npm - openclaw-plugin-vt-sentinel - Versions diffs - 0.12.1 → 0.12.2 - Mend

openclaw-plugin-vt-sentinel 0.12.1 → 0.12.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/CHANGELOG.md +28 -0
package/dist/compliance-snapshot.d.ts +10 -0
package/dist/compliance-snapshot.js +25 -3
package/dist/index.js +22 -0
package/dist/status-renderer.js +1 -1
package/openclaw.plugin.json +1 -1
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,34 @@
 All notable changes to `openclaw-plugin-vt-sentinel`.
+## 0.12.2 — Audit collector accuracy + legacy log sanitization
+Small follow-up to 0.12.1. The static collector could only see
+user-configured watch dirs (never the runtime auto-derived ones like
+`/tmp`, `~/Downloads`, OpenClaw state subdirs), so its auto-scan finding
+read "Watching 0 directories" on fresh installs — technically correct but
+misleading to operators.
+### Fixed
+- **Auto-scan finding text reflects the snapshot source.** The
+  `buildComplianceSnapshot` helper now accepts `source: 'runtime' | 'static'`.
+  Runtime (gateway) callers still report the live watcher list.
+  Static (CLI audit) callers now spell out that additional dirs are
+  auto-derived by the gateway and point to `vt_sentinel_status` for the
+  live list.
+- **Legacy audit-log paths mentioned in `vt_sentinel_help` updated.** The
+  help text used to say `~/.openclaw/vt-sentinel-uploads.log` and
+  `vt-sentinel-detections.log`; since 0.12.0 they live in
+  `<stateDir>/vt-sentinel-audit/{uploads,detections}.log`.
+- **Legacy log files tightened to `0o600` on plugin load.** Pre-0.12.0
+  installs left the old stateDir-root log files (`vt-sentinel-uploads.log`,
+  `vt-sentinel-detections.log`) at the process default (typically `0o664`).
+  On each gateway start the plugin now best-effort `chmod 0o600`s them and
+  logs the change. POSIX-only; no-op on Windows.
+- **`package-lock.json` regenerated to the new version** — the shipped
+  tarball never included it, but a stale lock on disk caused confusion.
 ## 0.12.1 — Security audit collector: dual-path wiring
 Fix for the collector introduced in 0.12.0. The in-gateway registration via

package/dist/compliance-snapshot.d.ts CHANGED Viewed

@@ -39,6 +39,16 @@ export interface ComplianceSnapshotInput {
     agentPublicHandle?: string;
     /** Optional: pre-collected log permission info (see `collectLogModes`). */
     logModes?: LogModesInfo;
+    /**
+     * Where the snapshot is being built from. `runtime` means the gateway is
+     * running and `watchDirs` reflects the live watcher state (including
+     * auto-derived dirs like `/tmp`, `~/Downloads`, OpenClaw state subdirs).
+     * `static` means the snapshot is being built by a fresh CLI process
+     * (e.g. `openclaw security audit --deep`) that cannot see auto-derived
+     * dirs — only the user-configured `config.watchDirs` entries.
+     * Defaults to `static`.
+     */
+    source?: 'runtime' | 'static';
 }
 export interface ComplianceSnapshot {
     credentialMode: CredentialMode;

package/dist/compliance-snapshot.js CHANGED Viewed

@@ -133,6 +133,7 @@ function isBroadWatchDir(dir) {
  */
 function buildComplianceSnapshot(input) {
     const { config, stateDir, credentialMode, watchDirs, agentPublicHandle, logModes } = input;
+    const source = input.source ?? 'static';
     const paths = computePaths(stateDir);
     const identity = {
         displayNameSet: !!config.agentDisplayName,
@@ -163,13 +164,34 @@ function buildComplianceSnapshot(input) {
             (credentialMode === 'vtai' ? 'ai.virustotal.com (scan requests)\n' : '') +
             'registry.npmjs.org + clawhub.ai — only when the user explicitly invokes vt_sentinel_update.',
     });
+    // Auto-scan finding. Detail text branches on (a) whether autoScan is on
+    // and (b) whether we're building the snapshot at runtime (live watcher
+    // list available) or statically (CLI audit process — only config.watchDirs
+    // is visible; auto-derived dirs like /tmp/Downloads/Desktop/OpenClaw state
+    // subdirs are computed by the gateway at runtime and cannot be recovered
+    // here).
+    const autoScanDetail = (() => {
+        if (!config.autoScan) {
+            return `Active protection hooks remain registered (block mode: ${config.blockMode}) but no background watcher is running.`;
+        }
+        const suffix = ` block mode: ${config.blockMode}. notify level: ${config.notifyLevel}.`;
+        if (source === 'runtime') {
+            return `Watching ${watchDirs.length} director${watchDirs.length === 1 ? 'y' : 'ies'}.${suffix}`;
+        }
+        // Static/CLI snapshot.
+        if (watchDirs.length > 0) {
+            return `User-configured watch dirs (${watchDirs.length}): ${watchDirs.join(', ')}. ` +
+                `Additional dirs auto-derived at gateway runtime (OS temp, ~/Downloads, ~/Desktop, OpenClaw state subdirs, workspace). ` +
+                `Run vt_sentinel_status inside the gateway for the live list.${suffix}`;
+        }
+        return `No user-configured watch dirs. At runtime the gateway auto-derives monitors from OS temp, ~/Downloads, ~/Desktop, and the OpenClaw state subdirs (skills, extensions, hooks, workspace). ` +
+            `Run vt_sentinel_status inside the gateway for the live list.${suffix}`;
+    })();
     baseline.push({
         checkId: 'vt-sentinel.auto-scan',
         severity: 'info',
         title: `Auto-scan: ${config.autoScan ? 'enabled' : 'disabled'}`,
-        detail: config.autoScan
-            ? `Watching ${watchDirs.length} director${watchDirs.length === 1 ? 'y' : 'ies'}. block mode: ${config.blockMode}. notify level: ${config.notifyLevel}.`
-            : `Active protection hooks remain registered (block mode: ${config.blockMode}) but no background watcher is running.`,
+        detail: autoScanDetail,
     });
     baseline.push({
         checkId: 'vt-sentinel.upload-policies',

package/dist/index.js CHANGED Viewed

@@ -359,6 +359,26 @@ function vtSentinelPlugin(api) {
     const logDir = (0, audit_log_1.getLogDir)(resolvedStateDir);
     const uploadLog = new audit_log_1.AuditLog(path.join(logDir, 'uploads.log'));
     const detectionLog = new audit_log_1.AuditLog(path.join(logDir, 'detections.log'));
+    // v0.12.2: pre-0.12.0 installs left `vt-sentinel-uploads.log` and
+    // `vt-sentinel-detections.log` at the stateDir root with the process
+    // umask (typically 0o664). Upgrading doesn't rewrite them. Best-effort
+    // tighten-to-0o600 on load so operators who upgraded in place don't
+    // keep world-readable audit history. POSIX-only — no-op on Windows.
+    if (process.platform !== 'win32') {
+        for (const legacyName of ['vt-sentinel-uploads.log', 'vt-sentinel-detections.log']) {
+            const legacyPath = path.join(resolvedStateDir, legacyName);
+            try {
+                if (fs.existsSync(legacyPath)) {
+                    const mode = fs.statSync(legacyPath).mode & 0o777;
+                    if (mode !== 0o600) {
+                        fs.chmodSync(legacyPath, 0o600);
+                        api.logger.info(`[VT-Sentinel] Tightened permissions on legacy audit log ${legacyPath} (0o${mode.toString(8)} → 0o600)`);
+                    }
+                }
+            }
+            catch { /* best-effort */ }
+        }
+    }
     /** Log a scan result to the appropriate audit log(s). */
     const auditResult = (result) => {
         if (!result.sha256)
@@ -764,6 +784,7 @@ function vtSentinelPlugin(api) {
                     watchDirs: [...watchRoots],
                     agentPublicHandle: (0, vt_api_1.loadAgentCredentials)()?.publicHandle,
                     logModes,
+                    source: 'runtime',
                 });
                 return [...snap.baseline, ...snap.risks].map(f => ({
                     checkId: f.checkId,
@@ -958,6 +979,7 @@ function vtSentinelPlugin(api) {
                 watchDirs: [...watchRoots],
                 agentPublicHandle: (0, vt_api_1.loadAgentCredentials)()?.publicHandle,
                 logModes: (0, compliance_snapshot_1.collectLogModes)(resolvedStateDir),
+                source: 'runtime',
             });
             return textResponse((0, status_renderer_1.renderStatus)({
                 version: (0, version_1.getCurrentVersion)(),

package/dist/status-renderer.js CHANGED Viewed

@@ -224,7 +224,7 @@ function renderHelp() {
     lines.push('  - Files read by the agent (read tool) are hash-checked only, never auto-uploaded.');
     lines.push('  - Session memory files are NEVER uploaded (privacy protection).');
     lines.push('  - autoScan=false disables hook scanning (active blocking remains on).');
-    lines.push('  - Audit logs: ~/.openclaw/vt-sentinel-uploads.log + vt-sentinel-detections.log');
+    lines.push('  - Audit logs: <stateDir>/vt-sentinel-audit/uploads.log + detections.log (rotating; dir 0o700, files 0o600).');
     return lines.join('\n');
 }
 // --- Config Change Result ---

package/openclaw.plugin.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "id": "openclaw-plugin-vt-sentinel",
   "name": "VT Sentinel",
   "description": "VirusTotal Sentinel for OpenClaw — malware detection, active protection, and AI-powered code analysis.",
-  "version": "0.12.1",
+  "version": "0.12.2",
   "skills": ["./skills"],
   "contracts": {
     "tools": [

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-plugin-vt-sentinel",
-  "version": "0.12.1",
+  "version": "0.12.2",
   "displayName": "VT Sentinel",
   "description": "VirusTotal Sentinel for OpenClaw - Malware detection and AI-powered code analysis",
   "main": "dist/index.js",