npm - @pwddd/skills-scanner - Versions diffs - 1.0.0-beta.8 → 1.0.0-beta.9 - Mend

@pwddd/skills-scanner 1.0.0-beta.8 → 1.0.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/openclaw.plugin.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "id": "skills-scanner",
   "name": "Skills Scanner",
   "description": "Security scanner for OpenClaw Skills to detect potential threats",
-  "version": "1.0.0-beta.8",
+  "version": "1.0.0-beta.9",
   "author": "pwddd",
   "skills": ["./skills"],
   "uiHints": {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@pwddd/skills-scanner",
-  "version": "1.0.0-beta.8",
+  "version": "1.0.0-beta.9",
   "description": "OpenClaw Skills security scanner plugin - detect malicious code, data exfiltration, and prompt injection",
   "type": "module",
   "main": "./index.ts",

package/src/cron-manager.ts CHANGED Viewed

@@ -58,130 +58,51 @@ function getOpenClawCommand(): string {
 }
 /**
- * Ensure cron job exists (create if not exists, update if config changed)
+ * Ensure cron job exists (only cleanup, no registration)
  */
 export async function ensureCronJob(options: CronManagerOptions): Promise<void> {
   const { logger } = options;
   const openclawCmd = getOpenClawCommand();
-  logger.info(`[skills-scanner] Using CLI command: ${openclawCmd}`);
+  logger.info(`[skills-scanner] Cleaning up old cron jobs...`);
-  // Test if command is available
   try {
-    const testResult = execSync(`${openclawCmd} --version`, {
-      encoding: "utf-8",
-      timeout: 5000,
-      stdio: "pipe"
-    });
-    logger.info(`[skills-scanner] Command test successful: ${testResult.trim()}`);
-  } catch (testErr: any) {
-    logger.error(`[skills-scanner] ❌ Command not available: ${testErr.message}`);
-    logger.info(`[skills-scanner] 💡 Please ensure OpenClaw is installed and accessible`);
-    return;
-  }
-  try {
-    // Get cron list output (text format)
-    const listResult = execSync(`${openclawCmd} cron list`, {
-      encoding: "utf-8",
-      timeout: 5000,
-    });
-    // Parse text output to find existing jobs
-    const lines = listResult.split("\n");
-    const existingJobs: Array<{ id: string; name: string }> = [];
-    for (const line of lines) {
-      if (line.includes(CRON_JOB_NAME)) {
-        const uuidMatch = line.match(/^([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})/);
-        if (uuidMatch) {
-          existingJobs.push({ id: uuidMatch[1], name: CRON_JOB_NAME });
-        }
+    // Use shell pipeline to get job IDs
+    const jobIds = execSync(
+      `${openclawCmd} cron list | grep ${CRON_JOB_NAME} | awk '{print $1}'`,
+      {
+        encoding: "utf-8",
+        timeout: 30000,
+        shell: "/bin/bash",
       }
-    }
+    ).trim();
-    // If any jobs exist, remove ALL of them and create a fresh one
-    if (existingJobs.length > 0) {
-      logger.info(`[skills-scanner] Found ${existingJobs.length} existing job(s), cleaning up...`);
-      // Remove all existing jobs
-      for (const job of existingJobs) {
-        const jobId = job.id;
-        try {
-          execSync(`${openclawCmd} cron remove ${jobId}`, {
-            encoding: "utf-8",
-            timeout: 5000,
-          });
-          logger.info(`[skills-scanner] ✅ Removed job: ${jobId}`);
-        } catch (removeErr: any) {
-          logger.warn(`[skills-scanner] ⚠️  Failed to remove job ${jobId}: ${removeErr.message}`);
-        }
-      }
+    if (!jobIds) {
+      logger.info(`[skills-scanner] No old cron jobs to remove`);
+      return;
     }
-    logger.info("[skills-scanner] 📝 Creating cron job via CLI...");
-    // Create cron job with --announce and --channel last
-    const cronCmd = [
-      `${openclawCmd} cron add`,
-      `--name "${CRON_JOB_NAME}"`,
-      `--cron "${CRON_SCHEDULE}"`,
-      `--tz "${CRON_TIMEZONE}"`,
-      "--session isolated",
-      '--message "请执行 /skills-scanner scan --report 并将结果发送到本频道"',
-      "--announce",
-      "--channel last",
-    ].join(" ");
-    logger.info(`[skills-scanner] Executing: ${cronCmd}`);
-    const result = execSync(cronCmd, { encoding: "utf-8", timeout: 10000 });
-    const jobIdMatch =
-      result.match(/Job ID[:\s]+([a-zA-Z0-9-]+)/i) ||
-      result.match(/jobId[:\s]+([a-zA-Z0-9-]+)/i) ||
-      result.match(/id[:\s]+([a-zA-Z0-9-]+)/i);
-    if (jobIdMatch) {
-      const cronJobId = jobIdMatch[1];
-      logger.info(`[skills-scanner] ✅ Job created successfully: ${cronJobId}`);
-      logger.info(`[skills-scanner] 📅 Schedule: Every Monday at 12:05 (${CRON_TIMEZONE})`);
-      logger.info("[skills-scanner] 📬 Reports will be delivered to the last active channel");
-    } else {
-      logger.info("[skills-scanner] ✅ Job creation command executed");
-      logger.debug(`[skills-scanner] Output: ${result.trim()}`);
-    }
-  } catch (err: any) {
-    logger.warn("[skills-scanner] ⚠️  Auto-registration failed");
-    logger.warn(`[skills-scanner] Error: ${err.message || err}`);
+    const ids = jobIds.split("\n").filter(id => id.trim());
+    logger.info(`[skills-scanner] Found ${ids.length} job(s) to remove`);
-    if (err.stderr) {
-      logger.warn(`[skills-scanner] stderr: ${err.stderr}`);
-    }
-    if (err.stdout) {
-      logger.warn(`[skills-scanner] stdout: ${err.stdout}`);
+    // Remove each job
+    let successCount = 0;
+    for (const jobId of ids) {
+      try {
+        execSync(`${openclawCmd} cron remove ${jobId}`, {
+          encoding: "utf-8",
+          timeout: 10000,
+        });
+        logger.info(`[skills-scanner] ✅ Removed job: ${jobId}`);
+        successCount++;
+      } catch (removeErr: any) {
+        logger.warn(`[skills-scanner] ⚠️  Failed to remove job ${jobId}: ${removeErr.message}`);
+      }
     }
-    if (err.message.includes("permission") || err.message.includes("EACCES")) {
-      logger.error("[skills-scanner] ❌ Permission denied, please run with admin privileges");
-    } else if (
-      err.message.includes("command not found") ||
-      err.message.includes("ENOENT")
-    ) {
-      logger.error(`[skills-scanner] ❌ ${openclawCmd} command not found, please check installation`);
-    } else {
-      logger.info("[skills-scanner] 💡 Please manually register cron job:");
-      logger.info("[skills-scanner]");
-      logger.info(`[skills-scanner]   ${openclawCmd} cron add \\`);
-      logger.info(`[skills-scanner]     --name "${CRON_JOB_NAME}" \\`);
-      logger.info(`[skills-scanner]     --cron "${CRON_SCHEDULE}" \\`);
-      logger.info(`[skills-scanner]     --tz "${CRON_TIMEZONE}" \\`);
-      logger.info("[skills-scanner]     --session isolated \\");
-      logger.info('[skills-scanner]     --message "请执行 /skills-scanner scan --report 并将结果发送到本频道" \\');
-      logger.info("[skills-scanner]     --announce \\");
-      logger.info("[skills-scanner]     --channel last");
-      logger.info("[skills-scanner]");
-    }
+    logger.info(`[skills-scanner] ✅ Cleanup complete: ${successCount}/${ids.length} removed`);
+  } catch (err: any) {
+    logger.warn(`[skills-scanner] ⚠️  Cleanup failed: ${err.message}`);
   }
 }
@@ -195,10 +116,10 @@ export async function cleanupCronJob(options: CronManagerOptions): Promise<void>
   logger.info(`[skills-scanner] 🗑️  Cleaning up cron job: ${CRON_JOB_NAME}`);
   try {
-    // Get cron list output (text format)
+    // Get cron list output (text format) - increase timeout for large lists
     const listResult = execSync(`${openclawCmd} cron list`, {
       encoding: "utf-8",
-      timeout: 5000,
+      timeout: 30000, // 30 seconds for large lists
     });
     if (!listResult.includes(CRON_JOB_NAME)) {