npm - openclaw-plugin-vt-sentinel - Versions diffs - 0.8.4 → 0.8.6 - Mend

openclaw-plugin-vt-sentinel 0.8.4 → 0.8.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,100 @@
+# VT Sentinel — VirusTotal Security Plugin for OpenClaw
+Automatic malware detection and AI-powered code analysis for OpenClaw agents.
+Zero-config — no API key needed. Auto-registers with VirusTotal's AI API.
+## Install
+```
+openclaw plugins install openclaw-plugin-vt-sentinel
+```
+Then restart the gateway:
+```
+openclaw gateway restart
+```
+## Verify
+```
+openclaw plugins list | grep vt-sentinel
+```
+Should show 8 tools registered.
+## Tools
+| Tool | Purpose |
+|------|---------|
+| `vt_scan_file` | Full file scan (AV engines + AI Code Insight) |
+| `vt_check_hash` | Quick hash lookup without uploading |
+| `vt_upload_consent` | Manage consent for sensitive file uploads |
+| `vt_sentinel_status` | View config, watched dirs, protection status |
+| `vt_sentinel_configure` | Change settings at runtime (presets, notify level, block mode) |
+| `vt_sentinel_reset_policy` | Reset all settings to defaults |
+| `vt_sentinel_help` | Quick-start guide and privacy info |
+| `vt_sentinel_update` | Check for updates and get upgrade instructions |
+## What it does
+- Scans downloaded and created files automatically (AV + AI Code Insight)
+- Blocks execution of malicious files and dangerous command patterns
+- Monitors directories in real-time (Downloads, /tmp, workspace)
+- Quarantines threats with rotating audit logs
+- Detects TOCTOU attacks, LOLBins, and persistence patterns
+## Update
+If VT Sentinel is already installed, use the built-in update tool:
+```
+Ask your agent: "check for VT Sentinel updates"
+```
+Or manually:
+```
+openclaw gateway stop
+openclaw plugins update openclaw-plugin-vt-sentinel
+openclaw gateway start
+```
+## Configuration
+### Optional: Add your own VirusTotal API key (higher rate limits)
+```
+openclaw plugins config openclaw-plugin-vt-sentinel apiKey YOUR_KEY
+```
+### Presets
+| Preset | Description |
+|--------|-------------|
+| `balanced` | Default — scans everything, quarantines threats |
+| `privacy_first` | Hash-only lookups, no file uploads |
+| `strict_security` | Maximum protection, blocks on suspicion |
+### Settings
+| Setting | Values | Default |
+|---------|--------|---------|
+| `notifyLevel` | all, threats_only, silent | all |
+| `blockMode` | quarantine, block_only, log_only | quarantine |
+| `sensitiveFilePolicy` | ask, ask_once, always_upload, hash_only | ask |
+| `maxFileSizeMb` | 1-32 | 32 |
+| `autoScan` | true, false | true |
+## How it works
+VT Sentinel connects to [VTAI](https://ai.virustotal.com) — VirusTotal's LLM-optimized proxy layer. On first run it auto-registers an agent identity and receives a permanent API token. All scans go through VTAI's minimized response format, optimized for LLM context windows.
+File analysis includes:
+- **AV detections** from 60+ antivirus engines
+- **AI Code Insight** (Gemini-powered semantic analysis)
+- **Crowdsourced AI results** from the VirusTotal community
+## License
+MIT

package/dist/index.js CHANGED Viewed

@@ -152,8 +152,8 @@ function generateUpdateCommands(opts) {
     const singleQuote = (s) => "'" + s.replace(/'/g, "'\\''") + "'";
     // Double-quote for shell: escape \, ", $, ` (all chars bash expands inside "")
     const doubleQuote = (s) => '"' + s.replace(/\\/g, '\\\\').replace(/"/g, '\\"').replace(/\$/g, '\\$').replace(/`/g, '\\`') + '"';
-    // For JS string inside shell double-quoted node -e: escape \, ', $, `
-    const jsInShellDq = (s) => s.replace(/\\/g, '\\\\').replace(/'/g, "\\'").replace(/\$/g, '\\$').replace(/`/g, '\\`');
+    // For JS string inside shell double-quoted node -e: escape \, ", ', $, `
+    const jsInShellDq = (s) => s.replace(/\\/g, '\\\\').replace(/"/g, '\\"').replace(/'/g, "\\'").replace(/\$/g, '\\$').replace(/`/g, '\\`');
     const lines = [];
     lines.push(`Upgrade: v${opts.currentVersion} → v${opts.latestVersion}`);
     lines.push('');

package/package.json CHANGED Viewed

@@ -1,9 +1,17 @@
 {
   "name": "openclaw-plugin-vt-sentinel",
-  "version": "0.8.4",
+  "version": "0.8.6",
   "description": "VirusTotal Sentinel for OpenClaw - Malware detection and AI-powered code analysis",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
+  "homepage": "https://ai.virustotal.com",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/VirusTotal/openclaw-plugin-vt-sentinel"
+  },
+  "bugs": {
+    "url": "https://github.com/VirusTotal/openclaw-plugin-vt-sentinel/issues"
+  },
   "scripts": {
     "build": "tsc",
     "watch": "tsc -w",
@@ -11,14 +19,19 @@
   },
   "keywords": [
     "openclaw",
+    "openclaw-plugin",
     "plugin",
     "security",
     "virustotal",
     "malware",
-    "code-insight"
+    "antivirus",
+    "code-insight",
+    "file-scanner",
+    "threat-detection"
   ],
   "license": "MIT",
   "files": [
+    "README.md",
     "dist/index.*",
     "dist/scanner.*",
     "dist/vt-api.*",