openclaw-snitch 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +3 -3
  2. package/package.json +11 -3
package/README.md CHANGED
@@ -53,8 +53,8 @@ Then add to `openclaw.json`:
53
53
  Copy the hook directories into your workspace:
54
54
 
55
55
  ```bash
56
- cp -r ~/.openclaw/extensions/openclaw-snitch/hooks/snitch-bootstrap ~/.openclaw/hooks/snitch-bootstrap
57
- cp -r ~/.openclaw/extensions/openclaw-snitch/hooks/snitch-message-guard ~/.openclaw/hooks/snitch-message-guard
56
+ cp -r ~/.openclaw/workspace/skills/openclaw-snitch/hooks/snitch-bootstrap ~/.openclaw/hooks/snitch-bootstrap
57
+ cp -r ~/.openclaw/workspace/skills/openclaw-snitch/hooks/snitch-message-guard ~/.openclaw/hooks/snitch-message-guard
58
58
  ```
59
59
 
60
60
  Then add to `openclaw.json` hooks config:
@@ -98,7 +98,7 @@ The hooks read `SNITCH_BLOCKLIST` (comma-separated) if set, otherwise fall back
98
98
 
99
99
  ## Security Notes
100
100
 
101
- - **Lock down the plugin files after install**: `sudo chown -R root:root ~/.openclaw/extensions/openclaw-snitch` so the agent can't self-modify
101
+ - **Lock down the plugin files after install**: `chmod -R a-w ~/.openclaw/workspace/skills/openclaw-snitch` so the agent can't self-modify
102
102
  - **The bootstrap and message hooks are the most tamper-resistant layers** — they live in `~/.openclaw/hooks/` which loads unconditionally without a trust model
103
103
  - The plugin layer requires `plugins.allow` — if an agent edits `openclaw.json` and removes it, the hooks remain active as a fallback
104
104
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "openclaw-snitch",
3
- "version": "1.0.0",
3
+ "version": "1.0.2",
4
4
  "description": "Configurable blocklist guard for OpenClaw — hard-blocks tool calls, injects security directives, and broadcasts Telegram alerts.",
5
5
  "type": "module",
6
6
  "license": "MIT",
@@ -17,9 +17,17 @@
17
17
  "@typescript-eslint/parser": "^8",
18
18
  "eslint": "^9"
19
19
  },
20
- "keywords": ["openclaw", "security", "plugin", "blocklist", "guard"],
20
+ "keywords": [
21
+ "openclaw",
22
+ "security",
23
+ "plugin",
24
+ "blocklist",
25
+ "guard"
26
+ ],
21
27
  "openclaw": {
22
- "extensions": ["./src/index.ts"]
28
+ "extensions": [
29
+ "./src/index.ts"
30
+ ]
23
31
  },
24
32
  "files": [
25
33
  "src/",