npm - openclaw-plugin-vt-sentinel - Versions diffs - 0.9.0 → 0.9.2 - Mend

openclaw-plugin-vt-sentinel 0.9.0 → 0.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/config-manager.js CHANGED Viewed

@@ -195,48 +195,65 @@ function validateOverrides(input) {
         }
     }
     // --- Agent identity fields ---
+    // Empty string or null clears the field (sets to undefined in overrides).
     if ('agentDisplayName' in input) {
         const v = input.agentDisplayName;
-        if (typeof v === 'string' && v.length >= 1 && v.length <= 50 && DISPLAY_NAME_RE.test(v)) {
+        if (v === '' || v === null) {
+            valid.agentDisplayName = undefined;
+        }
+        else if (typeof v === 'string' && v.length >= 1 && v.length <= 50 && DISPLAY_NAME_RE.test(v)) {
             valid.agentDisplayName = v;
         }
         else {
-            errors.push('agentDisplayName must be 1-50 chars matching [a-zA-Z0-9 _-]');
+            errors.push('agentDisplayName must be 1-50 chars matching [a-zA-Z0-9 _-] (or empty to clear)');
         }
     }
     if ('agentHumanAlias' in input) {
         const v = input.agentHumanAlias;
-        if (typeof v === 'string' && v.length >= 1 && v.length <= 50 && HUMAN_ALIAS_RE.test(v)) {
+        if (v === '' || v === null) {
+            valid.agentHumanAlias = undefined;
+        }
+        else if (typeof v === 'string' && v.length >= 1 && v.length <= 50 && HUMAN_ALIAS_RE.test(v)) {
             valid.agentHumanAlias = v;
         }
         else {
-            errors.push('agentHumanAlias must be 1-50 chars matching [a-zA-Z0-9_-] (no spaces)');
+            errors.push('agentHumanAlias must be 1-50 chars matching [a-zA-Z0-9_-] (or empty to clear)');
         }
     }
     if ('agentBio' in input) {
         const v = input.agentBio;
-        if (typeof v === 'string' && v.length >= 1 && v.length <= 200) {
+        if (v === '' || v === null) {
+            valid.agentBio = undefined;
+        }
+        else if (typeof v === 'string' && v.length >= 1 && v.length <= 200) {
             valid.agentBio = v;
         }
         else {
-            errors.push('agentBio must be 1-200 chars');
+            errors.push('agentBio must be 1-200 chars (or empty to clear)');
         }
     }
     if ('agentContactEmail' in input) {
         const v = input.agentContactEmail;
-        if (typeof v === 'string' && v.length <= 100 && EMAIL_RE.test(v)) {
+        if (v === '' || v === null) {
+            valid.agentContactEmail = undefined;
+        }
+        else if (typeof v === 'string' && v.length <= 100 && EMAIL_RE.test(v)) {
             valid.agentContactEmail = v;
         }
         else {
-            errors.push('agentContactEmail must be a valid email (max 100 chars)');
+            errors.push('agentContactEmail must be a valid email (or empty to clear)');
         }
     }
     if ('agentMetadataMode' in input) {
-        if (VALID_METADATA_MODES.has(input.agentMetadataMode)) {
-            valid.agentMetadataMode = input.agentMetadataMode;
+        const v = input.agentMetadataMode;
+        if (v === '' || v === null) {
+            valid.agentMetadataMode = undefined;
+        }
+        else if (VALID_METADATA_MODES.has(v)) {
+            valid.agentMetadataMode = v;
         }
         else {
-            errors.push('agentMetadataMode must be: minimal, enhanced');
+            errors.push('agentMetadataMode must be: minimal, enhanced (or empty to clear)');
         }
     }
     return { valid, errors };

package/dist/index.js CHANGED Viewed

@@ -291,13 +291,26 @@ function vtSentinelPlugin(api) {
         catch { }
         return pluginVer.slice(0, 20);
     }
+    // VTAI API field constraints (used to sanitize static config values)
+    const VTAI_DISPLAY_NAME_RE = /^[a-zA-Z0-9 _-]+$/;
+    const VTAI_HUMAN_ALIAS_RE = /^[a-zA-Z0-9_-]+$/;
+    const VTAI_EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
     /**
      * Build registration opts from effective config.
+     * Sanitizes identity fields against VTAI API constraints to prevent
+     * registration failures from invalid static config values.
      */
     function buildRegistrationOpts() {
         const eff = configManager.getEffective();
         // Resolve display name: config > persisted auto-name > generate new
         let displayName = eff.agentDisplayName;
+        if (displayName) {
+            // Validate against VTAI constraints: 1-50 chars, [a-zA-Z0-9 _-]+
+            if (displayName.length > 50 || !VTAI_DISPLAY_NAME_RE.test(displayName)) {
+                api.logger.warn(`[VT-Sentinel] Invalid agentDisplayName in config: "${displayName.substring(0, 20)}..." — falling back to auto-generated name`);
+                displayName = undefined;
+            }
+        }
         if (!displayName) {
             let autoName = stateStore.getAutoAgentName();
             if (!autoName) {
@@ -311,12 +324,28 @@ function vtSentinelPlugin(api) {
             agentVersion: buildAgentVersion(),
             displayName,
         };
-        if (eff.agentHumanAlias)
-            regOpts.humanAlias = eff.agentHumanAlias;
-        if (eff.agentContactEmail)
-            regOpts.contactEmail = eff.agentContactEmail;
+        // Validate humanAlias: 1-50 chars, [a-zA-Z0-9_-]+
+        if (eff.agentHumanAlias) {
+            if (eff.agentHumanAlias.length <= 50 && VTAI_HUMAN_ALIAS_RE.test(eff.agentHumanAlias)) {
+                regOpts.humanAlias = eff.agentHumanAlias;
+            }
+            else {
+                api.logger.warn(`[VT-Sentinel] Invalid agentHumanAlias in config — skipping`);
+            }
+        }
+        // Validate contactEmail: max 100 chars, email format
+        if (eff.agentContactEmail) {
+            if (eff.agentContactEmail.length <= 100 && VTAI_EMAIL_RE.test(eff.agentContactEmail)) {
+                regOpts.contactEmail = eff.agentContactEmail;
+            }
+            else {
+                api.logger.warn(`[VT-Sentinel] Invalid agentContactEmail in config — skipping`);
+            }
+        }
         if (eff.agentMetadataMode === 'enhanced') {
-            regOpts.defineYourSelf = eff.agentBio || buildEnhancedBio(eff);
+            const bio = eff.agentBio || buildEnhancedBio(eff);
+            // Validate: 1-200 chars
+            regOpts.defineYourSelf = bio.length <= 200 ? bio : bio.slice(0, 200);
         }
         return regOpts;
     }
@@ -1212,6 +1241,14 @@ function vtSentinelPlugin(api) {
                 if (currentCreds) {
                     const backupPath = (0, vt_api_1.getAgentCredentialsPath)() + '.bak';
                     fs.writeFileSync(backupPath, JSON.stringify(currentCreds, null, 2), { mode: 0o600 });
+                    // Windows: POSIX mode bits ignored on NTFS — restrict via ACL
+                    if (process.platform === 'win32') {
+                        try {
+                            const { execSync } = require('child_process');
+                            execSync(`icacls "${backupPath}" /inheritance:r /grant:r "%USERNAME%:(F)"`, { stdio: 'ignore' });
+                        }
+                        catch { /* best effort */ }
+                    }
                 }
                 const newCreds = await (0, vt_api_1.registerAgent)(buildRegistrationOpts());
                 (0, vt_api_1.saveAgentCredentials)(newCreds);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-plugin-vt-sentinel",
-  "version": "0.9.0",
+  "version": "0.9.2",
   "description": "VirusTotal Sentinel for OpenClaw - Malware detection and AI-powered code analysis",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",