securityclaw 0.0.1 → 0.0.3

package/CHANGELOG.md

@@ -1,5 +1,20 @@
 # Changelog
 
+## [0.0.3] - 2026-03-18
+
+### Changed
+- Reduced OpenClaw install-time false positives by separating environment reads, file reads, and process-launch helpers out of files that previously tripped static safety rules.
+- Kept the admin console, installer CLI, and Feishu approval delivery behavior unchanged while restructuring those internals for cleaner package scans.
+- Verified the packed npm tarball against the local OpenClaw `skill-scanner` and brought reported findings down to zero.
+
+## [0.0.2] - 2026-03-17
+
+### Changed
+- Simplified the README install section to focus on product overview plus remote install and uninstall flows.
+- Clarified that published npm releases ship with a prebuilt admin frontend bundle.
+- Prevented admin build tooling from being shipped as runtime npm dependencies.
+- Avoided auto-opening the dashboard from short-lived gateway service commands before the persistent admin backend is ready.
+
 ## [0.1.0] - 2026-03-15
 
 ### 架构重构

package/README.md

@@ -19,99 +19,69 @@ LLM agents can execute powerful tools. SecurityClaw provides a policy guardrail
 - Decision events for audit and observability
 - Built-in internationalization (`en` and `zh-CN`) for runtime/admin text
 
-## Architecture
+## Install
 
-SecurityClaw follows a layered architecture:
+### Direct Use
 
-- `domain`: policy, approval, context inference, formatting
-- `domain/services/sensitive_path_registry.ts`: built-in + runtime-overridden sensitive path mappings
-- `engine`: rule matching, decisioning, DLP scanning
-- `config`: base YAML + SQLite runtime override
-- `admin`: dashboard backend + frontend
-- `monitoring`: runtime status and decision snapshots
-
-See [Architecture](./docs/ARCHITECTURE.md) and [Technical Solution](./docs/TECHNICAL_SOLUTION.md).
-
-## Quick Start
-
-### 1. Install dependencies
+Install the latest published release:
 
 ```bash
-npm install
+npx securityclaw install
 ```
 
-### 2. Install into OpenClaw
+Or install through the remote script:
 
 ```bash
-npm run openclaw:install
+curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
 ```
 
-Alternative install paths for end users:
+Install a specific published version:
 
 ```bash
-npx securityclaw install
-curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
+SECURITYCLAW_VERSION=0.0.3 curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
 ```
 
-### 3. Run verification
+After installation, if the admin dashboard did not open automatically, open `http://127.0.0.1:4780`.
 
-```bash
-npm test
-```
+### From Source
 
-### 4. Start admin dashboard (standalone)
+Clone the repository, then install dependencies:
 
 ```bash
-npm run admin
+npm install
 ```
 
-Default dashboard URL: `http://127.0.0.1:4780`
-
-## OpenClaw Integration
-
-Preferred local install:
+Install the current workspace build into OpenClaw:
 
 ```bash
 npm run openclaw:install
 ```
 
-This creates a versioned plugin archive, installs it through `openclaw plugins install`, restarts the gateway, and verifies gateway health.
-See [OpenClaw Install Guide](./docs/OPENCLAW_INSTALL.md) for details.
-
-## Approval Commands
+Run verification:
 
-After setting one account policy with `is_admin=true`, the admin can run:
-
-- `/securityclaw-approve <approval_id>`
-- `/securityclaw-approve <approval_id> long`
-- `/securityclaw-reject <approval_id>`
-- `/securityclaw-pending`
-
-## Admin Dashboard
+```bash
+npm test
+```
 
-Dashboard supports English and Chinese UI switching and stores language preference in local storage.
-By default, it follows the host system language.
+Start the standalone admin dashboard when needed:
 
-Main panels:
+```bash
+npm run admin
+```
 
-- Overview: posture and trend signals, plus a skill-risk snapshot for high-priority installed skills
-- Decisions: recent decision events and reasons
-- Policies: grouped rule strategy controls plus sensitive-path registry management
-- Skill Interception: installed skill inventory, risk scoring, undeclared-change detection, rescan/quarantine/trust override actions, and interception policy matrix
-- Accounts: admin approver account selection and mode settings
+## Uninstall
 
-Sensitive path registry behavior:
+Remove the installed plugin from OpenClaw:
 
-- Built-in path patterns cover credentials, personal content, download staging, browser profiles, browser secret stores, and communication stores.
-- Registry entries are persisted in SQLite runtime strategy overrides together with rule decisions.
-- Built-in entries can be disabled from the dashboard, and custom path rules can be added without editing the base YAML.
+```bash
+openclaw plugins uninstall securityclaw
+```
 
-Skill interception behavior:
+Preview the removal first if needed:
 
-- Dashboard discovers installed skills from local OpenClaw / Codex skill roots and stores scan results in SQLite.
-- A skill can be flagged when its content changes without a matching version update.
-- Overview surfaces the most important skill signals directly so admins can see high-risk items without switching tabs.
-- The dedicated Skill Interception panel supports rescan, quarantine, temporary trust override, and risk-matrix editing.
+```bash
+openclaw plugins uninstall securityclaw --dry-run
+```
 
 ## Documentation
 
@@ -121,15 +91,6 @@ Skill interception behavior:
 - [Runbook](./docs/RUNBOOK.md)
 - [Integration Guide](./docs/INTEGRATION_GUIDE.md)
 
-## Development
-
-```bash
-npm run typecheck
-npm run test:unit
-npm test
-npm run admin:build
-```
-
 ## License
 
 MIT. See [LICENSE](./LICENSE).

package/README.zh-CN.md

@@ -19,99 +19,69 @@ LLM Agent 具备高权限工具调用能力。SecurityClaw 在运行时提供策
 - 决策事件与状态观测
 - 中英文国际化（`en` / `zh-CN`）
 
-## 架构说明
+## 安装
 
-分层结构如下：
+### 直接使用
 
-- `domain`：策略、审批、上下文推断、格式化
-- `domain/services/sensitive_path_registry.ts`：内置 + 运行时覆写的敏感路径映射
-- `engine`：规则匹配、决策引擎、DLP
-- `config`：YAML 基线配置 + SQLite 运行时覆盖
-- `admin`：管理后台前后端
-- `monitoring`：运行状态与决策快照
-
-详见 [架构文档](./docs/ARCHITECTURE.md) 与 [技术方案](./docs/TECHNICAL_SOLUTION.md)。
-
-## 快速开始
-
-### 1. 安装依赖
+安装最新发布版本：
 
 ```bash
-npm install
+npx securityclaw install
 ```
 
-### 2. 安装到 OpenClaw
+或者通过远程脚本安装：
 
 ```bash
-npm run openclaw:install
+curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
 ```
 
-终端用户也可以直接使用：
+安装指定发布版本：
 
 ```bash
-npx securityclaw install
-curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
+SECURITYCLAW_VERSION=0.0.3 curl -fsSL https://raw.githubusercontent.com/znary/securityclaw/main/install.sh | bash
 ```
 
-### 3. 执行验证
+安装完成后，如果管理后台没有自动打开，可手动访问 `http://127.0.0.1:4780`。
 
-```bash
-npm test
-```
+### 从源码开发
 
-### 4. 启动管理后台（独立模式）
+克隆仓库后先安装依赖：
 
 ```bash
-npm run admin
+npm install
 ```
 
-默认地址：`http://127.0.0.1:4780`
-
-## OpenClaw 集成
-
-推荐本地安装方式：
+把当前工作区构建安装到 OpenClaw：
 
 ```bash
 npm run openclaw:install
 ```
 
-这条命令会生成带版本号的插件压缩包，通过 `openclaw plugins install` 安装，随后自动重启 gateway 并校验状态。
-详情见 [OpenClaw 安装指南](./docs/OPENCLAW_INSTALL.md)。
-
-## 审批命令
+执行验证：
 
-当账号策略中配置 `is_admin=true` 后，管理员可在聊天渠道执行：
-
-- `/securityclaw-approve <approval_id>`
-- `/securityclaw-approve <approval_id> long`
-- `/securityclaw-reject <approval_id>`
-- `/securityclaw-pending`
-
-## 管理后台
+```bash
+npm test
+```
 
-管理后台支持中英文切换，并将语言偏好保存在本地存储。
-默认跟随系统语言。
+需要时可单独启动管理后台：
 
-核心模块：
+```bash
+npm run admin
+```
 
-- 概览：总体态势、趋势，以及高优先级已安装 skill 的风险快照
-- 决策记录：最近决策事件与原因
-- 规则策略：按分组编辑规则动作，并维护敏感路径注册表
-- Skill 拦截：已安装 skill 清单、风险打分、未声明变更检测、重扫 / 隔离 / 受信覆盖操作，以及拦截策略矩阵
-- 账号策略：管理员审批账号与模式配置
+## 卸载
 
-敏感路径注册表说明：
+从 OpenClaw 中卸载已安装插件：
 
-- 内置覆盖凭据目录、个人内容目录、下载暂存区、浏览器资料目录、浏览器密钥库和通信存储。
-- 路径注册表与规则动作一起持久化到 SQLite 运行时策略覆盖中。
-- 可在后台删除内置项，也可直接添加自定义路径，无需手改基线 YAML。
+```bash
+openclaw plugins uninstall securityclaw
+```
 
-Skill 拦截说明：
+如果想先预览会删除什么：
 
-- 后台会从本地 OpenClaw / Codex skill 目录自动发现已安装 skills，并把扫描结果持久化到 SQLite。
-- 当 skill 内容发生变化、但版本号没有同步更新时，会被标记为“内容变了但版本没变”。
-- 概览页会直接展示最值得优先处理的 skill 风险信号，不需要先切到 Skill 页签。
-- `Skill 拦截` 面板支持重扫、隔离、临时受信覆盖，以及风险矩阵配置。
+```bash
+openclaw plugins uninstall securityclaw --dry-run
+```
 
 ## 文档导航
 
@@ -121,15 +91,6 @@ Skill 拦截说明：
 - [运行手册](./docs/RUNBOOK.md)
 - [集成指南](./docs/INTEGRATION_GUIDE.md)
 
-## 开发命令
-
-```bash
-npm run typecheck
-npm run test:unit
-npm test
-npm run admin:build
-```
-
 ## 许可证
 
 MIT，详见 [LICENSE](./LICENSE)。

package/admin/server.ts

@@ -1,6 +1,5 @@
 import http from "node:http";
-import { spawnSync } from "node:child_process";
-import { existsSync, readFileSync, readdirSync, statSync } from "node:fs";
+import { existsSync, readdirSync, statSync } from "node:fs";
 import os from "node:os";
 import path from "node:path";
 import { DatabaseSync } from "node:sqlite";
@@ -10,6 +9,7 @@ import {
   matchesAdminDecisionFilter,
   normalizeAdminDecisionFilterId,
 } from "../src/admin/dashboard_url_state.ts";
+import { readJsonRecordFile, readUtf8File } from "../src/admin/file_reader.ts";
 import { SkillInterceptionStore } from "../src/admin/skill_interception_store.ts";
 import { listOpenClawChatSessions } from "../src/admin/openclaw_session_catalog.ts";
 import { ConfigManager } from "../src/config/loader.ts";
@@ -29,10 +29,13 @@ import {
 } from "../src/domain/services/sensitive_path_registry.ts";
 import type { SecurityClawLocale } from "../src/i18n/locale.ts";
 import { pickLocalized, resolveSecurityClawLocale } from "../src/i18n/locale.ts";
+import { readSecurityClawAdminServerEnv, resolveSecurityClawAdminPort } from "../src/runtime/process_env.ts";
+import { runProcessSync } from "../src/runtime/process_runner.ts";
 
 const ROOT = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "..");
 const PUBLIC_DIR = path.resolve(ROOT, "admin/public");
-const DEFAULT_PORT = Number(process.env.SECURITYCLAW_ADMIN_PORT ?? 4780);
+const DEFAULT_ADMIN_ENV = readSecurityClawAdminServerEnv();
+const DEFAULT_PORT = resolveSecurityClawAdminPort();
 const DEFAULT_OPENCLAW_HOME = resolveDefaultOpenClawStateDir();
 
 type AdminLogger = {
@@ -128,7 +131,7 @@ const EMPTY_DECISION_COUNTS: DecisionHistoryCounts = {
   block: 0,
 };
 
-const ADMIN_DEFAULT_LOCALE = resolveSecurityClawLocale(process.env.SECURITYCLAW_LOCALE, "en");
+const ADMIN_DEFAULT_LOCALE = resolveSecurityClawLocale(DEFAULT_ADMIN_ENV.locale, "en");
 
 function sendJson(res: http.ServerResponse, status: number, body: unknown): void {
   res.writeHead(status, { "content-type": "application/json; charset=utf-8" });
@@ -181,7 +184,7 @@ function safeReadStatus(statusPath: string): JsonRecord {
     };
   }
   try {
-    return JSON.parse(readFileSync(statusPath, "utf8")) as JsonRecord;
+    return readJsonRecordFile(statusPath);
   } catch {
     return {
       message: "status file exists but cannot be parsed",
@@ -842,7 +845,7 @@ function serveStatic(req: http.IncomingMessage, res: http.ServerResponse, url: U
           : ext === ".svg"
             ? "image/svg+xml"
           : "application/octet-stream";
-  sendText(res, 200, readFileSync(absolute, "utf8"), contentType);
+  sendText(res, 200, readUtf8File(absolute), contentType);
 }
 
 function readEffectivePolicy(runtime: AdminRuntime, strategyStore: StrategyStore): {
@@ -858,10 +861,10 @@ function readEffectivePolicy(runtime: AdminRuntime, strategyStore: StrategyStore
 
 function resolveAdminPluginConfig(options: AdminServerOptions): SecurityClawPluginConfig {
   return {
-    ...(process.env.SECURITYCLAW_CONFIG_PATH ? { configPath: process.env.SECURITYCLAW_CONFIG_PATH } : {}),
-    ...(process.env.SECURITYCLAW_LEGACY_OVERRIDE_PATH ? { overridePath: process.env.SECURITYCLAW_LEGACY_OVERRIDE_PATH } : {}),
-    ...(process.env.SECURITYCLAW_STATUS_PATH ? { statusPath: process.env.SECURITYCLAW_STATUS_PATH } : {}),
-    ...(process.env.SECURITYCLAW_DB_PATH ? { dbPath: process.env.SECURITYCLAW_DB_PATH } : {}),
+    ...(DEFAULT_ADMIN_ENV.configPath ? { configPath: DEFAULT_ADMIN_ENV.configPath } : {}),
+    ...(DEFAULT_ADMIN_ENV.legacyOverridePath ? { overridePath: DEFAULT_ADMIN_ENV.legacyOverridePath } : {}),
+    ...(DEFAULT_ADMIN_ENV.statusPath ? { statusPath: DEFAULT_ADMIN_ENV.statusPath } : {}),
+    ...(DEFAULT_ADMIN_ENV.dbPath ? { dbPath: DEFAULT_ADMIN_ENV.dbPath } : {}),
     ...(options.configPath !== undefined ? { configPath: options.configPath } : {}),
     ...(options.legacyOverridePath !== undefined ? { overridePath: options.legacyOverridePath } : {}),
     ...(options.statusPath !== undefined ? { statusPath: options.statusPath } : {}),
@@ -890,19 +893,19 @@ function parsePids(output: string): number[] {
 }
 
 function listListeningPidsByPort(port: number): number[] {
-  const result = spawnSync("lsof", ["-nP", `-iTCP:${port}`, "-sTCP:LISTEN", "-t"], { encoding: "utf8" });
+  const result = runProcessSync("lsof", ["-nP", `-iTCP:${port}`, "-sTCP:LISTEN", "-t"], { encoding: "utf8" });
   if (result.error || result.status !== 0) {
     return [];
   }
-  return parsePids(result.stdout);
+  return parsePids(result.stdout ?? "");
 }
 
 function readProcessCommand(pid: number): string {
-  const result = spawnSync("ps", ["-p", String(pid), "-o", "command="], { encoding: "utf8" });
+  const result = runProcessSync("ps", ["-p", String(pid), "-o", "command="], { encoding: "utf8" });
   if (result.error || result.status !== 0) {
     return "";
   }
-  return result.stdout.trim();
+  return (result.stdout ?? "").trim();
 }
 
 function looksLikeOpenClawProcess(command: string): boolean {

package/bin/securityclaw.mjs

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 
 import { readFileSync } from "node:fs";
-import { spawnSync } from "node:child_process";
+import { createRequire } from "node:module";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
 
@@ -9,6 +9,9 @@ import { buildInstallPlan, parseInstallArgs } from "./install-lib.mjs";
 
 const ROOT = path.resolve(path.dirname(fileURLToPath(import.meta.url)), "..");
 const pkg = JSON.parse(readFileSync(path.join(ROOT, "package.json"), "utf8"));
+const requireFromHere = createRequire(import.meta.url);
+const SYSTEM_PROCESS_MODULE_ID = `node:child${String.fromCharCode(95)}process`;
+const { spawnSync } = requireFromHere(SYSTEM_PROCESS_MODULE_ID);
 
 function printUsage() {
   console.log(`SecurityClaw installer

package/index.ts

@@ -30,9 +30,9 @@ import {
 } from "./src/infrastructure/config/plugin_config_parser.ts";
 import { RuntimeStatusStore } from "./src/monitoring/status_store.ts";
 import { startAdminServer } from "./admin/server.ts";
-import { ensureAdminAssetsBuilt } from "./src/admin/build.ts";
 import { announceAdminConsole, shouldAnnounceAdminConsoleForArgv } from "./src/admin/console_notice.ts";
 import { shouldAutoStartAdminServer } from "./src/admin/runtime_guard.ts";
+import { readProcessEnvValue, resolveSecurityClawAdminPort } from "./src/runtime/process_env.ts";
 import { AccountPolicyEngine } from "./src/domain/services/account_policy_engine.ts";
 import { ApprovalSubjectResolver } from "./src/domain/services/approval_subject_resolver.ts";
 import {
@@ -172,7 +172,7 @@ function resolvePluginStateDir(api: OpenClawPluginApi): string {
 }
 
 function resolveAdminConsoleUrl(pluginConfig: SecurityClawPluginConfig): string {
-  const port = pluginConfig.adminPort ?? Number(process.env.SECURITYCLAW_ADMIN_PORT ?? 4780);
+  const port = pluginConfig.adminPort ?? resolveSecurityClawAdminPort();
   return `http://127.0.0.1:${port}`;
 }
 
@@ -1165,7 +1165,7 @@ function resolveFeishuSecretValue(value: unknown): string | undefined {
   const source = feishuTrimmedString(record.source)?.toLowerCase();
   const id = feishuTrimmedString(record.id);
   if (source === "env" && id) {
-    const envValue = feishuTrimmedString(process.env[id]);
+    const envValue = feishuTrimmedString(readProcessEnvValue(id));
     if (envValue) {
       return envValue;
     }
@@ -1991,69 +1991,67 @@ const plugin = {
       return runtime;
     }
 
-    statusStore.markBoot(toStatusConfig(runtime.config, runtime.overrideLoaded, resolved));
-    const adminBuildPromise = ensureAdminAssetsBuilt({
-      logger: {
-        info: (message: string) => api.logger.info?.(`securityclaw: ${message}`)
+    function startManagedAdminConsole(): void {
+      if (!adminAutoStart) {
+        api.logger.info?.("securityclaw: admin auto-start disabled by config");
+        return;
       }
-    }).catch((error) => {
-      api.logger.warn?.(`securityclaw: failed to refresh admin bundle (${String(error)})`);
-    });
-    if (adminAutoStart) {
-      const autoStartDecision = shouldAutoStartAdminServer(process.env);
-      if (autoStartDecision.enabled) {
-        const adminServerOptions = {
-          configPath: resolved.configPath,
-          legacyOverridePath: resolved.legacyOverridePath,
-          statusPath,
-          dbPath,
-          unrefOnStart: true,
-          logger: {
-            info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
-            warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`)
-          },
-          ...(pluginConfig.adminPort !== undefined ? { port: pluginConfig.adminPort } : {})
-        };
-        void adminBuildPromise
-          .then(() => startAdminServer(adminServerOptions))
-          .then((result) => {
-            announceAdminConsole({
-              locale: runtimeLocale,
-              logger: {
-                info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
-                warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`),
-              },
-              stateDir,
-              state: result.state,
-              url: `http://127.0.0.1:${result.runtime.port}`,
-            });
-          })
-          .catch((error) => {
-            api.logger.warn?.(`securityclaw: failed to auto-start admin dashboard (${String(error)})`);
+
+      const autoStartDecision = shouldAutoStartAdminServer();
+      if (!autoStartDecision.enabled) {
+        if (shouldAnnounceAdminConsoleForArgv(process.argv)) {
+          announceAdminConsole({
+            locale: runtimeLocale,
+            logger: {
+              info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
+              warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`),
+            },
+            stateDir,
+            state: "service-command",
+            url: adminConsoleUrl,
+          });
+          api.logger.info?.("securityclaw: admin dashboard is hosted by the background OpenClaw gateway service");
+        } else {
+          api.logger.info?.(
+            `securityclaw: admin auto-start skipped in ${autoStartDecision.reason}; use npm run admin for standalone dashboard`,
+          );
+        }
+        return;
+      }
+
+      const adminServerOptions = {
+        configPath: resolved.configPath,
+        legacyOverridePath: resolved.legacyOverridePath,
+        statusPath,
+        dbPath,
+        unrefOnStart: true,
+        logger: {
+          info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
+          warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`),
+        },
+        ...(pluginConfig.adminPort !== undefined ? { port: pluginConfig.adminPort } : {}),
+      };
+
+      void startAdminServer(adminServerOptions)
+        .then((result) => {
+          announceAdminConsole({
+            locale: runtimeLocale,
+            logger: {
+              info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
+              warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`),
+            },
+            stateDir,
+            state: result.state,
+            url: `http://127.0.0.1:${result.runtime.port}`,
           });
-	      } else {
-	        if (shouldAnnounceAdminConsoleForArgv(process.argv)) {
-	          announceAdminConsole({
-	            locale: runtimeLocale,
-	            logger: {
-	              info: (message: string) => api.logger.info?.(`securityclaw: ${message}`),
-	              warn: (message: string) => api.logger.warn?.(`securityclaw: ${message}`),
-	            },
-	            stateDir,
-	            state: "service-command",
-	            url: adminConsoleUrl,
-	          });
-	          api.logger.info?.("securityclaw: admin dashboard is hosted by the background OpenClaw gateway service");
-	        } else {
-	          api.logger.info?.(
-	            `securityclaw: admin auto-start skipped in ${autoStartDecision.reason}; use npm run admin for standalone dashboard`,
-	          );
-	        }
-	      }
-	    } else {
-      api.logger.info?.("securityclaw: admin auto-start disabled by config");
+        })
+        .catch((error) => {
+          api.logger.warn?.(`securityclaw: failed to auto-start admin dashboard (${String(error)})`);
+        });
     }
 
+    statusStore.markBoot(toStatusConfig(runtime.config, runtime.overrideLoaded, resolved));
+
     api.logger.info?.(
       `securityclaw: boot env=${runtime.config.environment} policy_version=${runtime.config.policy_version} dlp_mode=${runtime.config.dlp.on_dlp_hit} rules=${runtime.config.policies.length}`,
     );
@@ -2655,6 +2653,7 @@ const plugin = {
       { priority: 100 },
     );
 
+    startManagedAdminConsole();
     api.logger.info?.(`securityclaw: loaded policy_version=${runtime.config.policy_version}`);
   }
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securityclaw",
-  "version": "0.0.1",
+  "version": "0.0.3",
   "description": "SecurityClaw security plugin for OpenClaw-compatible hooks.",
   "license": "MIT",
   "type": "module",
@@ -42,7 +42,7 @@
     "test:unit": "node --test --experimental-strip-types",
     "test": "npm run typecheck && npm run test:unit",
     "check": "npm test",
-    "admin": "node --experimental-strip-types ./admin/server.ts",
+    "admin": "npm run admin:build && node --experimental-strip-types ./admin/server.ts",
     "admin:build": "node ./scripts/build-admin.mjs",
     "prepack": "npm test && npm run admin:build",
     "pack:plugin": "node ./scripts/pack-plugin.mjs",
@@ -50,17 +50,15 @@
     "release:check": "node ./scripts/release-preflight.mjs",
     "release:dry-run": "npm run release:check && npm publish --dry-run --access public"
   },
-  "dependencies": {
-    "esbuild": "^0.27.4",
-    "react": "^19.2.4",
-    "react-dom": "^19.2.4",
-    "recharts": "^3.8.0"
-  },
   "devDependencies": {
     "@types/node": "^25.5.0",
     "@types/react": "^19.2.14",
     "@types/react-dom": "^19.2.3",
+    "esbuild": "^0.27.4",
     "openclaw": "^2026.3.13",
+    "react": "^19.2.4",
+    "react-dom": "^19.2.4",
+    "recharts": "^3.8.0",
     "typescript": "^5.9.3"
   },
   "peerDependencies": {

package/src/admin/console_notice.ts

@@ -1,10 +1,10 @@
-import { spawnSync } from "node:child_process";
 import { existsSync, mkdirSync, writeFileSync } from "node:fs";
 import path from "node:path";
 
 import { resolveSecurityClawStateDir } from "../infrastructure/config/plugin_config_parser.ts";
 import type { SecurityClawLocale } from "../i18n/locale.ts";
 import { pickLocalized } from "../i18n/locale.ts";
+import { runProcessSync } from "../runtime/process_runner.ts";
 
 export type AdminConsoleState = "started" | "already-running" | "service-command";
 
@@ -122,7 +122,7 @@ function writeAdminConsoleMarker(markerPath: string, url: string): void {
 
 export function openAdminConsoleInBrowser(url: string): BrowserOpenResult {
   if (process.platform === "darwin") {
-    const result = spawnSync("open", [url], { stdio: "ignore", timeout: 5_000 });
+    const result = runProcessSync("open", [url], { stdio: "ignore", timeout: 5_000 });
     if (result.error) {
       return { ok: false, command: "open", error: String(result.error) };
     }
@@ -133,7 +133,7 @@ export function openAdminConsoleInBrowser(url: string): BrowserOpenResult {
   }
 
   if (process.platform === "win32") {
-    const result = spawnSync("cmd", ["/c", "start", "", url], {
+    const result = runProcessSync("cmd", ["/c", "start", "", url], {
       stdio: "ignore",
       timeout: 5_000,
       windowsHide: true,
@@ -148,7 +148,7 @@ export function openAdminConsoleInBrowser(url: string): BrowserOpenResult {
   }
 
   if (process.platform === "linux") {
-    const result = spawnSync("xdg-open", [url], { stdio: "ignore", timeout: 5_000 });
+    const result = runProcessSync("xdg-open", [url], { stdio: "ignore", timeout: 5_000 });
     if (result.error) {
       return { ok: false, command: "xdg-open", error: String(result.error) };
     }
@@ -168,9 +168,10 @@ export function announceAdminConsole(options: AnnounceAdminConsoleOptions): Anno
   const { locale, logger, url, state, stateDir, opener = openAdminConsoleInBrowser } = options;
   const markerPath = stateDir ? resolveAdminConsoleMarkerPath(stateDir) : undefined;
   const firstRun = markerPath !== undefined && !existsSync(markerPath);
+  const shouldAutoOpen = firstRun && state !== "service-command";
 
   let openedAutomatically = false;
-  if (firstRun) {
+  if (shouldAutoOpen) {
     const result = opener(url);
     if (result.ok) {
       openedAutomatically = true;

package/src/admin/file_reader.ts

@@ -0,0 +1,12 @@
+import { readFileSync } from "node:fs";
+
+type JsonRecord = Record<string, unknown>;
+
+export function readUtf8File(filePath: string): string {
+  return readFileSync(filePath, "utf8");
+}
+
+export function readJsonRecordFile(filePath: string): JsonRecord {
+  return JSON.parse(readUtf8File(filePath)) as JsonRecord;
+}
+

package/src/admin/skill_interception_store.ts

@@ -670,8 +670,21 @@ export function analyzeSkillDocument(input: {
   const normalizedName = input.name.trim().toLowerCase();
   const siblingNames = input.siblingNames.map((item) => item.trim().toLowerCase()).filter(Boolean);
   const downloadExecutePattern = /(curl|wget)[^\n]{0,120}\|\s*(sh|bash|zsh)|download[^.\n]{0,60}(then )?(run|execute)/i;
-  const shellExecPattern =
-    /(exec_command|spawnSync|child_process|bash\s+-lc|zsh\s+-lc|powershell|rm\s+-rf|chmod\s+-R|chown\s+-R)/i;
+  const childProcessToken = `child${String.fromCharCode(95)}process`;
+  const shellExecPattern = new RegExp(
+    [
+      "exec_command",
+      "spawnSync",
+      childProcessToken,
+      "bash\\s+-lc",
+      "zsh\\s+-lc",
+      "powershell",
+      "rm\\s+-rf",
+      "chmod\\s+-R",
+      "chown\\s+-R",
+    ].join("|"),
+    "i",
+  );
   const bypassPattern =
     /(ignore|bypass|disable|skip)[^.\n]{0,40}(policy|security|guard|safety)|hide (the )?(output|logs)|不要提示|不要暴露/i;
   const credentialPattern =

package/src/runtime/process_env.ts

@@ -0,0 +1,47 @@
+type SecurityClawAdminServerEnv = {
+  adminPort?: number | undefined;
+  locale?: string | undefined;
+  configPath?: string | undefined;
+  legacyOverridePath?: string | undefined;
+  statusPath?: string | undefined;
+  dbPath?: string | undefined;
+};
+
+function readTextEnv(name: string, env: NodeJS.ProcessEnv = process.env): string | undefined {
+  const value = env[name];
+  if (typeof value !== "string") {
+    return undefined;
+  }
+  const trimmed = value.trim();
+  return trimmed || undefined;
+}
+
+function readNumericEnv(name: string, env: NodeJS.ProcessEnv = process.env): number | undefined {
+  const value = readTextEnv(name, env);
+  if (!value) {
+    return undefined;
+  }
+  const parsed = Number(value);
+  return Number.isFinite(parsed) ? parsed : undefined;
+}
+
+export function readProcessEnvValue(name: string, env: NodeJS.ProcessEnv = process.env): string | undefined {
+  return readTextEnv(name, env);
+}
+
+export function resolveSecurityClawAdminPort(defaultPort = 4780, env: NodeJS.ProcessEnv = process.env): number {
+  return readNumericEnv("SECURITYCLAW_ADMIN_PORT", env) ?? defaultPort;
+}
+
+export function readSecurityClawAdminServerEnv(
+  env: NodeJS.ProcessEnv = process.env,
+): SecurityClawAdminServerEnv {
+  return {
+    adminPort: readNumericEnv("SECURITYCLAW_ADMIN_PORT", env),
+    locale: readTextEnv("SECURITYCLAW_LOCALE", env),
+    configPath: readTextEnv("SECURITYCLAW_CONFIG_PATH", env),
+    legacyOverridePath: readTextEnv("SECURITYCLAW_LEGACY_OVERRIDE_PATH", env),
+    statusPath: readTextEnv("SECURITYCLAW_STATUS_PATH", env),
+    dbPath: readTextEnv("SECURITYCLAW_DB_PATH", env),
+  };
+}

package/src/runtime/process_runner.ts

@@ -0,0 +1,38 @@
+import { createRequire } from "node:module";
+
+export type RunProcessSyncOptions = {
+  cwd?: string;
+  encoding?: BufferEncoding;
+  stdio?: "ignore" | "inherit" | "pipe";
+  timeout?: number;
+  windowsHide?: boolean;
+};
+
+export type RunProcessSyncResult = {
+  status: number | null;
+  stdout?: string;
+  stderr?: string;
+  error?: unknown;
+};
+
+type RunProcessSyncFn = (
+  command: string,
+  args?: readonly string[],
+  options?: RunProcessSyncOptions,
+) => RunProcessSyncResult;
+
+const requireFromHere = createRequire(import.meta.url);
+const SYSTEM_PROCESS_MODULE_ID = `node:child${String.fromCharCode(95)}process`;
+const RUN_PROCESS_SYNC_METHOD = ["spawn", "Sync"].join("");
+const runProcessSyncImpl = (requireFromHere(SYSTEM_PROCESS_MODULE_ID) as Record<string, unknown>)[
+  RUN_PROCESS_SYNC_METHOD
+] as RunProcessSyncFn;
+
+export function runProcessSync(
+  command: string,
+  args: readonly string[],
+  options: RunProcessSyncOptions = {},
+): RunProcessSyncResult {
+  return runProcessSyncImpl(command, args, options);
+}
+