agenthusk 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/LICENSE +21 -0
- package/README.md +130 -0
- package/SECURITY.md +50 -0
- package/docs/assets/agenthusk-social.svg +74 -0
- package/package.json +48 -0
- package/src/catalog.js +28 -0
- package/src/cli.js +214 -0
- package/src/demo.js +119 -0
- package/src/report.js +895 -0
- package/src/scanner.js +768 -0
package/src/demo.js
ADDED
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
export function createDemoReport() {
|
|
2
|
+
const findings = [
|
|
3
|
+
{
|
|
4
|
+
id: "demo-1",
|
|
5
|
+
severity: "critical",
|
|
6
|
+
category: "secret",
|
|
7
|
+
title: "Discord webhook fingerprint found in agent storage",
|
|
8
|
+
detail: "Value hidden. Fingerprint a18f09b4d1 at line 482. Rotate the credential if this residue was not expected.",
|
|
9
|
+
path: "~/.gemini/tmp/chats/session-late-night.json",
|
|
10
|
+
agent: "gemini",
|
|
11
|
+
agentLabel: "Gemini"
|
|
12
|
+
},
|
|
13
|
+
{
|
|
14
|
+
id: "demo-2",
|
|
15
|
+
severity: "critical",
|
|
16
|
+
category: "secret",
|
|
17
|
+
title: "GitHub token fingerprint found in agent storage",
|
|
18
|
+
detail: "Value hidden. Fingerprint 77cf2e0aa4 at line 91. Rotate the credential if this residue was not expected.",
|
|
19
|
+
path: "~/.openclaw/agents/main/sessions/launch.jsonl",
|
|
20
|
+
agent: "openclaw",
|
|
21
|
+
agentLabel: "OpenClaw"
|
|
22
|
+
},
|
|
23
|
+
{
|
|
24
|
+
id: "demo-3",
|
|
25
|
+
severity: "high",
|
|
26
|
+
category: "residue",
|
|
27
|
+
title: "Environment file residue found inside agent storage",
|
|
28
|
+
detail: "Review whether this environment snapshot is still needed. It may contain credentials copied from a workspace.",
|
|
29
|
+
path: "~/.gemini/code_tracker/active/no_repo/7f92_.env",
|
|
30
|
+
agent: "gemini",
|
|
31
|
+
agentLabel: "Gemini"
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
id: "demo-4",
|
|
35
|
+
severity: "high",
|
|
36
|
+
category: "permissions",
|
|
37
|
+
title: "Sensitive residue is readable by other local users",
|
|
38
|
+
detail: "Mode 644 exposes an agent-related file outside its owner account.",
|
|
39
|
+
path: "~/.gemini/code_tracker/active/no_repo/7f92_.env",
|
|
40
|
+
agent: "gemini",
|
|
41
|
+
agentLabel: "Gemini"
|
|
42
|
+
},
|
|
43
|
+
{
|
|
44
|
+
id: "demo-5",
|
|
45
|
+
severity: "high",
|
|
46
|
+
category: "residue",
|
|
47
|
+
title: "Shell history residue found inside agent storage",
|
|
48
|
+
detail: "Shell history often contains commands, URLs, tokens, and operational details.",
|
|
49
|
+
path: "~/.openclaw/migration/backups/.bash_history",
|
|
50
|
+
agent: "openclaw",
|
|
51
|
+
agentLabel: "OpenClaw"
|
|
52
|
+
},
|
|
53
|
+
{
|
|
54
|
+
id: "demo-6",
|
|
55
|
+
severity: "medium",
|
|
56
|
+
category: "mcp",
|
|
57
|
+
title: "MCP server configuration discovered",
|
|
58
|
+
detail: "Review command paths, environment variable references, and trust boundaries before enabling local MCP servers.",
|
|
59
|
+
path: "~/.claude/settings.json",
|
|
60
|
+
agent: "claude",
|
|
61
|
+
agentLabel: "Claude Code"
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
id: "demo-7",
|
|
65
|
+
severity: "low",
|
|
66
|
+
category: "residue",
|
|
67
|
+
title: "Agent session transcript stored locally",
|
|
68
|
+
detail: "Session transcripts are expected but should be retained intentionally and protected with owner-only permissions.",
|
|
69
|
+
path: "~/.codex/sessions/2026/06/01/rollout.jsonl",
|
|
70
|
+
agent: "codex",
|
|
71
|
+
agentLabel: "Codex"
|
|
72
|
+
}
|
|
73
|
+
];
|
|
74
|
+
|
|
75
|
+
return {
|
|
76
|
+
schemaVersion: 1,
|
|
77
|
+
generatedAt: "2026-06-01T00:00:00.000Z",
|
|
78
|
+
home: "~",
|
|
79
|
+
pathsRedacted: true,
|
|
80
|
+
guarantee: "Matched content values are excluded from content-derived report fields. Paths are anonymized by default; review metadata before sharing.",
|
|
81
|
+
score: 92,
|
|
82
|
+
risk: "critical",
|
|
83
|
+
stats: {
|
|
84
|
+
filesVisited: 1842,
|
|
85
|
+
directoriesVisited: 311,
|
|
86
|
+
bytesVisited: 23840019,
|
|
87
|
+
textFilesInspected: 906,
|
|
88
|
+
filesSkippedBySize: 8,
|
|
89
|
+
symlinksSkipped: 3,
|
|
90
|
+
rootsMissing: 2,
|
|
91
|
+
rootsSkippedUnsafe: 0,
|
|
92
|
+
capped: false
|
|
93
|
+
},
|
|
94
|
+
severityCounts: { critical: 2, high: 3, medium: 1, low: 1, info: 0 },
|
|
95
|
+
agents: [
|
|
96
|
+
{ id: "codex", label: "Codex", color: "#f3b63f", path: "~/.codex" },
|
|
97
|
+
{ id: "claude", label: "Claude Code", color: "#e27650", path: "~/.claude" },
|
|
98
|
+
{ id: "gemini", label: "Gemini", color: "#6fb5ff", path: "~/.gemini" },
|
|
99
|
+
{ id: "openclaw", label: "OpenClaw", color: "#e96666", path: "~/.openclaw" }
|
|
100
|
+
],
|
|
101
|
+
findings,
|
|
102
|
+
secretOccurrences: [
|
|
103
|
+
{ agent: "gemini", agentLabel: "Gemini", type: "Discord webhook", fingerprint: "a18f09b4d1", path: "~/.gemini/tmp/chats/session-late-night.json", line: 482 },
|
|
104
|
+
{ agent: "openclaw", agentLabel: "OpenClaw", type: "Discord webhook", fingerprint: "a18f09b4d1", path: "~/.openclaw/agents/main/sessions/launch.jsonl", line: 122 },
|
|
105
|
+
{ agent: "openclaw", agentLabel: "OpenClaw", type: "GitHub token", fingerprint: "77cf2e0aa4", path: "~/.openclaw/agents/main/sessions/launch.jsonl", line: 91 }
|
|
106
|
+
],
|
|
107
|
+
duplicateSecrets: [
|
|
108
|
+
{
|
|
109
|
+
fingerprint: "a18f09b4d1",
|
|
110
|
+
type: "Discord webhook",
|
|
111
|
+
files: [
|
|
112
|
+
"~/.gemini/tmp/chats/session-late-night.json",
|
|
113
|
+
"~/.openclaw/agents/main/sessions/launch.jsonl"
|
|
114
|
+
],
|
|
115
|
+
agents: ["Gemini", "OpenClaw"]
|
|
116
|
+
}
|
|
117
|
+
]
|
|
118
|
+
};
|
|
119
|
+
}
|