vbguard 0.1.0

package/src/scanners/permissive-configs.js

@@ -0,0 +1,151 @@
+// AI tools frequently scaffold permissive database and infra configs
+// These are the configs that caused the Moltbook breach
+
+function scanPermissiveConfigs(ctx) {
+  const { content, relativePath, ext, basename } = ctx;
+  const findings = [];
+
+  // === Supabase checks ===
+
+  // Detect Supabase client initialized without RLS awareness
+  if (['.js', '.ts', '.jsx', '.tsx'].includes(ext)) {
+    // Using supabase with service_role key in client code
+    const supabaseInit = content.match(
+      /createClient\s*\(\s*[^,]+,\s*(?:process\.env\.)?(?:NEXT_PUBLIC_)?SUPABASE_(?:SERVICE_ROLE|ANON)_KEY/i
+    );
+
+    // Check for direct table access without auth checks
+    const directTableAccess = content.match(
+      /supabase\s*\.from\s*\(\s*['"`]\w+['"`]\s*\)\s*\.(?:select|insert|update|delete|upsert)\s*\(/gi
+    );
+
+    if (directTableAccess && directTableAccess.length > 3) {
+      // If lots of direct table access without any auth/RLS mentions
+      if (!/rls|row.?level|policy|policies|auth\.uid|auth\.role/i.test(content)) {
+        findings.push({
+          rule: 'config/supabase-no-rls-awareness',
+          severity: 'high',
+          file: relativePath,
+          line: null,
+          message: 'Multiple direct Supabase table operations found with no mention of RLS policies. The Moltbook breach happened because RLS was not configured — data was publicly readable and writable.',
+          fix: 'Enable RLS on all tables in Supabase dashboard and create appropriate policies. Test with anon key to verify restrictions.',
+        });
+      }
+    }
+  }
+
+  // === Firebase rules check ===
+  if (
+    basename === 'firestore.rules' ||
+    basename === 'database.rules.json' ||
+    basename === 'storage.rules' ||
+    basename === 'firebase.json'
+  ) {
+    // Check for allow read, write: if true
+    const permissiveRegex = /allow\s+(?:read|write|get|list|create|update|delete)\s*(?:,\s*(?:read|write|get|list|create|update|delete)\s*)*\s*:\s*if\s+true/gi;
+    const permissiveRule = permissiveRegex.exec(content);
+    if (permissiveRule) {
+      const lineNum = content.substring(0, permissiveRule.index).split('\n').length;
+      findings.push({
+        rule: 'config/firebase-permissive-rules',
+        severity: 'critical',
+        file: relativePath,
+        line: lineNum,
+        message: 'Firebase rules allow unrestricted access (if true). Anyone can read and write your database.',
+        fix: 'Restrict rules to authenticated users: allow read, write: if request.auth != null; Add granular per-collection rules.',
+      });
+    }
+
+    // Check for wide-open rules
+    if (/['"]\s*\.read['"]\s*:\s*true|['"]\s*\.write['"]\s*:\s*true/i.test(content)) {
+      findings.push({
+        rule: 'config/firebase-rtdb-open',
+        severity: 'critical',
+        file: relativePath,
+        line: null,
+        message: 'Firebase Realtime Database rules set to public read/write.',
+        fix: 'Set ".read" and ".write" to "auth != null" at minimum.',
+      });
+    }
+  }
+
+  // === Docker checks ===
+  if (basename === 'Dockerfile') {
+    // Running as root
+    if (!/USER\s+(?!root)/i.test(content)) {
+      findings.push({
+        rule: 'config/docker-running-as-root',
+        severity: 'medium',
+        file: relativePath,
+        line: null,
+        message: 'Dockerfile does not set a non-root USER. Container will run as root, increasing blast radius of any exploit.',
+        fix: 'Add USER directive: RUN addgroup -S app && adduser -S app -G app\\nUSER app',
+      });
+    }
+
+    // Copying .env into image
+    if (/COPY\s+.*\.env/i.test(content)) {
+      const match = content.match(/COPY\s+.*\.env/i);
+      const lineNum = content.substring(0, match.index).split('\n').length;
+      findings.push({
+        rule: 'config/docker-copies-env',
+        severity: 'critical',
+        file: relativePath,
+        line: lineNum,
+        message: '.env file copied into Docker image. Secrets will be baked into the image layer and visible to anyone with access.',
+        fix: 'Use Docker secrets, --env-file at runtime, or environment variables in docker-compose.yml instead.',
+      });
+    }
+
+    // Using latest tag
+    if (/FROM\s+\w+:latest/i.test(content)) {
+      findings.push({
+        rule: 'config/docker-latest-tag',
+        severity: 'low',
+        file: relativePath,
+        line: null,
+        message: 'Using :latest tag in Dockerfile. Builds are not reproducible and may introduce unexpected changes.',
+        fix: 'Pin to a specific version: FROM node:20-alpine instead of FROM node:latest',
+      });
+    }
+  }
+
+  // === docker-compose checks ===
+  if (basename === 'docker-compose.yml' || basename === 'docker-compose.yaml') {
+    // Exposed database ports
+    const dbPortMatch = content.match(
+      /ports:\s*\n\s*-\s*['"]?(?:0\.0\.0\.0:)?(\d+):(?:5432|3306|27017|6379|9200)/m
+    );
+    if (dbPortMatch) {
+      const lineNum = content.substring(0, dbPortMatch.index).split('\n').length;
+      findings.push({
+        rule: 'config/docker-exposed-db-port',
+        severity: 'high',
+        file: relativePath,
+        line: lineNum,
+        message: 'Database port exposed to host. AI tools always expose DB ports for convenience. In production, databases should only be accessible within the Docker network.',
+        fix: 'Remove the ports mapping for databases, or bind to localhost: "127.0.0.1:5432:5432"',
+      });
+    }
+
+    // Hardcoded passwords in compose
+    const composePassMatch = content.match(
+      /(?:POSTGRES_PASSWORD|MYSQL_ROOT_PASSWORD|MONGO_INITDB_ROOT_PASSWORD|REDIS_PASSWORD)\s*[:=]\s*['"]?([^'"\s\n]+)/i
+    );
+    if (composePassMatch) {
+      const lineNum = content.substring(0, composePassMatch.index).split('\n').length;
+      findings.push({
+        rule: 'config/docker-hardcoded-password',
+        severity: 'high',
+        file: relativePath,
+        line: lineNum,
+        message: 'Database password hardcoded in docker-compose. AI tools always set simple passwords like "password" or "postgres".',
+        fix: 'Use environment variables: POSTGRES_PASSWORD=${DB_PASSWORD} and set in .env file.',
+      });
+    }
+  }
+
+  return findings;
+}
+
+module.exports = { scanPermissiveConfigs };

package/src/scanners/secrets.js

@@ -0,0 +1,178 @@
+// Patterns specifically tuned for AI-generated code leaks
+// AI tools commonly inline credentials instead of using env vars
+
+const SECRET_PATTERNS = [
+  {
+    name: 'AWS Access Key',
+    regex: /(?:AKIA|ASIA)[0-9A-Z]{16}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable AWS_ACCESS_KEY_ID and use aws-sdk credential provider.',
+  },
+  {
+    name: 'AWS Secret Key',
+    regex: /(?:aws)?(?:_?secret)?(?:_?access)?(?:_?key)\s*[:=]\s*['"`]([A-Za-z0-9/+=]{40})['"`]/gi,
+    severity: 'critical',
+    fix: 'Move to environment variable AWS_SECRET_ACCESS_KEY. Never hardcode AWS secrets.',
+  },
+  {
+    name: 'Stripe Secret Key',
+    regex: /sk_live_[0-9a-zA-Z]{24,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable STRIPE_SECRET_KEY. This key can charge real cards.',
+  },
+  {
+    name: 'Stripe Publishable Key in Backend',
+    regex: /pk_live_[0-9a-zA-Z]{24,}/g,
+    severity: 'medium',
+    backendOnly: true,
+    fix: 'Publishable keys are safe in frontend, but check this isn\'t a backend file leaking keys.',
+  },
+  {
+    name: 'OpenAI API Key',
+    regex: /sk-[a-zA-Z0-9]{20,}T3BlbkFJ[a-zA-Z0-9]{20,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable OPENAI_API_KEY.',
+  },
+  {
+    name: 'OpenAI API Key (new format)',
+    regex: /sk-(?:proj-)?[a-zA-Z0-9_-]{40,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable OPENAI_API_KEY.',
+  },
+  {
+    name: 'Anthropic API Key',
+    regex: /sk-ant-[a-zA-Z0-9_-]{40,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable ANTHROPIC_API_KEY.',
+  },
+  {
+    name: 'Supabase Service Role Key',
+    regex: /eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\.[a-zA-Z0-9_-]+\.[a-zA-Z0-9_-]+/g,
+    severity: 'critical',
+    jwtCheck: true,
+    fix: 'Supabase service_role key bypasses RLS. Never expose in client code. Use SUPABASE_SERVICE_ROLE_KEY env var server-side only.',
+  },
+  {
+    name: 'Generic JWT Token',
+    regex: /eyJ[a-zA-Z0-9_-]{10,}\.[a-zA-Z0-9_-]{10,}\.[a-zA-Z0-9_-]{10,}/g,
+    severity: 'high',
+    fix: 'Hardcoded JWTs should be fetched at runtime, not embedded in source code.',
+  },
+  {
+    name: 'GitHub Token',
+    regex: /(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable GITHUB_TOKEN.',
+  },
+  {
+    name: 'Google API Key',
+    regex: /AIza[0-9A-Za-z_-]{35}/g,
+    severity: 'high',
+    fix: 'Move to environment variable and restrict the key in Google Cloud Console.',
+  },
+  {
+    name: 'Slack Token',
+    regex: /xox[bpors]-[0-9]{10,}-[0-9a-zA-Z]{10,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable SLACK_TOKEN.',
+  },
+  {
+    name: 'Discord Bot Token',
+    regex: /[MN][A-Za-z\d]{23,}\.[\w-]{6}\.[\w-]{27,}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable DISCORD_BOT_TOKEN.',
+  },
+  {
+    name: 'SendGrid API Key',
+    regex: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/g,
+    severity: 'critical',
+    fix: 'Move to environment variable SENDGRID_API_KEY.',
+  },
+  {
+    name: 'Twilio Auth Token',
+    regex: /(?:twilio)?(?:_?auth)?(?:_?token)\s*[:=]\s*['"`]([a-f0-9]{32})['"`]/gi,
+    severity: 'critical',
+    fix: 'Move to environment variable TWILIO_AUTH_TOKEN.',
+  },
+  {
+    name: 'Database Connection String',
+    regex: /(?:mongodb(?:\+srv)?|postgres(?:ql)?|mysql|redis|amqp|mssql):\/\/[^\s'"`,}{)]+/gi,
+    severity: 'critical',
+    fix: 'Move connection string to DATABASE_URL environment variable. Never hardcode credentials.',
+  },
+  {
+    name: 'Hardcoded Password Assignment',
+    regex: /(?:password|passwd|pwd|secret)\s*[:=]\s*['"`](?!.*\b(?:process\.env|os\.environ|getenv)\b)[^'"` \n]{4,}['"`]/gi,
+    severity: 'high',
+    fix: 'Use environment variables for passwords. AI tools commonly inline these for convenience.',
+  },
+  {
+    name: 'Private Key Block',
+    regex: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/g,
+    severity: 'critical',
+    fix: 'Never commit private keys. Store in a secrets manager or environment variable.',
+  },
+  {
+    name: 'Firebase Config with API Key',
+    regex: /(?:firebase|firebaseConfig)\s*(?:=|:)\s*\{[^}]*apiKey\s*:\s*['"`][^'"`]+['"`]/gs,
+    severity: 'medium',
+    fix: 'Firebase config with API key is safe in frontend, but ensure Firestore/RTDB rules are locked down.',
+  },
+];
+
+function scanSecrets(ctx) {
+  const { content, relativePath, ext } = ctx;
+  const findings = [];
+
+  // Skip .env files for secret scanning — those are supposed to have secrets
+  if (ctx.basename.startsWith('.env')) return findings;
+  // Skip lock files
+  if (ctx.basename === 'package-lock.json' || ctx.basename === 'yarn.lock') return findings;
+
+  const isBackend = /(?:server|api|backend|routes|controllers|middleware|lib|utils)/i.test(relativePath);
+  const lines = content.split('\n');
+
+  for (const pattern of SECRET_PATTERNS) {
+    // Reset regex
+    pattern.regex.lastIndex = 0;
+
+    let match;
+    while ((match = pattern.regex.exec(content)) !== null) {
+      // Find line number
+      const upToMatch = content.substring(0, match.index);
+      const lineNum = upToMatch.split('\n').length;
+      const line = lines[lineNum - 1] || '';
+
+      // Skip if it's in a comment
+      const trimmedLine = line.trim();
+      if (trimmedLine.startsWith('//') || trimmedLine.startsWith('#') || trimmedLine.startsWith('*')) {
+        // Still flag it — commented out secrets are still in git history
+      }
+
+      // Skip if it's referencing an env var
+      if (/process\.env|os\.environ|os\.getenv|ENV\[|getenv/i.test(line)) continue;
+
+      // Skip example/placeholder values
+      const matchStr = match[0].toLowerCase();
+      if (/example|placeholder|your[_-]?key|xxx|test|dummy|fake|sample/i.test(matchStr)) continue;
+      if (/example|placeholder|your[_-]?key|xxx|test|dummy|fake|sample/i.test(line)) continue;
+
+      findings.push({
+        rule: `secret/${pattern.name.toLowerCase().replace(/\s+/g, '-')}`,
+        severity: pattern.severity,
+        file: relativePath,
+        line: lineNum,
+        message: `Hardcoded ${pattern.name} detected. AI tools commonly inline credentials — this is a top cause of breaches in vibe-coded apps.`,
+        fix: pattern.fix,
+        snippet: line.trim().substring(0, 120),
+      });
+
+      // Only report first match per pattern per file
+      break;
+    }
+  }
+
+  return findings;
+}
+
+module.exports = { scanSecrets };