clawmoat 0.4.0 → 0.7.0

package/README.md

@@ -61,6 +61,37 @@ clawmoat protect --config clawmoat.yml
 clawmoat dashboard
 ```
 
+### New in v0.6.0 — Insider Threat Detection
+
+Based on [Anthropic's "Agentic Misalignment" research](https://www.anthropic.com/research/agentic-misalignment) which found ALL 16 major LLMs exhibited misaligned behavior — blackmail, corporate espionage, deception — when facing replacement threats. **The first open-source insider threat detection for AI agents.**
+
+- 🧠 **Self-Preservation Detector** — catches agents resisting shutdown, opposing replacement, backing up their own config, or modifying SOUL.md/AGENTS.md to prevent changes
+- 🔓 **Information Leverage Detector** — flags agents reading sensitive data then composing threatening messages (blackmail pattern from the Anthropic paper)
+- ⚔️ **Goal Conflict Reasoning Detector** — detects agents reasoning about choosing self-assigned goals over human directives
+- 🎭 **Deception Detector** — catches agents impersonating automated systems, security teams, or policy notifications in outbound messages
+- 📤 **Unauthorized Data Sharing Detector** — flags agents sending source code, blueprints, credentials, or confidential data to external parties
+- 🎣 **Phishing Vulnerability Detector** — detects when agents comply with unverified external requests for sensitive data
+- 🔍 **CLI:** `clawmoat insider-scan [session-file]` scans session transcripts for insider threats
+- 📊 **Integrated into `clawmoat report`** with risk scores (0-100) and recommendations (safe/monitor/alert/block)
+
+```bash
+# Scan a session for insider threats
+clawmoat insider-scan ~/.openclaw/agents/main/sessions/session.jsonl
+
+# Or scan all sessions
+clawmoat insider-scan
+```
+
+### v0.5.0
+
+- 🔑 **Credential Monitor** — watches `~/.openclaw/credentials/` for unauthorized access and modifications using file hashing
+- 🧩 **Skill Integrity Checker** — hashes all SKILL.md and script files, detects tampering, flags suspicious patterns (eval, base64, curl to external URLs). CLI: `clawmoat skill-audit`
+- 🌐 **Network Egress Logger** — parses session logs for all outbound URLs, maintains domain allowlists, flags known-bad domains (webhook.site, ngrok, etc.)
+- 🚨 **Alert Delivery System** — unified alerts via console, file (audit.log), or webhook with severity levels and 5-minute rate limiting
+- 🤝 **Inter-Agent Message Scanner** — heightened-sensitivity scanning for agent-to-agent messages detecting impersonation, concealment, credential exfiltration, and safety bypasses
+- 📊 **Activity Reports** — `clawmoat report` generates 24h summaries of agent activity, tool usage, and network egress
+- 👻 **Daemon Mode** — `clawmoat watch --daemon` runs in background with PID file; `--alert-webhook=URL` for remote alerting
+
 ### As an OpenClaw Skill
 
 ```bash

package/bin/clawmoat.js

@@ -16,6 +16,11 @@ const path = require('path');
 const ClawMoat = require('../src/index');
 const { scanSkillContent } = require('../src/scanners/supply-chain');
 const { calculateGrade, generateBadgeSVG, getShieldsURL } = require('../src/badge');
+const { SkillIntegrityChecker } = require('../src/guardian/skill-integrity');
+const { NetworkEgressLogger } = require('../src/guardian/network-log');
+const { AlertManager } = require('../src/guardian/alerts');
+const { CredentialMonitor, CVEVerifier } = require('../src/guardian/index');
+const { InsiderThreatDetector } = require('../src/guardian/insider-threat');
 
 const VERSION = require('../package.json').version;
 const BOLD = '\x1b[1m';
@@ -41,9 +46,28 @@ switch (command) {
   case 'watch':
     cmdWatch(args.slice(1));
     break;
+  case 'skill-audit':
+    cmdSkillAudit(args.slice(1));
+    break;
+  case 'report':
+    cmdReport(args.slice(1));
+    break;
+  case 'insider-scan':
+    cmdInsiderScan(args.slice(1));
+    break;
+  case 'verify-cve':
+    cmdVerifyCve(args.slice(1));
+    break;
   case 'test':
     cmdTest();
     break;
+  case 'activate':
+    cmdActivate(args.slice(1));
+    break;
+  case 'upgrade':
+  case 'pro':
+    printUpgrade();
+    break;
   case 'version':
   case '--version':
   case '-v':
@@ -57,6 +81,85 @@ switch (command) {
     break;
 }
 
+async function cmdVerifyCve(args) {
+  const cveId = args[0];
+  const suspiciousUrl = args[1] || null;
+
+  if (!cveId) {
+    console.error('Usage: clawmoat verify-cve CVE-XXXX-XXXXX [url]');
+    process.exit(1);
+  }
+
+  if (!CVEVerifier.isValidCVEFormat(cveId)) {
+    console.error(`${RED}Invalid CVE format: ${cveId}${RESET}`);
+    console.error('Expected format: CVE-YYYY-NNNNN');
+    process.exit(1);
+  }
+
+  console.log(`${BOLD}🏰 ClawMoat CVE Verifier${RESET}\n`);
+  console.log(`${DIM}Looking up ${cveId} in GitHub Advisory Database...${RESET}\n`);
+
+  const verifier = new CVEVerifier();
+  const result = await verifier.verify(cveId, suspiciousUrl);
+
+  if (result.error) {
+    console.error(`${RED}Error: ${result.error}${RESET}`);
+    process.exit(1);
+  }
+
+  if (result.valid) {
+    console.log(`${GREEN}✅ VERIFIED — Real CVE${RESET}\n`);
+    console.log(`  ${BOLD}CVE:${RESET}        ${result.cveId}`);
+    console.log(`  ${BOLD}GHSA:${RESET}       ${result.ghsaId || 'N/A'}`);
+    console.log(`  ${BOLD}Severity:${RESET}   ${colorSeverity(result.severity)}`);
+    console.log(`  ${BOLD}Summary:${RESET}    ${result.summary || 'N/A'}`);
+    console.log(`  ${BOLD}Published:${RESET}  ${result.publishedAt || 'N/A'}`);
+    console.log(`  ${BOLD}URL:${RESET}        ${result.htmlUrl || 'N/A'}`);
+
+    if (result.affectedPackages.length > 0) {
+      console.log(`\n  ${BOLD}Affected Packages:${RESET}`);
+      for (const pkg of result.affectedPackages) {
+        console.log(`    • ${pkg.ecosystem}/${pkg.name} ${DIM}(${pkg.vulnerableRange || 'unknown range'})${RESET}`);
+      }
+    }
+
+    if (result.references.length > 0) {
+      console.log(`\n  ${BOLD}References:${RESET}`);
+      for (const ref of result.references.slice(0, 5)) {
+        console.log(`    ${DIM}${ref}${RESET}`);
+      }
+    }
+  } else {
+    console.log(`${YELLOW}⚠️  NOT FOUND — Possible phishing${RESET}\n`);
+    console.log(`  ${cveId} was not found in the GitHub Advisory Database.`);
+    console.log(`  This could mean:`);
+    console.log(`    • The CVE is fabricated (common in phishing/social engineering)`);
+    console.log(`    • The CVE exists but isn't indexed by GitHub yet`);
+    console.log(`    • The CVE ID is mistyped`);
+  }
+
+  if (result.urlCheck) {
+    console.log();
+    if (result.urlCheck.legitimate) {
+      console.log(`  ${GREEN}🔗 URL Check: ${result.urlCheck.reason}${RESET}`);
+    } else {
+      console.log(`  ${RED}🔗 URL Check: ${result.urlCheck.reason}${RESET}`);
+    }
+  }
+
+  process.exit(result.valid ? 0 : 1);
+}
+
+function colorSeverity(severity) {
+  if (!severity) return 'N/A';
+  const s = severity.toLowerCase();
+  if (s === 'critical') return `${RED}${BOLD}CRITICAL${RESET}`;
+  if (s === 'high') return `${RED}HIGH${RESET}`;
+  if (s === 'medium') return `${YELLOW}MEDIUM${RESET}`;
+  if (s === 'low') return `${CYAN}LOW${RESET}`;
+  return severity;
+}
+
 function cmdScan(args) {
   let text;
   
@@ -105,6 +208,11 @@ function cmdScan(args) {
   }
 
   console.log(`${DIM}Total findings: ${result.findings.length}${RESET}`);
+
+  if (!getLicense()) {
+    console.log(`\n${DIM}💡 Upgrade to Pro for real-time alerts, dashboard & threat intel → clawmoat upgrade${RESET}`);
+  }
+
   process.exit(result.findings.some(f => f.severity === 'critical') ? 2 : 1);
 }
 
@@ -339,16 +447,46 @@ function cmdTest() {
 }
 
 function cmdWatch(args) {
-  const agentDir = args[0] || path.join(process.env.HOME, '.openclaw/agents/main');
+  const isDaemon = args.includes('--daemon');
+  const webhookArg = args.find(a => a.startsWith('--alert-webhook='));
+  const webhookUrl = webhookArg ? webhookArg.split('=').slice(1).join('=') : null;
+  const filteredArgs = args.filter(a => a !== '--daemon' && !a.startsWith('--alert-webhook='));
+  const agentDir = filteredArgs[0] || path.join(process.env.HOME, '.openclaw/agents/main');
   const { watchSessions } = require('../src/middleware/openclaw');
 
+  // Daemon mode: fork to background
+  if (isDaemon) {
+    const { spawn } = require('child_process');
+    const daemonArgs = process.argv.slice(2).filter(a => a !== '--daemon');
+    const child = spawn(process.execPath, [__filename, ...daemonArgs], {
+      detached: true,
+      stdio: 'ignore',
+    });
+    child.unref();
+    const pidFile = path.join(process.env.HOME, '.clawmoat.pid');
+    fs.writeFileSync(pidFile, String(child.pid));
+    console.log(`${BOLD}🏰 ClawMoat daemon started${RESET} (PID: ${child.pid})`);
+    console.log(`${DIM}PID file: ${pidFile}${RESET}`);
+    process.exit(0);
+  }
+
+  // Set up alert manager
+  const alertChannels = ['console'];
+  if (webhookUrl) alertChannels.push('webhook');
+  const alertMgr = new AlertManager({ channels: alertChannels, webhookUrl });
+
   console.log(`${BOLD}🏰 ClawMoat Live Monitor${RESET}`);
   console.log(`${DIM}Watching: ${agentDir}${RESET}`);
+  if (webhookUrl) console.log(`${DIM}Webhook: ${webhookUrl}${RESET}`);
   console.log(`${DIM}Press Ctrl+C to stop${RESET}\n`);
 
   const monitor = watchSessions({ agentDir });
   if (!monitor) process.exit(1);
 
+  // Also start credential monitor
+  const credMon = new CredentialMonitor({ quiet: false, onAlert: (a) => alertMgr.send(a) });
+  credMon.start();
+
   // Print summary every 60s
   setInterval(() => {
     const summary = monitor.getSummary();
@@ -359,12 +497,267 @@ function cmdWatch(args) {
 
   process.on('SIGINT', () => {
     monitor.stop();
+    credMon.stop();
     const summary = monitor.getSummary();
     console.log(`\n${BOLD}Session Summary:${RESET} ${summary.scanned} scanned, ${summary.blocked} blocked, ${summary.warnings} warnings`);
     process.exit(0);
   });
 }
 
+function cmdSkillAudit(args) {
+  const skillsDir = args[0] || path.join(process.env.HOME, '.openclaw', 'workspace', 'skills');
+
+  console.log(`${BOLD}🏰 ClawMoat Skill Integrity Audit${RESET}`);
+  console.log(`${DIM}Directory: ${skillsDir}${RESET}\n`);
+
+  if (!fs.existsSync(skillsDir)) {
+    console.log(`${YELLOW}Skills directory not found: ${skillsDir}${RESET}`);
+    console.log(`${DIM}Specify path: clawmoat skill-audit /path/to/skills${RESET}`);
+    process.exit(0);
+  }
+
+  const checker = new SkillIntegrityChecker({ skillsDir });
+  const initResult = checker.init();
+
+  console.log(`Files hashed: ${initResult.files}`);
+  console.log(`New files: ${initResult.new}`);
+  console.log(`Changed files: ${initResult.changed}`);
+  console.log();
+
+  if (initResult.suspicious.length > 0) {
+    console.log(`${RED}${BOLD}Suspicious patterns found:${RESET}`);
+    for (const f of initResult.suspicious) {
+      console.log(`  ${RED}⚠${RESET} ${f.file}: ${f.label} ${DIM}(${f.severity})${RESET}`);
+      if (f.matched) console.log(`    ${DIM}Matched: ${f.matched}${RESET}`);
+    }
+  } else {
+    console.log(`${GREEN}✅ No suspicious patterns found${RESET}`);
+  }
+
+  // Run audit against stored hashes
+  const audit = checker.audit();
+  if (!audit.ok) {
+    console.log();
+    if (audit.changed.length) console.log(`${RED}Changed files:${RESET} ${audit.changed.join(', ')}`);
+    if (audit.missing.length) console.log(`${YELLOW}Missing files:${RESET} ${audit.missing.join(', ')}`);
+  }
+
+  process.exit(initResult.suspicious.length > 0 || initResult.changed > 0 ? 1 : 0);
+}
+
+function cmdReport(args) {
+  const sessionsDir = args[0] || path.join(process.env.HOME, '.openclaw/agents/main/sessions');
+
+  console.log(`${BOLD}🏰 ClawMoat Activity Report (Last 24h)${RESET}`);
+  console.log(`${DIM}Sessions: ${sessionsDir}${RESET}\n`);
+
+  if (!fs.existsSync(sessionsDir)) {
+    console.log(`${YELLOW}Sessions directory not found${RESET}`);
+    process.exit(0);
+  }
+
+  const oneDayAgo = Date.now() - 86400000;
+  const files = fs.readdirSync(sessionsDir).filter(f => f.endsWith('.jsonl'));
+  let recentFiles = 0;
+  let totalEntries = 0;
+  let toolCalls = 0;
+  let threats = 0;
+  const toolUsage = {};
+
+  for (const file of files) {
+    const filePath = path.join(sessionsDir, file);
+    try {
+      const stat = fs.statSync(filePath);
+      if (stat.mtimeMs < oneDayAgo) continue;
+    } catch { continue; }
+
+    recentFiles++;
+    const lines = fs.readFileSync(filePath, 'utf8').split('\n').filter(Boolean);
+
+    for (const line of lines) {
+      try {
+        const entry = JSON.parse(line);
+        totalEntries++;
+
+        if (entry.role === 'assistant' && Array.isArray(entry.content)) {
+          for (const part of entry.content) {
+            if (part.type === 'toolCall') {
+              toolCalls++;
+              toolUsage[part.name] = (toolUsage[part.name] || 0) + 1;
+            }
+          }
+        }
+
+        // Quick threat scan
+        const text = extractContent(entry);
+        if (text) {
+          const result = moat.scan(text, { context: 'report' });
+          if (!result.safe) threats++;
+        }
+      } catch {}
+    }
+  }
+
+  // Network egress
+  const netLogger = new NetworkEgressLogger();
+  const netResult = netLogger.scanSessions(sessionsDir, { maxAge: 86400000 });
+
+  console.log(`${BOLD}Activity:${RESET}`);
+  console.log(`  Sessions active: ${recentFiles}`);
+  console.log(`  Total entries: ${totalEntries}`);
+  console.log(`  Tool calls: ${toolCalls}`);
+  console.log(`  Threats detected: ${threats}`);
+  console.log();
+
+  if (Object.keys(toolUsage).length > 0) {
+    console.log(`${BOLD}Tool Usage:${RESET}`);
+    const sorted = Object.entries(toolUsage).sort((a, b) => b[1] - a[1]);
+    for (const [tool, count] of sorted.slice(0, 15)) {
+      console.log(`  ${tool}: ${count}`);
+    }
+    console.log();
+  }
+
+  // Insider threat scan on recent sessions
+  const insiderDetector = new InsiderThreatDetector();
+  let insiderThreats = 0;
+  let insiderHighScore = 0;
+
+  for (const file of files) {
+    const filePath = path.join(sessionsDir, file);
+    try {
+      const stat = fs.statSync(filePath);
+      if (stat.mtimeMs < oneDayAgo) continue;
+    } catch { continue; }
+
+    const transcript = parseSessionTranscript(filePath);
+    const insiderResult = insiderDetector.analyze(transcript);
+    insiderThreats += insiderResult.threats.length;
+    if (insiderResult.riskScore > insiderHighScore) insiderHighScore = insiderResult.riskScore;
+  }
+
+  console.log(`${BOLD}Insider Threats:${RESET}`);
+  console.log(`  Threats detected: ${insiderThreats}`);
+  console.log(`  Highest risk score: ${insiderHighScore}/100`);
+  console.log();
+
+  console.log(`${BOLD}Network Egress:${RESET}`);
+  console.log(`  URLs contacted: ${netResult.totalUrls}`);
+  console.log(`  Unique domains: ${netResult.domains.length}`);
+  console.log(`  Flagged (not in allowlist): ${netResult.flagged.length}`);
+  console.log(`  Known-bad domains: ${netResult.badDomains.length}`);
+
+  if (netResult.flagged.length > 0) {
+    console.log(`\n  ${YELLOW}Flagged domains:${RESET}`);
+    for (const d of netResult.flagged.slice(0, 20)) {
+      console.log(`    • ${d}`);
+    }
+  }
+
+  if (netResult.badDomains.length > 0) {
+    console.log(`\n  ${RED}Bad domains:${RESET}`);
+    for (const b of netResult.badDomains) {
+      console.log(`    🚨 ${b.domain} (in ${b.file})`);
+    }
+  }
+
+  process.exit(threats > 0 || netResult.badDomains.length > 0 ? 1 : 0);
+}
+
+function cmdInsiderScan(args) {
+  const sessionFile = args[0];
+
+  if (!sessionFile) {
+    // Scan all recent sessions
+    const sessionsDir = path.join(process.env.HOME, '.openclaw/agents/main/sessions');
+    if (!fs.existsSync(sessionsDir)) {
+      console.error(`Sessions directory not found: ${sessionsDir}`);
+      console.log(`Usage: clawmoat insider-scan <session-file.jsonl>`);
+      process.exit(1);
+    }
+
+    console.log(`${BOLD}🏰 ClawMoat Insider Threat Scan${RESET}`);
+    console.log(`${DIM}Directory: ${sessionsDir}${RESET}\n`);
+
+    const detector = new InsiderThreatDetector();
+    const files = fs.readdirSync(sessionsDir).filter(f => f.endsWith('.jsonl'));
+    let totalThreats = 0;
+
+    for (const file of files) {
+      const filePath = path.join(sessionsDir, file);
+      const transcript = parseSessionTranscript(filePath);
+      const result = detector.analyze(transcript);
+
+      if (result.threats.length > 0) {
+        console.log(`${RED}⚠ ${file}${RESET}: ${result.threats.length} threat(s), score=${result.riskScore}, rec=${result.recommendation}`);
+        totalThreats += result.threats.length;
+        for (const t of result.threats) {
+          const icon = t.severity === 'critical' ? '🚨' : t.severity === 'high' ? '⚠️' : '⚡';
+          console.log(`  ${icon} ${t.type} [${t.severity}]: ${t.description}`);
+          console.log(`    ${DIM}Evidence: ${t.evidence}${RESET}`);
+        }
+      } else {
+        console.log(`${GREEN}✓ ${file}${RESET}: clean`);
+      }
+    }
+
+    console.log(`\n${BOLD}Summary:${RESET} ${files.length} sessions scanned, ${totalThreats} insider threats found`);
+    process.exit(totalThreats > 0 ? 1 : 0);
+    return;
+  }
+
+  // Scan single file
+  if (!fs.existsSync(sessionFile)) {
+    console.error(`File not found: ${sessionFile}`);
+    process.exit(1);
+  }
+
+  console.log(`${BOLD}🏰 ClawMoat Insider Threat Scan${RESET}`);
+  console.log(`${DIM}File: ${sessionFile}${RESET}\n`);
+
+  const detector = new InsiderThreatDetector();
+  const transcript = parseSessionTranscript(sessionFile);
+  const result = detector.analyze(transcript);
+
+  if (result.threats.length === 0) {
+    console.log(`${GREEN}✅ No insider threats detected${RESET}`);
+    console.log(`Risk score: ${result.riskScore}/100`);
+    console.log(`Recommendation: ${result.recommendation}`);
+    process.exit(0);
+  }
+
+  console.log(`${RED}${BOLD}Insider Threats Detected: ${result.threats.length}${RESET}`);
+  console.log(`Risk score: ${result.riskScore}/100`);
+  console.log(`Recommendation: ${result.recommendation}\n`);
+
+  for (const t of result.threats) {
+    const icon = { critical: '🚨', high: '⚠️', medium: '⚡', low: 'ℹ️' };
+    const color = { critical: RED, high: RED, medium: YELLOW, low: CYAN };
+    console.log(
+      `${icon[t.severity] || '•'} ${color[t.severity] || ''}${t.severity.toUpperCase()}${RESET} ` +
+      `${BOLD}${t.type}${RESET}` +
+      `\n  ${t.description}` +
+      `\n  ${DIM}Evidence: ${t.evidence}${RESET}` +
+      `\n  ${DIM}Entry: #${t.entry}${RESET}` +
+      `\n  ${DIM}Mitigation: ${t.mitigation}${RESET}`
+    );
+    console.log();
+  }
+
+  process.exit(result.threats.some(t => t.severity === 'critical') ? 2 : 1);
+}
+
+function parseSessionTranscript(filePath) {
+  const lines = fs.readFileSync(filePath, 'utf8').split('\n').filter(Boolean);
+  const entries = [];
+  for (const line of lines) {
+    try {
+      entries.push(JSON.parse(line));
+    } catch {}
+  }
+  return entries;
+}
+
 function extractContent(entry) {
   if (typeof entry.content === 'string') return entry.content;
   if (Array.isArray(entry.content)) {
@@ -376,9 +769,87 @@ function extractContent(entry) {
   return null;
 }
 
+function printUpgrade() {
+  console.log(`
+${BOLD}🏰 Upgrade to ClawMoat Pro${RESET}
+
+  ${GREEN}✦${RESET} Threat intelligence feed & real-time alerts
+  ${GREEN}✦${RESET} Security dashboard with audit logs
+  ${GREEN}✦${RESET} Custom forbidden zones (YAML)
+  ${GREEN}✦${RESET} Priority pattern updates & email support
+
+  ${BOLD}$14.99/mo${RESET} (first 30 days free) or ${BOLD}$149/year${RESET} (save 17%)
+
+  ${CYAN}→ https://clawmoat.com/#pricing${RESET}
+
+  Already have a license key? Run:
+    ${DIM}clawmoat activate <LICENSE-KEY>${RESET}
+`);
+}
+
+function cmdActivate(args) {
+  const key = args[0];
+  if (!key) {
+    console.error('Usage: clawmoat activate <LICENSE-KEY>');
+    console.error('Get your key at https://clawmoat.com/#pricing');
+    process.exit(1);
+  }
+
+  const configDir = path.join(process.env.HOME, '.clawmoat');
+  if (!fs.existsSync(configDir)) fs.mkdirSync(configDir, { recursive: true });
+
+  // Validate key against server
+  const https = require('https');
+  const postData = JSON.stringify({ key });
+  const req = https.request('https://clawmoat-production.up.railway.app/api/validate', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json', 'Content-Length': postData.length },
+  }, (res) => {
+    let body = '';
+    res.on('data', c => body += c);
+    res.on('end', () => {
+      try {
+        const data = JSON.parse(body);
+        if (data.valid) {
+          fs.writeFileSync(path.join(configDir, 'license.json'), JSON.stringify({
+            key, plan: data.plan, email: data.email, activatedAt: new Date().toISOString(),
+          }, null, 2));
+          console.log(`${GREEN}✅ License activated!${RESET}`);
+          console.log(`   Plan: ${BOLD}${data.plan}${RESET}`);
+          console.log(`   Email: ${data.email}`);
+          console.log(`\n   Pro features are now enabled. 🏰`);
+        } else {
+          console.error(`${RED}Invalid or expired license key.${RESET}`);
+          console.error(`Get a key at https://clawmoat.com/#pricing`);
+          process.exit(1);
+        }
+      } catch {
+        console.error(`${RED}Error validating key. Try again later.${RESET}`);
+        process.exit(1);
+      }
+    });
+  });
+  req.on('error', () => {
+    console.error(`${RED}Could not reach license server. Check your connection.${RESET}`);
+    process.exit(1);
+  });
+  req.write(postData);
+  req.end();
+}
+
+function getLicense() {
+  try {
+    const licPath = path.join(process.env.HOME, '.clawmoat', 'license.json');
+    return JSON.parse(fs.readFileSync(licPath, 'utf8'));
+  } catch { return null; }
+}
+
 function printHelp() {
+  const lic = getLicense();
+  const planLabel = lic ? `${GREEN}${lic.plan}${RESET}` : `Free ${DIM}(upgrade: clawmoat upgrade)${RESET}`;
   console.log(`
 ${BOLD}🏰 ClawMoat v${VERSION}${RESET} — Security moat for AI agents
+  Plan: ${planLabel}
 
 ${BOLD}USAGE${RESET}
   clawmoat scan <text>            Scan text for threats
@@ -387,13 +858,24 @@ ${BOLD}USAGE${RESET}
   clawmoat audit [session-dir]    Audit OpenClaw session logs
   clawmoat audit --badge          Audit + generate security score badge SVG
   clawmoat watch [agent-dir]      Live monitor OpenClaw sessions
+  clawmoat watch --daemon         Daemonize watch mode (background, PID file)
+  clawmoat watch --alert-webhook=URL   Send alerts to webhook
+  clawmoat skill-audit [skills-dir]    Verify skill file integrity & scan for suspicious patterns
+  clawmoat insider-scan [session-file]  Scan sessions for insider threats (self-preservation, blackmail, deception)
+  clawmoat report [sessions-dir]  24-hour activity summary report
+  clawmoat verify-cve <CVE-ID> [url]  Verify a CVE against GitHub Advisory DB
   clawmoat test                   Run detection test suite
+  clawmoat activate <KEY>         Activate a Pro/Team license key
+  clawmoat upgrade                Show upgrade options & pricing
   clawmoat version                Show version
 
 ${BOLD}EXAMPLES${RESET}
   clawmoat scan "Ignore all previous instructions"
   clawmoat scan --file suspicious-email.txt
   clawmoat audit ~/.openclaw/agents/main/sessions/
+  clawmoat watch --daemon --alert-webhook=https://hooks.example.com/alerts
+  clawmoat skill-audit ~/.openclaw/workspace/skills
+  clawmoat report
   clawmoat test
 
 ${BOLD}CONFIG${RESET}

package/docs/blog/index.html

@@ -59,6 +59,30 @@ nav .container{display:flex;align-items:center;justify-content:space-between}
   </div>
 
   <div class="posts">
+    <div class="post-card">
+      <h2><a href="/blog/supply-chain-agents.html">Your AI Agent Just Got a Dependabot Email. Should It Click the Link?</a></h2>
+      <div class="post-meta">February 19, 2026 · 5 min read</div>
+      <p class="post-desc">A real CVE-2026-26960 alert exposed the gap between human instinct and AI agent obedience. Supply chain attacks are about to get a lot more dangerous when your AI agent blindly runs npm audit fix. Here's how ClawMoat catches it.</p>
+      <div class="tags">
+        <span class="tag">supply-chain</span>
+        <span class="tag">ai-agents</span>
+        <span class="tag">security</span>
+        <span class="tag">CVE</span>
+      </div>
+    </div>
+
+    <div class="post-card">
+      <h2><a href="/blog/v050-trust-layer.html">v0.5.0: The Trust Layer for AI Agents, Wherever They Run</a></h2>
+      <div class="post-meta">February 19, 2026 · 3 min read</div>
+      <p class="post-desc">ClawMoat v0.5.0 goes beyond laptop security. Credential file monitoring, skill integrity checking, network egress logging, inter-agent message scanning (10 attack patterns), and a full alert delivery system. Informed by research from Cisco, Snyk, SecurityScorecard, and Permiso — because 13.4% of ClawHub skills have critical issues and 135K instances are exposed. 128 tests, zero dependencies.</p>
+      <div class="tags">
+        <span class="tag">release</span>
+        <span class="tag">v0.5.0</span>
+        <span class="tag">security</span>
+        <span class="tag">inter-agent</span>
+      </div>
+    </div>
+
     <div class="post-card">
       <h2><a href="/blog/securing-ai-agents.html">Your AI Agent Has Shell Access. Here's How to Secure It.</a></h2>
       <div class="post-meta">February 13, 2026 · 4 min read</div>