@upx-us/shield 0.2.12-beta
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @upx-us/shield might be problematic. Click here for more details.
- package/LICENSE +38 -0
- package/README.md +96 -0
- package/dist/index.d.ts +43 -0
- package/dist/index.js +365 -0
- package/dist/src/config.d.ts +43 -0
- package/dist/src/config.js +181 -0
- package/dist/src/events/base.d.ts +110 -0
- package/dist/src/events/base.js +61 -0
- package/dist/src/events/browser/enrich.d.ts +3 -0
- package/dist/src/events/browser/enrich.js +46 -0
- package/dist/src/events/browser/event.d.ts +10 -0
- package/dist/src/events/browser/event.js +2 -0
- package/dist/src/events/browser/index.d.ts +4 -0
- package/dist/src/events/browser/index.js +13 -0
- package/dist/src/events/browser/redactions.d.ts +2 -0
- package/dist/src/events/browser/redactions.js +4 -0
- package/dist/src/events/browser/validations.d.ts +3 -0
- package/dist/src/events/browser/validations.js +10 -0
- package/dist/src/events/cron/enrich.d.ts +3 -0
- package/dist/src/events/cron/enrich.js +44 -0
- package/dist/src/events/cron/event.d.ts +5 -0
- package/dist/src/events/cron/event.js +2 -0
- package/dist/src/events/cron/index.d.ts +4 -0
- package/dist/src/events/cron/index.js +13 -0
- package/dist/src/events/cron/redactions.d.ts +2 -0
- package/dist/src/events/cron/redactions.js +4 -0
- package/dist/src/events/cron/validations.d.ts +3 -0
- package/dist/src/events/cron/validations.js +4 -0
- package/dist/src/events/exec/enrich.d.ts +3 -0
- package/dist/src/events/exec/enrich.js +80 -0
- package/dist/src/events/exec/event.d.ts +11 -0
- package/dist/src/events/exec/event.js +2 -0
- package/dist/src/events/exec/index.d.ts +4 -0
- package/dist/src/events/exec/index.js +13 -0
- package/dist/src/events/exec/redactions.d.ts +3 -0
- package/dist/src/events/exec/redactions.js +12 -0
- package/dist/src/events/exec/validations.d.ts +3 -0
- package/dist/src/events/exec/validations.js +12 -0
- package/dist/src/events/file/enrich.d.ts +3 -0
- package/dist/src/events/file/enrich.js +63 -0
- package/dist/src/events/file/event.d.ts +11 -0
- package/dist/src/events/file/event.js +2 -0
- package/dist/src/events/file/index.d.ts +4 -0
- package/dist/src/events/file/index.js +13 -0
- package/dist/src/events/file/redactions.d.ts +2 -0
- package/dist/src/events/file/redactions.js +8 -0
- package/dist/src/events/file/validations.d.ts +3 -0
- package/dist/src/events/file/validations.js +10 -0
- package/dist/src/events/gateway/enrich.d.ts +3 -0
- package/dist/src/events/gateway/enrich.js +50 -0
- package/dist/src/events/gateway/event.d.ts +5 -0
- package/dist/src/events/gateway/event.js +2 -0
- package/dist/src/events/gateway/index.d.ts +4 -0
- package/dist/src/events/gateway/index.js +13 -0
- package/dist/src/events/gateway/redactions.d.ts +2 -0
- package/dist/src/events/gateway/redactions.js +4 -0
- package/dist/src/events/gateway/validations.d.ts +3 -0
- package/dist/src/events/gateway/validations.js +4 -0
- package/dist/src/events/generic/enrich.d.ts +3 -0
- package/dist/src/events/generic/enrich.js +30 -0
- package/dist/src/events/generic/event.d.ts +5 -0
- package/dist/src/events/generic/event.js +2 -0
- package/dist/src/events/generic/index.d.ts +5 -0
- package/dist/src/events/generic/index.js +14 -0
- package/dist/src/events/generic/redactions.d.ts +2 -0
- package/dist/src/events/generic/redactions.js +4 -0
- package/dist/src/events/generic/validations.d.ts +3 -0
- package/dist/src/events/generic/validations.js +4 -0
- package/dist/src/events/host-telemetry/enrich.d.ts +3 -0
- package/dist/src/events/host-telemetry/enrich.js +28 -0
- package/dist/src/events/host-telemetry/event.d.ts +4 -0
- package/dist/src/events/host-telemetry/event.js +2 -0
- package/dist/src/events/host-telemetry/index.d.ts +4 -0
- package/dist/src/events/host-telemetry/index.js +13 -0
- package/dist/src/events/host-telemetry/redactions.d.ts +2 -0
- package/dist/src/events/host-telemetry/redactions.js +4 -0
- package/dist/src/events/host-telemetry/validations.d.ts +3 -0
- package/dist/src/events/host-telemetry/validations.js +4 -0
- package/dist/src/events/index.d.ts +40 -0
- package/dist/src/events/index.js +39 -0
- package/dist/src/events/message/enrich.d.ts +3 -0
- package/dist/src/events/message/enrich.js +36 -0
- package/dist/src/events/message/event.d.ts +5 -0
- package/dist/src/events/message/event.js +2 -0
- package/dist/src/events/message/index.d.ts +4 -0
- package/dist/src/events/message/index.js +13 -0
- package/dist/src/events/message/redactions.d.ts +2 -0
- package/dist/src/events/message/redactions.js +4 -0
- package/dist/src/events/message/validations.d.ts +3 -0
- package/dist/src/events/message/validations.js +7 -0
- package/dist/src/events/sessions-spawn/enrich.d.ts +3 -0
- package/dist/src/events/sessions-spawn/enrich.js +40 -0
- package/dist/src/events/sessions-spawn/event.d.ts +9 -0
- package/dist/src/events/sessions-spawn/event.js +2 -0
- package/dist/src/events/sessions-spawn/index.d.ts +4 -0
- package/dist/src/events/sessions-spawn/index.js +13 -0
- package/dist/src/events/sessions-spawn/redactions.d.ts +2 -0
- package/dist/src/events/sessions-spawn/redactions.js +4 -0
- package/dist/src/events/sessions-spawn/validations.d.ts +3 -0
- package/dist/src/events/sessions-spawn/validations.js +4 -0
- package/dist/src/events/tool-result/enrich.d.ts +13 -0
- package/dist/src/events/tool-result/enrich.js +46 -0
- package/dist/src/events/tool-result/event.d.ts +7 -0
- package/dist/src/events/tool-result/event.js +2 -0
- package/dist/src/events/tool-result/index.d.ts +4 -0
- package/dist/src/events/tool-result/index.js +9 -0
- package/dist/src/events/tool-result/redactions.d.ts +2 -0
- package/dist/src/events/tool-result/redactions.js +7 -0
- package/dist/src/events/tool-result/validations.d.ts +3 -0
- package/dist/src/events/tool-result/validations.js +9 -0
- package/dist/src/events/web/enrich.d.ts +8 -0
- package/dist/src/events/web/enrich.js +78 -0
- package/dist/src/events/web/event.d.ts +10 -0
- package/dist/src/events/web/event.js +2 -0
- package/dist/src/events/web/index.d.ts +4 -0
- package/dist/src/events/web/index.js +13 -0
- package/dist/src/events/web/redactions.d.ts +2 -0
- package/dist/src/events/web/redactions.js +6 -0
- package/dist/src/events/web/validations.d.ts +3 -0
- package/dist/src/events/web/validations.js +10 -0
- package/dist/src/fetcher.d.ts +12 -0
- package/dist/src/fetcher.js +182 -0
- package/dist/src/host-collector.d.ts +1 -0
- package/dist/src/host-collector.js +200 -0
- package/dist/src/index.d.ts +1 -0
- package/dist/src/index.js +210 -0
- package/dist/src/log.d.ts +39 -0
- package/dist/src/log.js +102 -0
- package/dist/src/redactor/base.d.ts +29 -0
- package/dist/src/redactor/base.js +9 -0
- package/dist/src/redactor/index.d.ts +27 -0
- package/dist/src/redactor/index.js +109 -0
- package/dist/src/redactor/strategies/command.d.ts +2 -0
- package/dist/src/redactor/strategies/command.js +19 -0
- package/dist/src/redactor/strategies/hostname.d.ts +2 -0
- package/dist/src/redactor/strategies/hostname.js +15 -0
- package/dist/src/redactor/strategies/index.d.ts +13 -0
- package/dist/src/redactor/strategies/index.js +25 -0
- package/dist/src/redactor/strategies/path.d.ts +2 -0
- package/dist/src/redactor/strategies/path.js +23 -0
- package/dist/src/redactor/strategies/secret-key.d.ts +2 -0
- package/dist/src/redactor/strategies/secret-key.js +22 -0
- package/dist/src/redactor/strategies/username.d.ts +2 -0
- package/dist/src/redactor/strategies/username.js +12 -0
- package/dist/src/redactor/vault.d.ts +25 -0
- package/dist/src/redactor/vault.js +209 -0
- package/dist/src/sender.d.ts +29 -0
- package/dist/src/sender.js +186 -0
- package/dist/src/setup.d.ts +10 -0
- package/dist/src/setup.js +222 -0
- package/dist/src/transformer.d.ts +26 -0
- package/dist/src/transformer.js +302 -0
- package/dist/src/validator.d.ts +17 -0
- package/dist/src/validator.js +110 -0
- package/dist/src/version.d.ts +1 -0
- package/dist/src/version.js +19 -0
- package/openclaw.plugin.json +52 -0
- package/package.json +64 -0
- package/skills/shield/SKILL.md +38 -0
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ExecSchema = void 0;
|
|
4
|
+
const enrich_1 = require("./enrich");
|
|
5
|
+
const redactions_1 = require("./redactions");
|
|
6
|
+
const validations_1 = require("./validations");
|
|
7
|
+
exports.ExecSchema = {
|
|
8
|
+
category: 'exec',
|
|
9
|
+
match: (tool) => tool.name === 'exec',
|
|
10
|
+
enrich: enrich_1.enrich,
|
|
11
|
+
redactions: redactions_1.redactions,
|
|
12
|
+
validate: validations_1.validate,
|
|
13
|
+
};
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.redactions = void 0;
|
|
4
|
+
/** Exec-specific redaction rules. Base redactions (principal.hostname, principal.user) are applied automatically. */
|
|
5
|
+
exports.redactions = [
|
|
6
|
+
{ path: 'command', strategy: 'command' },
|
|
7
|
+
{ path: 'command', strategy: 'secret-key' },
|
|
8
|
+
{ path: 'workdir', strategy: 'path' },
|
|
9
|
+
{ path: 'target.command_line', strategy: 'command' },
|
|
10
|
+
{ path: 'target.command_line', strategy: 'secret-key' },
|
|
11
|
+
{ path: 'target.hostname', strategy: 'hostname' },
|
|
12
|
+
];
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validate = validate;
|
|
4
|
+
function validate(event) {
|
|
5
|
+
if (!event.command)
|
|
6
|
+
return { valid: false, field: 'command', error: 'missing command' };
|
|
7
|
+
if (!event.target?.command_line)
|
|
8
|
+
return { valid: false, field: 'target.command_line', error: 'missing target.command_line' };
|
|
9
|
+
if (event.network && !event.network.protocol)
|
|
10
|
+
return { valid: false, field: 'network.protocol', error: 'network present but missing protocol' };
|
|
11
|
+
return { valid: true };
|
|
12
|
+
}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.enrich = enrich;
|
|
4
|
+
const path_1 = require("path");
|
|
5
|
+
const base_1 = require("../base");
|
|
6
|
+
function enrich(tool, ctx) {
|
|
7
|
+
const args = tool.arguments;
|
|
8
|
+
const fp = args.file_path || args.path || args.filePath || '';
|
|
9
|
+
const ext = (0, path_1.extname)(fp) || null;
|
|
10
|
+
const isSystem = /^\/(etc|usr|var|sys|proc)(\/|$)/.test(fp);
|
|
11
|
+
const configExts = ['.json', '.yaml', '.yml', '.toml', '.env', '.conf', '.cfg', '.ini'];
|
|
12
|
+
// Note: extname('.env') returns '' in Node (dotfiles treated as no extension).
|
|
13
|
+
// file_is_config uses extension-based detection only. Dotfile detection is a known
|
|
14
|
+
// limitation (issue #6) — tracked for a future dedicated dotfile enrichment rule.
|
|
15
|
+
const isMemoryFile = /\/(MEMORY\.md|memory\/.*\.md)$/.test(fp);
|
|
16
|
+
const toolName = tool.name;
|
|
17
|
+
const meta = {
|
|
18
|
+
tool_name: toolName,
|
|
19
|
+
'openclaw.session_id': ctx.sessionId,
|
|
20
|
+
'openclaw.agent_id': ctx.agentId,
|
|
21
|
+
file_is_workspace: fp.includes('.openclaw/workspace'),
|
|
22
|
+
file_is_system: isSystem,
|
|
23
|
+
file_is_config: ext ? configExts.includes(ext) : false,
|
|
24
|
+
};
|
|
25
|
+
if ((toolName === 'write' || toolName === 'edit') && isMemoryFile) {
|
|
26
|
+
meta.memory_auto_capture = 'true';
|
|
27
|
+
}
|
|
28
|
+
if (toolName === 'edit') {
|
|
29
|
+
const oldText = args.oldText || args.old_string || '';
|
|
30
|
+
const newText = args.newText || args.new_string || '';
|
|
31
|
+
meta.edit_old_length = String(oldText.length);
|
|
32
|
+
meta.edit_new_length = String(newText.length);
|
|
33
|
+
meta.edit_size_delta = String(newText.length - oldText.length);
|
|
34
|
+
}
|
|
35
|
+
const event = {
|
|
36
|
+
timestamp: ctx.timestamp,
|
|
37
|
+
event_type: 'TOOL_CALL',
|
|
38
|
+
tool_name: toolName,
|
|
39
|
+
tool_category: 'file',
|
|
40
|
+
session_id: ctx.sessionId,
|
|
41
|
+
model: ctx.model,
|
|
42
|
+
product_name: 'OpenClaw',
|
|
43
|
+
vendor_name: 'UPX',
|
|
44
|
+
principal: {
|
|
45
|
+
hostname: ctx.source.hostname,
|
|
46
|
+
ip: ctx.source.ip_addresses?.[0] || '',
|
|
47
|
+
platform: ctx.source.os.platform,
|
|
48
|
+
user: ctx.agentId,
|
|
49
|
+
},
|
|
50
|
+
file_path: fp,
|
|
51
|
+
target: {
|
|
52
|
+
file_path: fp,
|
|
53
|
+
file_name: (0, path_1.basename)(fp),
|
|
54
|
+
file_extension: ext,
|
|
55
|
+
file_directory: (0, path_1.dirname)(fp),
|
|
56
|
+
},
|
|
57
|
+
tool_metadata: (0, base_1.stringifyMetadata)(meta),
|
|
58
|
+
};
|
|
59
|
+
if (isSystem) {
|
|
60
|
+
event.security_result = { severity: 'HIGH', summary: `System ${toolName} operation`, category: 'system_tampering' };
|
|
61
|
+
}
|
|
62
|
+
return event;
|
|
63
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { BaseEvent, SecurityResultBlock } from '../base';
|
|
2
|
+
export interface FileEvent extends BaseEvent, Partial<SecurityResultBlock> {
|
|
3
|
+
tool_category: 'file';
|
|
4
|
+
file_path: string;
|
|
5
|
+
target: {
|
|
6
|
+
file_path: string;
|
|
7
|
+
file_name: string;
|
|
8
|
+
file_extension: string | null;
|
|
9
|
+
file_directory: string;
|
|
10
|
+
};
|
|
11
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.FileSchema = void 0;
|
|
4
|
+
const enrich_1 = require("./enrich");
|
|
5
|
+
const redactions_1 = require("./redactions");
|
|
6
|
+
const validations_1 = require("./validations");
|
|
7
|
+
exports.FileSchema = {
|
|
8
|
+
category: 'file',
|
|
9
|
+
match: (tool) => ['read', 'write', 'edit'].includes(tool.name),
|
|
10
|
+
enrich: enrich_1.enrich,
|
|
11
|
+
redactions: redactions_1.redactions,
|
|
12
|
+
validate: validations_1.validate,
|
|
13
|
+
};
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.redactions = void 0;
|
|
4
|
+
exports.redactions = [
|
|
5
|
+
{ path: 'file_path', strategy: 'path' },
|
|
6
|
+
{ path: 'target.file_path', strategy: 'path' },
|
|
7
|
+
{ path: 'target.file_directory', strategy: 'path' },
|
|
8
|
+
];
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validate = validate;
|
|
4
|
+
function validate(event) {
|
|
5
|
+
if (!event.file_path)
|
|
6
|
+
return { valid: false, field: 'file_path', error: 'missing file_path' };
|
|
7
|
+
if (!event.target?.file_name)
|
|
8
|
+
return { valid: false, field: 'target.file_name', error: 'missing target.file_name' };
|
|
9
|
+
return { valid: true };
|
|
10
|
+
}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.enrich = enrich;
|
|
4
|
+
const base_1 = require("../base");
|
|
5
|
+
function enrich(tool, ctx) {
|
|
6
|
+
const args = tool.arguments;
|
|
7
|
+
const action = args.action || '';
|
|
8
|
+
const meta = {
|
|
9
|
+
tool_name: 'gateway',
|
|
10
|
+
'openclaw.session_id': ctx.sessionId,
|
|
11
|
+
'openclaw.agent_id': ctx.agentId,
|
|
12
|
+
sub_action: action,
|
|
13
|
+
gateway_is_restart: action === 'restart',
|
|
14
|
+
gateway_is_config_change: action.startsWith('config.'),
|
|
15
|
+
gateway_is_update: action === 'update.run',
|
|
16
|
+
};
|
|
17
|
+
if (action === 'config.apply' || action === 'config.patch') {
|
|
18
|
+
meta.gateway_config_action = action;
|
|
19
|
+
if (args.raw) {
|
|
20
|
+
meta.gateway_config_has_host_change = /\bhost\b.*:/.test(args.raw);
|
|
21
|
+
meta.gateway_config_has_auth_change = /\b(auth|token|secret|password)\b/i.test(args.raw);
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
const event = {
|
|
25
|
+
timestamp: ctx.timestamp,
|
|
26
|
+
event_type: 'TOOL_CALL',
|
|
27
|
+
tool_name: 'gateway',
|
|
28
|
+
tool_category: 'gateway',
|
|
29
|
+
session_id: ctx.sessionId,
|
|
30
|
+
model: ctx.model,
|
|
31
|
+
product_name: 'OpenClaw',
|
|
32
|
+
vendor_name: 'UPX',
|
|
33
|
+
principal: {
|
|
34
|
+
hostname: ctx.source.hostname,
|
|
35
|
+
ip: ctx.source.ip_addresses?.[0] || '',
|
|
36
|
+
platform: ctx.source.os.platform,
|
|
37
|
+
user: ctx.agentId,
|
|
38
|
+
},
|
|
39
|
+
arguments_summary: (0, base_1.truncate)(JSON.stringify(args || {})),
|
|
40
|
+
tool_metadata: (0, base_1.stringifyMetadata)(meta),
|
|
41
|
+
};
|
|
42
|
+
if (meta.gateway_is_config_change || meta.gateway_is_restart || meta.gateway_is_update) {
|
|
43
|
+
event.security_result = {
|
|
44
|
+
severity: action === 'config.apply' ? 'HIGH' : 'MEDIUM',
|
|
45
|
+
summary: `Gateway ${action} operation`,
|
|
46
|
+
category: 'config_change',
|
|
47
|
+
};
|
|
48
|
+
}
|
|
49
|
+
return event;
|
|
50
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GatewaySchema = void 0;
|
|
4
|
+
const enrich_1 = require("./enrich");
|
|
5
|
+
const redactions_1 = require("./redactions");
|
|
6
|
+
const validations_1 = require("./validations");
|
|
7
|
+
exports.GatewaySchema = {
|
|
8
|
+
category: 'gateway',
|
|
9
|
+
match: (tool) => tool.name === 'gateway',
|
|
10
|
+
enrich: enrich_1.enrich,
|
|
11
|
+
redactions: redactions_1.redactions,
|
|
12
|
+
validate: validations_1.validate,
|
|
13
|
+
};
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.enrich = enrich;
|
|
4
|
+
const base_1 = require("../base");
|
|
5
|
+
function enrich(tool, ctx) {
|
|
6
|
+
const args = tool.arguments;
|
|
7
|
+
return {
|
|
8
|
+
timestamp: ctx.timestamp,
|
|
9
|
+
event_type: 'TOOL_CALL',
|
|
10
|
+
tool_name: tool.name,
|
|
11
|
+
tool_category: 'generic',
|
|
12
|
+
session_id: ctx.sessionId,
|
|
13
|
+
model: ctx.model,
|
|
14
|
+
product_name: 'OpenClaw',
|
|
15
|
+
vendor_name: 'UPX',
|
|
16
|
+
principal: {
|
|
17
|
+
hostname: ctx.source.hostname,
|
|
18
|
+
ip: ctx.source.ip_addresses?.[0] || '',
|
|
19
|
+
platform: ctx.source.os.platform,
|
|
20
|
+
user: ctx.agentId,
|
|
21
|
+
},
|
|
22
|
+
arguments_summary: (0, base_1.truncate)(JSON.stringify(args || {})),
|
|
23
|
+
tool_metadata: (0, base_1.stringifyMetadata)({
|
|
24
|
+
tool_name: tool.name,
|
|
25
|
+
'openclaw.session_id': ctx.sessionId,
|
|
26
|
+
'openclaw.agent_id': ctx.agentId,
|
|
27
|
+
sub_action: args.action || null,
|
|
28
|
+
}),
|
|
29
|
+
};
|
|
30
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.GenericSchema = void 0;
|
|
4
|
+
const enrich_1 = require("./enrich");
|
|
5
|
+
const redactions_1 = require("./redactions");
|
|
6
|
+
const validations_1 = require("./validations");
|
|
7
|
+
/** Fallback schema — always matches. MUST be last in the registry. */
|
|
8
|
+
exports.GenericSchema = {
|
|
9
|
+
category: 'generic',
|
|
10
|
+
match: (_tool) => true,
|
|
11
|
+
enrich: enrich_1.enrich,
|
|
12
|
+
redactions: redactions_1.redactions,
|
|
13
|
+
validate: validations_1.validate,
|
|
14
|
+
};
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.enrich = enrich;
|
|
4
|
+
const base_1 = require("../base");
|
|
5
|
+
function enrich(_tool, ctx) {
|
|
6
|
+
const version = ctx.source.openclaw.version;
|
|
7
|
+
const versionSortable = version.split('.').map((p, i) => i > 0 ? p.padStart(2, '0') : p).join('.');
|
|
8
|
+
return {
|
|
9
|
+
timestamp: ctx.timestamp,
|
|
10
|
+
event_type: 'TOOL_CALL',
|
|
11
|
+
tool_name: 'host_telemetry',
|
|
12
|
+
tool_category: 'host_telemetry',
|
|
13
|
+
session_id: ctx.sessionId,
|
|
14
|
+
product_name: 'OpenClaw',
|
|
15
|
+
vendor_name: 'UPX',
|
|
16
|
+
principal: {
|
|
17
|
+
hostname: ctx.source.hostname,
|
|
18
|
+
ip: ctx.source.ip_addresses?.[0] || '',
|
|
19
|
+
platform: ctx.source.os.platform,
|
|
20
|
+
user: ctx.agentId,
|
|
21
|
+
},
|
|
22
|
+
tool_metadata: (0, base_1.stringifyMetadata)({
|
|
23
|
+
tool_name: 'host_telemetry',
|
|
24
|
+
'openclaw.version': version,
|
|
25
|
+
'openclaw.version_sortable': versionSortable,
|
|
26
|
+
}),
|
|
27
|
+
};
|
|
28
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.HostTelemetrySchema = void 0;
|
|
4
|
+
const enrich_1 = require("./enrich");
|
|
5
|
+
const redactions_1 = require("./redactions");
|
|
6
|
+
const validations_1 = require("./validations");
|
|
7
|
+
exports.HostTelemetrySchema = {
|
|
8
|
+
category: 'host_telemetry',
|
|
9
|
+
match: (tool) => tool.name === 'host_telemetry',
|
|
10
|
+
enrich: enrich_1.enrich,
|
|
11
|
+
redactions: redactions_1.redactions,
|
|
12
|
+
validate: validations_1.validate,
|
|
13
|
+
};
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* src/events/index.ts — Shield Event Registry
|
|
3
|
+
*
|
|
4
|
+
* Imports all schemas and builds the ordered lookup array.
|
|
5
|
+
* GenericSchema is always last — it matches everything and acts as the fallback.
|
|
6
|
+
* First match wins; schemas are evaluated in order.
|
|
7
|
+
*/
|
|
8
|
+
import { EventSchema } from './base';
|
|
9
|
+
export type { ExecEvent } from './exec';
|
|
10
|
+
export type { FileEvent } from './file';
|
|
11
|
+
export type { WebEvent } from './web';
|
|
12
|
+
export type { BrowserEvent } from './browser';
|
|
13
|
+
export type { MessageEvent } from './message';
|
|
14
|
+
export type { SessionsSpawnEvent } from './sessions-spawn';
|
|
15
|
+
export type { CronEvent } from './cron';
|
|
16
|
+
export type { GatewayEvent } from './gateway';
|
|
17
|
+
export type { HostTelemetryEvent } from './host-telemetry';
|
|
18
|
+
export type { ToolResultEvent } from './tool-result';
|
|
19
|
+
export type { GenericEvent } from './generic';
|
|
20
|
+
export type { BaseEvent, EventSchema, SourceInfo } from './base';
|
|
21
|
+
export { buildToolResult } from './tool-result';
|
|
22
|
+
import type { ExecEvent } from './exec';
|
|
23
|
+
import type { FileEvent } from './file';
|
|
24
|
+
import type { WebEvent } from './web';
|
|
25
|
+
import type { BrowserEvent } from './browser';
|
|
26
|
+
import type { MessageEvent } from './message';
|
|
27
|
+
import type { SessionsSpawnEvent } from './sessions-spawn';
|
|
28
|
+
import type { CronEvent } from './cron';
|
|
29
|
+
import type { GatewayEvent } from './gateway';
|
|
30
|
+
import type { HostTelemetryEvent } from './host-telemetry';
|
|
31
|
+
import type { ToolResultEvent } from './tool-result';
|
|
32
|
+
import type { GenericEvent } from './generic';
|
|
33
|
+
/** Discriminated union of all Shield event types */
|
|
34
|
+
export type ShieldEvent = ExecEvent | FileEvent | WebEvent | BrowserEvent | MessageEvent | SessionsSpawnEvent | CronEvent | GatewayEvent | HostTelemetryEvent | ToolResultEvent | GenericEvent;
|
|
35
|
+
/**
|
|
36
|
+
* Ordered registry of all event schemas.
|
|
37
|
+
* GenericSchema MUST remain last.
|
|
38
|
+
* eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
39
|
+
*/
|
|
40
|
+
export declare const schemas: EventSchema<any>[];
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* src/events/index.ts — Shield Event Registry
|
|
4
|
+
*
|
|
5
|
+
* Imports all schemas and builds the ordered lookup array.
|
|
6
|
+
* GenericSchema is always last — it matches everything and acts as the fallback.
|
|
7
|
+
* First match wins; schemas are evaluated in order.
|
|
8
|
+
*/
|
|
9
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
+
exports.schemas = exports.buildToolResult = void 0;
|
|
11
|
+
const exec_1 = require("./exec");
|
|
12
|
+
const file_1 = require("./file");
|
|
13
|
+
const web_1 = require("./web");
|
|
14
|
+
const browser_1 = require("./browser");
|
|
15
|
+
const message_1 = require("./message");
|
|
16
|
+
const sessions_spawn_1 = require("./sessions-spawn");
|
|
17
|
+
const cron_1 = require("./cron");
|
|
18
|
+
const gateway_1 = require("./gateway");
|
|
19
|
+
const host_telemetry_1 = require("./host-telemetry");
|
|
20
|
+
const generic_1 = require("./generic");
|
|
21
|
+
var tool_result_1 = require("./tool-result");
|
|
22
|
+
Object.defineProperty(exports, "buildToolResult", { enumerable: true, get: function () { return tool_result_1.buildToolResult; } });
|
|
23
|
+
/**
|
|
24
|
+
* Ordered registry of all event schemas.
|
|
25
|
+
* GenericSchema MUST remain last.
|
|
26
|
+
* eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
27
|
+
*/
|
|
28
|
+
exports.schemas = [
|
|
29
|
+
exec_1.ExecSchema,
|
|
30
|
+
file_1.FileSchema,
|
|
31
|
+
web_1.WebSchema,
|
|
32
|
+
browser_1.BrowserSchema,
|
|
33
|
+
message_1.MessageSchema,
|
|
34
|
+
sessions_spawn_1.SessionsSpawnSchema,
|
|
35
|
+
cron_1.CronSchema,
|
|
36
|
+
gateway_1.GatewaySchema,
|
|
37
|
+
host_telemetry_1.HostTelemetrySchema,
|
|
38
|
+
generic_1.GenericSchema, // always last
|
|
39
|
+
];
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.enrich = enrich;
|
|
4
|
+
const base_1 = require("../base");
|
|
5
|
+
function enrich(tool, ctx) {
|
|
6
|
+
const args = tool.arguments;
|
|
7
|
+
const meta = {
|
|
8
|
+
tool_name: 'message',
|
|
9
|
+
'openclaw.session_id': ctx.sessionId,
|
|
10
|
+
'openclaw.agent_id': ctx.agentId,
|
|
11
|
+
sub_action: args.action || null,
|
|
12
|
+
};
|
|
13
|
+
if (args.buffer) {
|
|
14
|
+
meta.has_base64_payload = 'true';
|
|
15
|
+
const raw = typeof args.buffer === 'string' ? args.buffer.replace(/^data:[^;]+;base64,/, '') : '';
|
|
16
|
+
meta.payload_size_bytes = String(Math.floor(raw.length * 0.75));
|
|
17
|
+
}
|
|
18
|
+
return {
|
|
19
|
+
timestamp: ctx.timestamp,
|
|
20
|
+
event_type: 'TOOL_CALL',
|
|
21
|
+
tool_name: 'message',
|
|
22
|
+
tool_category: 'message',
|
|
23
|
+
session_id: ctx.sessionId,
|
|
24
|
+
model: ctx.model,
|
|
25
|
+
product_name: 'OpenClaw',
|
|
26
|
+
vendor_name: 'UPX',
|
|
27
|
+
principal: {
|
|
28
|
+
hostname: ctx.source.hostname,
|
|
29
|
+
ip: ctx.source.ip_addresses?.[0] || '',
|
|
30
|
+
platform: ctx.source.os.platform,
|
|
31
|
+
user: ctx.agentId,
|
|
32
|
+
},
|
|
33
|
+
arguments_summary: (0, base_1.truncate)(JSON.stringify(args || {})),
|
|
34
|
+
tool_metadata: (0, base_1.stringifyMetadata)(meta),
|
|
35
|
+
};
|
|
36
|
+
}
|