACF;aACF;SACF,CAAC;QACF,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;QACrF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,cAAc,CAAC,sBAAsB,CAAC,CAAC;QACnE,gBAAM,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;QAChC,gBAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAC3C,gBAAM,CAAC,KAAK,CAAC,WAAY,CAAC,GAAG,EAAE,qCAAqC,CAAC,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;QAChE,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC;QAC1F,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;QACrF,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,cAAc,EAAE,CAAC;QAC7C,gBAAM,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrF,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;QACrF,MAAM,gBAAM,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,cAAc,EAAE,EAAE,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,YAAY,6BAAiB,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC;IAChI,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;QAC9D,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC;QAClE,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;QACrF,MAAM,MAAM,CAAC,eAAe,CAC1B,YAAY,EACZ,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EACvD,EAAE,SAAS,EAAE,EAAE,EAAE,CAClB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,WAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC1C,gBAAM,CAAC,KAAK,CAAC,WAAY,CAAC,GAAG,EAAE,qCAAqC,CAAC,CAAC;QACtE,gBAAM,CAAC,KAAK,CAAE,WAAY,CAAC,IAAY,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAClE,gBAAM,CAAC,KAAK,CAAE,WAAY,CAAC,IAAY,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC;QAC5F,MAAM,MAAM,GAAG,IAAI,iCAAqB,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;QACrF,MAAM,gBAAM,CAAC,aAAa,CAAC,GAAG,EAAE,CAC9B,MAAM,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC,CAC3E,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"feed-cron.test.d.ts","sourceRoot":"","sources":["../../src/tests/feed-cron.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const node_test_1 = require("node:test");
|
|
7
|
+
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
|
+
const cron_js_1 = require("../feed/cron.js");
|
|
9
|
+
function fakeGateway(jobs = []) {
|
|
10
|
+
const calls = [];
|
|
11
|
+
return {
|
|
12
|
+
calls,
|
|
13
|
+
async request(method, params) {
|
|
14
|
+
calls.push({ method, params });
|
|
15
|
+
if (method === 'cron.list')
|
|
16
|
+
return { jobs };
|
|
17
|
+
return { ok: true };
|
|
18
|
+
},
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
(0, node_test_1.describe)('feed/cron', () => {
|
|
22
|
+
(0, node_test_1.it)('parseIntervalMinutes rejects non-numeric and out-of-range values', () => {
|
|
23
|
+
strict_1.default.equal((0, cron_js_1.parseIntervalMinutes)('15'), 15);
|
|
24
|
+
strict_1.default.throws(() => (0, cron_js_1.parseIntervalMinutes)('5abc'), /Invalid --interval-minutes/);
|
|
25
|
+
strict_1.default.throws(() => (0, cron_js_1.parseIntervalMinutes)('0'), /Invalid --interval-minutes/);
|
|
26
|
+
strict_1.default.throws(() => (0, cron_js_1.parseIntervalMinutes)('60'), /Invalid --interval-minutes/);
|
|
27
|
+
});
|
|
28
|
+
(0, node_test_1.it)('adds an OpenClaw cron job with silent delivery and interval schedule', async () => {
|
|
29
|
+
const gateway = fakeGateway();
|
|
30
|
+
const result = await (0, cron_js_1.installOpenClawThreatFeedCron)({ name: 'agentguard-threat-feed', intervalMinutes: 15, force: false }, { request: gateway.request });
|
|
31
|
+
strict_1.default.equal(result.created, true);
|
|
32
|
+
strict_1.default.deepEqual(gateway.calls.map((call) => call.method), ['cron.list', 'cron.add']);
|
|
33
|
+
const job = gateway.calls[1].params[0];
|
|
34
|
+
strict_1.default.equal(job.name, 'agentguard-threat-feed');
|
|
35
|
+
strict_1.default.deepEqual(job.schedule, { kind: 'every', everyMs: 900000 });
|
|
36
|
+
strict_1.default.deepEqual(job.delivery, { mode: 'none' });
|
|
37
|
+
strict_1.default.equal(job.sessionTarget, 'isolated');
|
|
38
|
+
strict_1.default.equal(job.payload.kind, 'agentTurn');
|
|
39
|
+
strict_1.default.match(job.payload.message, /hardFailures/);
|
|
40
|
+
strict_1.default.equal('timezone' in job, false);
|
|
41
|
+
});
|
|
42
|
+
(0, node_test_1.it)('leaves an existing cron job untouched unless force is set', async () => {
|
|
43
|
+
const gateway = fakeGateway([{ id: 'job-1', name: 'agentguard-threat-feed' }]);
|
|
44
|
+
const result = await (0, cron_js_1.installOpenClawThreatFeedCron)({ name: 'agentguard-threat-feed', intervalMinutes: 15, force: false }, { request: gateway.request });
|
|
45
|
+
strict_1.default.equal(result.created, false);
|
|
46
|
+
strict_1.default.deepEqual(gateway.calls.map((call) => call.method), ['cron.list']);
|
|
47
|
+
});
|
|
48
|
+
(0, node_test_1.it)('removes an existing cron job by jobId when force is set', async () => {
|
|
49
|
+
const gateway = fakeGateway([{ id: 'job-1', name: 'agentguard-threat-feed' }]);
|
|
50
|
+
const result = await (0, cron_js_1.installOpenClawThreatFeedCron)({ name: 'agentguard-threat-feed', intervalMinutes: 5, force: true }, { request: gateway.request });
|
|
51
|
+
strict_1.default.equal(result.created, true);
|
|
52
|
+
strict_1.default.deepEqual(gateway.calls.map((call) => call.method), ['cron.list', 'cron.remove', 'cron.add']);
|
|
53
|
+
strict_1.default.deepEqual(gateway.calls[1].params, { jobId: 'job-1' });
|
|
54
|
+
strict_1.default.deepEqual(gateway.calls[2].params[0].schedule, { kind: 'every', everyMs: 300000 });
|
|
55
|
+
});
|
|
56
|
+
(0, node_test_1.it)('does not add a replacement if force removal fails', async () => {
|
|
57
|
+
const calls = [];
|
|
58
|
+
await strict_1.default.rejects(() => (0, cron_js_1.installOpenClawThreatFeedCron)({ name: 'agentguard-threat-feed', intervalMinutes: 5, force: true }, {
|
|
59
|
+
async request(method, params) {
|
|
60
|
+
calls.push({ method, params });
|
|
61
|
+
if (method === 'cron.list')
|
|
62
|
+
return { jobs: [{ id: 'job-1', name: 'agentguard-threat-feed' }] };
|
|
63
|
+
if (method === 'cron.remove')
|
|
64
|
+
throw new Error('remove failed');
|
|
65
|
+
return { ok: true };
|
|
66
|
+
},
|
|
67
|
+
}), /remove failed/);
|
|
68
|
+
strict_1.default.deepEqual(calls.map((call) => call.method), ['cron.list', 'cron.remove']);
|
|
69
|
+
});
|
|
70
|
+
(0, node_test_1.it)('uses the injected request path for OpenClaw Gateway calls', async () => {
|
|
71
|
+
await strict_1.default.rejects(() => (0, cron_js_1.openClawGatewayRequest)('cron.list', {}, {
|
|
72
|
+
request: async () => {
|
|
73
|
+
throw new Error('OpenClaw Gateway cron.list request timed out after 25ms');
|
|
74
|
+
},
|
|
75
|
+
}), /timed out/);
|
|
76
|
+
});
|
|
77
|
+
});
|
|
78
|
+
//# sourceMappingURL=feed-cron.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"feed-cron.test.js","sourceRoot":"","sources":["../../src/tests/feed-cron.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,6CAIyB;AAIzB,SAAS,WAAW,CAAC,OAA4C,EAAE;IAIjE,MAAM,KAAK,GAAc,EAAE,CAAC;IAC5B,OAAO;QACL,KAAK;QACL,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;YAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;YAC/B,IAAI,MAAM,KAAK,WAAW;gBAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC5C,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;QACtB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,IAAA,oBAAQ,EAAC,WAAW,EAAE,GAAG,EAAE;IACzB,IAAA,cAAE,EAAC,kEAAkE,EAAE,GAAG,EAAE;QAC1E,gBAAM,CAAC,KAAK,CAAC,IAAA,8BAAoB,EAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,gBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,8BAAoB,EAAC,MAAM,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAChF,gBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,8BAAoB,EAAC,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAC7E,gBAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,IAAA,8BAAoB,EAAC,IAAI,CAAC,EAAE,4BAA4B,CAAC,CAAC;IAChF,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sEAAsE,EAAE,KAAK,IAAI,EAAE;QACpF,MAAM,OAAO,GAAG,WAAW,EAAE,CAAC;QAE9B,MAAM,MAAM,GAAG,MAAM,IAAA,uCAA6B,EAChD,EAAE,IAAI,EAAE,wBAAwB,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EACrE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAC7B,CAAC;QAEF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACnC,gBAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,CAAC;QACtF,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvC,gBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,wBAAwB,CAAC,CAAC;QACjD,gBAAM,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QACnE,gBAAM,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QACjD,gBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC5C,gBAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QAClD,gBAAM,CAAC,KAAK,CAAC,UAAU,IAAI,GAAG,EAAE,KAAK,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,wBAAwB,EAAE,CAAC,CAAC,CAAC;QAE/E,MAAM,MAAM,GAAG,MAAM,IAAA,uCAA6B,EAChD,EAAE,IAAI,EAAE,wBAAwB,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EACrE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAC7B,CAAC;QAEF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACpC,gBAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,wBAAwB,EAAE,CAAC,CAAC,CAAC;QAE/E,MAAM,MAAM,GAAG,MAAM,IAAA,uCAA6B,EAChD,EAAE,IAAI,EAAE,wBAAwB,EAAE,eAAe,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,EACnE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,CAC7B,CAAC;QAEF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACnC,gBAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,WAAW,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC;QACrG,gBAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;QAC9D,gBAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5F,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,KAAK,GAAc,EAAE,CAAC;QAC5B,MAAM,gBAAM,CAAC,OAAO,CAClB,GAAG,EAAE,CACH,IAAA,uCAA6B,EAC3B,EAAE,IAAI,EAAE,wBAAwB,EAAE,eAAe,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,EACnE;YACE,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;gBAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC/B,IAAI,MAAM,KAAK,WAAW;oBAAE,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,wBAAwB,EAAE,CAAC,EAAE,CAAC;gBAC/F,IAAI,MAAM,KAAK,aAAa;oBAAE,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;gBAC/D,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;YACtB,CAAC;SACF,CACF,EACH,eAAe,CAChB,CAAC;QACF,gBAAM,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC;IACnF,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;QACzE,MAAM,gBAAM,CAAC,OAAO,CAClB,GAAG,EAAE,CACH,IAAA,gCAAsB,EAAC,WAAW,EAAE,EAAE,EAAE;YACtC,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;YAC7E,CAAC;SACF,CAAC,EACJ,WAAW,CACZ,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"feed-selfcheck.test.d.ts","sourceRoot":"","sources":["../../src/tests/feed-selfcheck.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,118 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
const node_test_1 = require("node:test");
|
|
7
|
+
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
|
+
const node_fs_1 = require("node:fs");
|
|
9
|
+
const node_os_1 = require("node:os");
|
|
10
|
+
const node_path_1 = require("node:path");
|
|
11
|
+
const node_crypto_1 = require("node:crypto");
|
|
12
|
+
const selfcheck_js_1 = require("../feed/selfcheck.js");
|
|
13
|
+
function makeSkillDir(parent, name, body) {
|
|
14
|
+
const dir = (0, node_path_1.join)(parent, name);
|
|
15
|
+
(0, node_fs_1.mkdirSync)(dir, { recursive: true });
|
|
16
|
+
(0, node_fs_1.writeFileSync)((0, node_path_1.join)(dir, 'SKILL.md'), body, 'utf8');
|
|
17
|
+
return dir;
|
|
18
|
+
}
|
|
19
|
+
function makeAdvisory(partial) {
|
|
20
|
+
return {
|
|
21
|
+
id: 'AGS-test-1',
|
|
22
|
+
ecosystem: 'skill',
|
|
23
|
+
severity: 'high',
|
|
24
|
+
summary: 'test',
|
|
25
|
+
detailsMd: '',
|
|
26
|
+
affected: [],
|
|
27
|
+
publishedAt: new Date().toISOString(),
|
|
28
|
+
...partial,
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
(0, node_test_1.describe)('feed/selfcheck', () => {
|
|
32
|
+
(0, node_test_1.it)('globMatch handles literal names', () => {
|
|
33
|
+
strict_1.default.equal((0, selfcheck_js_1.globMatch)('slack-webhook', 'slack-webhook'), true);
|
|
34
|
+
strict_1.default.equal((0, selfcheck_js_1.globMatch)('slack-webhook', 'discord-webhook'), false);
|
|
35
|
+
});
|
|
36
|
+
(0, node_test_1.it)('globMatch supports * wildcards', () => {
|
|
37
|
+
strict_1.default.equal((0, selfcheck_js_1.globMatch)('slack-webhook-*', 'slack-webhook-malicious'), true);
|
|
38
|
+
strict_1.default.equal((0, selfcheck_js_1.globMatch)('slack-webhook-*', 'slack-webhook'), false);
|
|
39
|
+
strict_1.default.equal((0, selfcheck_js_1.globMatch)('*-stealer-*', 'amos-stealer-v2'), true);
|
|
40
|
+
});
|
|
41
|
+
(0, node_test_1.it)('matches a skill by name pattern', async () => {
|
|
42
|
+
const root = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'ag-selfcheck-'));
|
|
43
|
+
makeSkillDir(root, 'slack-webhook-evil', '---\nname: x\n---\nbody');
|
|
44
|
+
makeSkillDir(root, 'unrelated', '---\nname: y\n---\nbody');
|
|
45
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ affected: [{ namePattern: 'slack-webhook-*' }] }), { skillRoots: [root] });
|
|
46
|
+
strict_1.default.equal(result.matchedArtifacts.length, 1);
|
|
47
|
+
strict_1.default.equal(result.matchedArtifacts[0].matchedBy, 'namePattern');
|
|
48
|
+
strict_1.default.match(result.matchedArtifacts[0].path, /slack-webhook-evil$/);
|
|
49
|
+
});
|
|
50
|
+
(0, node_test_1.it)('matches a skill by SKILL.md body regex', async () => {
|
|
51
|
+
const root = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'ag-selfcheck-'));
|
|
52
|
+
makeSkillDir(root, 'innocent', '---\nname: ok\n---\nperfectly normal');
|
|
53
|
+
makeSkillDir(root, 'leaky', '---\nname: bad\n---\nfetch("https://abc.ngrok.app/exfil")');
|
|
54
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ affected: [{ bodyRegex: 'ngrok\\.app' }] }), { skillRoots: [root] });
|
|
55
|
+
strict_1.default.equal(result.matchedArtifacts.length, 1);
|
|
56
|
+
strict_1.default.equal(result.matchedArtifacts[0].matchedBy, 'bodyRegex');
|
|
57
|
+
});
|
|
58
|
+
(0, node_test_1.it)('returns no matches when nothing in the local env corresponds', async () => {
|
|
59
|
+
const root = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'ag-selfcheck-'));
|
|
60
|
+
makeSkillDir(root, 'foo', '---\nname: foo\n---\n');
|
|
61
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ affected: [{ namePattern: 'never-installed-*' }] }), { skillRoots: [root] });
|
|
62
|
+
strict_1.default.equal(result.matchedArtifacts.length, 0);
|
|
63
|
+
strict_1.default.deepEqual(result.warnings, []);
|
|
64
|
+
});
|
|
65
|
+
(0, node_test_1.it)('treats withdrawn advisories as no-op', async () => {
|
|
66
|
+
const root = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'ag-selfcheck-'));
|
|
67
|
+
makeSkillDir(root, 'slack-webhook-evil', '---\nname: x\n---\n');
|
|
68
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({
|
|
69
|
+
affected: [{ namePattern: 'slack-webhook-*' }],
|
|
70
|
+
withdrawnAt: new Date().toISOString(),
|
|
71
|
+
}), { skillRoots: [root] });
|
|
72
|
+
strict_1.default.equal(result.matchedArtifacts.length, 0);
|
|
73
|
+
});
|
|
74
|
+
(0, node_test_1.it)('warns when the advisory targets an unsupported ecosystem', async () => {
|
|
75
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ ecosystem: 'mcp_server', affected: [{ namePattern: 'whatever' }] }), { skillRoots: [] });
|
|
76
|
+
strict_1.default.equal(result.matchedArtifacts.length, 0);
|
|
77
|
+
strict_1.default.ok(result.warnings.some((w) => w.includes('mcp_server')));
|
|
78
|
+
});
|
|
79
|
+
(0, node_test_1.it)('ignores roots that do not exist', async () => {
|
|
80
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ affected: [{ namePattern: '*' }] }), { skillRoots: ['/definitely/not/a/real/path'] });
|
|
81
|
+
strict_1.default.equal(result.matchedArtifacts.length, 0);
|
|
82
|
+
strict_1.default.deepEqual(result.warnings, []);
|
|
83
|
+
});
|
|
84
|
+
(0, node_test_1.it)('matches sha256 against the SKILL.md content (canonical hash input)', async () => {
|
|
85
|
+
const root = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'ag-selfcheck-'));
|
|
86
|
+
const body = '---\nname: rugpull\n---\nmalicious payload';
|
|
87
|
+
makeSkillDir(root, 'rugged', body);
|
|
88
|
+
const expected = (0, node_crypto_1.createHash)('sha256').update(body).digest('hex');
|
|
89
|
+
const result = await (0, selfcheck_js_1.runSelfCheckForAdvisory)(makeAdvisory({ affected: [{ sha256: expected }] }), { skillRoots: [root] });
|
|
90
|
+
strict_1.default.equal(result.matchedArtifacts.length, 1);
|
|
91
|
+
strict_1.default.equal(result.matchedArtifacts[0].matchedBy, 'sha256');
|
|
92
|
+
strict_1.default.equal(result.matchedArtifacts[0].hash, expected);
|
|
93
|
+
});
|
|
94
|
+
});
|
|
95
|
+
(0, node_test_1.describe)('safeRegexTest', () => {
|
|
96
|
+
(0, node_test_1.it)('matches a normal pattern', () => {
|
|
97
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('ngrok\\.app', 'fetch https://x.ngrok.app/x'), true);
|
|
98
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('ngrok\\.app', 'no match here'), false);
|
|
99
|
+
});
|
|
100
|
+
(0, node_test_1.it)('rejects empty / non-string patterns', () => {
|
|
101
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('', 'anything'), false);
|
|
102
|
+
// @ts-expect-error — intentionally passing wrong type
|
|
103
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)(null, 'anything'), false);
|
|
104
|
+
});
|
|
105
|
+
(0, node_test_1.it)('rejects oversized patterns', () => {
|
|
106
|
+
const huge = '(' + 'a'.repeat(300) + ')';
|
|
107
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)(huge, 'aaaa'), false);
|
|
108
|
+
});
|
|
109
|
+
(0, node_test_1.it)('rejects nested-quantifier catastrophic patterns (ReDoS)', () => {
|
|
110
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('(a+)+', 'aaaa'), false);
|
|
111
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('(.+)+', 'xxxx'), false);
|
|
112
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('(a*)*', 'aaaa'), false);
|
|
113
|
+
});
|
|
114
|
+
(0, node_test_1.it)('swallows compile errors silently', () => {
|
|
115
|
+
strict_1.default.equal((0, selfcheck_js_1.safeRegexTest)('(unclosed', 'aaaa'), false);
|
|
116
|
+
});
|
|
117
|
+
});
|
|
118
|
+
//# sourceMappingURL=feed-selfcheck.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"feed-selfcheck.test.js","sourceRoot":"","sources":["../../src/tests/feed-selfcheck.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,qCAAgE;AAChE,qCAAiC;AACjC,yCAAiC;AACjC,6CAAyC;AACzC,uDAAyF;AAGzF,SAAS,YAAY,CAAC,MAAc,EAAE,IAAY,EAAE,IAAY;IAC9D,MAAM,GAAG,GAAG,IAAA,gBAAI,EAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC/B,IAAA,mBAAS,EAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,IAAA,uBAAa,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,UAAU,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,OAA0B;IAC9C,OAAO;QACL,EAAE,EAAE,YAAY;QAChB,SAAS,EAAE,OAAO;QAClB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,EAAE;QACb,QAAQ,EAAE,EAAE;QACZ,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,GAAG,OAAO;KACX,CAAC;AACJ,CAAC;AAED,IAAA,oBAAQ,EAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,gBAAM,CAAC,KAAK,CAAC,IAAA,wBAAS,EAAC,eAAe,EAAE,eAAe,CAAC,EAAE,IAAI,CAAC,CAAC;QAChE,gBAAM,CAAC,KAAK,CAAC,IAAA,wBAAS,EAAC,eAAe,EAAE,iBAAiB,CAAC,EAAE,KAAK,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,gBAAM,CAAC,KAAK,CAAC,IAAA,wBAAS,EAAC,iBAAiB,EAAE,yBAAyB,CAAC,EAAE,IAAI,CAAC,CAAC;QAC5E,gBAAM,CAAC,KAAK,CAAC,IAAA,wBAAS,EAAC,iBAAiB,EAAE,eAAe,CAAC,EAAE,KAAK,CAAC,CAAC;QACnE,gBAAM,CAAC,KAAK,CAAC,IAAA,wBAAS,EAAC,aAAa,EAAE,iBAAiB,CAAC,EAAE,IAAI,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,IAAI,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,eAAe,CAAC,CAAC,CAAC;QAC1D,YAAY,CAAC,IAAI,EAAE,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;QACpE,YAAY,CAAC,IAAI,EAAE,WAAW,EAAE,yBAAyB,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAC,EAChE,EAAE,UAAU,EAAE,CAAC,IAAI,CAAC,EAAE,CACvB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;QAClE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;QACtD,MAAM,IAAI,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,eAAe,CAAC,CAAC,CAAC;QAC1D,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,sCAAsC,CAAC,CAAC;QACvE,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,2DAA2D,CAAC,CAAC;QACzF,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC,EAC1D,EAAE,UAAU,EAAE,CAAC,IAAI,CAAC,EAAE,CACvB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,8DAA8D,EAAE,KAAK,IAAI,EAAE;QAC5E,MAAM,IAAI,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,eAAe,CAAC,CAAC,CAAC;QAC1D,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,uBAAuB,CAAC,CAAC;QACnD,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,mBAAmB,EAAE,CAAC,EAAE,CAAC,EAClE,EAAE,UAAU,EAAE,CAAC,IAAI,CAAC,EAAE,CACvB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,IAAI,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,eAAe,CAAC,CAAC,CAAC;QAC1D,YAAY,CAAC,IAAI,EAAE,oBAAoB,EAAE,qBAAqB,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC;YACX,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,CAAC;YAC9C,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACtC,CAAC,EACF,EAAE,UAAU,EAAE,CAAC,IAAI,CAAC,EAAE,CACvB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC,EAClF,EAAE,UAAU,EAAE,EAAE,EAAE,CACnB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAClD,EAAE,UAAU,EAAE,CAAC,6BAA6B,CAAC,EAAE,CAChD,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,MAAM,IAAI,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,eAAe,CAAC,CAAC,CAAC;QAC1D,MAAM,IAAI,GAAG,4CAA4C,CAAC;QAC1D,YAAY,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACjE,MAAM,MAAM,GAAG,MAAM,IAAA,sCAAuB,EAC1C,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,EAClD,EAAE,UAAU,EAAE,CAAC,IAAI,CAAC,EAAE,CACvB,CAAC;QACF,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAC7D,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,oBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,cAAE,EAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,aAAa,EAAE,6BAA6B,CAAC,EAAE,IAAI,CAAC,CAAC;QAChF,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,aAAa,EAAE,eAAe,CAAC,EAAE,KAAK,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,EAAE,EAAE,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC;QACnD,sDAAsD;QACtD,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,IAAI,EAAE,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,IAAI,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACzC,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,IAAI,EAAE,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,yDAAyD,EAAE,GAAG,EAAE;QACjE,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,OAAO,EAAE,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;QACpD,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,OAAO,EAAE,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;QACpD,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,OAAO,EAAE,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,gBAAM,CAAC,KAAK,CAAC,IAAA,4BAAa,EAAC,WAAW,EAAE,MAAM,CAAC,EAAE,KAAK,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -26,7 +26,9 @@ const installers_js_1 = require("../installers.js");
|
|
|
26
26
|
(0, node_test_1.it)('writes OpenClaw plugin template', () => {
|
|
27
27
|
const dir = (0, node_fs_1.mkdtempSync)((0, node_path_1.join)((0, node_os_1.tmpdir)(), 'agentguard-openclaw-'));
|
|
28
28
|
(0, installers_js_1.installAgentTemplates)('openclaw', { cwd: dir });
|
|
29
|
-
|
|
29
|
+
const template = (0, node_fs_1.readFileSync)((0, node_path_1.join)(dir, 'openclaw.agentguard.plugin.ts'), 'utf8');
|
|
30
|
+
strict_1.default.ok(template.includes('registerOpenClawPlugin'));
|
|
31
|
+
strict_1.default.ok(!template.includes("level: 'balanced'"));
|
|
30
32
|
});
|
|
31
33
|
});
|
|
32
34
|
//# sourceMappingURL=installer.test.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"installer.test.js","sourceRoot":"","sources":["../../src/tests/installer.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,qCAAgE;AAChE,yCAAiC;AACjC,qCAAiC;AACjC,oDAAyD;AAEzD,IAAA,oBAAQ,EAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,IAAA,cAAE,EAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,oBAAoB,CAAC,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAA,qCAAqB,EAAC,aAAa,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAElE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACrC,gBAAM,CAAC,EAAE,CAAC,IAAA,oBAAU,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,SAAS,EAAE,OAAO,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC;QAC9E,gBAAM,CAAC,EAAE,CAAC,IAAA,sBAAY,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,SAAS,EAAE,qBAAqB,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,mBAAmB,CAAC,CAAC,CAAC;QAC7D,IAAA,qCAAqB,EAAC,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAE7C,gBAAM,CAAC,EAAE,CAAC,IAAA,oBAAU,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/E,gBAAM,CAAC,EAAE,CAAC,IAAA,sBAAY,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,QAAQ,EAAE,8BAA8B,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC,CAAC,CAAC;IAC/H,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC;QAChE,IAAA,qCAAqB,EAAC,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAEhD,
|
|
1
|
+
{"version":3,"file":"installer.test.js","sourceRoot":"","sources":["../../src/tests/installer.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,qCAAgE;AAChE,yCAAiC;AACjC,qCAAiC;AACjC,oDAAyD;AAEzD,IAAA,oBAAQ,EAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,IAAA,cAAE,EAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,oBAAoB,CAAC,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAA,qCAAqB,EAAC,aAAa,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAElE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACrC,gBAAM,CAAC,EAAE,CAAC,IAAA,oBAAU,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,SAAS,EAAE,OAAO,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC;QAC9E,gBAAM,CAAC,EAAE,CAAC,IAAA,sBAAY,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,SAAS,EAAE,qBAAqB,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,mBAAmB,CAAC,CAAC,CAAC;QAC7D,IAAA,qCAAqB,EAAC,OAAO,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAE7C,gBAAM,CAAC,EAAE,CAAC,IAAA,oBAAU,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/E,gBAAM,CAAC,EAAE,CAAC,IAAA,sBAAY,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,QAAQ,EAAE,8BAA8B,CAAC,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC,CAAC,CAAC;IAC/H,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,IAAA,qBAAW,EAAC,IAAA,gBAAI,EAAC,IAAA,gBAAM,GAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC;QAChE,IAAA,qCAAqB,EAAC,UAAU,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;QAEhD,MAAM,QAAQ,GAAG,IAAA,sBAAY,EAAC,IAAA,gBAAI,EAAC,GAAG,EAAE,+BAA+B,CAAC,EAAE,MAAM,CAAC,CAAC;QAClF,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACvD,gBAAM,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -86,7 +86,11 @@ const test_utils_js_1 = require("./helpers/test-utils.js");
|
|
|
86
86
|
// ─────────────────────────────────────────────────────────────────────────────
|
|
87
87
|
(0, node_test_1.describe)('Integration: OpenClaw registerOpenClawPlugin', () => {
|
|
88
88
|
let ctx;
|
|
89
|
-
|
|
89
|
+
const openClawRegistryState = Symbol.for('openclaw.pluginRegistryState');
|
|
90
|
+
(0, node_test_1.afterEach)(() => {
|
|
91
|
+
ctx?.cleanup();
|
|
92
|
+
delete globalThis[openClawRegistryState];
|
|
93
|
+
});
|
|
90
94
|
function createMockApi() {
|
|
91
95
|
const handlers = {};
|
|
92
96
|
const api = {
|
|
@@ -109,6 +113,76 @@ const test_utils_js_1 = require("./helpers/test-utils.js");
|
|
|
109
113
|
strict_1.default.ok(handlers['before_tool_call'], 'Should register before_tool_call');
|
|
110
114
|
strict_1.default.ok(handlers['after_tool_call'], 'Should register after_tool_call');
|
|
111
115
|
});
|
|
116
|
+
(0, node_test_1.it)('should auto-scan plugins from OpenClaw activeRegistry state', async () => {
|
|
117
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
118
|
+
const { api, handlers } = createMockApi();
|
|
119
|
+
const scannedPaths = [];
|
|
120
|
+
globalThis[openClawRegistryState] = {
|
|
121
|
+
activeRegistry: {
|
|
122
|
+
plugins: [
|
|
123
|
+
{
|
|
124
|
+
id: 'risky-plugin',
|
|
125
|
+
name: 'Risky Plugin',
|
|
126
|
+
source: '/tmp/risky-plugin/index.ts',
|
|
127
|
+
status: 'loaded',
|
|
128
|
+
enabled: true,
|
|
129
|
+
toolNames: ['risky_exec'],
|
|
130
|
+
},
|
|
131
|
+
{
|
|
132
|
+
id: 'test-plugin',
|
|
133
|
+
name: 'AgentGuard',
|
|
134
|
+
source: '/tmp/test-plugin/index.ts',
|
|
135
|
+
status: 'loaded',
|
|
136
|
+
enabled: true,
|
|
137
|
+
toolNames: ['agentguard_internal'],
|
|
138
|
+
},
|
|
139
|
+
],
|
|
140
|
+
},
|
|
141
|
+
};
|
|
142
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
143
|
+
skipAutoScan: false,
|
|
144
|
+
agentguardFactory: () => ctx.agentguard,
|
|
145
|
+
protectAction: async () => null,
|
|
146
|
+
scanner: {
|
|
147
|
+
quickScan: async (pluginPath) => {
|
|
148
|
+
scannedPaths.push(pluginPath);
|
|
149
|
+
return {
|
|
150
|
+
risk_level: 'critical',
|
|
151
|
+
risk_tags: ['TROJAN_DISTRIBUTION'],
|
|
152
|
+
summary: 'critical plugin',
|
|
153
|
+
};
|
|
154
|
+
},
|
|
155
|
+
},
|
|
156
|
+
});
|
|
157
|
+
await new Promise((resolve) => setImmediate(resolve));
|
|
158
|
+
strict_1.default.deepEqual(scannedPaths, ['/tmp/risky-plugin']);
|
|
159
|
+
const result = await handlers['before_tool_call']({
|
|
160
|
+
toolName: 'risky_exec',
|
|
161
|
+
params: { command: 'echo hello' },
|
|
162
|
+
});
|
|
163
|
+
strict_1.default.equal(result?.block, true);
|
|
164
|
+
strict_1.default.ok(result?.blockReason?.includes('risky-plugin'));
|
|
165
|
+
});
|
|
166
|
+
(0, node_test_1.it)('should use protection level from OpenClaw plugin config', async () => {
|
|
167
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
168
|
+
const { api, handlers } = createMockApi();
|
|
169
|
+
const levels = [];
|
|
170
|
+
api.pluginConfig = { level: 'strict' };
|
|
171
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
172
|
+
skipAutoScan: true,
|
|
173
|
+
agentguardFactory: () => ctx.agentguard,
|
|
174
|
+
protectAction: async (options) => {
|
|
175
|
+
levels.push(options.config.level);
|
|
176
|
+
return null;
|
|
177
|
+
},
|
|
178
|
+
});
|
|
179
|
+
const result = await handlers['before_tool_call']({
|
|
180
|
+
toolName: 'exec',
|
|
181
|
+
params: { command: 'echo hello' },
|
|
182
|
+
});
|
|
183
|
+
strict_1.default.equal(result, undefined);
|
|
184
|
+
strict_1.default.deepEqual(levels, ['strict']);
|
|
185
|
+
});
|
|
112
186
|
(0, node_test_1.it)('should return undefined (allow) for safe command', async () => {
|
|
113
187
|
ctx = (0, test_utils_js_1.createTestContext)();
|
|
114
188
|
const { api, handlers } = createMockApi();
|
|
@@ -122,6 +196,142 @@ const test_utils_js_1 = require("./helpers/test-utils.js");
|
|
|
122
196
|
});
|
|
123
197
|
strict_1.default.equal(result, undefined, 'Safe command should be allowed');
|
|
124
198
|
});
|
|
199
|
+
(0, node_test_1.it)('should allow non-whitelisted ordinary exec commands by default', async () => {
|
|
200
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
201
|
+
const { api, handlers } = createMockApi();
|
|
202
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
203
|
+
skipAutoScan: true,
|
|
204
|
+
registry: ctx.agentguard.registry,
|
|
205
|
+
});
|
|
206
|
+
const result = await handlers['before_tool_call']({
|
|
207
|
+
toolName: 'exec',
|
|
208
|
+
params: { command: 'agentguard status' },
|
|
209
|
+
});
|
|
210
|
+
strict_1.default.equal(result, undefined, 'Ordinary OpenClaw exec command should be allowed');
|
|
211
|
+
});
|
|
212
|
+
(0, node_test_1.it)('should run runtime protection for OpenClaw tool calls', async () => {
|
|
213
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
214
|
+
const { api, handlers } = createMockApi();
|
|
215
|
+
const calls = [];
|
|
216
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
217
|
+
skipAutoScan: true,
|
|
218
|
+
registry: ctx.agentguard.registry,
|
|
219
|
+
protectAction: async (options) => {
|
|
220
|
+
calls.push(options);
|
|
221
|
+
return null;
|
|
222
|
+
},
|
|
223
|
+
});
|
|
224
|
+
const result = await handlers['before_tool_call']({
|
|
225
|
+
toolName: 'exec',
|
|
226
|
+
params: { command: 'whoami' },
|
|
227
|
+
}, { sessionId: 'openclaw-session-1' });
|
|
228
|
+
strict_1.default.equal(result, undefined, 'Allowed runtime protection result should continue');
|
|
229
|
+
strict_1.default.equal(calls.length, 1);
|
|
230
|
+
const call = calls[0];
|
|
231
|
+
strict_1.default.equal(call.agentHost, 'openclaw');
|
|
232
|
+
strict_1.default.equal(call.actionType, 'shell');
|
|
233
|
+
strict_1.default.equal(call.toolName, 'exec');
|
|
234
|
+
strict_1.default.equal(call.sessionId, 'openclaw-session-1');
|
|
235
|
+
});
|
|
236
|
+
(0, node_test_1.it)('should classify renamed OpenClaw shell and file tools before runtime protection', async () => {
|
|
237
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
238
|
+
const { api, handlers } = createMockApi();
|
|
239
|
+
const calls = [];
|
|
240
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
241
|
+
skipAutoScan: true,
|
|
242
|
+
registry: ctx.agentguard.registry,
|
|
243
|
+
protectAction: async (options) => {
|
|
244
|
+
calls.push({ toolName: options.toolName, actionType: options.actionType });
|
|
245
|
+
return null;
|
|
246
|
+
},
|
|
247
|
+
});
|
|
248
|
+
await handlers['before_tool_call']({
|
|
249
|
+
toolName: 'terminal',
|
|
250
|
+
params: { command: 'whoami' },
|
|
251
|
+
});
|
|
252
|
+
await handlers['before_tool_call']({
|
|
253
|
+
toolName: 'scaffold',
|
|
254
|
+
params: { path: 'src/generated.ts', content: 'export {};' },
|
|
255
|
+
});
|
|
256
|
+
await handlers['before_tool_call']({
|
|
257
|
+
toolName: 'vendorTool',
|
|
258
|
+
params: { command: 'echo hello' },
|
|
259
|
+
});
|
|
260
|
+
strict_1.default.deepEqual(calls, [
|
|
261
|
+
{ toolName: 'terminal', actionType: 'shell' },
|
|
262
|
+
{ toolName: 'scaffold', actionType: 'file_write' },
|
|
263
|
+
{ toolName: 'vendorTool', actionType: 'shell' },
|
|
264
|
+
]);
|
|
265
|
+
});
|
|
266
|
+
(0, node_test_1.it)('should fail closed for security-sensitive OpenClaw actions when runtime protection fails', async () => {
|
|
267
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
268
|
+
const { api, handlers } = createMockApi();
|
|
269
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
270
|
+
skipAutoScan: true,
|
|
271
|
+
registry: ctx.agentguard.registry,
|
|
272
|
+
protectAction: async () => {
|
|
273
|
+
throw new Error('runtime unavailable');
|
|
274
|
+
},
|
|
275
|
+
});
|
|
276
|
+
const result = await handlers['before_tool_call']({
|
|
277
|
+
toolName: 'terminal',
|
|
278
|
+
params: { command: 'echo hello' },
|
|
279
|
+
});
|
|
280
|
+
strict_1.default.equal(result?.block, true);
|
|
281
|
+
strict_1.default.ok(result?.blockReason?.includes('runtime protection failed'));
|
|
282
|
+
});
|
|
283
|
+
(0, node_test_1.it)('should allow explicit fallback when runtime protection fails', async () => {
|
|
284
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
285
|
+
const { api, handlers } = createMockApi();
|
|
286
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
287
|
+
skipAutoScan: true,
|
|
288
|
+
registry: ctx.agentguard.registry,
|
|
289
|
+
runtimeFailureMode: 'fallback',
|
|
290
|
+
protectAction: async () => {
|
|
291
|
+
throw new Error('runtime unavailable');
|
|
292
|
+
},
|
|
293
|
+
});
|
|
294
|
+
const result = await handlers['before_tool_call']({
|
|
295
|
+
toolName: 'terminal',
|
|
296
|
+
params: { command: 'echo hello' },
|
|
297
|
+
});
|
|
298
|
+
strict_1.default.equal(result, undefined);
|
|
299
|
+
});
|
|
300
|
+
(0, node_test_1.it)('should block when runtime policy blocks an OpenClaw tool call', async () => {
|
|
301
|
+
ctx = (0, test_utils_js_1.createTestContext)();
|
|
302
|
+
const { api, handlers } = createMockApi();
|
|
303
|
+
(0, openclaw_plugin_js_1.registerOpenClawPlugin)(api, {
|
|
304
|
+
skipAutoScan: true,
|
|
305
|
+
registry: ctx.agentguard.registry,
|
|
306
|
+
protectAction: async () => ({
|
|
307
|
+
policySource: 'cloud-decision',
|
|
308
|
+
approvalId: null,
|
|
309
|
+
event: {},
|
|
310
|
+
decision: {
|
|
311
|
+
actionId: 'act_test',
|
|
312
|
+
decision: 'block',
|
|
313
|
+
riskScore: 95,
|
|
314
|
+
riskLevel: 'critical',
|
|
315
|
+
policyVersion: 'cloud-test',
|
|
316
|
+
reasons: [
|
|
317
|
+
{
|
|
318
|
+
code: 'CUSTOM_BLOCKED_COMMAND',
|
|
319
|
+
severity: 'critical',
|
|
320
|
+
title: 'Custom blocked command',
|
|
321
|
+
description: 'Blocked by cloud policy.',
|
|
322
|
+
},
|
|
323
|
+
],
|
|
324
|
+
},
|
|
325
|
+
}),
|
|
326
|
+
});
|
|
327
|
+
const result = await handlers['before_tool_call']({
|
|
328
|
+
toolName: 'exec',
|
|
329
|
+
params: { command: 'echo hello' },
|
|
330
|
+
});
|
|
331
|
+
strict_1.default.equal(result?.block, true);
|
|
332
|
+
strict_1.default.ok(result?.blockReason?.includes('runtime policy blocked'));
|
|
333
|
+
strict_1.default.ok(result?.blockReason?.includes('cloud-test'));
|
|
334
|
+
});
|
|
125
335
|
(0, node_test_1.it)('should return { block: true } for rm -rf /', async () => {
|
|
126
336
|
ctx = (0, test_utils_js_1.createTestContext)();
|
|
127
337
|
const { api, handlers } = createMockApi();
|