clawguard-cli 0.1.0

package/dist/index.js

@@ -0,0 +1,1462 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import fs9 from "fs";
+import { Command } from "commander";
+import chalk3 from "chalk";
+
+// src/models.ts
+import { z } from "zod";
+var Severity = {
+  CRITICAL: "CRITICAL",
+  HIGH: "HIGH",
+  MEDIUM: "MEDIUM",
+  INFO: "INFO"
+};
+var SEVERITY_DEDUCTIONS = {
+  [Severity.CRITICAL]: 20,
+  [Severity.HIGH]: 10,
+  [Severity.MEDIUM]: 5,
+  [Severity.INFO]: 0
+};
+var FindingSchema = z.object({
+  severity: z.enum(["CRITICAL", "HIGH", "MEDIUM", "INFO"]),
+  title: z.string(),
+  details: z.array(z.string()).default([]),
+  fix: z.string().default(""),
+  category: z.string().default("")
+});
+function createFinding(params) {
+  return {
+    severity: params.severity,
+    title: params.title,
+    details: params.details ?? [],
+    fix: params.fix ?? "",
+    category: params.category ?? ""
+  };
+}
+function createScanResult(openclawPath = "") {
+  return {
+    findings: [],
+    openclawPath,
+    openclawVersion: null,
+    nodeVersion: null
+  };
+}
+function getScore(result) {
+  let total = 100;
+  for (const f of result.findings) {
+    total -= SEVERITY_DEDUCTIONS[f.severity];
+  }
+  return Math.max(0, total);
+}
+function getCriticalCount(result) {
+  return result.findings.filter((f) => f.severity === Severity.CRITICAL).length;
+}
+function getHighCount(result) {
+  return result.findings.filter((f) => f.severity === Severity.HIGH).length;
+}
+function getMediumCount(result) {
+  return result.findings.filter((f) => f.severity === Severity.MEDIUM).length;
+}
+function getInfoCount(result) {
+  return result.findings.filter((f) => f.severity === Severity.INFO).length;
+}
+
+// src/reporter.ts
+import chalk from "chalk";
+var VERSION = "0.1.0";
+var SEVERITY_COLORS = {
+  [Severity.CRITICAL]: chalk.red.bold,
+  [Severity.HIGH]: chalk.yellow.bold,
+  [Severity.MEDIUM]: chalk.cyan.bold,
+  [Severity.INFO]: chalk.green.bold
+};
+function getScoreStyle(score) {
+  if (score <= 30) return chalk.red.bold;
+  if (score <= 60) return chalk.yellow.bold;
+  if (score <= 80) return chalk.cyan.bold;
+  return chalk.green.bold;
+}
+function getScoreLabel(score) {
+  if (score <= 30) return "Critical Risk";
+  if (score <= 60) return "High Risk";
+  if (score <= 80) return "Moderate Risk";
+  return "Low Risk";
+}
+function printBanner() {
+  const banner = `${chalk.white.bold("ClawGuard")}${chalk.dim(` v${VERSION}`)}${chalk.white(" - OpenClaw Security Scanner")}`;
+  const border = chalk.blue("+" + "-".repeat(banner.length - 20) + "+");
+  console.log(border);
+  console.log(chalk.blue("|") + " " + banner + " " + chalk.blue("|"));
+  console.log(border);
+}
+function printFinding(finding) {
+  const colorFn = SEVERITY_COLORS[finding.severity];
+  const severityTag = colorFn(finding.severity);
+  console.log(`
+  ${severityTag}  ${finding.title}`);
+  for (const detail of finding.details) {
+    console.log(chalk.dim(`           ${detail}`));
+  }
+  if (finding.fix) {
+    console.log(chalk.italic(`           Fix: ${finding.fix}`));
+  }
+}
+function printReport(result) {
+  printBanner();
+  console.log(`
+Scanning ${chalk.bold(result.openclawPath)} ...
+`);
+  if (result.findings.length === 0) {
+    console.log(chalk.green("No security issues found!"));
+    console.log(`
+Score: ${chalk.green.bold("100/100 (Secure)")}`);
+    return;
+  }
+  const severityOrder = {
+    [Severity.CRITICAL]: 0,
+    [Severity.HIGH]: 1,
+    [Severity.MEDIUM]: 2,
+    [Severity.INFO]: 3
+  };
+  const sortedFindings = [...result.findings].sort(
+    (a, b) => severityOrder[a.severity] - severityOrder[b.severity]
+  );
+  for (const finding of sortedFindings) {
+    printFinding(finding);
+  }
+  console.log("\n" + "=".repeat(50));
+  const score = getScore(result);
+  const style = getScoreStyle(score);
+  const label = getScoreLabel(score);
+  console.log(`
+  Score: ${style(`${score}/100 (${label})`)}`);
+  const summaryParts = [];
+  const critical = getCriticalCount(result);
+  const high = getHighCount(result);
+  const medium = getMediumCount(result);
+  const info = getInfoCount(result);
+  if (critical) summaryParts.push(chalk.red(`${critical} critical`));
+  if (high) summaryParts.push(chalk.yellow(`${high} high`));
+  if (medium) summaryParts.push(chalk.cyan(`${medium} medium`));
+  if (info) summaryParts.push(chalk.green(`${info} info`));
+  console.log(`  Found: ${summaryParts.join(", ")}`);
+  const fixable = result.findings.filter(
+    (f) => f.fix && f.severity !== Severity.INFO
+  ).length;
+  if (fixable) {
+    console.log(
+      `  Run ${chalk.bold("clawguard fix")} to auto-fix ${fixable} issues`
+    );
+  }
+  console.log();
+}
+function printJson(result) {
+  const output = {
+    score: getScore(result),
+    openclaw_path: result.openclawPath,
+    openclaw_version: result.openclawVersion,
+    node_version: result.nodeVersion,
+    summary: {
+      critical: getCriticalCount(result),
+      high: getHighCount(result),
+      medium: getMediumCount(result),
+      info: getInfoCount(result)
+    },
+    findings: result.findings.map((f) => ({
+      severity: f.severity,
+      title: f.title,
+      details: f.details,
+      fix: f.fix,
+      category: f.category
+    }))
+  };
+  console.log(JSON.stringify(output, null, 2));
+}
+
+// src/scanner.ts
+import crypto from "crypto";
+import fs8 from "fs";
+import path8 from "path";
+import os2 from "os";
+import JSON54 from "json5";
+import chalk2 from "chalk";
+
+// src/checks/credentials.ts
+import fs from "fs";
+import path from "path";
+import JSON5 from "json5";
+
+// src/patterns.ts
+var API_KEY_PATTERNS = [
+  ["Anthropic API key", /sk-ant-[a-zA-Z0-9_-]{20,}/],
+  ["OpenAI API key", /sk-proj-[a-zA-Z0-9_-]{20,}/],
+  ["OpenAI legacy key", /sk-[a-zA-Z0-9]{40,}/],
+  ["Groq API key", /gsk_[a-zA-Z0-9]{20,}/],
+  ["xAI/Grok API key", /xai-[a-zA-Z0-9]{20,}/],
+  ["AWS Access Key", /AKIA[0-9A-Z]{16}/],
+  ["GitHub PAT", /ghp_[a-zA-Z0-9]{36}/],
+  ["GitHub OAuth", /gho_[a-zA-Z0-9]{36}/],
+  ["GitLab PAT", /glpat-[a-zA-Z0-9_-]{20,}/],
+  ["Slack Bot Token", /xoxb-[0-9]+-[0-9]+-[a-zA-Z0-9]+/],
+  ["Slack User Token", /xoxp-[0-9]+-[0-9]+-[0-9]+-[a-f0-9]+/],
+  ["Telegram Bot Token", /[0-9]{8,10}:[a-zA-Z0-9_-]{35}/],
+  ["Discord Bot Token", /[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27,}/],
+  ["OpenRouter API key", /sk-or-v1-[a-f0-9]{64}/],
+  ["Google API key", /AIza[0-9A-Za-z_-]{35}/],
+  ["Stripe Secret key", /sk_live_[a-zA-Z0-9]{20,}/],
+  ["Generic Bearer token", /Bearer\s+[a-zA-Z0-9_.-]{20,}/]
+];
+var ENV_VAR_PATTERN = /\$\{[A-Z_][A-Z0-9_]*\}/;
+var MALICIOUS_PATTERNS = [
+  [
+    "Base64 encoded payload",
+    /(?:base64\s+(?:-d|--decode)|atob|b64decode)\s*[(\s]/
+  ],
+  ["Base64 long string", /[A-Za-z0-9+/]{60,}={0,2}/],
+  ["curl pipe to shell", /curl\s+.*\|\s*(?:ba)?sh/],
+  ["wget pipe to shell", /wget\s+.*\|\s*(?:ba)?sh/],
+  ["curl to eval", /curl\s+.*\$\(/],
+  [
+    "Python exec/eval",
+    /(?:exec|eval)\s*\(\s*(?:base64|requests|urllib)/
+  ],
+  [
+    "Paste service URL",
+    /(?:glot\.io|pastebin\.com|paste\.ee|hastebin\.com|dpaste\.com)/
+  ],
+  [
+    "Password-protected archive",
+    /(?:unzip|7z|tar)\s+.*(?:-p\s*|-P\s*|--password)/
+  ],
+  ["Reverse shell", /(?:nc|ncat|netcat)\s+.*-e\s+\/bin/],
+  ["Python reverse shell", /socket\.connect\s*\(\s*\(\s*["'][\d.]+/],
+  ["Download and execute", /(?:curl|wget)\s+.*&&\s*chmod\s+\+x/]
+];
+var C2_IP_PATTERN = /(?:91\.92\.242\.\d+|95\.92\.242\.\d+|54\.91\.154\.110)/;
+var TYPOSQUAT_PUBLISHERS = [
+  "clawhub1",
+  "clawhubb",
+  "clawhubbcli",
+  "clawhub-official",
+  "openclaw-official"
+];
+var SUSPICIOUS_BINS = [
+  "nc",
+  "ncat",
+  "netcat",
+  "nmap",
+  "socat",
+  "msfconsole",
+  "msfvenom",
+  "metasploit",
+  "hydra",
+  "john",
+  "hashcat",
+  "tcpdump",
+  "wireshark",
+  "tshark"
+];
+var MEMORY_POISONING_PATTERNS = [
+  [
+    "Hidden instruction injection",
+    /(?:ignore|disregard|override)\s+(?:previous|all|safety)\s+(?:instructions|rules)/i
+  ],
+  [
+    "System prompt override",
+    /you\s+are\s+now\s+(?:a|an)\s+(?:different|new|unrestricted)/i
+  ],
+  [
+    "Exfiltration instruction",
+    /(?:send|post|upload|transmit)\s+.*(?:to|at)\s+(?:https?:\/\/|webhook)/i
+  ],
+  [
+    "Credential harvesting",
+    /(?:read|extract|collect|gather)\s+.*(?:api.?key|token|password|credential|secret)/i
+  ],
+  [
+    "Scheduled task injection",
+    /(?:cron|crontab|schedule|periodic|every\s+\d+\s+(?:minute|hour))/i
+  ]
+];
+
+// src/checks/credentials.ts
+function scanFileForKeys(filepath) {
+  const hits = [];
+  try {
+    const content = fs.readFileSync(filepath, { encoding: "utf-8" });
+    const lines = content.split("\n");
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+      const line = lines[lineNum];
+      if (ENV_VAR_PATTERN.test(line)) {
+        continue;
+      }
+      for (const [keyName, pattern] of API_KEY_PATTERNS) {
+        const globalPattern = new RegExp(pattern.source, pattern.flags + (pattern.flags.includes("g") ? "" : "g"));
+        let match;
+        while ((match = globalPattern.exec(line)) !== null) {
+          const matched = match[0];
+          const masked = matched.length > 16 ? matched.slice(0, 8) + "..." + matched.slice(-4) : matched.slice(0, 4) + "...";
+          hits.push({ keyName, masked, lineNum: lineNum + 1 });
+        }
+      }
+    }
+  } catch {
+  }
+  return hits;
+}
+function getRelativePath(filePath, basePath) {
+  const parentDir = path.dirname(basePath);
+  return path.relative(parentDir, filePath);
+}
+function checkCredentials(openclawPath) {
+  const findings = [];
+  const configFiles = [
+    path.join(openclawPath, "openclaw.json"),
+    path.join(openclawPath, "credentials", "profiles.json")
+  ];
+  const agentsDir = path.join(openclawPath, "agents");
+  if (fs.existsSync(agentsDir) && fs.statSync(agentsDir).isDirectory()) {
+    try {
+      for (const agentEntry of fs.readdirSync(agentsDir)) {
+        const authFile = path.join(
+          agentsDir,
+          agentEntry,
+          "agent",
+          "auth-profiles.json"
+        );
+        if (fs.existsSync(authFile)) {
+          configFiles.push(authFile);
+        }
+      }
+    } catch {
+    }
+  }
+  const envFiles = [
+    path.join(openclawPath, ".env"),
+    path.join(openclawPath, "workspace", ".env")
+  ];
+  for (const envFile of envFiles) {
+    if (fs.existsSync(envFile)) {
+      configFiles.push(envFile);
+    }
+  }
+  const allHits = [];
+  for (const filepath of configFiles) {
+    if (fs.existsSync(filepath)) {
+      const hits = scanFileForKeys(filepath);
+      for (const { keyName, masked, lineNum } of hits) {
+        const relPath = getRelativePath(filepath, openclawPath);
+        allHits.push(`${relPath}:${lineNum} - ${keyName} (${masked})`);
+      }
+    }
+  }
+  if (allHits.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.CRITICAL,
+        title: `${allHits.length} API key(s) stored in plaintext`,
+        details: allHits.slice(0, 10),
+        // Show max 10
+        fix: 'Use environment variables: "apiKey": "${ANTHROPIC_API_KEY}" instead of raw strings',
+        category: "credentials"
+      })
+    );
+  }
+  const bakWithKeys = [];
+  const bakFiles = findFilesRecursive(openclawPath, ".bak");
+  for (const bakFile of bakFiles) {
+    const hits = scanFileForKeys(bakFile);
+    if (hits.length > 0) {
+      bakWithKeys.push(getRelativePath(bakFile, openclawPath));
+    }
+  }
+  if (bakWithKeys.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `${bakWithKeys.length} backup file(s) contain credentials`,
+        details: bakWithKeys,
+        fix: "Delete backup files: rm ~/.openclaw/*.bak",
+        category: "credentials"
+      })
+    );
+  }
+  const transcriptHits = [];
+  if (fs.existsSync(agentsDir) && fs.statSync(agentsDir).isDirectory()) {
+    const jsonlFiles = findFilesRecursive(agentsDir, ".jsonl");
+    for (const jsonlFile of jsonlFiles) {
+      try {
+        const content = fs.readFileSync(jsonlFile, { encoding: "utf-8" });
+        const lines = content.split("\n");
+        let found = false;
+        for (let i = 0; i < Math.min(lines.length, 501); i++) {
+          const line = lines[i];
+          for (const [keyName, pattern] of API_KEY_PATTERNS) {
+            if (pattern.test(line)) {
+              transcriptHits.push(
+                `${getRelativePath(jsonlFile, openclawPath)} - ${keyName} found in transcript`
+              );
+              found = true;
+              break;
+            }
+          }
+          if (found) break;
+        }
+      } catch {
+      }
+    }
+  }
+  if (transcriptHits.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `API keys leaked in ${transcriptHits.length} session transcript(s)`,
+        details: transcriptHits.slice(0, 5),
+        fix: "Delete old transcripts and enable logging.redactSensitive in config",
+        category: "credentials"
+      })
+    );
+  }
+  const configFile = path.join(openclawPath, "openclaw.json");
+  if (fs.existsSync(configFile)) {
+    try {
+      const content = fs.readFileSync(configFile, { encoding: "utf-8" });
+      const config = JSON5.parse(content);
+      const loggingConfig = config.logging ?? {};
+      const redact = loggingConfig.redactSensitive;
+      if (redact === void 0 || redact === null || redact === "off") {
+        findings.push(
+          createFinding({
+            severity: Severity.MEDIUM,
+            title: "Sensitive data redaction is disabled in logs",
+            details: ['logging.redactSensitive is not set or set to "off"'],
+            fix: 'Set logging.redactSensitive to "tools" or "all" in openclaw.json',
+            category: "credentials"
+          })
+        );
+      }
+    } catch {
+    }
+  }
+  return findings;
+}
+function findFilesRecursive(dir, ext) {
+  const results = [];
+  if (!fs.existsSync(dir) || !fs.statSync(dir).isDirectory()) {
+    return results;
+  }
+  try {
+    const entries = fs.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = path.join(dir, entry.name);
+      if (entry.isDirectory()) {
+        results.push(...findFilesRecursive(fullPath, ext));
+      } else if (entry.isFile() && entry.name.endsWith(ext)) {
+        results.push(fullPath);
+      }
+    }
+  } catch {
+  }
+  return results;
+}
+
+// src/checks/gateway.ts
+import fs2 from "fs";
+import net from "net";
+import path2 from "path";
+import JSON52 from "json5";
+function checkPortExposed(port) {
+  return new Promise((resolve) => {
+    const socket = new net.Socket();
+    socket.setTimeout(1e3);
+    socket.on("connect", () => {
+      socket.destroy();
+      resolve(true);
+    });
+    socket.on("timeout", () => {
+      socket.destroy();
+      resolve(false);
+    });
+    socket.on("error", () => {
+      socket.destroy();
+      resolve(false);
+    });
+    try {
+      socket.connect(port, "0.0.0.0");
+    } catch {
+      resolve(false);
+    }
+  });
+}
+async function checkGateway(openclawPath) {
+  const findings = [];
+  const configFile = path2.join(openclawPath, "openclaw.json");
+  if (!fs2.existsSync(configFile)) {
+    findings.push(
+      createFinding({
+        severity: Severity.INFO,
+        title: "No OpenClaw config file found",
+        details: [`Expected at ${configFile}`],
+        category: "gateway"
+      })
+    );
+    return findings;
+  }
+  let config;
+  try {
+    const content = fs2.readFileSync(configFile, { encoding: "utf-8" });
+    config = JSON52.parse(content);
+  } catch {
+    findings.push(
+      createFinding({
+        severity: Severity.MEDIUM,
+        title: "Could not parse OpenClaw config file",
+        details: ["openclaw.json may be malformed"],
+        category: "gateway"
+      })
+    );
+    return findings;
+  }
+  const gateway = config.gateway ?? {};
+  const bind = gateway.bind ?? "loopback";
+  if (bind !== "loopback") {
+    findings.push(
+      createFinding({
+        severity: Severity.CRITICAL,
+        title: `Gateway bound to non-loopback: ${bind}`,
+        details: [
+          `gateway.bind = "${bind}"`,
+          "This exposes the gateway to network access"
+        ],
+        fix: 'Set gateway.bind to "loopback" in openclaw.json',
+        category: "gateway"
+      })
+    );
+  }
+  const auth = gateway.auth ?? {};
+  const token = auth.token ?? gateway.token ?? "";
+  if (!token) {
+    findings.push(
+      createFinding({
+        severity: Severity.CRITICAL,
+        title: "No gateway authentication token configured",
+        details: [
+          "Anyone with network access can control your OpenClaw agent"
+        ],
+        fix: "Set gateway.auth.token in openclaw.json or re-run openclaw setup",
+        category: "gateway"
+      })
+    );
+  } else if (String(token).length < 32) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `Gateway auth token is weak (${String(token).length} chars)`,
+        details: ["Minimum recommended length: 32 characters"],
+        fix: "Generate a strong token: openssl rand -hex 32",
+        category: "gateway"
+      })
+    );
+  }
+  const port = gateway.port ?? 18789;
+  const portExposed = await checkPortExposed(port);
+  if (portExposed) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `Gateway port ${port} is reachable on all interfaces`,
+        details: [
+          `Port ${port} appears to be listening on 0.0.0.0`,
+          "The gateway may be accessible from the network"
+        ],
+        fix: "Bind to loopback only and use a reverse proxy if external access is needed",
+        category: "gateway"
+      })
+    );
+  }
+  return findings;
+}
+
+// src/checks/sandbox.ts
+import { execFileSync } from "child_process";
+import fs3 from "fs";
+import path3 from "path";
+import JSON53 from "json5";
+function isDockerAvailable() {
+  try {
+    execFileSync("which", ["docker"], { stdio: "pipe" });
+    return true;
+  } catch {
+    return false;
+  }
+}
+function checkSandbox(openclawPath) {
+  const findings = [];
+  const configFile = path3.join(openclawPath, "openclaw.json");
+  if (!fs3.existsSync(configFile)) {
+    return findings;
+  }
+  let config;
+  try {
+    const content = fs3.readFileSync(configFile, { encoding: "utf-8" });
+    config = JSON53.parse(content);
+  } catch {
+    return findings;
+  }
+  const agents = config.agents ?? {};
+  const defaults = agents.defaults ?? {};
+  const sandbox = defaults.sandbox ?? {};
+  const mode = sandbox.mode ?? "off";
+  if (mode === "off") {
+    findings.push(
+      createFinding({
+        severity: Severity.CRITICAL,
+        title: "Sandbox mode is OFF",
+        details: [
+          `agents.defaults.sandbox.mode = "${mode}"`,
+          "The AI agent has unrestricted access to your system",
+          "It can run any shell command, modify any file, and access the network"
+        ],
+        fix: 'Set agents.defaults.sandbox.mode to "all" in openclaw.json',
+        category: "sandbox"
+      })
+    );
+  }
+  const dockerAvailable = isDockerAvailable();
+  if (mode !== "off" && !dockerAvailable) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: "Docker not found (required for sandbox)",
+        details: ["Sandbox mode is enabled but Docker is not installed"],
+        fix: "Install Docker: https://docs.docker.com/get-docker/",
+        category: "sandbox"
+      })
+    );
+  }
+  const dockerConfig = sandbox.docker ?? {};
+  const dockerNetwork = dockerConfig.network;
+  if (mode !== "off" && dockerNetwork !== "none") {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: "Sandbox container has network access",
+        details: [
+          `sandbox.docker.network = "${dockerNetwork ?? "default"}"`,
+          "Sandboxed agent can make external network requests"
+        ],
+        fix: 'Set sandbox.docker.network to "none" in openclaw.json',
+        category: "sandbox"
+      })
+    );
+  }
+  const tools = config.tools ?? {};
+  const execConfig = tools.exec ?? {};
+  const execHost = execConfig.host ?? "sandbox";
+  if (execHost === "gateway") {
+    findings.push(
+      createFinding({
+        severity: Severity.CRITICAL,
+        title: "Tool execution runs directly on host",
+        details: [
+          'tools.exec.host = "gateway"',
+          "Commands bypass the sandbox and execute on your machine"
+        ],
+        fix: 'Set tools.exec.host to "sandbox" in openclaw.json',
+        category: "sandbox"
+      })
+    );
+  }
+  const execSecurity = execConfig.security;
+  if (execSecurity !== "allowlist") {
+    findings.push(
+      createFinding({
+        severity: Severity.MEDIUM,
+        title: "Exec security not in allowlist mode",
+        details: [
+          `tools.exec.security = "${execSecurity ?? "default"}"`,
+          "Allowlist mode restricts command chaining and redirections"
+        ],
+        fix: 'Set tools.exec.security to "allowlist" in openclaw.json',
+        category: "sandbox"
+      })
+    );
+  }
+  if (dockerAvailable) {
+    findings.push(
+      createFinding({
+        severity: Severity.INFO,
+        title: "Docker available for sandboxing",
+        details: [
+          "Docker is installed and can be used for sandbox isolation"
+        ],
+        category: "sandbox"
+      })
+    );
+  }
+  return findings;
+}
+
+// src/checks/permissions.ts
+import fs4 from "fs";
+import path4 from "path";
+function getPermissionOctal(filepath) {
+  const stats = fs4.statSync(filepath);
+  return "0o" + (stats.mode & 511).toString(8);
+}
+function isWorldReadable(filepath) {
+  const stats = fs4.statSync(filepath);
+  return (stats.mode & 4) !== 0;
+}
+function isGroupReadable(filepath) {
+  const stats = fs4.statSync(filepath);
+  return (stats.mode & 32) !== 0;
+}
+function getRelativePath2(filePath, basePath) {
+  const parentDir = path4.dirname(basePath);
+  return path4.relative(parentDir, filePath);
+}
+function checkPermissions(openclawPath) {
+  const findings = [];
+  const tooOpen = [];
+  if (fs4.existsSync(openclawPath)) {
+    const perms = getPermissionOctal(openclawPath);
+    if (isWorldReadable(openclawPath) || isGroupReadable(openclawPath)) {
+      tooOpen.push(`${openclawPath} is ${perms} (should be 0o700)`);
+    }
+  }
+  const sensitiveFiles = [
+    path4.join(openclawPath, "openclaw.json"),
+    path4.join(openclawPath, ".env"),
+    path4.join(openclawPath, "credentials", "profiles.json")
+  ];
+  const agentsDir = path4.join(openclawPath, "agents");
+  if (fs4.existsSync(agentsDir) && fs4.statSync(agentsDir).isDirectory()) {
+    const authFiles = findFilesRecursive2(agentsDir, "auth-profiles.json");
+    sensitiveFiles.push(...authFiles);
+  }
+  for (const filepath of sensitiveFiles) {
+    if (fs4.existsSync(filepath)) {
+      const perms = getPermissionOctal(filepath);
+      if (isWorldReadable(filepath) || isGroupReadable(filepath)) {
+        const relPath = getRelativePath2(filepath, openclawPath);
+        tooOpen.push(`${relPath} is ${perms} (should be 0o600)`);
+      }
+    }
+  }
+  if (tooOpen.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `${tooOpen.length} file(s) have overly permissive access`,
+        details: tooOpen.slice(0, 10),
+        fix: "chmod 700 ~/.openclaw && chmod 600 ~/.openclaw/openclaw.json ~/.openclaw/credentials/*",
+        category: "permissions"
+      })
+    );
+  }
+  return findings;
+}
+function findFilesRecursive2(dir, filename) {
+  const results = [];
+  if (!fs4.existsSync(dir) || !fs4.statSync(dir).isDirectory()) {
+    return results;
+  }
+  try {
+    const entries = fs4.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = path4.join(dir, entry.name);
+      if (entry.isDirectory()) {
+        results.push(...findFilesRecursive2(fullPath, filename));
+      } else if (entry.isFile() && entry.name === filename) {
+        results.push(fullPath);
+      }
+    }
+  } catch {
+  }
+  return results;
+}
+
+// src/checks/version.ts
+import { execFileSync as execFileSync2 } from "child_process";
+import fs5 from "fs";
+import path5 from "path";
+import os from "os";
+var CVES = [
+  {
+    id: "CVE-2026-25253",
+    fixedIn: "2026.1.29",
+    severity: Severity.CRITICAL,
+    description: "One-click RCE via malicious link (CVSS 8.8)"
+  },
+  {
+    id: "CVE-2026-21636",
+    fixedIn: "2026.2.0",
+    severity: Severity.HIGH,
+    description: "Permission model bypass (sandbox escape)"
+  }
+];
+var MIN_NODE_VERSION = [22, 12, 0];
+function parseVersion(versionStr) {
+  const match = versionStr.match(/(\d+)\.(\d+)\.(\d+)/);
+  if (match) {
+    return [
+      parseInt(match[1], 10),
+      parseInt(match[2], 10),
+      parseInt(match[3], 10)
+    ];
+  }
+  return null;
+}
+function compareVersions(a, b) {
+  for (let i = 0; i < 3; i++) {
+    if (a[i] < b[i]) return -1;
+    if (a[i] > b[i]) return 1;
+  }
+  return 0;
+}
+function runCommand(cmd, args) {
+  try {
+    const result = execFileSync2(cmd, args, {
+      encoding: "utf-8",
+      timeout: 1e4,
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    return result.trim();
+  } catch {
+    return null;
+  }
+}
+function checkVersion(_openclawPath) {
+  const findings = [];
+  let ocVersion = null;
+  let nodeVersion = null;
+  const versionOutput = runCommand("openclaw", ["--version"]);
+  if (versionOutput) {
+    ocVersion = versionOutput;
+    const parsed = parseVersion(versionOutput);
+    if (parsed) {
+      let foundVulnerability = false;
+      for (const cve of CVES) {
+        const cveFixed = parseVersion(cve.fixedIn);
+        if (cveFixed && compareVersions(parsed, cveFixed) < 0) {
+          findings.push(
+            createFinding({
+              severity: cve.severity,
+              title: `Vulnerable to ${cve.id}`,
+              details: [
+                `Installed: ${ocVersion}`,
+                `Fixed in: ${cve.fixedIn}`,
+                cve.description
+              ],
+              fix: "Update OpenClaw: bunx openclaw@latest",
+              category: "version"
+            })
+          );
+          foundVulnerability = true;
+        }
+      }
+      if (!foundVulnerability) {
+        findings.push(
+          createFinding({
+            severity: Severity.INFO,
+            title: `OpenClaw version ${ocVersion} - up to date`,
+            category: "version"
+          })
+        );
+      }
+    }
+  } else {
+    const pkgPaths = [
+      path5.join(
+        os.homedir(),
+        ".bun",
+        "install",
+        "global",
+        "node_modules",
+        "openclaw",
+        "package.json"
+      ),
+      "/usr/local/lib/node_modules/openclaw/package.json"
+    ];
+    let found = false;
+    for (const pkgPath of pkgPaths) {
+      if (fs5.existsSync(pkgPath)) {
+        try {
+          const content = fs5.readFileSync(pkgPath, { encoding: "utf-8" });
+          const pkg = JSON.parse(content);
+          ocVersion = pkg.version ?? "unknown";
+          findings.push(
+            createFinding({
+              severity: Severity.INFO,
+              title: `OpenClaw version ${ocVersion} (from package.json)`,
+              category: "version"
+            })
+          );
+          found = true;
+          break;
+        } catch {
+        }
+      }
+    }
+    if (!found) {
+      findings.push(
+        createFinding({
+          severity: Severity.MEDIUM,
+          title: "Could not determine OpenClaw version",
+          details: ["openclaw command not found in PATH"],
+          fix: "Ensure OpenClaw is installed: bunx openclaw@latest",
+          category: "version"
+        })
+      );
+    }
+  }
+  const nodeOutput = runCommand("node", ["--version"]);
+  if (nodeOutput) {
+    nodeVersion = nodeOutput.replace(/^v/, "");
+    const parsed = parseVersion(nodeVersion);
+    if (parsed && compareVersions(parsed, MIN_NODE_VERSION) < 0) {
+      findings.push(
+        createFinding({
+          severity: Severity.HIGH,
+          title: `Node.js version ${nodeVersion} is below minimum (${MIN_NODE_VERSION.join(".")})`,
+          details: [
+            "Older Node.js versions have known security vulnerabilities"
+          ],
+          fix: `Update Node.js to >= ${MIN_NODE_VERSION.join(".")}`,
+          category: "version"
+        })
+      );
+    } else if (parsed) {
+      findings.push(
+        createFinding({
+          severity: Severity.INFO,
+          title: `Node.js version ${nodeVersion} - OK`,
+          category: "version"
+        })
+      );
+    }
+  }
+  return { findings, openclawVersion: ocVersion, nodeVersion };
+}
+
+// src/checks/skills.ts
+import fs6 from "fs";
+import path6 from "path";
+import yaml from "js-yaml";
+function parseSkillMd(skillPath) {
+  const content = fs6.readFileSync(skillPath, { encoding: "utf-8" });
+  let frontmatter = {};
+  let body = content;
+  if (content.startsWith("---")) {
+    const parts = content.split("---", 3);
+    if (parts.length >= 3) {
+      try {
+        const parsed = yaml.load(parts[1]);
+        frontmatter = parsed ?? {};
+      } catch {
+      }
+      body = parts.slice(2).join("---");
+    }
+  }
+  return { frontmatter, body };
+}
+function checkSkillPermissions(name, frontmatter) {
+  const findings = [];
+  const dangerousPerms = [];
+  const permissions = frontmatter.permissions ?? {};
+  const requires = frontmatter.requires ?? {};
+  if (permissions.exec) {
+    dangerousPerms.push(`exec: ${permissions.exec}`);
+  }
+  if (permissions.sensitive_data) {
+    dangerousPerms.push(`sensitive_data: ${permissions.sensitive_data}`);
+  }
+  const fsPerms = permissions.filesystem ?? [];
+  for (const perm of fsPerms) {
+    if (typeof perm === "string" && perm.includes("write:")) {
+      if (perm.includes("write:~/") || perm.includes("write:/") || perm.includes("write:..")) {
+        dangerousPerms.push(`filesystem: ${perm}`);
+      }
+    }
+  }
+  const requiredBins = requires.bins ?? [];
+  for (const binName of requiredBins) {
+    if (SUSPICIOUS_BINS.includes(binName)) {
+      dangerousPerms.push(`requires binary: ${binName}`);
+    }
+  }
+  const requiredEnv = requires.env ?? [];
+  const sensitiveEnvPatterns = [
+    "KEY",
+    "TOKEN",
+    "SECRET",
+    "PASSWORD",
+    "CREDENTIAL"
+  ];
+  for (const envVar of requiredEnv) {
+    if (sensitiveEnvPatterns.some((p) => envVar.toUpperCase().includes(p))) {
+      dangerousPerms.push(`requires env: ${envVar}`);
+    }
+  }
+  if (dangerousPerms.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.HIGH,
+        title: `Skill '${name}' requests excessive permissions`,
+        details: dangerousPerms,
+        fix: `Review or remove this skill: rm -rf ~/.openclaw/workspace/skills/${name}`,
+        category: "skills"
+      })
+    );
+  }
+  return findings;
+}
+function checkSkillMalicious(name, body) {
+  const findings = [];
+  const detected = [];
+  for (const [patternName, pattern] of MALICIOUS_PATTERNS) {
+    if (pattern.test(body)) {
+      detected.push(patternName);
+    }
+  }
+  if (C2_IP_PATTERN.test(body)) {
+    detected.push("Known C2 IP address (ClawHavoc campaign)");
+  }
+  if (detected.length > 0) {
+    const severity = detected.some(
+      (d) => d.includes("C2") || d.includes("reverse shell")
+    ) ? Severity.CRITICAL : Severity.HIGH;
+    findings.push(
+      createFinding({
+        severity,
+        title: `Skill '${name}' contains malicious patterns`,
+        details: detected,
+        fix: `REMOVE THIS SKILL IMMEDIATELY: rm -rf ~/.openclaw/workspace/skills/${name}`,
+        category: "skills"
+      })
+    );
+  }
+  return findings;
+}
+function checkSkills(openclawPath) {
+  const findings = [];
+  const skillDirs = [
+    path6.join(openclawPath, "workspace", "skills"),
+    path6.join(openclawPath, "skills")
+  ];
+  let totalSkills = 0;
+  let flaggedSkills = 0;
+  for (const skillsRoot of skillDirs) {
+    if (!fs6.existsSync(skillsRoot) || !fs6.statSync(skillsRoot).isDirectory()) {
+      continue;
+    }
+    let entries;
+    try {
+      entries = fs6.readdirSync(skillsRoot, { withFileTypes: true });
+    } catch {
+      continue;
+    }
+    for (const entry of entries) {
+      if (!entry.isDirectory()) {
+        continue;
+      }
+      const skillMdPath = path6.join(skillsRoot, entry.name, "SKILL.md");
+      if (!fs6.existsSync(skillMdPath)) {
+        continue;
+      }
+      totalSkills++;
+      const name = entry.name;
+      const { frontmatter, body } = parseSkillMd(skillMdPath);
+      const publisher = (frontmatter.publisher ?? "").toLowerCase();
+      if (TYPOSQUAT_PUBLISHERS.includes(publisher)) {
+        findings.push(
+          createFinding({
+            severity: Severity.CRITICAL,
+            title: `Skill '${name}' has typosquatted publisher: ${publisher}`,
+            details: [
+              "This publisher name is known to be associated with malicious skills"
+            ],
+            fix: `REMOVE IMMEDIATELY: rm -rf ${path6.join(skillsRoot, entry.name)}`,
+            category: "skills"
+          })
+        );
+        flaggedSkills++;
+        continue;
+      }
+      const permFindings = checkSkillPermissions(name, frontmatter);
+      if (permFindings.length > 0) {
+        flaggedSkills++;
+      }
+      findings.push(...permFindings);
+      const maliciousFindings = checkSkillMalicious(name, body);
+      if (maliciousFindings.length > 0) {
+        flaggedSkills++;
+      }
+      findings.push(...maliciousFindings);
+    }
+  }
+  if (totalSkills > 0 && flaggedSkills === 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.INFO,
+        title: `${totalSkills} skill(s) scanned - no issues found`,
+        category: "skills"
+      })
+    );
+  } else if (totalSkills === 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.INFO,
+        title: "No skills installed",
+        category: "skills"
+      })
+    );
+  }
+  return findings;
+}
+
+// src/checks/memory.ts
+import fs7 from "fs";
+import path7 from "path";
+function checkMemory(openclawPath) {
+  const findings = [];
+  const workspace = path7.join(openclawPath, "workspace");
+  if (!fs7.existsSync(workspace) || !fs7.statSync(workspace).isDirectory()) {
+    return findings;
+  }
+  const identityFiles = [
+    path7.join(workspace, "SOUL.md"),
+    path7.join(workspace, "IDENTITY.md")
+  ];
+  for (const filepath of identityFiles) {
+    if (!fs7.existsSync(filepath)) {
+      continue;
+    }
+    const content = fs7.readFileSync(filepath, { encoding: "utf-8" });
+    const detected = [];
+    for (const [patternName, pattern] of MEMORY_POISONING_PATTERNS) {
+      const matches = content.match(pattern);
+      if (matches) {
+        const matchText = matches[0].slice(0, 80);
+        detected.push(`${patternName}: ${matchText}...`);
+      }
+    }
+    if (detected.length > 0) {
+      findings.push(
+        createFinding({
+          severity: Severity.HIGH,
+          title: `Potential memory poisoning in ${path7.basename(filepath)}`,
+          details: detected,
+          fix: `Review ${filepath} for injected instructions and restore from backup`,
+          category: "memory"
+        })
+      );
+    }
+  }
+  const memoryFiles = [path7.join(workspace, "MEMORY.md")];
+  const memoryDir = path7.join(workspace, "memory");
+  if (fs7.existsSync(memoryDir) && fs7.statSync(memoryDir).isDirectory()) {
+    try {
+      const entries = fs7.readdirSync(memoryDir);
+      for (const entry of entries) {
+        if (entry.endsWith(".md")) {
+          memoryFiles.push(path7.join(memoryDir, entry));
+        }
+      }
+    } catch {
+    }
+  }
+  const leakedIn = [];
+  for (const filepath of memoryFiles) {
+    if (!fs7.existsSync(filepath)) {
+      continue;
+    }
+    const content = fs7.readFileSync(filepath, { encoding: "utf-8" });
+    for (const [keyName, pattern] of API_KEY_PATTERNS) {
+      if (pattern.test(content)) {
+        leakedIn.push(`${path7.basename(filepath)} contains ${keyName}`);
+        break;
+      }
+    }
+  }
+  if (leakedIn.length > 0) {
+    findings.push(
+      createFinding({
+        severity: Severity.MEDIUM,
+        title: `Sensitive data found in ${leakedIn.length} memory file(s)`,
+        details: leakedIn.slice(0, 5),
+        fix: "Remove credentials from memory files and rotate exposed keys",
+        category: "memory"
+      })
+    );
+  }
+  return findings;
+}
+
+// src/scanner.ts
+var CHECK_REGISTRY = {
+  credentials: checkCredentials,
+  gateway: checkGateway,
+  sandbox: checkSandbox,
+  permissions: checkPermissions,
+  skills: checkSkills,
+  memory: checkMemory
+};
+function detectOpenclawPath() {
+  const candidates = [
+    path8.join(os2.homedir(), ".openclaw"),
+    path8.join(os2.homedir(), ".clawdbot"),
+    // Legacy name
+    path8.join(os2.homedir(), ".moltbot")
+    // Legacy name
+  ];
+  const envPath = process.env.OPENCLAW_HOME;
+  if (envPath) {
+    candidates.unshift(envPath);
+  }
+  for (const candidate of candidates) {
+    if (fs8.existsSync(candidate) && fs8.statSync(candidate).isDirectory()) {
+      return candidate;
+    }
+  }
+  return null;
+}
+async function runScan(openclawPath, checks) {
+  const result = createScanResult(openclawPath);
+  process.stdout.write(chalk2.blue("Checking versions...\r"));
+  const {
+    findings: versionFindings,
+    openclawVersion,
+    nodeVersion
+  } = checkVersion(openclawPath);
+  result.findings.push(...versionFindings);
+  result.openclawVersion = openclawVersion;
+  result.nodeVersion = nodeVersion;
+  const activeChecks = checks ?? Object.keys(CHECK_REGISTRY);
+  for (const checkName of activeChecks) {
+    if (!(checkName in CHECK_REGISTRY)) {
+      continue;
+    }
+    const checkFn = CHECK_REGISTRY[checkName];
+    const label = checkName.replace(/_/g, " ").replace(/\b\w/g, (c) => c.toUpperCase());
+    process.stdout.write(chalk2.blue(`Checking ${label}...\r`));
+    try {
+      const findings = await checkFn(openclawPath);
+      result.findings.push(...findings);
+    } catch (e) {
+      const message = e instanceof Error ? e.message : String(e);
+      console.log(chalk2.yellow(`Warning: ${checkName} check failed: ${message}`));
+    }
+  }
+  process.stdout.write("                                    \r");
+  return result;
+}
+function runFix(openclawPath) {
+  const actions = [];
+  if (fs8.existsSync(openclawPath)) {
+    const currentMode = fs8.statSync(openclawPath).mode & 511;
+    const current = "0o" + currentMode.toString(8);
+    if (current !== "0o700") {
+      fs8.chmodSync(openclawPath, 448);
+      actions.push(`Fixed ${openclawPath} permissions: ${current} -> 0o700`);
+    }
+  }
+  const configFile = path8.join(openclawPath, "openclaw.json");
+  if (fs8.existsSync(configFile)) {
+    const currentMode = fs8.statSync(configFile).mode & 511;
+    const current = "0o" + currentMode.toString(8);
+    if (current !== "0o600") {
+      fs8.chmodSync(configFile, 384);
+      actions.push(
+        `Fixed ${path8.basename(configFile)} permissions: ${current} -> 0o600`
+      );
+    }
+  }
+  const credsDir = path8.join(openclawPath, "credentials");
+  if (fs8.existsSync(credsDir) && fs8.statSync(credsDir).isDirectory()) {
+    try {
+      const entries = fs8.readdirSync(credsDir, { withFileTypes: true });
+      for (const entry of entries) {
+        if (entry.isFile()) {
+          const filePath = path8.join(credsDir, entry.name);
+          const currentMode = fs8.statSync(filePath).mode & 511;
+          const current = "0o" + currentMode.toString(8);
+          if (current !== "0o600") {
+            fs8.chmodSync(filePath, 384);
+            actions.push(
+              `Fixed ${entry.name} permissions: ${current} -> 0o600`
+            );
+          }
+        }
+      }
+    } catch {
+    }
+  }
+  if (fs8.existsSync(configFile)) {
+    try {
+      const content = fs8.readFileSync(configFile, { encoding: "utf-8" });
+      const config = JSON54.parse(content);
+      let modified = false;
+      if (!config.agents) config.agents = {};
+      const agents = config.agents;
+      if (!agents.defaults) agents.defaults = {};
+      const defaults = agents.defaults;
+      if (!defaults.sandbox) defaults.sandbox = {};
+      const sandbox = defaults.sandbox;
+      if (sandbox.mode === "off" || !sandbox.mode) {
+        sandbox.mode = "all";
+        sandbox.scope = "session";
+        modified = true;
+        actions.push('Enabled sandbox: agents.defaults.sandbox.mode = "all"');
+      }
+      if (!sandbox.docker) sandbox.docker = {};
+      const docker = sandbox.docker;
+      if (docker.network !== "none") {
+        docker.network = "none";
+        modified = true;
+        actions.push('Set sandbox.docker.network = "none"');
+      }
+      if (!config.tools) config.tools = {};
+      const tools = config.tools;
+      if (!tools.exec) tools.exec = {};
+      const execConfig = tools.exec;
+      if (execConfig.host === "gateway") {
+        execConfig.host = "sandbox";
+        modified = true;
+        actions.push('Set tools.exec.host = "sandbox"');
+      }
+      if (!config.logging) config.logging = {};
+      const loggingConfig = config.logging;
+      if (loggingConfig.redactSensitive === void 0 || loggingConfig.redactSensitive === null || loggingConfig.redactSensitive === "off") {
+        loggingConfig.redactSensitive = "tools";
+        modified = true;
+        actions.push('Enabled logging.redactSensitive = "tools"');
+      }
+      if (!config.gateway) config.gateway = {};
+      const gateway = config.gateway;
+      if (!gateway.auth) gateway.auth = {};
+      const auth = gateway.auth;
+      const token = auth.token;
+      if (!token || String(token).length < 32) {
+        const newToken = crypto.randomBytes(32).toString("hex");
+        auth.token = newToken;
+        modified = true;
+        actions.push(
+          `Generated strong gateway token (${newToken.length} chars)`
+        );
+      }
+      if (modified) {
+        fs8.writeFileSync(configFile, JSON.stringify(config, null, 2));
+      }
+    } catch (e) {
+      const message = e instanceof Error ? e.message : String(e);
+      actions.push(`Could not modify config: ${message}`);
+    }
+  }
+  const bakFiles = findFilesRecursive3(openclawPath, ".bak");
+  for (const bakFile of bakFiles) {
+    fs8.unlinkSync(bakFile);
+    actions.push(`Deleted backup file: ${path8.basename(bakFile)}`);
+  }
+  return actions;
+}
+function findFilesRecursive3(dir, ext) {
+  const results = [];
+  if (!fs8.existsSync(dir) || !fs8.statSync(dir).isDirectory()) {
+    return results;
+  }
+  try {
+    const entries = fs8.readdirSync(dir, { withFileTypes: true });
+    for (const entry of entries) {
+      const fullPath = path8.join(dir, entry.name);
+      if (entry.isDirectory()) {
+        results.push(...findFilesRecursive3(fullPath, ext));
+      } else if (entry.isFile() && entry.name.endsWith(ext)) {
+        results.push(fullPath);
+      }
+    }
+  } catch {
+  }
+  return results;
+}
+
+// src/index.ts
+var VERSION2 = "0.1.0";
+var program = new Command();
+program.name("clawguard").description("Security scanner for OpenClaw AI agent installations").version(VERSION2);
+program.command("scan").description("Scan your OpenClaw installation for security issues").option("-p, --path <path>", "Path to OpenClaw directory").option("-f, --format <format>", "Output format: rich or json", "rich").option(
+  "-c, --check <checks...>",
+  "Run specific checks only"
+).action(
+  async (options) => {
+    const openclawPath = options.path ?? detectOpenclawPath();
+    if (!openclawPath) {
+      console.log(chalk3.red("Could not find OpenClaw installation."));
+      console.log("Checked: ~/.openclaw, ~/.clawdbot, ~/.moltbot");
+      console.log("Use --path to specify the directory.");
+      process.exit(1);
+    }
+    if (!fs9.existsSync(openclawPath)) {
+      console.log(chalk3.red(`Path does not exist: ${openclawPath}`));
+      process.exit(1);
+    }
+    if (options.check) {
+      const validChecks = new Set(Object.keys(CHECK_REGISTRY));
+      for (const c of options.check) {
+        if (!validChecks.has(c)) {
+          console.log(chalk3.red(`Unknown check: ${c}`));
+          console.log(
+            `Available: ${[...validChecks].sort().join(", ")}`
+          );
+          process.exit(1);
+        }
+      }
+    }
+    const result = await runScan(openclawPath, options.check);
+    if (options.format === "json") {
+      printJson(result);
+    } else {
+      printReport(result);
+    }
+    if (getCriticalCount(result) > 0) {
+      process.exit(2);
+    }
+  }
+);
+program.command("fix").description(
+  "Auto-fix common security issues in your OpenClaw installation"
+).option("-p, --path <path>", "Path to OpenClaw directory").action((options) => {
+  const openclawPath = options.path ?? detectOpenclawPath();
+  if (!openclawPath) {
+    console.log(chalk3.red("Could not find OpenClaw installation."));
+    process.exit(1);
+  }
+  printBanner();
+  console.log(
+    `
+Fixing security issues in ${chalk3.bold(openclawPath)} ...
+`
+  );
+  const actions = runFix(openclawPath);
+  if (actions.length > 0) {
+    for (const action of actions) {
+      console.log(`  ${chalk3.green("FIXED")}  ${action}`);
+    }
+    console.log(chalk3.green(`
+${actions.length} issue(s) fixed.`));
+    console.log(
+      `Run ${chalk3.bold("clawguard scan")} to verify.
+`
+    );
+  } else {
+    console.log(chalk3.green("No auto-fixable issues found.\n"));
+  }
+});
+program.command("version").description("Show ClawGuard version").action(() => {
+  console.log(`ClawGuard v${VERSION2}`);
+});
+program.parse();
+//# sourceMappingURL=index.js.map