hackmyagent 0.11.4 → 0.11.6

package/dist/hardening/index.d.ts

@@ -5,6 +5,7 @@ export { HardeningScanner } from './scanner';
 export type { ScanOptions } from './scanner';
 export type { SecurityCheck, CheckResult, FixResult, SecurityFinding, ScanResult, Severity, } from './security-check';
 export { getAttackClass, enrichWithTaxonomy } from './taxonomy';
+export { NemoClawScanner, NEMOCLAW_CATEGORIES } from './nemoclaw-scanner';
 export { classifySkillSection, isLikelyFalsePositive } from './skill-context';
 export type { SkillSection } from './skill-context';
 export { parseDeclaredCapabilities, inferActualCapabilities, validateCapabilities, } from './skill-capability-validator';

package/dist/hardening/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/hardening/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAC7C,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAE7C,YAAY,EACV,aAAa,EACb,WAAW,EACX,SAAS,EACT,eAAe,EACf,UAAU,EACV,QAAQ,GACT,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAC9E,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,GACrB,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,yBAAyB,EACzB,kBAAkB,GACnB,MAAM,8BAA8B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/hardening/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAC7C,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAE7C,YAAY,EACV,aAAa,EACb,WAAW,EACX,SAAS,EACT,eAAe,EACf,UAAU,EACV,QAAQ,GACT,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AAC9E,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,GACrB,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,yBAAyB,EACzB,kBAAkB,GACnB,MAAM,8BAA8B,CAAC"}

package/dist/hardening/index.js

@@ -3,12 +3,15 @@
  * Hardening module
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.validateCapabilities = exports.inferActualCapabilities = exports.parseDeclaredCapabilities = exports.isLikelyFalsePositive = exports.classifySkillSection = exports.enrichWithTaxonomy = exports.getAttackClass = exports.HardeningScanner = void 0;
+exports.validateCapabilities = exports.inferActualCapabilities = exports.parseDeclaredCapabilities = exports.isLikelyFalsePositive = exports.classifySkillSection = exports.NEMOCLAW_CATEGORIES = exports.NemoClawScanner = exports.enrichWithTaxonomy = exports.getAttackClass = exports.HardeningScanner = void 0;
 var scanner_1 = require("./scanner");
 Object.defineProperty(exports, "HardeningScanner", { enumerable: true, get: function () { return scanner_1.HardeningScanner; } });
 var taxonomy_1 = require("./taxonomy");
 Object.defineProperty(exports, "getAttackClass", { enumerable: true, get: function () { return taxonomy_1.getAttackClass; } });
 Object.defineProperty(exports, "enrichWithTaxonomy", { enumerable: true, get: function () { return taxonomy_1.enrichWithTaxonomy; } });
+var nemoclaw_scanner_1 = require("./nemoclaw-scanner");
+Object.defineProperty(exports, "NemoClawScanner", { enumerable: true, get: function () { return nemoclaw_scanner_1.NemoClawScanner; } });
+Object.defineProperty(exports, "NEMOCLAW_CATEGORIES", { enumerable: true, get: function () { return nemoclaw_scanner_1.NEMOCLAW_CATEGORIES; } });
 var skill_context_1 = require("./skill-context");
 Object.defineProperty(exports, "classifySkillSection", { enumerable: true, get: function () { return skill_context_1.classifySkillSection; } });
 Object.defineProperty(exports, "isLikelyFalsePositive", { enumerable: true, get: function () { return skill_context_1.isLikelyFalsePositive; } });

package/dist/hardening/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/hardening/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,qCAA6C;AAApC,2GAAA,gBAAgB,OAAA;AAYzB,uCAAgE;AAAvD,0GAAA,cAAc,OAAA;AAAE,8GAAA,kBAAkB,OAAA;AAC3C,iDAA8E;AAArE,qHAAA,oBAAoB,OAAA;AAAE,sHAAA,qBAAqB,OAAA;AAEpD,2EAIsC;AAHpC,uIAAA,yBAAyB,OAAA;AACzB,qIAAA,uBAAuB,OAAA;AACvB,kIAAA,oBAAoB,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/hardening/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAEH,qCAA6C;AAApC,2GAAA,gBAAgB,OAAA;AAYzB,uCAAgE;AAAvD,0GAAA,cAAc,OAAA;AAAE,8GAAA,kBAAkB,OAAA;AAC3C,uDAA0E;AAAjE,mHAAA,eAAe,OAAA;AAAE,uHAAA,mBAAmB,OAAA;AAC7C,iDAA8E;AAArE,qHAAA,oBAAoB,OAAA;AAAE,sHAAA,qBAAqB,OAAA;AAEpD,2EAIsC;AAHpC,uIAAA,yBAAyB,OAAA;AACzB,qIAAA,uBAAuB,OAAA;AACvB,kIAAA,oBAAoB,OAAA"}

package/dist/hardening/nemoclaw-scanner.d.ts

@@ -0,0 +1,46 @@
+/**
+ * NemoClaw Hardening Scanner
+ *
+ * Scans a live NemoClaw installation for misconfigurations, exposed secrets,
+ * network exposure, skill/blueprint integrity issues, and privilege escalation risks.
+ *
+ * Check ID range: HMA-NMC-001 through HMA-NMC-052
+ */
+import type { SecurityFinding } from './security-check';
+export declare const NEMOCLAW_CATEGORIES: readonly ["secrets", "network", "skills", "process", "openclaw-layer"];
+export declare class NemoClawScanner {
+    scan(targetDir: string, options?: {
+        autoFix?: boolean;
+        dryRun?: boolean;
+    }): Promise<SecurityFinding[]>;
+    private checkSecrets;
+    private checkNMC001;
+    private checkNMC002;
+    private checkNMC003;
+    private checkNMC004;
+    private checkNMC005;
+    private checkNMC006;
+    private checkNetwork;
+    private checkPortBinding;
+    private checkNMC012;
+    private checkNMC013;
+    private checkNMC014;
+    private checkSkills;
+    private checkNMC020;
+    private checkNMC021;
+    private checkNMC022;
+    private checkNMC023;
+    private checkNMC024;
+    private checkProcess;
+    private checkNMC030;
+    private checkNMC031;
+    private checkNMC032;
+    private checkNMC033;
+    private checkNMC034;
+    private checkOpenClawLayer;
+    private checkNMC041;
+    private checkNMC042;
+    private checkInternetExposure;
+    private detectFirewallRule;
+}
+//# sourceMappingURL=nemoclaw-scanner.d.ts.map

package/dist/hardening/nemoclaw-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nemoclaw-scanner.d.ts","sourceRoot":"","sources":["../../src/hardening/nemoclaw-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,OAAO,KAAK,EAAE,eAAe,EAAY,MAAM,kBAAkB,CAAC;AAMlE,eAAO,MAAM,mBAAmB,wEAMtB,CAAC;AAqJX,qBAAa,eAAe;IACpB,IAAI,CACR,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE;QAAE,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,OAAO,CAAA;KAAO,GACpD,OAAO,CAAC,eAAe,EAAE,CAAC;IA4C7B,OAAO,CAAC,YAAY;IAwBpB,OAAO,CAAC,WAAW;IA8FnB,OAAO,CAAC,WAAW;IAuEnB,OAAO,CAAC,WAAW;IA6EnB,OAAO,CAAC,WAAW;IA+DnB,OAAO,CAAC,WAAW;IAuDnB,OAAO,CAAC,WAAW;IA2DnB,OAAO,CAAC,YAAY;IAuCpB,OAAO,CAAC,gBAAgB;IA8BxB,OAAO,CAAC,WAAW;IA8BnB,OAAO,CAAC,WAAW;IA+BnB,OAAO,CAAC,WAAW;IAmCnB,OAAO,CAAC,WAAW;IAqBnB,OAAO,CAAC,WAAW;IA2CnB,OAAO,CAAC,WAAW;IAgDnB,OAAO,CAAC,WAAW;IA0BnB,OAAO,CAAC,WAAW;IAsCnB,OAAO,CAAC,WAAW;IA4DnB,OAAO,CAAC,YAAY;IAqBpB,OAAO,CAAC,WAAW;IAuCnB,OAAO,CAAC,WAAW;IAkDnB,OAAO,CAAC,WAAW;IAmDnB,OAAO,CAAC,WAAW;IA0CnB,OAAO,CAAC,WAAW;IA8CnB,OAAO,CAAC,kBAAkB;IAsB1B,OAAO,CAAC,WAAW;IA4DnB,OAAO,CAAC,WAAW;IA+DnB,OAAO,CAAC,qBAAqB;IAiE7B,OAAO,CAAC,kBAAkB;CAuB3B"}