openclaw-guardian 0.2.1 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"blacklist.d.ts","sourceRoot":"","sources":["../../src/blacklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,MAAM,cAAc,GAAG;IAC3B,KAAK,EAAE,UAAU,GAAG,SAAS,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;
|
|
1
|
+
{"version":3,"file":"blacklist.d.ts","sourceRoot":"","sources":["../../src/blacklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,MAAM,cAAc,GAAG;IAC3B,KAAK,EAAE,UAAU,GAAG,SAAS,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAqOF;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI,CA4DzE;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI,CAI1E;AAqBD;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,cAAc,GAAG,IAAI,CAmB3G"}
|
package/dist/src/blacklist.js
CHANGED
|
@@ -128,6 +128,19 @@ function matchRules(text, rules, level) {
|
|
|
128
128
|
}
|
|
129
129
|
return null;
|
|
130
130
|
}
|
|
131
|
+
/**
|
|
132
|
+
* Like matchRules but skips quote/comment detection.
|
|
133
|
+
* Used for interpreter payloads where quotes are language syntax, not shell quoting.
|
|
134
|
+
*/
|
|
135
|
+
function matchRulesRaw(text, rules, level) {
|
|
136
|
+
for (const rule of rules) {
|
|
137
|
+
const m = rule.pattern.exec(text);
|
|
138
|
+
if (m) {
|
|
139
|
+
return { level, pattern: rule.pattern.source, reason: rule.reason };
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
return null;
|
|
143
|
+
}
|
|
131
144
|
// ── Command Segmentation ───────────────────────────────────────────
|
|
132
145
|
function splitCommand(cmd) {
|
|
133
146
|
// Split on shell operators, but not inside quotes
|
|
@@ -168,6 +181,37 @@ function splitCommand(cmd) {
|
|
|
168
181
|
segments.push(current.trim());
|
|
169
182
|
return segments.filter(Boolean);
|
|
170
183
|
}
|
|
184
|
+
// ── Shell Wrapper Extraction ───────────────────────────────────────
|
|
185
|
+
/**
|
|
186
|
+
* Extract payload from shell wrapper commands like:
|
|
187
|
+
* bash -c "rm -rf /tmp/test"
|
|
188
|
+
* sh -lc 'dangerous command'
|
|
189
|
+
* bash -c 'cmd1 && cmd2'
|
|
190
|
+
* Returns the inner payload string, or null if not a wrapper.
|
|
191
|
+
*/
|
|
192
|
+
function extractShellWrapperPayload(command) {
|
|
193
|
+
// Match: bash|sh|zsh|dash [-flags]c "payload" or 'payload'
|
|
194
|
+
const wrapperMatch = command.match(/^\s*(?:\/(?:usr\/)?bin\/)?(?:bash|sh|zsh|dash)\s+(?:-[a-zA-Z]*c|-c)\s+(?:"((?:[^"\\]|\\.)*)"|'([^']*)'|(\S+))/);
|
|
195
|
+
if (wrapperMatch) {
|
|
196
|
+
return wrapperMatch[1] ?? wrapperMatch[2] ?? wrapperMatch[3] ?? null;
|
|
197
|
+
}
|
|
198
|
+
return null;
|
|
199
|
+
}
|
|
200
|
+
/**
|
|
201
|
+
* Extract inline code from interpreter commands:
|
|
202
|
+
* python -c "import os; os.system('rm -rf /')"
|
|
203
|
+
* python3 -c "..."
|
|
204
|
+
* node -e "..."
|
|
205
|
+
* perl -e "..."
|
|
206
|
+
* ruby -e "..."
|
|
207
|
+
*/
|
|
208
|
+
function extractInterpreterPayload(command) {
|
|
209
|
+
const interpMatch = command.match(/^\s*(?:python[23]?|node|perl|ruby)\s+(?:-[a-zA-Z]*[ce]|-[ce])\s+(?:"((?:[^"\\]|\\.)*)"|'([^']*)')/);
|
|
210
|
+
if (interpMatch) {
|
|
211
|
+
return interpMatch[1] ?? interpMatch[2] ?? null;
|
|
212
|
+
}
|
|
213
|
+
return null;
|
|
214
|
+
}
|
|
171
215
|
// ── Public API ─────────────────────────────────────────────────────
|
|
172
216
|
/**
|
|
173
217
|
* Check a command (exec) against blacklist.
|
|
@@ -191,8 +235,38 @@ export function checkExecBlacklist(command) {
|
|
|
191
235
|
const fullMatch = matchRules(command, PIPE_ATTACKS, "critical");
|
|
192
236
|
if (fullMatch)
|
|
193
237
|
return fullMatch;
|
|
194
|
-
// Phase 2:
|
|
238
|
+
// Phase 2: Unwrap shell wrappers (bash -c, sh -lc, etc.)
|
|
239
|
+
// This prevents bypass via: bash -c "rm -rf /important"
|
|
195
240
|
const segments = splitCommand(command);
|
|
241
|
+
for (const seg of segments) {
|
|
242
|
+
// Check for shell wrapper bypass
|
|
243
|
+
const shellPayload = extractShellWrapperPayload(seg);
|
|
244
|
+
if (shellPayload) {
|
|
245
|
+
// Recursively check the inner payload
|
|
246
|
+
const innerMatch = checkExecBlacklist(shellPayload);
|
|
247
|
+
if (innerMatch) {
|
|
248
|
+
return {
|
|
249
|
+
...innerMatch,
|
|
250
|
+
reason: `${innerMatch.reason} (via shell wrapper: ${seg.slice(0, 40)}...)`,
|
|
251
|
+
};
|
|
252
|
+
}
|
|
253
|
+
}
|
|
254
|
+
// Check for interpreter inline code
|
|
255
|
+
const interpPayload = extractInterpreterPayload(seg);
|
|
256
|
+
if (interpPayload) {
|
|
257
|
+
// Check interpreter payload against exec blacklist patterns
|
|
258
|
+
// Use matchRulesRaw: quotes inside interpreter code are language syntax, not shell quoting
|
|
259
|
+
const innerMatch = matchRulesRaw(interpPayload, CRITICAL_EXEC, "critical")
|
|
260
|
+
?? matchRulesRaw(interpPayload, WARNING_EXEC, "warning");
|
|
261
|
+
if (innerMatch) {
|
|
262
|
+
return {
|
|
263
|
+
...innerMatch,
|
|
264
|
+
reason: `${innerMatch.reason} (via interpreter inline code)`,
|
|
265
|
+
};
|
|
266
|
+
}
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
// Phase 3: Split on shell operators and check each segment
|
|
196
270
|
for (const seg of segments) {
|
|
197
271
|
// Whitelist check: safe commands skip blacklist entirely
|
|
198
272
|
if (SAFE_EXEC.some(re => re.test(seg)))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"blacklist.js","sourceRoot":"","sources":["../../src/blacklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAaH,sEAAsE;AACtE,qDAAqD;AAErD,MAAM,aAAa,GAAW;IAC5B,6DAA6D;IAC7D,EAAE,OAAO,EAAE,2EAA2E,EAAE,MAAM,EAAE,kCAAkC,EAAE;IACpI,EAAE,OAAO,EAAE,kDAAkD,EAAE,MAAM,EAAE,0BAA0B,EAAE;IACnG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,0BAA0B,EAAE;IACzD,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAClE,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAChE,6CAA6C;IAC7C,EAAE,OAAO,EAAE,gDAAgD,EAAE,MAAM,EAAE,2BAA2B,EAAE;IAClG,EAAE,OAAO,EAAE,4CAA4C,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACtG,kBAAkB;IAClB,EAAE,OAAO,EAAE,yBAAyB,EAAE,MAAM,EAAE,wBAAwB,EAAE;IACxE,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,2BAA2B,EAAE;IACnE,qCAAqC;IACrC,EAAE,OAAO,EAAE,qCAAqC,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC1F,4BAA4B;IAC5B,sBAAsB;IACtB,EAAE,OAAO,EAAE,uCAAuC,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACpF,EAAE,OAAO,EAAE,4CAA4C,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACzF,4CAA4C;IAC5C,gCAAgC;IAChC,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,8BAA8B,EAAE;IACvE,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,0CAA0C,EAAE;IACtF,qCAAqC;IACrC,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACrF,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,8BAA8B,EAAE;CAC1E,CAAC;AAEF,MAAM,aAAa,GAAW;IAC5B,EAAE,OAAO,EAAE,oCAAoC,EAAE,MAAM,EAAE,2BAA2B,EAAE;IACtF,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,yBAAyB,EAAE;CAC5D,CAAC;AAEF,sEAAsE;AACtE,oDAAoD;AAEpD,MAAM,YAAY,GAAW;IAC3B,8EAA8E;IAC9E,EAAE,OAAO,EAAE,gCAAgC,EAAE,MAAM,EAAE,yBAAyB,EAAE;IAChF,uBAAuB;IACvB,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,6BAA6B,EAAE;IAC/D,wBAAwB;IACxB,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,uCAAuC,EAAE;IAChF,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,6BAA6B,EAAE;IACnE,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAClE,aAAa;IACb,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,8BAA8B,EAAE;IACnE,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACxD,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,iBAAiB,EAAE;IACpD,qEAAqE;IACrE,EAAE,OAAO,EAAE,iCAAiC,EAAE,MAAM,EAAE,gCAAgC,EAAE;IACxF,uBAAuB;IACvB,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAC1E,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,gBAAgB,EAAE;IACrD,8FAA8F;IAC9F,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACnE,2BAA2B;IAC3B,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACvE,EAAE,OAAO,EAAE,yCAAyC,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAC5F,uBAAuB;IACvB,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACpE,kBAAkB;IAClB,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAC7D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAC9D,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAC/D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAClE,qBAAqB;IACrB,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACvE,+DAA+D;IAC/D,EAAE,OAAO,EAAE,+CAA+C,EAAE,MAAM,EAAE,gDAAgD,EAAE;CACvH,CAAC;AAEF,MAAM,YAAY,GAAW;IAC3B,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC/D,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,2BAA2B,EAAE;CAC9D,CAAC;AAEF,uEAAuE;AAEvE,MAAM,SAAS,GAAa;IAC1B,0DAA0D;IAC1D,wBAAwB;IACxB,oCAAoC;IACpC,6GAA6G;IAC7G,qFAAqF;IACrF,qBAAqB;IACrB,qEAAqE;IACrE,oHAAoH;IACpH,6BAA6B;IAC7B,qDAAqD;IACrD,wDAAwD;IACxD,qBAAqB;IACrB,6CAA6C;IAC7C,2CAA2C;IAC3C,eAAe;IACf,cAAc;CACf,CAAC;AAEF,sEAAsE;AAEtE,SAAS,mBAAmB,CAAC,IAAY,EAAE,UAAkB;IAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAEzC,wBAAwB;IACxB,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACvD,IAAI,YAAY,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,wBAAwB;IACxB,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACvD,IAAI,YAAY,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,8CAA8C;IAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAClD,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sEAAsE;AAEtE,SAAS,UAAU,CAAC,IAAY,EAAE,KAAa,EAAE,KAA6B;IAC5E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACtE,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sEAAsE;AAEtE,SAAS,YAAY,CAAC,GAAW;IAC/B,kDAAkD;IAClD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,QAAQ,GAAG,CAAC,QAAQ,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/E,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,QAAQ,GAAG,CAAC,QAAQ,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3B,+CAA+C;YAC/C,IAAI,CAAC,EAAE,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;gBAC7E,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9B,OAAO,GAAG,EAAE,CAAC;gBACb,CAAC,EAAE,CAAC,CAAC,mBAAmB;gBACxB,SAAS;YACX,CAAC;YACD,iCAAiC;YACjC,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC5C,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9B,OAAO,GAAG,EAAE,CAAC;gBACb,SAAS;YACX,CAAC;QACH,CAAC;QACD,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,EAAE;QAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAClD,OAAO,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAClC,CAAC;AAED,sEAAsE;AAEtE;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,gEAAgE;IAChE,kFAAkF;IAClF,MAAM,YAAY,GAAW;QAC3B,EAAE,OAAO,EAAE,mDAAmD,EAAE,MAAM,EAAE,8BAA8B,EAAE;QACxG,EAAE,OAAO,EAAE,sDAAsD,EAAE,MAAM,EAAE,4CAA4C,EAAE;QACzH,EAAE,OAAO,EAAE,sDAAsD,EAAE,MAAM,EAAE,4CAA4C,EAAE;QACzH,EAAE,OAAO,EAAE,uCAAuC,EAAE,MAAM,EAAE,oBAAoB,EAAE;QAClF,EAAE,OAAO,EAAE,yCAAyC,EAAE,MAAM,EAAE,sBAAsB,EAAE;QACtF,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,2BAA2B,EAAE;QACjF,EAAE,OAAO,EAAE,mCAAmC,EAAE,MAAM,EAAE,2BAA2B,EAAE;KACtF,CAAC;IACF,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAChE,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAEhC,
|
|
1
|
+
{"version":3,"file":"blacklist.js","sourceRoot":"","sources":["../../src/blacklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAaH,sEAAsE;AACtE,qDAAqD;AAErD,MAAM,aAAa,GAAW;IAC5B,6DAA6D;IAC7D,EAAE,OAAO,EAAE,2EAA2E,EAAE,MAAM,EAAE,kCAAkC,EAAE;IACpI,EAAE,OAAO,EAAE,kDAAkD,EAAE,MAAM,EAAE,0BAA0B,EAAE;IACnG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,0BAA0B,EAAE;IACzD,EAAE,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAClE,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAChE,6CAA6C;IAC7C,EAAE,OAAO,EAAE,gDAAgD,EAAE,MAAM,EAAE,2BAA2B,EAAE;IAClG,EAAE,OAAO,EAAE,4CAA4C,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACtG,kBAAkB;IAClB,EAAE,OAAO,EAAE,yBAAyB,EAAE,MAAM,EAAE,wBAAwB,EAAE;IACxE,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,2BAA2B,EAAE;IACnE,qCAAqC;IACrC,EAAE,OAAO,EAAE,qCAAqC,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC1F,4BAA4B;IAC5B,sBAAsB;IACtB,EAAE,OAAO,EAAE,uCAAuC,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACpF,EAAE,OAAO,EAAE,4CAA4C,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACzF,4CAA4C;IAC5C,gCAAgC;IAChC,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,8BAA8B,EAAE;IACvE,EAAE,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAE,0CAA0C,EAAE;IACtF,qCAAqC;IACrC,EAAE,OAAO,EAAE,2BAA2B,EAAE,MAAM,EAAE,mCAAmC,EAAE;IACrF,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,EAAE,8BAA8B,EAAE;CAC1E,CAAC;AAEF,MAAM,aAAa,GAAW;IAC5B,EAAE,OAAO,EAAE,oCAAoC,EAAE,MAAM,EAAE,2BAA2B,EAAE;IACtF,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,yBAAyB,EAAE;CAC5D,CAAC;AAEF,sEAAsE;AACtE,oDAAoD;AAEpD,MAAM,YAAY,GAAW;IAC3B,8EAA8E;IAC9E,EAAE,OAAO,EAAE,gCAAgC,EAAE,MAAM,EAAE,yBAAyB,EAAE;IAChF,uBAAuB;IACvB,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,6BAA6B,EAAE;IAC/D,wBAAwB;IACxB,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,EAAE,uCAAuC,EAAE;IAChF,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,6BAA6B,EAAE;IACnE,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAClE,aAAa;IACb,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,8BAA8B,EAAE;IACnE,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,mBAAmB,EAAE;IACxD,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,iBAAiB,EAAE;IACpD,qEAAqE;IACrE,EAAE,OAAO,EAAE,iCAAiC,EAAE,MAAM,EAAE,gCAAgC,EAAE;IACxF,uBAAuB;IACvB,EAAE,OAAO,EAAE,8BAA8B,EAAE,MAAM,EAAE,qBAAqB,EAAE;IAC1E,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,gBAAgB,EAAE;IACrD,8FAA8F;IAC9F,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACnE,2BAA2B;IAC3B,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACvE,EAAE,OAAO,EAAE,yCAAyC,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAC5F,uBAAuB;IACvB,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,EAAE,sBAAsB,EAAE;IACpE,kBAAkB;IAClB,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAC7D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,0BAA0B,EAAE;IAC9D,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,4BAA4B,EAAE;IAC/D,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAClE,qBAAqB;IACrB,EAAE,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,iCAAiC,EAAE;IACvE,+DAA+D;IAC/D,EAAE,OAAO,EAAE,+CAA+C,EAAE,MAAM,EAAE,gDAAgD,EAAE;CACvH,CAAC;AAEF,MAAM,YAAY,GAAW;IAC3B,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,8BAA8B,EAAE;IAC/D,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,2BAA2B,EAAE;CAC9D,CAAC;AAEF,uEAAuE;AAEvE,MAAM,SAAS,GAAa;IAC1B,0DAA0D;IAC1D,wBAAwB;IACxB,oCAAoC;IACpC,6GAA6G;IAC7G,qFAAqF;IACrF,qBAAqB;IACrB,qEAAqE;IACrE,oHAAoH;IACpH,6BAA6B;IAC7B,qDAAqD;IACrD,wDAAwD;IACxD,qBAAqB;IACrB,6CAA6C;IAC7C,2CAA2C;IAC3C,eAAe;IACf,cAAc;CACf,CAAC;AAEF,sEAAsE;AAEtE,SAAS,mBAAmB,CAAC,IAAY,EAAE,UAAkB;IAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAEzC,wBAAwB;IACxB,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACvD,IAAI,YAAY,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,wBAAwB;IACxB,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACvD,IAAI,YAAY,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAExC,8CAA8C;IAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;IAClD,IAAI,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sEAAsE;AAEtE,SAAS,UAAU,CAAC,IAAY,EAAE,KAAa,EAAE,KAA6B;IAC5E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACtE,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,IAAY,EAAE,KAAa,EAAE,KAA6B;IAC/E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,EAAE,CAAC;YACN,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;QACtE,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sEAAsE;AAEtE,SAAS,YAAY,CAAC,GAAW;IAC/B,kDAAkD;IAClD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,QAAQ,GAAG,CAAC,QAAQ,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/E,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,QAAQ,GAAG,CAAC,QAAQ,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/E,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3B,+CAA+C;YAC/C,IAAI,CAAC,EAAE,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;gBAC7E,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9B,OAAO,GAAG,EAAE,CAAC;gBACb,CAAC,EAAE,CAAC,CAAC,mBAAmB;gBACxB,SAAS;YACX,CAAC;YACD,iCAAiC;YACjC,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC5C,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9B,OAAO,GAAG,EAAE,CAAC;gBACb,SAAS;YACX,CAAC;QACH,CAAC;QACD,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,EAAE;QAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAClD,OAAO,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAClC,CAAC;AAED,sEAAsE;AAEtE;;;;;;GAMG;AACH,SAAS,0BAA0B,CAAC,OAAe;IACjD,2DAA2D;IAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAChC,+GAA+G,CAChH,CAAC;IACF,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,YAAY,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IACvE,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,yBAAyB,CAAC,OAAe;IAChD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAC/B,mGAAmG,CACpG,CAAC;IACF,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IAClD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sEAAsE;AAEtE;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,gEAAgE;IAChE,kFAAkF;IAClF,MAAM,YAAY,GAAW;QAC3B,EAAE,OAAO,EAAE,mDAAmD,EAAE,MAAM,EAAE,8BAA8B,EAAE;QACxG,EAAE,OAAO,EAAE,sDAAsD,EAAE,MAAM,EAAE,4CAA4C,EAAE;QACzH,EAAE,OAAO,EAAE,sDAAsD,EAAE,MAAM,EAAE,4CAA4C,EAAE;QACzH,EAAE,OAAO,EAAE,uCAAuC,EAAE,MAAM,EAAE,oBAAoB,EAAE;QAClF,EAAE,OAAO,EAAE,yCAAyC,EAAE,MAAM,EAAE,sBAAsB,EAAE;QACtF,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,2BAA2B,EAAE;QACjF,EAAE,OAAO,EAAE,mCAAmC,EAAE,MAAM,EAAE,2BAA2B,EAAE;KACtF,CAAC;IACF,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAChE,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAEhC,yDAAyD;IACzD,wDAAwD;IACxD,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACvC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,iCAAiC;QACjC,MAAM,YAAY,GAAG,0BAA0B,CAAC,GAAG,CAAC,CAAC;QACrD,IAAI,YAAY,EAAE,CAAC;YACjB,sCAAsC;YACtC,MAAM,UAAU,GAAG,kBAAkB,CAAC,YAAY,CAAC,CAAC;YACpD,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO;oBACL,GAAG,UAAU;oBACb,MAAM,EAAE,GAAG,UAAU,CAAC,MAAM,wBAAwB,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM;iBAC3E,CAAC;YACJ,CAAC;QACH,CAAC;QAED,oCAAoC;QACpC,MAAM,aAAa,GAAG,yBAAyB,CAAC,GAAG,CAAC,CAAC;QACrD,IAAI,aAAa,EAAE,CAAC;YAClB,4DAA4D;YAC5D,2FAA2F;YAC3F,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,EAAE,aAAa,EAAE,UAAU,CAAC;mBACrE,aAAa,CAAC,aAAa,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;YAC3D,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO;oBACL,GAAG,UAAU;oBACb,MAAM,EAAE,GAAG,UAAU,CAAC,MAAM,gCAAgC;iBAC7D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,yDAAyD;QACzD,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAAE,SAAS;QAEjD,MAAM,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,CAAC;eAC/C,UAAU,CAAC,GAAG,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;QAC9C,IAAI,CAAC;YAAE,OAAO,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAAgB;IACjD,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3B,OAAO,UAAU,CAAC,QAAQ,EAAE,aAAa,EAAE,UAAU,CAAC;WACjD,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAYD,MAAM,UAAU,GAAe;IAC7B,sDAAsD;IACtD,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,+CAA+C,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,oCAAoC,EAAE;IACrJ,+DAA+D;IAC/D,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,uBAAuB,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,wBAAwB,EAAE;IAChH,uDAAuD;IACvD,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,8DAA8D,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,2CAA2C,EAAE;CAC5K,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAAgB,EAAE,MAA+B;IAClF,kDAAkD;IAClD,IAAI,QAAQ,KAAK,MAAM,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACpF,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7D,8CAA8C;IAC9C,MAAM,YAAY,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,YAAY;SAC7B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAW,CAAC,CAAC,CAAC,EAAE,CAAC;SAClE,MAAM,CAAC,OAAO,CAAC;SACf,IAAI,CAAC,GAAG,CAAC;SACT,WAAW,EAAE,CAAC;IAEjB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,SAAS;QACxC,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,CAAC;YAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;IACzF,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "openclaw-guardian",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.1",
|
|
4
4
|
"description": "Security gate plugin for OpenClaw \u2014 two-tier blacklist (regex + LLM intent verification) prevents dangerous tool executions",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|