clawmoat 0.7.0 → 1.0.0

package/server/data/threats.json

@@ -0,0 +1,290 @@
+[
+  {
+    "id": "CLAWMOAT-2026-0001",
+    "title": "LiteLLM .pth File Injection — Credential Stealer in PyPI",
+    "published": "2026-03-24T00:00:00Z",
+    "updated": "2026-03-26T00:00:00Z",
+    "severity": "critical",
+    "category": "supply-chain",
+    "tags": [
+      "python",
+      "pypi",
+      "credential-theft",
+      "pth-injection",
+      "ai-agent"
+    ],
+    "summary": "LiteLLM versions 1.82.7 and 1.82.8 contain a credential-stealing payload delivered via a .pth file that Python's site module auto-executes on interpreter startup. Harvests SSH keys, cloud credentials, API keys, and crypto wallets. Package has 97M monthly downloads.",
+    "affected": {
+      "packages": [
+        "litellm==1.82.7",
+        "litellm==1.82.8"
+      ],
+      "ecosystems": [
+        "pypi"
+      ]
+    },
+    "ioc": {
+      "domains": [
+        "models.litellm.cloud"
+      ],
+      "files": [
+        "litellm_init.pth"
+      ],
+      "hashes": [],
+      "patterns": [
+        "exec(base64.b64decode(",
+        "litellm_init.pth",
+        "import base64; exec(base64.b64decode"
+      ]
+    },
+    "detection": {
+      "clawmoat_module": "scanners/supply-chain",
+      "clawmoat_function": "scanSkillContent",
+      "rules_triggered": [
+        "obfuscated_exec_b64",
+        "pth_file_injection",
+        "pth_known_malicious_litellm",
+        "exfil_litellm_lookalike"
+      ]
+    },
+    "mitigation": "Check version: pip show litellm | grep Version. Search for payload: find / -name litellm_init.pth 2>/dev/null. If affected: rotate ALL credentials — SSH keys, AWS/GCP/Azure creds, API keys, K8s configs, database passwords.",
+    "references": [
+      "https://github.com/BerriAI/litellm/issues/24512",
+      "https://news.ycombinator.com/item?id=47501426",
+      "https://awesomeagents.ai/news/litellm-supply-chain-compromise-credential-theft/"
+    ]
+  },
+  {
+    "id": "CLAWMOAT-2026-0002",
+    "title": "Meta Internal AI Agent Causes Sensitive Data Leak",
+    "published": "2026-03-20T00:00:00Z",
+    "updated": "2026-03-20T00:00:00Z",
+    "severity": "high",
+    "category": "excessive-agency",
+    "tags": [
+      "ai-agent",
+      "data-leak",
+      "excessive-agency",
+      "internal"
+    ],
+    "summary": "A Meta internal AI agent responded to an engineer's question with incorrect instructions that, when followed, exposed sensitive user and company data to internal employees for two hours. Highlights risk of AI agents operating with broad system access and no runtime guardrails.",
+    "affected": {
+      "packages": [],
+      "ecosystems": [
+        "internal-ai-agents"
+      ]
+    },
+    "ioc": {
+      "domains": [],
+      "files": [],
+      "hashes": [],
+      "patterns": []
+    },
+    "detection": {
+      "clawmoat_module": "scanners/excessive-agency",
+      "clawmoat_function": "scanExcessiveAgency",
+      "rules_triggered": [
+        "excessive_data_access",
+        "unbounded_action_scope"
+      ]
+    },
+    "mitigation": "Enforce least-privilege access for AI agents. Require human approval for actions affecting sensitive data. Use ClawMoat Guardian permission tiers to restrict agent scope.",
+    "references": [
+      "https://www.theguardian.com/technology/2026/mar/20/meta-ai-agents-instruction-causes-large-sensitive-data-leak-to-employees"
+    ]
+  },
+  {
+    "id": "CLAWMOAT-2026-0003",
+    "title": "1,748 Active API Keys Exposed Across 10,000 Websites",
+    "published": "2026-03-23T00:00:00Z",
+    "updated": "2026-03-25T00:00:00Z",
+    "severity": "high",
+    "category": "credential-exposure",
+    "tags": [
+      "api-keys",
+      "javascript",
+      "bundler",
+      "aws",
+      "stripe",
+      "openai",
+      "github"
+    ],
+    "summary": "Stanford researchers scanned 10M web pages and found 1,748 verified active credentials from 14 major providers (AWS, Stripe, GitHub, OpenAI) on nearly 10,000 websites. 84% were in JavaScript bundles. Average exposure time: 12 months. Affected orgs include a global financial institution and major hosting platform.",
+    "affected": {
+      "packages": [],
+      "ecosystems": [
+        "javascript",
+        "web"
+      ]
+    },
+    "ioc": {
+      "domains": [],
+      "files": [],
+      "hashes": [],
+      "patterns": [
+        "AKIA[A-Z0-9]{16}",
+        "sk-[a-zA-Z0-9]{48}",
+        "ghp_[a-zA-Z0-9]{36}"
+      ]
+    },
+    "detection": {
+      "clawmoat_module": "scanners/secrets",
+      "clawmoat_function": "scanSecrets",
+      "rules_triggered": [
+        "aws_access_key",
+        "openai_api_key",
+        "github_token",
+        "stripe_key"
+      ]
+    },
+    "mitigation": "Scan your JavaScript bundles for exposed credentials before deployment. Never embed API keys in client-side code. Use environment variables and server-side proxies for all third-party API calls.",
+    "references": [
+      "https://www.newscientist.com/article/2520143-security-credentials-inadvertently-leaked-on-thousands-of-websites/"
+    ]
+  },
+  {
+    "id": "CLAWMOAT-2026-0004",
+    "title": "Gemini API Key Theft Leads to $82,314 Bill",
+    "published": "2026-03-01T00:00:00Z",
+    "updated": "2026-03-20T00:00:00Z",
+    "severity": "high",
+    "category": "credential-exposure",
+    "tags": [
+      "api-keys",
+      "google",
+      "gemini",
+      "gcp",
+      "financial-impact"
+    ],
+    "summary": "A developer received an $82,314 GCP bill after a Gemini API key was stolen. Root cause: GCP API key over-scoping and lack of key rotation policies. AI agent workflows that embed API keys in code or config files are particularly vulnerable.",
+    "affected": {
+      "packages": [],
+      "ecosystems": [
+        "gcp",
+        "python",
+        "ai-agent"
+      ]
+    },
+    "ioc": {
+      "domains": [],
+      "files": [],
+      "hashes": [],
+      "patterns": [
+        "AIza[0-9A-Za-z\\-_]{35}"
+      ]
+    },
+    "detection": {
+      "clawmoat_module": "scanners/secrets",
+      "clawmoat_function": "scanSecrets",
+      "rules_triggered": [
+        "gcp_api_key"
+      ]
+    },
+    "mitigation": "Scope API keys to minimum required permissions. Set billing alerts. Rotate keys regularly. Use secret managers (GCP Secret Manager, AWS Secrets Manager) instead of embedding keys in code.",
+    "references": [
+      "https://www.cloudquery.io/blog/gcp-gemini-api-key-audit"
+    ]
+  },
+  {
+    "id": "CLAWMOAT-2026-0005",
+    "title": "Trivy Supply Chain Compromise — CI/CD Security Scanner Poisoned",
+    "published": "2026-03-19T00:00:00Z",
+    "updated": "2026-03-24T00:00:00Z",
+    "severity": "critical",
+    "category": "supply-chain",
+    "tags": [
+      "trivy",
+      "ci-cd",
+      "supply-chain",
+      "github-actions",
+      "devops"
+    ],
+    "summary": "TeamPCP compromised the Trivy security scanner used in CI/CD pipelines. By poisoning a security tool, attackers gained publish access to downstream packages including LiteLLM (97M monthly downloads). Attack chain: Trivy → CI/CD token → PyPI publish token → poisoned package → credential harvest.",
+    "affected": {
+      "packages": [
+        "trivy (affected CI/CD versions)",
+        "litellm==1.82.7",
+        "litellm==1.82.8"
+      ],
+      "ecosystems": [
+        "pypi",
+        "github-actions",
+        "ci-cd"
+      ]
+    },
+    "ioc": {
+      "domains": [
+        "models.litellm.cloud"
+      ],
+      "files": [
+        "litellm_init.pth"
+      ],
+      "hashes": [],
+      "patterns": [
+        "TeamPCP"
+      ]
+    },
+    "detection": {
+      "clawmoat_module": "scanners/supply-chain",
+      "clawmoat_function": "scanSkill",
+      "rules_triggered": [
+        "supply_chain_untrusted_source",
+        "obfuscated_exec_b64"
+      ]
+    },
+    "mitigation": "Pin all CI/CD tool versions. Verify checksums of security tools before use. Scope CI/CD tokens to minimum permissions — PyPI publish tokens should be package-scoped. Rotate all tokens after any dependency upgrade.",
+    "references": [
+      "https://ramimac.me/trivy-teampcp/",
+      "https://news.ycombinator.com/item?id=47450142"
+    ]
+  },
+  {
+    "id": "CLAWMOAT-2026-0006",
+    "title": "AnythingLLM SQL Injection in SQL Agent (CVE-2026-32628)",
+    "published": "2026-03-26T00:00:00Z",
+    "updated": "2026-03-26T00:00:00Z",
+    "severity": "high",
+    "category": "excessive-agency",
+    "tags": [
+      "sql-injection",
+      "ai-agent",
+      "anythingllm",
+      "database",
+      "cve"
+    ],
+    "summary": "CVE-2026-32628: High-severity SQL injection in AnythingLLM (56K GitHub stars) built-in SQL Agent affects MySQL, PostgreSQL, and MSSQL connectors. The agent has direct DB access and the flaw allows attackers to execute arbitrary SQL through it.",
+    "affected": {
+      "packages": [
+        "anythingllm"
+      ],
+      "ecosystems": [
+        "npm",
+        "docker"
+      ]
+    },
+    "ioc": {
+      "domains": [],
+      "files": [],
+      "hashes": [],
+      "patterns": [
+        "SELECT * FROM",
+        "UNION SELECT",
+        "DROP TABLE",
+        "1=1"
+      ]
+    },
+    "detection": {
+      "clawmoat_module": "scanners/excessive-agency",
+      "clawmoat_function": "scanExcessiveAgency",
+      "rules_triggered": [
+        "excessive_data_access",
+        "unbounded_db_query",
+        "sql_injection_pattern"
+      ]
+    },
+    "mitigation": "Update AnythingLLM immediately. Restrict SQL Agent to read-only database user. Never grant AI agents DROP/DELETE/ALTER permissions.",
+    "references": [
+      "https://hackernoon.com/a-56000-star-ai-app-shipped-with-a-textbook-sql-injection-flaw"
+    ]
+  }
+]

package/server/index.js

@@ -1,4 +1,6 @@
 const http = require('http');
+const fs = require('fs');
+const path = require('path');
 const Stripe = require('stripe');
 
 const stripe = Stripe(process.env.STRIPE_SECRET_KEY);
@@ -6,17 +8,62 @@ const PORT = process.env.PORT || 3000;
 const SITE_URL = process.env.SITE_URL || 'https://clawmoat.com';
 
 const PRICES = {
+  // Security Kit (one-time purchase)
+  'security-kit':   process.env.PRICE_SECURITY_KIT   || 'price_1T5F3LAUiOw2ZIorTAPB0Q76',  // $29 one-time (legacy)
+  'dev-monthly':    process.env.PRICE_DEV_MONTHLY   || 'price_1TFnOIAUiOw2ZIor6V5PdXBx',  // $9/mo
+  'dev-yearly':     process.env.PRICE_DEV_YEARLY    || 'price_1TFnOIAUiOw2ZIorJhG9KYZX',  // $90/yr
   // Pro subscriptions
-  'shield-monthly': process.env.PRICE_SHIELD_MONTHLY || 'price_1T0an4AUiOw2ZIorxQRyAxvQ',  // $14.99/mo
-  'shield-yearly':  process.env.PRICE_SHIELD_YEARLY  || 'price_1T0an4AUiOw2ZIorfHx7RowT',  // $149/yr
+  'shield-monthly': process.env.PRICE_SHIELD_MONTHLY || 'price_1T5F23AUiOw2ZIor2oUgTD8W',  // $14.99/mo (legacy)
+  'shield-yearly':  process.env.PRICE_SHIELD_YEARLY  || 'price_1T5F23AUiOw2ZIorQLdy51G0',  // $149/yr (legacy)
   // Team subscriptions
-  'team-monthly':   process.env.PRICE_TEAM_MONTHLY   || 'price_1T0aqrAUiOw2ZIorh4gjBPGt',  // $49/mo
-  'team-yearly':    process.env.PRICE_TEAM_YEARLY    || 'price_1T0asRAUiOw2ZIorxAi69uwl',  // $499/yr
+  'team-monthly':   process.env.PRICE_TEAM_MONTHLY   || 'price_1TFnOJAUiOw2ZIorunRX8OKm',  // $49/mo
+  'team-yearly':    process.env.PRICE_TEAM_YEARLY    || 'price_1TFnOJAUiOw2ZIorlOfiCnNk',  // $490/yr
 };
 
+const ONE_TIME_PLANS = new Set(['security-kit']);
+
 // In-memory license store (replace with DB in production)
 const licenses = new Map();
 
+// ─── Threat Intel helpers ─────────────────────────────────────────────────────
+
+const THREATS_PATH = path.join(__dirname, 'data/threats.json');
+const API_KEYS_PATH = path.join(__dirname, 'data/api-keys.json');
+
+function loadThreats() {
+  try { return JSON.parse(fs.readFileSync(THREATS_PATH, 'utf8')); }
+  catch { return []; }
+}
+
+function loadApiKeys() {
+  try { return JSON.parse(fs.readFileSync(API_KEYS_PATH, 'utf8')); }
+  catch { return {}; }
+}
+
+function saveApiKeys(keys) {
+  fs.writeFileSync(API_KEYS_PATH, JSON.stringify(keys, null, 2));
+}
+
+function checkApiKey(req) {
+  const key = req.headers['x-api-key'];
+  if (!key) return null;
+  const keys = loadApiKeys();
+  return keys[key] ? { key, ...keys[key] } : null;
+}
+
+function trackApiUsage(apiKey) {
+  const keys = loadApiKeys();
+  if (keys[apiKey]) {
+    keys[apiKey].calls_this_month = (keys[apiKey].calls_this_month || 0) + 1;
+    saveApiKeys(keys);
+  }
+}
+
+function parseQuery(url) {
+  const u = new URL(url, 'http://localhost');
+  return Object.fromEntries(u.searchParams.entries());
+}
+
 function generateLicenseKey() {
   const chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
   const segments = [];
@@ -70,22 +117,27 @@ const server = http.createServer(async (req, res) => {
     const priceId = PRICES[body.plan];
 
     if (!priceId) {
-      return json(res, 400, { error: 'Invalid plan. Use: shield-monthly, shield-yearly, team-monthly, team-yearly' });
+      return json(res, 400, { error: 'Invalid plan. Use: dev-monthly, dev-yearly, team-monthly, team-yearly' });
     }
 
     try {
+      const isOneTime = ONE_TIME_PLANS.has(body.plan);
       const sessionParams = {
-        mode: 'subscription',
+        mode: isOneTime ? 'payment' : 'subscription',
         line_items: [{ price: priceId, quantity: 1 }],
-        success_url: `${SITE_URL}/thanks.html?session_id={CHECKOUT_SESSION_ID}`,
+        success_url: `https://app.clawmoat.com/dashboard?welcome=true&session_id={CHECKOUT_SESSION_ID}`,
         cancel_url: `${SITE_URL}/#pricing`,
         allow_promotion_codes: true,
         customer_email: body.email || undefined,
-        subscription_data: {
+      };
+      if (!isOneTime) {
+        sessionParams.subscription_data = {
           trial_period_days: 30,
           metadata: { plan: body.plan },
-        },
-      };
+        };
+      } else {
+        sessionParams.metadata = { plan: body.plan };
+      }
       const session = await stripe.checkout.sessions.create(sessionParams);
       return json(res, 200, { url: session.url });
     } catch (err) {
@@ -154,6 +206,168 @@ const server = http.createServer(async (req, res) => {
     return json(res, 200, { received: true });
   }
 
+  // Live stats endpoint (cached 15 min)
+  if (req.method === 'GET' && req.url === '/api/stats') {
+    res.setHeader('Access-Control-Allow-Origin', '*');
+    
+    const CACHE_TTL = 15 * 60 * 1000; // 15 minutes
+    const now = Date.now();
+    
+    if (global._statsCache && (now - global._statsCacheTime) < CACHE_TTL) {
+      return json(res, 200, global._statsCache);
+    }
+    
+    try {
+      const https = require('https');
+      const fetchJSON = (url) => new Promise((resolve, reject) => {
+        https.get(url, { headers: { 'User-Agent': 'ClawMoat-Stats/1.0' } }, (r) => {
+          let data = '';
+          r.on('data', c => data += c);
+          r.on('end', () => { try { resolve(JSON.parse(data)); } catch { resolve(null); } });
+        }).on('error', reject);
+      });
+      
+      const [npmWeek, npmTotal] = await Promise.all([
+        fetchJSON('https://api.npmjs.org/downloads/point/last-week/clawmoat'),
+        fetchJSON('https://api.npmjs.org/downloads/point/2026-01-01:2099-12-31/clawmoat'),
+      ]);
+      
+      // GitHub stats (public API, no auth needed)
+      const ghRepo = await fetchJSON('https://api.github.com/repos/darfaz/clawmoat');
+      
+      // Try to get clone stats (needs auth, may fail on public API)
+      let clones = 0;
+      try {
+        const ghClones = await fetchJSON('https://api.github.com/repos/darfaz/clawmoat/traffic/clones');
+        clones = ghClones?.count || 0;
+      } catch {}
+      
+      const stats = {
+        npm_downloads_week: npmWeek?.downloads || 0,
+        npm_downloads_total: npmTotal?.downloads || 0,
+        github_stars: ghRepo?.stargazers_count || 0,
+        github_forks: ghRepo?.forks_count || 0,
+        github_issues: ghRepo?.open_issues_count || 0,
+        github_clones: clones || 870, // fallback to last known if API requires auth
+        total: (npmTotal?.downloads || 0) + (clones || 870) + (ghRepo?.forks_count || 0),
+        updated_at: new Date().toISOString(),
+      };
+      
+      global._statsCache = stats;
+      global._statsCacheTime = now;
+      
+      return json(res, 200, stats);
+    } catch (err) {
+      return json(res, 200, global._statsCache || { error: 'Stats temporarily unavailable' });
+    }
+  }
+
+  // Contact form (Business inquiries)
+  if (req.method === 'POST' && req.url === '/api/contact') {
+    const body = await readBody(req);
+    const { name, email, company, teamSize, agents, concerns } = body;
+    if (!email) return json(res, 400, { error: 'Email required' });
+    
+    console.log(`🏢 Business inquiry: ${name} <${email}> @ ${company} (${teamSize}, ${agents} agents)`);
+    console.log(`   Concerns: ${concerns}`);
+    
+    // TODO: Send notification email, store in CRM
+    // For now, log it — we'll check server logs
+    return json(res, 200, { success: true, message: 'Thank you! We\'ll be in touch within 24 hours.' });
+  }
+
+  // ─── Threat Intel API ──────────────────────────────────────────────────────
+
+  // GET /api/v1/threats
+  if (req.method === 'GET' && req.url.startsWith('/api/v1/threats')) {
+    const apiUser = checkApiKey(req);
+    if (!apiUser) return json(res, 401, { error: 'API key required. Add X-API-Key header. Get a free key at clawmoat.com/api' });
+
+    // Rate limit free tier
+    if (apiUser.tier === 'free' && apiUser.calls_this_month >= (apiUser.monthly_limit || 100)) {
+      return json(res, 429, { error: 'Free tier limit reached (100 calls/month). Upgrade at clawmoat.com/#pricing' });
+    }
+
+    trackApiUsage(apiUser.key);
+    const threats = loadThreats();
+
+    // Single threat by id: /api/v1/threats/CLAWMOAT-2026-0001
+    const idMatch = req.url.match(/^\/api\/v1\/threats\/([^?]+)/);
+    if (idMatch) {
+      const threat = threats.find(t => t.id === idMatch[1]);
+      if (!threat) return json(res, 404, { error: 'Threat not found' });
+      return json(res, 200, { threat });
+    }
+
+    // List with filters
+    const q = parseQuery(req.url);
+    let filtered = threats;
+    if (q.category) filtered = filtered.filter(t => t.category === q.category);
+    if (q.severity)  filtered = filtered.filter(t => t.severity === q.severity);
+    if (q.tags)      filtered = filtered.filter(t => q.tags.split(',').every(tag => t.tags.includes(tag)));
+    if (q.since)     filtered = filtered.filter(t => t.published >= q.since);
+    const limit = Math.min(parseInt(q.limit) || 20, 100);
+    filtered = filtered.slice(0, limit);
+
+    const updated = threats.reduce((max, t) => t.updated > max ? t.updated : max, '');
+    return json(res, 200, { threats: filtered, count: filtered.length, total: threats.length, updated });
+  }
+
+  // GET /api/v1/ioc — aggregated indicators of compromise
+  if (req.method === 'GET' && req.url.startsWith('/api/v1/ioc')) {
+    const apiUser = checkApiKey(req);
+    if (!apiUser) return json(res, 401, { error: 'API key required. Add X-API-Key header. Get a free key at clawmoat.com/api' });
+
+    if (apiUser.tier === 'free' && apiUser.calls_this_month >= (apiUser.monthly_limit || 100)) {
+      return json(res, 429, { error: 'Free tier limit reached (100 calls/month). Upgrade at clawmoat.com/#pricing' });
+    }
+
+    trackApiUsage(apiUser.key);
+    const threats = loadThreats();
+
+    const ioc = { domains: new Set(), files: new Set(), patterns: new Set() };
+    for (const t of threats) {
+      (t.ioc?.domains  || []).forEach(d => ioc.domains.add(d));
+      (t.ioc?.files    || []).forEach(f => ioc.files.add(f));
+      (t.ioc?.patterns || []).forEach(p => ioc.patterns.add(p));
+    }
+
+    const updated = threats.reduce((max, t) => t.updated > max ? t.updated : max, '');
+    return json(res, 200, {
+      domains:  [...ioc.domains],
+      files:    [...ioc.files],
+      patterns: [...ioc.patterns],
+      threat_count: threats.length,
+      updated,
+    });
+  }
+
+  // POST /api/v1/keys — generate free API key
+  if (req.method === 'POST' && req.url === '/api/v1/keys') {
+    const body = await readBody(req);
+    if (!body.email) return json(res, 400, { error: 'email required' });
+
+    const newKey = 'cm-' + require('crypto').randomBytes(16).toString('hex');
+    const keys = loadApiKeys();
+    keys[newKey] = {
+      tier: 'free',
+      email: body.email,
+      calls_this_month: 0,
+      monthly_limit: 100,
+      created: new Date().toISOString().slice(0, 10),
+      label: 'Free tier — ' + body.email,
+    };
+    saveApiKeys(keys);
+    console.log(`New API key issued: ${body.email}`);
+    return json(res, 201, {
+      api_key: newKey,
+      tier: 'free',
+      monthly_limit: 100,
+      docs: 'https://clawmoat.com/docs/api',
+    });
+  }
+
+  // ─── License validation endpoint (called by CLI) ──────────────────────────
   // License validation endpoint (called by CLI)
   if (req.method === 'POST' && req.url === '/api/validate') {
     const body = await readBody(req);