clawarmor 1.1.0 → 2.0.0-alpha.2

package/lib/checks/skill-pinning.js

@@ -0,0 +1,159 @@
+// T-PERSIST-002 — Skill Version Pinning
+// Checks that installed skills have explicit version pins to prevent
+// update poisoning attacks.
+
+import { existsSync, readdirSync, readFileSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+import { get } from '../config.js';
+
+const HOME = homedir();
+const OC_DIR = join(HOME, '.openclaw');
+const SKILLS_DIR = join(OC_DIR, 'skills');
+
+// A version pin looks like @1.2.3 or @1.2.3-beta.1 (semver)
+const SEMVER_PIN = /^[\^~]?\d+\.\d+\.\d+/;
+// "latest", "next", "*", ranges like ">=1.0.0" are NOT pins
+const FLOATING = /^(latest|next|beta|alpha|\*|>=|>|<|~\d|^\d)/;
+
+function isPinned(version) {
+  if (!version || typeof version !== 'string') return false;
+  if (FLOATING.test(version)) return false;
+  return SEMVER_PIN.test(version);
+}
+
+function collectUnpinnedFromConfig(config) {
+  const unpinned = [];
+
+  // Check skills.managed (array or object of { name, version })
+  const managed = get(config, 'skills.managed', null);
+  if (Array.isArray(managed)) {
+    for (const entry of managed) {
+      if (typeof entry === 'string') {
+        // "skill-name" with no version
+        unpinned.push({ name: entry, source: 'skills.managed', version: null });
+      } else if (entry && typeof entry === 'object') {
+        const name = entry.name || entry.id || JSON.stringify(entry);
+        if (!isPinned(entry.version)) {
+          unpinned.push({ name, source: 'skills.managed', version: entry.version || null });
+        }
+      }
+    }
+  } else if (managed && typeof managed === 'object') {
+    for (const [name, value] of Object.entries(managed)) {
+      const version = typeof value === 'string' ? value : value?.version;
+      if (!isPinned(version)) {
+        unpinned.push({ name, source: 'skills.managed', version: version || null });
+      }
+    }
+  }
+
+  // Check skills.installed
+  const installed = get(config, 'skills.installed', null);
+  if (Array.isArray(installed)) {
+    for (const entry of installed) {
+      if (typeof entry === 'string') {
+        // May be "name@version" or just "name"
+        const atIdx = entry.lastIndexOf('@');
+        if (atIdx > 0) {
+          const version = entry.slice(atIdx + 1);
+          const name = entry.slice(0, atIdx);
+          if (!isPinned(version)) unpinned.push({ name, source: 'skills.installed', version });
+        } else {
+          unpinned.push({ name: entry, source: 'skills.installed', version: null });
+        }
+      } else if (entry && typeof entry === 'object') {
+        const name = entry.name || entry.id || JSON.stringify(entry);
+        if (!isPinned(entry.version)) {
+          unpinned.push({ name, source: 'skills.installed', version: entry.version || null });
+        }
+      }
+    }
+  }
+
+  return unpinned;
+}
+
+function collectUnpinnedFromDisk() {
+  const unpinned = [];
+  if (!existsSync(SKILLS_DIR)) return unpinned;
+
+  let entries;
+  try { entries = readdirSync(SKILLS_DIR, { withFileTypes: true }); }
+  catch { return unpinned; }
+
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+    const skillDir = join(SKILLS_DIR, entry.name);
+
+    // Look for a package.json to find version
+    const pkgPath = join(skillDir, 'package.json');
+    if (existsSync(pkgPath)) {
+      try {
+        const pkg = JSON.parse(readFileSync(pkgPath, 'utf8'));
+        // If installed from a range or "latest", flag it
+        // We check _resolved or _requested for npm install metadata
+        const requested = pkg._requested?.rawSpec || pkg._spec;
+        if (requested && !isPinned(requested)) {
+          unpinned.push({ name: entry.name, source: 'skills/', version: requested });
+          continue;
+        }
+        // If no version at all in package.json
+        if (!pkg.version) {
+          unpinned.push({ name: entry.name, source: 'skills/', version: null });
+        }
+        // If version looks like a range (shouldn't happen for installed, but defensive)
+      } catch { /* skip */ }
+    } else {
+      // Directory exists but no package.json — unpinned / manual install
+      const skillMd = join(skillDir, 'SKILL.md');
+      if (existsSync(skillMd)) {
+        // Check frontmatter for version
+        try {
+          const md = readFileSync(skillMd, 'utf8');
+          const versionMatch = md.match(/^version:\s*(.+)$/m);
+          const version = versionMatch ? versionMatch[1].trim() : null;
+          if (!isPinned(version)) {
+            unpinned.push({ name: entry.name, source: 'skills/', version });
+          }
+        } catch {
+          unpinned.push({ name: entry.name, source: 'skills/', version: null });
+        }
+      }
+    }
+  }
+
+  return unpinned;
+}
+
+export function checkSkillPinning(config) {
+  const fromConfig = collectUnpinnedFromConfig(config);
+  const fromDisk = collectUnpinnedFromDisk();
+
+  // Merge, dedup by name
+  const seen = new Set(fromConfig.map(s => s.name));
+  const all = [...fromConfig];
+  for (const s of fromDisk) {
+    if (!seen.has(s.name)) { all.push(s); seen.add(s.name); }
+  }
+
+  if (!all.length) {
+    return { id: 'persist.skill_pinning', severity: 'MEDIUM', passed: true,
+      passedMsg: 'All installed skills have explicit version pins' };
+  }
+
+  const list = all.map(({ name, version }) =>
+    `• ${name}${version ? ` (version: "${version}" — not pinned)` : ' (no version specified)'}`
+  ).join('\n');
+
+  return {
+    id: 'persist.skill_pinning',
+    severity: 'MEDIUM',
+    passed: false,
+    title: `${all.length} skill${all.length > 1 ? 's' : ''} installed without a version pin`,
+    description: `Skills without a pinned version can silently update to a malicious release.\nAttack (T-PERSIST-002): attacker publishes a new "latest" version of a skill\nyou use — your next gateway start runs the malicious code automatically.\n\n${list}`,
+    fix: `Pin skills to a specific version when installing:\n  openclaw clawhub install <skill>@<version>\n\nExample:\n  openclaw clawhub install weather@1.4.2`,
+  };
+}
+
+export default [checkSkillPinning];

package/lib/checks/token-age.js

@@ -0,0 +1,180 @@
+// T-ACCESS-003 — Token Age Hygiene
+// Checks agent-accounts.json for stale credentials (by date fields only).
+// NEVER logs or prints actual credential values.
+
+import { readFileSync, existsSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+const HOME = homedir();
+const ACCOUNTS_FILE = join(HOME, '.openclaw', 'agent-accounts.json');
+
+const CRED_KEY_PATTERN = /token|key|secret|password|credential/i;
+const DATE_KEY_PATTERN = /creat|updat|generat|issu|born|added|refresh|rotat|expir|since|timestamp|date|time/i;
+
+const WARN_DAYS = 90;
+const HIGH_DAYS = 180;
+const MS_PER_DAY = 86400000;
+
+function parseDate(value) {
+  if (value == null) return null;
+  // Unix timestamp (seconds) — must be between 2015 and 2040
+  if (typeof value === 'number' && value > 1420000000 && value < 2208988800) {
+    return new Date(value * 1000);
+  }
+  if (typeof value === 'string' && value.length >= 8) {
+    const d = new Date(value);
+    if (!isNaN(d.getTime()) && d.getFullYear() >= 2015 && d.getFullYear() <= 2040) {
+      return d;
+    }
+  }
+  return null;
+}
+
+function ageInDays(date) {
+  return Math.floor((Date.now() - date.getTime()) / MS_PER_DAY);
+}
+
+// Walk an object and collect { keyPath, date } for any date-like values
+// that appear alongside credential-like keys.
+function collectDateFields(obj, parentPath = '') {
+  const results = [];
+  if (!obj || typeof obj !== 'object' || Array.isArray(obj)) return results;
+
+  for (const [key, value] of Object.entries(obj)) {
+    const keyPath = parentPath ? `${parentPath}.${key}` : key;
+
+    if (typeof value === 'object' && value !== null && !Array.isArray(value)) {
+      results.push(...collectDateFields(value, keyPath));
+      continue;
+    }
+
+    if (Array.isArray(value)) {
+      value.forEach((item, i) => {
+        if (typeof item === 'object' && item !== null) {
+          results.push(...collectDateFields(item, `${keyPath}[${i}]`));
+        }
+      });
+      continue;
+    }
+
+    // Only consider date-like values attached to date-named keys
+    // that appear in an object that also has credential-like keys
+    if (DATE_KEY_PATTERN.test(key)) {
+      const date = parseDate(value);
+      if (date) {
+        results.push({ keyPath, date });
+      }
+    }
+  }
+
+  return results;
+}
+
+// Find objects in the tree that contain at least one credential-key
+// and return any date fields within those objects.
+function findCredentialDates(obj, parentPath = '') {
+  const results = [];
+  if (!obj || typeof obj !== 'object') return results;
+
+  if (Array.isArray(obj)) {
+    obj.forEach((item, i) => {
+      results.push(...findCredentialDates(item, `${parentPath}[${i}]`));
+    });
+    return results;
+  }
+
+  const keys = Object.keys(obj);
+  const hasCredKey = keys.some(k => CRED_KEY_PATTERN.test(k));
+
+  if (hasCredKey) {
+    // This object has credential-like keys; look for date fields within it
+    for (const [key, value] of Object.entries(obj)) {
+      const keyPath = parentPath ? `${parentPath}.${key}` : key;
+      if (DATE_KEY_PATTERN.test(key)) {
+        const date = parseDate(value);
+        if (date) results.push({ keyPath, date });
+      }
+    }
+  }
+
+  // Always recurse into child objects
+  for (const [key, value] of Object.entries(obj)) {
+    const keyPath = parentPath ? `${parentPath}.${key}` : key;
+    if (value && typeof value === 'object') {
+      results.push(...findCredentialDates(value, keyPath));
+    }
+  }
+
+  return results;
+}
+
+export function checkTokenAge() {
+  if (!existsSync(ACCOUNTS_FILE)) {
+    return { id: 'access.token_age', severity: 'INFO', passed: true,
+      passedMsg: 'agent-accounts.json not found — token age check skipped' };
+  }
+
+  let accounts;
+  try {
+    accounts = JSON.parse(readFileSync(ACCOUNTS_FILE, 'utf8'));
+  } catch {
+    return { id: 'access.token_age', severity: 'INFO', passed: true,
+      passedMsg: 'agent-accounts.json could not be parsed — token age check skipped' };
+  }
+
+  const dateFields = findCredentialDates(accounts);
+  if (!dateFields.length) {
+    return { id: 'access.token_age', severity: 'INFO', passed: true,
+      passedMsg: 'No date fields found in agent-accounts.json — token age check skipped' };
+  }
+
+  // Deduplicate by keyPath, keep earliest date
+  const byPath = new Map();
+  for (const { keyPath, date } of dateFields) {
+    if (!byPath.has(keyPath) || date < byPath.get(keyPath)) {
+      byPath.set(keyPath, date);
+    }
+  }
+
+  const critical180 = [];
+  const warn90 = [];
+
+  for (const [keyPath, date] of byPath) {
+    const days = ageInDays(date);
+    if (days >= HIGH_DAYS) {
+      critical180.push({ keyPath, days });
+    } else if (days >= WARN_DAYS) {
+      warn90.push({ keyPath, days });
+    }
+  }
+
+  if (critical180.length) {
+    const list = critical180.map(({ keyPath, days }) => `• ${keyPath} (${days} days old)`).join('\n');
+    return {
+      id: 'access.token_age',
+      severity: 'HIGH',
+      passed: false,
+      title: `Credentials older than ${HIGH_DAYS} days detected`,
+      description: `The following credential date fields indicate tokens/keys that have not been\nrotated in over ${HIGH_DAYS} days. Stale credentials increase exposure window if leaked.\n\n${list}`,
+      fix: `Rotate these credentials at their respective service dashboards.\nThen update agent-accounts.json with new values and fresh dates.`,
+    };
+  }
+
+  if (warn90.length) {
+    const list = warn90.map(({ keyPath, days }) => `• ${keyPath} (${days} days old)`).join('\n');
+    return {
+      id: 'access.token_age',
+      severity: 'MEDIUM',
+      passed: false,
+      title: `Credentials older than ${WARN_DAYS} days detected`,
+      description: `The following credential date fields indicate tokens/keys not rotated in\nover ${WARN_DAYS} days. Consider rotating them proactively.\n\n${list}`,
+      fix: `Rotate these credentials at their respective service dashboards.\nThen update agent-accounts.json with new values and fresh dates.`,
+    };
+  }
+
+  return { id: 'access.token_age', severity: 'INFO', passed: true,
+    passedMsg: `All credential date fields are within ${WARN_DAYS} days` };
+}
+
+export default [checkTokenAge];

package/lib/integrity.js

@@ -0,0 +1,102 @@
+// integrity.js — Config integrity hashing (P2-3)
+// On first clean audit: hashes the config and saves the baseline.
+// On subsequent runs: detects changes and surfaces them.
+// Zero external deps — uses Node.js built-in crypto.
+
+import { createHash } from 'crypto';
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+const INTEGRITY_FILE = join(homedir(), '.clawarmor', 'integrity.json');
+
+function hashFile(filePath) {
+  try {
+    const content = readFileSync(filePath, 'utf8');
+    return {
+      hash: createHash('sha256').update(content).digest('hex').slice(0, 16),
+      size: content.length,
+      lines: content.split('\n').length,
+    };
+  } catch {
+    return null;
+  }
+}
+
+function loadIntegrity() {
+  if (!existsSync(INTEGRITY_FILE)) return null;
+  try { return JSON.parse(readFileSync(INTEGRITY_FILE, 'utf8')); }
+  catch { return null; }
+}
+
+function saveIntegrity(data) {
+  try {
+    mkdirSync(join(homedir(), '.clawarmor'), { recursive: true });
+    writeFileSync(INTEGRITY_FILE, JSON.stringify(data, null, 2), 'utf8');
+  } catch { /* non-fatal */ }
+}
+
+/**
+ * Check config integrity. Call this after a successful (score > 0) audit.
+ * Returns { status, changes } where status is 'baseline'|'ok'|'changed'.
+ */
+export function checkIntegrity(configPath, score) {
+  const current = hashFile(configPath);
+  if (!current) return { status: 'unreadable', changes: [] };
+
+  const stored = loadIntegrity();
+
+  if (!stored) {
+    // First run — establish baseline (only if clean or near-clean)
+    if (score >= 80) {
+      saveIntegrity({
+        configPath,
+        hash: current.hash,
+        size: current.size,
+        lines: current.lines,
+        baselineAt: new Date().toISOString(),
+        baselineScore: score,
+      });
+      return { status: 'baseline', changes: [] };
+    }
+    return { status: 'no-baseline', changes: [] };
+  }
+
+  // Check for changes
+  if (stored.hash === current.hash) {
+    return { status: 'ok', changes: [] };
+  }
+
+  const changes = [];
+  if (stored.size !== current.size) {
+    const delta = current.size - stored.size;
+    changes.push(`Size: ${stored.size} → ${current.size} bytes (${delta > 0 ? '+' : ''}${delta})`);
+  }
+  if (stored.lines !== current.lines) {
+    const delta = current.lines - stored.lines;
+    changes.push(`Lines: ${stored.lines} → ${current.lines} (${delta > 0 ? '+' : ''}${delta})`);
+  }
+  changes.push(`Hash: ${stored.hash} → ${current.hash}`);
+
+  return {
+    status: 'changed',
+    changes,
+    baselineAt: stored.baselineAt,
+    baselineScore: stored.baselineScore,
+  };
+}
+
+/** Update baseline after a clean audit (call when user explicitly passes --accept-changes). */
+export function updateBaseline(configPath, score) {
+  const current = hashFile(configPath);
+  if (!current) return false;
+  saveIntegrity({
+    configPath,
+    hash: current.hash,
+    size: current.size,
+    lines: current.lines,
+    baselineAt: new Date().toISOString(),
+    baselineScore: score,
+  });
+  return true;
+}

package/lib/log-viewer.js

@@ -0,0 +1,140 @@
+// ClawArmor v2.0 — Audit Log Viewer
+// Reads ~/.clawarmor/audit.log (JSONL) and displays events in human-readable form.
+// Flags: --since <Nd|Nh>  --json  --tokens
+
+import { existsSync, readFileSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+import { paint, severityColor } from './output/colors.js';
+
+const LOG_FILE = join(homedir(), '.clawarmor', 'audit.log');
+const SEP = paint.dim('─'.repeat(52));
+
+function parseEntries() {
+  if (!existsSync(LOG_FILE)) return null;
+  const raw = readFileSync(LOG_FILE, 'utf8');
+  return raw
+    .split('\n')
+    .filter(Boolean)
+    .map(line => { try { return JSON.parse(line); } catch { return null; } })
+    .filter(Boolean);
+}
+
+function parseSince(sinceArg) {
+  if (!sinceArg) return null;
+  const m = sinceArg.match(/^(\d+)(d|h)$/);
+  if (!m) return null;
+  const n = parseInt(m[1], 10);
+  const ms = m[2] === 'd' ? n * 86_400_000 : n * 3_600_000;
+  return new Date(Date.now() - ms);
+}
+
+function cmdColor(cmd) {
+  switch (cmd) {
+    case 'audit':   return paint.cyan(cmd.padEnd(7));
+    case 'scan':    return paint.cyan(cmd.padEnd(7));
+    case 'prescan': return paint.cyan(cmd.padEnd(7));
+    case 'watch':   return paint.dim(cmd.padEnd(7));
+    default:        return paint.dim((cmd || '?').padEnd(7));
+  }
+}
+
+function formatScore(score, delta) {
+  if (score == null) return '';
+  const s = `${score}/100`;
+  if (delta == null) return paint.bold(s);
+  const dStr = delta >= 0 ? `+${delta}` : `${delta}`;
+  const dColor = delta >= 0 ? paint.green : paint.red;
+  return `${paint.bold(s)} ${dColor(dStr)}`;
+}
+
+function formatFindings(findings) {
+  if (!Array.isArray(findings) || !findings.length) return paint.green('clean');
+  const bySev = { CRITICAL: 0, HIGH: 0, MEDIUM: 0, LOW: 0, INFO: 0 };
+  for (const f of findings) bySev[f.severity] = (bySev[f.severity] || 0) + 1;
+  const parts = [];
+  if (bySev.CRITICAL) parts.push(paint.red(`${bySev.CRITICAL}C`));
+  if (bySev.HIGH)     parts.push(paint.yellow(`${bySev.HIGH}H`));
+  if (bySev.MEDIUM)   parts.push(paint.cyan(`${bySev.MEDIUM}M`));
+  if (bySev.LOW || bySev.INFO)
+    parts.push(paint.dim(`${(bySev.LOW || 0) + (bySev.INFO || 0)}L`));
+  return parts.join(' ') || paint.green('clean');
+}
+
+function formatEntry(e) {
+  const ts = new Date(e.ts).toLocaleString('en-US', { dateStyle: 'medium', timeStyle: 'short' });
+  const cmd = cmdColor(e.cmd);
+  const trigger = paint.dim(`[${e.trigger || 'manual'}]`);
+  const scoreStr = formatScore(e.score, e.delta);
+  const findingsStr = formatFindings(e.findings);
+  const blocked = e.blocked === true ? `  ${paint.red('BLOCKED')}` : '';
+  const skill = e.skill ? `  ${paint.cyan(e.skill)}` : '';
+
+  const parts = [paint.dim(ts), cmd, trigger];
+  if (scoreStr) parts.push(scoreStr);
+  parts.push(findingsStr);
+
+  return `  ${parts.join('  ')}${skill}${blocked}`;
+}
+
+export async function runLog(flags = {}) {
+  const entries = parseEntries();
+
+  if (!entries) {
+    console.log('');
+    console.log(`  No audit log yet. Run ${paint.cyan('clawarmor audit')} to start.`);
+    console.log('');
+    return 0;
+  }
+
+  let filtered = entries;
+
+  // --since filter
+  const since = parseSince(flags.since);
+  if (since) {
+    filtered = filtered.filter(e => new Date(e.ts) >= since);
+  }
+
+  // --tokens filter
+  if (flags.tokens) {
+    filtered = filtered.filter(e =>
+      Array.isArray(e.findings) &&
+      e.findings.some(f => (f.id || '').includes('token') || (f.id || '').includes('access'))
+    );
+  }
+
+  // --json: raw JSONL output
+  if (flags.json) {
+    for (const e of filtered) console.log(JSON.stringify(e));
+    return 0;
+  }
+
+  // Default: last 10 events
+  const recent = filtered.slice(-10);
+
+  console.log('');
+  if (!recent.length) {
+    console.log(`  No log entries match the given filters.`);
+    console.log(`  ${paint.dim('Total entries in log:')} ${entries.length}`);
+    console.log('');
+    return 0;
+  }
+
+  console.log(SEP);
+  const label = flags.since ? ` — since ${flags.since}` : ` — last ${recent.length}`;
+  console.log(`  ${paint.bold('ClawArmor Audit Log')}${paint.dim(label)}`);
+  console.log(SEP);
+  console.log('');
+
+  for (const e of recent) {
+    console.log(formatEntry(e));
+  }
+
+  if (filtered.length > 10) {
+    console.log('');
+    console.log(`  ${paint.dim(`(showing 10 of ${filtered.length} entries — use --since to filter)`)}`);
+  }
+
+  console.log('');
+  return 0;
+}