mohuclaw 1.0.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 MohuClaw
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,64 @@
+# MohuClaw
+
+[![npm version](https://img.shields.io/npm/v/mohuclaw.svg)](https://www.npmjs.com/package/mohuclaw)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+OpenClaw 安全审计工具，支持终端和 Web 双界面交互式安全分析。
+
+## 特性
+
+- **7 大安全类别**：网络暴露、访问控制、执行沙箱、凭证存储、内存投毒、供应链安全、资源成本
+- **59 项安全检查**：覆盖 20+ CVE 漏洞
+- **实时扫描进度**：TUI / WebUI 双界面支持
+- **自动修复**：一键修复检测到的安全问题
+- **IOC 威胁情报**：内置恶意 IP/域名检测
+- **多语言支持**：中文 / 英文界面切换
+
+## 安装
+
+```bash
+npm install -g mohuclaw
+```
+
+## 使用
+
+### WebUI 模式
+
+```bash
+mohuclaw-webui
+```
+
+访问 http://localhost:12340
+
+### TUI 模式
+
+```bash
+mohuclaw-tui
+```
+
+| 快捷键 | 功能 |
+|--------|------|
+| `check` + Enter | 开始扫描 |
+| `↑` `↓` | 滚动列表 |
+| `c` | 选择模式 |
+| `Space` | 切换自动修复 |
+| `f` | 执行修复 |
+| `Esc` | 退出选择 |
+
+## 配置
+
+```bash
+export OPENCLAW_HOME=/path/to/openclaw
+```
+
+默认路径：`~/.openclaw`
+
+## 要求
+
+- Node.js >= 18.0.0
+- Linux (推荐 Ubuntu/Debian)
+- Bash
+
+## License
+
+MIT

package/bin/mohu-tui.js

@@ -0,0 +1,73 @@
+#!/usr/bin/env node
+
+/**
+ * MohuClaw TUI CLI Entry Point
+ * This script dynamically locates the compiled TUI bundle
+ */
+
+import { fileURLToPath } from 'url';
+import path from 'path';
+import { spawn } from 'child_process';
+import fs from 'fs';
+
+if (typeof global.self === 'undefined') {
+  global.self = global;
+}
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+// Get the package installation directory
+const PACKAGE_DIR = path.resolve(__dirname, '..');
+
+// Try to find the compiled TUI in dist/tui/tui.js
+const TUI_PATH = path.join(PACKAGE_DIR, 'dist', 'tui', 'tui.js');
+
+// Check if TUI exists
+if (!fs.existsSync(TUI_PATH)) {
+  console.error('❌ Error: TUI bundle not found at:', TUI_PATH);
+  console.error('');
+  console.error('Please run the build process first:');
+  console.error('  npm run build');
+  console.error('');
+  console.error('Or if you installed from npm, please reinstall:');
+  console.error('  npm install -g mohu-claw');
+  process.exit(1);
+}
+
+// Get scripts directory for reference
+const SCRIPTS_DIR = path.join(PACKAGE_DIR, 'scripts');
+
+if (!fs.existsSync(SCRIPTS_DIR)) {
+  console.error('❌ Error: Scripts directory not found at:', SCRIPTS_DIR);
+  process.exit(1);
+}
+
+// Set environment variables for Linux
+const env = {
+  ...process.env,
+  // Ensure we're using bash
+  SHELL: '/bin/bash',
+};
+
+// Execute the TUI with tsx or node
+import { createRequire } from 'module';
+const require = createRequire(import.meta.url);
+
+// Try to find tsx or use node directly
+let executor = 'node';
+try {
+  // Check if tsx is available
+  const tsxPath = require.resolve('tsx', { paths: [PACKAGE_DIR] });
+  executor = 'node';
+  process.argv = ['node', tsxPath, TUI_PATH, ...process.argv.slice(2)];
+} catch (e) {
+  // tsx not available, use node directly
+  process.argv = ['node', TUI_PATH, ...process.argv.slice(2)];
+}
+
+// Import and run the TUI
+import(TUI_PATH).catch(err => {
+  console.error('❌ Error running TUI:', err.message);
+  process.exit(1);
+});

package/bin/mohu-webui.js

@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+
+/**
+ * MohuClaw WebUI CLI Entry Point
+ * This script dynamically locates the server.js and starts the web server
+ */
+
+import { fileURLToPath } from 'url';
+import path from 'path';
+import fs from 'fs';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+// Get the package installation directory
+const PACKAGE_DIR = path.resolve(__dirname, '..');
+
+// Try to find the server in dist/webui/server.js
+const SERVER_PATH = path.join(PACKAGE_DIR, 'dist', 'webui', 'server.js');
+const INDEX_HTML_PATH = path.join(PACKAGE_DIR, 'dist', 'webui', 'index.html');
+
+// Check if server exists
+if (!fs.existsSync(SERVER_PATH)) {
+  console.error('❌ Error: WebUI server not found at:', SERVER_PATH);
+  console.error('');
+  console.error('Please run the build process first:');
+  console.error('  npm run build');
+  console.error('');
+  console.error('Or if you installed from npm, please reinstall:');
+  console.error('  npm install -g mohu-claw');
+  process.exit(1);
+}
+
+if (!fs.existsSync(INDEX_HTML_PATH)) {
+  console.error('❌ Error: index.html not found at:', INDEX_HTML_PATH);
+  process.exit(1);
+}
+
+// Get scripts directory for reference
+const SCRIPTS_DIR = path.join(PACKAGE_DIR, 'scripts');
+const IOC_DIR = path.join(PACKAGE_DIR, 'ioc');
+
+if (!fs.existsSync(SCRIPTS_DIR)) {
+  console.error('❌ Error: Scripts directory not found at:', SCRIPTS_DIR);
+  process.exit(1);
+}
+
+// Set environment variables
+const env = {
+  ...process.env,
+  // Set package directory as environment variable for server to use
+  MOHU_CLAW_PACKAGE_DIR: PACKAGE_DIR,
+  MOHU_CLAW_SCRIPTS_DIR: SCRIPTS_DIR,
+  MOHU_CLAW_IOC_DIR: IOC_DIR,
+};
+
+console.log('🛡️  Starting MohuClaw WebUI...');
+console.log('   Package Directory:', PACKAGE_DIR);
+console.log('   Scripts Directory:', SCRIPTS_DIR);
+console.log('');
+
+// Import and run the server
+import(SERVER_PATH).catch(err => {
+  console.error('❌ Error starting WebUI server:', err.message);
+  console.error(err.stack);
+  process.exit(1);
+});