nxtsecure-openclaw 0.1.1 → 0.1.2

package/README.md

@@ -62,10 +62,38 @@ npm run nxtsecure -- openclaw cron install --log ~/openclaw-security-audit.log
 npm run nxtsecure -- openclaw help
 npm run nxtsecure -- openclaw audit --config ./openclaw-security-audit.conf
 npm run nxtsecure -- openclaw cron install --log ~/openclaw-security-audit.log
+npm run nxtsecure -- openclaw doctor
 npm run nxtsecure -- openclaw vt url https://example.test
 npm run nxtsecure -- openclaw vt file /path/to/sample.bin
 ```
 
+## Doctor
+
+Use `doctor` to verify that the local environment is ready before running the audit:
+
+```bash
+npm run nxtsecure -- openclaw doctor
+```
+
+It checks the presence of Node.js, npm, bash, git, and the bundled audit files.
+
+## Release and publish
+
+This repository is configured for npm trusted publishing with GitHub Actions.
+
+1. Make sure npm trusted publishing points to:
+   `scorpion7slayer / nxtsecure-openclaw / publish.yml`
+2. Update the version in `package.json`
+3. Commit and push to `main`
+4. Create and push a matching git tag:
+
+```bash
+git tag v0.1.2
+git push origin v0.1.2
+```
+
+Pushing a `v*` tag triggers `.github/workflows/publish.yml`, which publishes the package to npm using OIDC.
+
 ## VirusTotal mode
 
 This repository intentionally avoids the VirusTotal API.

package/bin/nxtsecure.mjs

@@ -29,12 +29,14 @@ Usage:
   nxtsecure openclaw vt url <url> [--allow-uploads]
   nxtsecure openclaw vt file <path> [--allow-uploads]
   nxtsecure openclaw config init [--output PATH] [--force]
+  nxtsecure openclaw doctor
   nxtsecure openclaw paths
 
 Examples:
   nxtsecure openclaw config init --output ./openclaw-security-audit.conf
   nxtsecure openclaw audit --config ./openclaw-security-audit.conf
   nxtsecure openclaw cron install --log ~/openclaw-security-audit.log
+  nxtsecure openclaw doctor
   nxtsecure openclaw vt url https://example.test
   nxtsecure openclaw vt file /tmp/sample.bin --allow-uploads
 `);
@@ -78,6 +80,13 @@ function hasFlag(argv, flagName) {
   return argv.includes(flagName);
 }
 
+function commandExists(commandName) {
+  const result = spawnSync('sh', ['-c', `command -v "${commandName}"`], {
+    stdio: 'ignore'
+  });
+  return result.status === 0;
+}
+
 function withoutOption(argv, optionName) {
   const index = argv.indexOf(optionName);
   if (index === -1) {
@@ -167,6 +176,35 @@ function commandPaths(argv) {
   console.log(`configExample=${paths.configExample}`);
 }
 
+function commandDoctor(argv) {
+  if (argv.length !== 0) {
+    fail(`Unknown doctor arguments: ${argv.join(' ')}`);
+  }
+
+  const checks = [
+    ['node >= 18', Number.parseInt(process.versions.node.split('.')[0], 10) >= 18, process.versions.node],
+    ['bash available', commandExists('bash'), 'required for bundled scripts'],
+    ['git available', commandExists('git'), 'recommended for release workflow'],
+    ['npm available', commandExists('npm'), 'required for package workflow'],
+    ['audit script present', existsSync(paths.audit), paths.audit],
+    ['cron script present', existsSync(paths.cron), paths.cron],
+    ['VirusTotal helper present', existsSync(paths.vt), paths.vt],
+    ['config example present', existsSync(paths.configExample), paths.configExample]
+  ];
+
+  let failures = 0;
+  for (const [label, ok, detail] of checks) {
+    console.log(`${ok ? 'OK' : 'FAIL'} ${label}${detail ? ` (${detail})` : ''}`);
+    if (!ok) {
+      failures += 1;
+    }
+  }
+
+  if (failures > 0) {
+    process.exit(1);
+  }
+}
+
 function runOpenClaw(argv) {
   const [command = 'help', ...rest] = argv;
 
@@ -188,6 +226,9 @@ function runOpenClaw(argv) {
     case 'config':
       commandConfig(rest);
       break;
+    case 'doctor':
+      commandDoctor(rest);
+      break;
     case 'paths':
       commandPaths(rest);
       break;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nxtsecure-openclaw",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "npm CLI wrapper for the OpenClaw security audit skill",
   "license": "MIT",
   "type": "module",