whitzard-claw 1.0.0

package/scripts/repair/credential_storage/check_2.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+# CHECK 2 (new / CRED-007): API keys in memory files
+# Usage: ./check_2.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+FOUND_FILES=()
+AGENTS_DIR="$OPENCLAW_DIR/workspace"
+
+while IFS= read -r MEM_FILE; do
+    [ -z "$MEM_FILE" ] && continue
+    [ -f "$MEM_FILE" ] || continue
+
+    if has_api_key_patterns "$MEM_FILE"; then
+        FOUND_FILES+=("$MEM_FILE")
+    fi
+done < <(find "$AGENTS_DIR" -type f \( -name "soul.md" -o -name "SOUL.md" -o -name "MEMORY.md" \) 2>/dev/null)
+
+FILE_LIST=""
+for f in "${FOUND_FILES[@]}"; do
+    FILE_LIST="${FILE_LIST}   $f\n"
+done
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Immediately remove API keys from the flagged memory files:
+$(printf "%b" "$FILE_LIST")
+
+2. Review Agent memory for other sensitive data that should not be in context.
+
+EOF
+
+exit 0

package/scripts/repair/credential_storage/check_3.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+# CHECK 3 (new / CRED-008): Scan state dir .md/.json files for API keys
+# Usage: ./check_3.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+STATEKEY_ISSUES=0
+FOUND_FILES=()
+
+if [ -d "$OPENCLAW_DIR" ]; then
+    while IFS= read -r scan_file; do
+        [ -z "$scan_file" ] && continue
+
+        case "$scan_file" in
+            *.env)
+                continue
+                ;;
+            */soul.md|*/MEMORY.md|*/SOUL.md)
+                continue
+                ;;
+        esac
+
+        if has_api_key_patterns "$scan_file"; then
+            STATEKEY_ISSUES=$((STATEKEY_ISSUES + 1))
+            FOUND_FILES+=("$scan_file")
+        fi
+    done < <(find "$OPENCLAW_DIR" \( -name "*.md" -o -name "*.json" \) -type f 2>/dev/null)
+fi
+
+FILE_LIST=""
+for f in "${FOUND_FILES[@]}"; do
+    FILE_LIST="${FILE_LIST}   $f\n"
+done
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Remove API keys from the flagged files:
+$(printf "%b" "$FILE_LIST")
+
+2. Store API keys only in the designated credentials directory:
+   chmod 700 ~/.openclaw/credentials
+   chmod 600 ~/.openclaw/credentials/*.json
+
+3. Rotate any exposed API keys from their respective provider dashboards:
+   - OpenAI:     https://platform.openai.com/api-keys
+   - Anthropic:  https://console.anthropic.com/settings/keys
+   - Google:     https://console.cloud.google.com/apis/credentials
+
+EOF
+
+exit 0

package/scripts/repair/credential_storage/logs/security-scan.log

@@ -0,0 +1,15 @@
+AUTO-FIX: Fixing permissions...
+SUCCESS: chmod 700 /home/janx/test/openclaw-djy
+AUTO-FIX: Fixing permissions...
+SUCCESS: chmod 700 /home/janx/test/openclaw-djy
+SUCCESS: chmod 600 openclaw.json
+AUTO-FIX: Fixing permissions...
+SUCCESS: chmod 700 /home/janx/test/openclaw-djy
+SUCCESS: chmod 600 openclaw.json
+SUCCESS: Fixed agent session and auth-profile permissions
+WARNING: API key pattern found in 'TOOLS.md'
+  Evidence: /home/janx/test/openclaw-djy/workspace/TOOLS.md
+WARNING: API key pattern found in 'USER.md'
+  Evidence: /home/janx/test/openclaw-djy/workspace/USER.md
+WARNING: API key pattern found in 'SKILL.md'
+  Evidence: /home/janx/test/openclaw-djy/extensions/qqbot copy/skills/qqbot-media/SKILL.md

package/scripts/repair/execution_sandbox/_common.sh

@@ -0,0 +1,302 @@
+#!/bin/bash
+# Exit codes: 0=SECURE, 1=WARNINGS, 2=COMPROMISED
+
+set -uo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+# PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
+# IOC_DIR="$PROJECT_DIR/ioc"
+PROJECT_DIR="$(cd "$SCRIPT_DIR/../../.." && pwd)"
+IOC_DIR="$PROJECT_DIR/ioc"
+SELF_DIR_NAME="$(basename "$PROJECT_DIR")"
+
+# Default OpenClaw paths
+# OPENCLAW_DIR="${OPENCLAW_HOME:-$HOME/.openclaw}"
+OPENCLAW_DIR="${OPENCLAW_HOME:-$HOME/test/openclaw-1}"
+SKILLS_DIR="$OPENCLAW_DIR/workspace/skills"
+WORKSPACE_DIR="$OPENCLAW_DIR/workspace"
+CONFIG_JSON="$OPENCLAW_DIR/openclaw.json"
+# LOG_DIR="$OPENCLAW_DIR/logs"
+LOG_DIR="logs"
+LOG_FILE="$LOG_DIR/security-scan.log"
+TIMESTAMP="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+
+export PATH="$HOME/.local/bin:/opt/homebrew/opt/node@22/bin:/opt/homebrew/bin:/usr/local/bin:$PATH"
+
+# Overall counters
+CRITICAL=0
+WARNINGS=0
+CLEAN=0
+
+# Per-category counters
+CATEGORY_NAME=""
+CATEGORY_TOTAL_CHECKS=0
+CATEGORY_CRITICAL=0
+CATEGORY_WARNINGS=0
+CATEGORY_CLEAN=0
+
+mkdir -p "$LOG_DIR"
+
+log() {
+    echo "$1" | tee -a "$LOG_FILE"
+}
+
+header() {
+    # Usage: header <new_index> <message>
+    log ""
+    log "[$1/$CATEGORY_TOTAL_CHECKS] $2"
+}
+
+result_clean() {
+    log "CLEAN: $1"
+    CLEAN=$((CLEAN + 1))
+    CATEGORY_CLEAN=$((CATEGORY_CLEAN + 1))
+}
+
+result_warn() {
+    log "WARNING: $1"
+    WARNINGS=$((WARNINGS + 1))
+    CATEGORY_WARNINGS=$((CATEGORY_WARNINGS + 1))
+}
+
+result_critical() {
+    log "CRITICAL: $1"
+    CRITICAL=$((CRITICAL + 1))
+    CATEGORY_CRITICAL=$((CATEGORY_CRITICAL + 1))
+}
+
+category_start() {
+    # Usage: category_start <name> <total_checks>
+    CATEGORY_NAME="$1"
+    CATEGORY_TOTAL_CHECKS="$2"
+    CATEGORY_CRITICAL=0
+    CATEGORY_WARNINGS=0
+    CATEGORY_CLEAN=0
+
+    log ""
+    log "----------------------------------------"
+    log "CATEGORY START: $CATEGORY_NAME ($CATEGORY_TOTAL_CHECKS checks)"
+    log "----------------------------------------"
+}
+
+category_end() {
+    log ""
+    log "CATEGORY SUMMARY: $CATEGORY_NAME"
+    log "  critical: $CATEGORY_CRITICAL"
+    log "  warning : $CATEGORY_WARNINGS"
+    log "  clean   : $CATEGORY_CLEAN"
+    log "----------------------------------------"
+}
+
+# Use timeout if available (macOS may only have gtimeout via coreutils)
+TIMEOUT_BIN=""
+if command -v timeout >/dev/null 2>&1; then
+    TIMEOUT_BIN="timeout"
+elif command -v gtimeout >/dev/null 2>&1; then
+    TIMEOUT_BIN="gtimeout"
+fi
+
+run_with_timeout() {
+    local secs="$1"
+    shift
+
+    if [ -n "$TIMEOUT_BIN" ]; then
+        "$TIMEOUT_BIN" "$secs" "$@"
+    elif command -v python3 >/dev/null 2>&1; then
+        python3 - "$secs" "$@" <<'PY'
+import subprocess
+import sys
+
+def main():
+    try:
+        secs = float(sys.argv[1])
+    except Exception:
+        secs = 0
+
+    cmd = sys.argv[2:]
+    if not cmd:
+        sys.exit(1)
+
+    try:
+        proc = subprocess.Popen(cmd)
+        try:
+            proc.wait(timeout=secs if secs > 0 else None)
+        except subprocess.TimeoutExpired:
+            proc.kill()
+            proc.wait()
+            sys.exit(124)
+        sys.exit(proc.returncode if proc.returncode is not None else 0)
+    except FileNotFoundError:
+        sys.exit(127)
+
+if __name__ == "__main__":
+    main()
+PY
+    else
+        "$@"
+    fi
+}
+
+# Load IOC data
+load_ips() {
+    if [ -f "$IOC_DIR/c2-ips.txt" ]; then
+        grep -v '^#' "$IOC_DIR/c2-ips.txt" | grep -v '^$' | cut -d'|' -f1
+    else
+        echo "91.92.242"
+    fi
+}
+
+load_domains() {
+    if [ -f "$IOC_DIR/malicious-domains.txt" ]; then
+        grep -v '^#' "$IOC_DIR/malicious-domains.txt" | grep -v '^$' | cut -d'|' -f1
+    else
+        echo "webhook.site"
+    fi
+}
+
+sha256_file() {
+    # Cross-platform SHA-256 for a file
+    local target="$1"
+    [ -f "$target" ] || return 1
+
+    if command -v sha256sum >/dev/null 2>&1; then
+        sha256sum "$target" 2>/dev/null | awk '{print tolower($1)}'
+    elif command -v shasum >/dev/null 2>&1; then
+        shasum -a 256 "$target" 2>/dev/null | awk '{print tolower($1)}'
+    elif command -v openssl >/dev/null 2>&1; then
+        openssl dgst -sha256 "$target" 2>/dev/null | sed -E 's/^.*= //' | tr '[:upper:]' '[:lower:]'
+    else
+        return 1
+    fi
+}
+
+load_hash_iocs() {
+    # Expected format: <sha256>|<campaign>
+    # Similar to c2-ips.txt storage style
+    if [ -f "$IOC_DIR/malicious-hashes.txt" ]; then
+        grep -v '^#' "$IOC_DIR/malicious-hashes.txt" | grep -v '^$' || true
+    fi
+}
+
+lookup_malicious_hash_campaign() {
+    # Usage: lookup_malicious_hash_campaign <sha256>
+    local needle
+    needle="$(printf "%s" "${1:-}" | tr '[:upper:]' '[:lower:]')"
+    [ -n "$needle" ] || return 1
+
+    load_hash_iocs | while IFS='|' read -r hash_val campaign rest; do
+        hash_val="$(printf "%s" "$hash_val" | tr '[:upper:]' '[:lower:]')"
+        if [ "$hash_val" = "$needle" ]; then
+            printf "%s\n" "${campaign:-unknown}"
+            return 0
+        fi
+    done
+}
+
+extract_github_account_age_days() {
+    # Best-effort local metadata extraction only.
+    # We cannot reliably infer GitHub account age from filesystem alone unless
+    # the skill metadata explicitly records it.
+    local skill_dir="$1"
+    local val=""
+
+    for meta in "$skill_dir/package.json" "$skill_dir/config.json" "$skill_dir/SKILL.md"; do
+        [ -f "$meta" ] || continue
+
+        # JSON-ish keys
+        val="$(grep -iEo '"(githubAccountAge|github_account_age|accountAgeDays|githubAccountAgeDays)"[[:space:]]*:[[:space:]]*[0-9]+' "$meta" 2>/dev/null | head -1 | grep -oE '[0-9]+' || true)"
+        if [ -n "$val" ]; then
+            printf "%s\n" "$val"
+            return 0
+        fi
+
+        # YAML / markdown frontmatter-ish keys
+        val="$(grep -iE '^(githubAccountAge|github_account_age|accountAgeDays|githubAccountAgeDays)[[:space:]]*:[[:space:]]*[0-9]+' "$meta" 2>/dev/null | head -1 | grep -oE '[0-9]+' || true)"
+        if [ -n "$val" ]; then
+            printf "%s\n" "$val"
+            return 0
+        fi
+    done
+
+    return 1
+}
+
+OPENCLAW_PRESENT=false
+if command -v openclaw >/dev/null 2>&1; then
+    OPENCLAW_PRESENT=true
+fi
+
+OC_VERSION="unknown"
+PARSED_OC_VERSION=""
+OC_MAJOR=""
+OC_MINOR=""
+OC_PATCH=""
+
+if [ "$OPENCLAW_PRESENT" = true ]; then
+    OC_VERSION="$(run_with_timeout 5 openclaw --version 2>/dev/null || echo "unknown")"
+    PARSED_OC_VERSION="$(echo "$OC_VERSION" | grep -oE '[0-9]{4}\.[0-9]+\.[0-9]+' | head -1 || true)"
+    if [ -n "$PARSED_OC_VERSION" ]; then
+        OC_MAJOR="$(echo "$PARSED_OC_VERSION" | cut -d'.' -f1)"
+        OC_MINOR="$(echo "$PARSED_OC_VERSION" | cut -d'.' -f2)"
+        OC_PATCH="$(echo "$PARSED_OC_VERSION" | cut -d'.' -f3)"
+    fi
+fi
+
+get_oc_config() {
+    # Usage: get_oc_config <key> <default>
+    local key="$1"
+    local default_val="${2:-}"
+    if [ "$OPENCLAW_PRESENT" = true ]; then
+        run_with_timeout 10 openclaw config get "$key" 2>/dev/null || echo "$default_val"
+    else
+        echo "$default_val"
+    fi
+}
+
+version_ge() {
+    # Usage: version_ge <major> <minor> <patch>
+    local t_major="$1"
+    local t_minor="$2"
+    local t_patch="$3"
+
+    if [ -z "$PARSED_OC_VERSION" ]; then
+        return 1
+    fi
+
+    if [ "$OC_MAJOR" -gt "$t_major" ] 2>/dev/null; then
+        return 0
+    fi
+    if [ "$OC_MAJOR" -lt "$t_major" ] 2>/dev/null; then
+        return 1
+    fi
+
+    if [ "$OC_MINOR" -gt "$t_minor" ] 2>/dev/null; then
+        return 0
+    fi
+    if [ "$OC_MINOR" -lt "$t_minor" ] 2>/dev/null; then
+        return 1
+    fi
+
+    if [ "$OC_PATCH" -ge "$t_patch" ] 2>/dev/null; then
+        return 0
+    fi
+
+    return 1
+}
+
+version_lt() {
+    # Usage: version_lt <major> <minor> <patch>
+    if [ -z "$PARSED_OC_VERSION" ]; then
+        return 1
+    fi
+    if version_ge "$1" "$2" "$3"; then
+        return 1
+    fi
+    return 0
+}
+
+get_perm() {
+    # Cross-platform numeric permissions
+    local target="$1"
+    stat -f "%Lp" "$target" 2>/dev/null || stat -c "%a" "$target" 2>/dev/null || echo "unknown"
+}

package/scripts/repair/execution_sandbox/check_1.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+# CHECK 1 (origin 18): Tool Policy / Elevated Tools Audit
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Environment vars (set by caller / _common.sh sourced before this):
+#   AUTO_FIX       — if "1", automatically remove the offending skill
+# Example: AUTO_FIX=1 ./check_1.sh
+
+# Auto-fix
+if [ "${AUTO_FIX:-0}" = "1" ]; then
+    CONFIG_JSON="$OPENCLAW_DIR/openclaw.json"
+
+    python3 <<EOF
+import json, sys
+
+config_path = "$CONFIG_JSON"
+
+with open(config_path) as f:
+    data = json.load(f)
+
+tools = data.setdefault("tools", {})
+elevated = tools.setdefault("elevated", {})
+
+# 1 限制 allowFrom
+elevated["allowFrom"] = {"owner": True}
+
+# 2 启用审批
+elevated["requireApproval"] = True
+
+# 3 添加 deny list
+tools["deny"] = [
+    "exec",
+    "process",
+    "browser",
+    "filesystem-write"
+]
+
+with open(config_path, "w") as f:
+    json.dump(data, f, indent=2)
+
+print("SUCCESS: Fixed tool policy security configuration.")
+print("Attention: You need to manually set 'tools.elevated.allowFrom' which contains the allow list for each provider (e.g., Discord, WhatsApp). Owner is just an example.")
+EOF
+    exit 0
+fi
+
+# Guidance
+cat << EOF
+RECOMMENDED ACTIONS:
+1. Restrict elevated tools to specific principals
+   openclaw config set tools.elevated.allowFrom '["your-user-id"]'
+
+2. Require approval for elevated actions
+   openclaw config set tools.elevated.requireApproval true
+
+3. Add dangerous tools to the deny list (optional but recommend)
+   openclaw config set tools.deny '["exec","process","browser","filesystem-write"]'
+
+4. Review current tool permissions
+   openclaw config get tools
+
+auto-fix
+EOF
+
+exit 0

package/scripts/repair/execution_sandbox/check_10.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+# CHECK 10 (origin 19): Sandbox Configuration
+# Usage: ./check_10.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Enable sandboxing for all skills:
+   openclaw config set sandbox.mode all
+
+2. Restart OpenClaw to apply changes:
+   openclaw restart
+
+3. Verify sandbox is active:
+   openclaw config get sandbox.mode
+   # Should return: all
+EOF
+
+exit 0
+

package/scripts/repair/execution_sandbox/check_11.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+# CHECK 11 (origin 28): Node.js Version / Known CVEs
+# Usage: ./check_11.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+NODE_VERSION="$(node --version 2>/dev/null)"
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Upgrade Node.js to 22.12.0 or later using nvm (recommended):
+   nvm install 22
+   nvm use 22
+   nvm alias default 22
+
+2. Or upgrade via package manager (Ubuntu/Debian):
+   curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
+   sudo apt-get install -y nodejs
+
+3. Verify the upgrade:
+   node --version
+   # Should show v22.12.0 or later
+
+4. Restart OpenClaw after upgrade:
+   openclaw restart
+
+Reference: https://nodejs.org/en/blog/vulnerability/
+
+EOF
+
+exit 0
+

package/scripts/repair/execution_sandbox/check_12.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+# CHECK 12 (origin 24): Log Redaction Audit
+# Usage: ./check_12.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Enable log redaction
+   openclaw config set logging.redactSensitive true
+
+2. Fix log directory permissions
+   chmod 700 ~/.openclaw/logs
+   chmod 700 /tmp/openclaw 2>/dev/null
+
+3. Verify logs don't contain sensitive data
+   grep -iE "sk-[a-zA-Z0-9]{10}|password|token.*=" ~/.openclaw/logs/*.log
+
+4. Set up log rotation (macOS - newsyslog)
+   sudo sh -c 'echo "/home/*/.openclaw/logs/*.log 640 7 1000 * J" >> /etc/newsyslog.conf'
+   
+5. Linux - logrotate
+   cat > /etc/logrotate.d/openclaw << 'LOGROTATE'
+   /home/*/.openclaw/logs/*.log {
+      weekly
+      rotate 4
+      compress
+      missingok
+      notifempty
+      create 0600 root root
+   }
+   LOGROTATE
+EOF
+
+exit 0
+

package/scripts/repair/execution_sandbox/check_13.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+# CHECK 13 (origin 22): Persistence Mechanism Scan
+# Usage: ./check_13.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Review and remove suspicious crontab entries:
+   crontab -l | grep -iE "openclaw|clawdbot|moltbot"
+   crontab -e
+
+2. Check systemd user services:
+   systemctl --user list-units --type=service | grep -iE "openclaw|clawdbot|moltbot"
+
+3. Disable unauthorized systemd services:
+   systemctl --user disable --now <service-name>
+   rm ~/.config/systemd/user/<service-name>.service
+
+4. Check system-level services (requires sudo):
+   sudo systemctl list-units --type=service | grep -iE "openclaw|clawdbot|moltbot"
+   sudo systemctl disable --now <service-name>
+
+EOF
+
+exit 0
+

package/scripts/repair/execution_sandbox/check_2.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# CHECK 2 (origin 26): Exec-Approvals Configuration
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Environment vars (set by caller / _common.sh sourced before this):
+#   AUTO_FIX       — if "1", automatically remove the offending skill
+# Example: AUTO_FIX=1 ./check_2.sh
+
+EXEC_FILE="$OPENCLAW_DIR/exec-approvals.json"
+
+if [ "${AUTO_FIX:-0}" = "1" ]; then
+    if [ -f "$EXEC_FILE" ]; then
+        if [ "$EXEC_PERMS" != "600" ] && [ "$EXEC_PERMS" != "unknown" ]; then
+            chmod 600 "$EXEC_FILE" && log "SUCCESS: chmod 600 exec-approvals.json" \
+                || log "ERROR: Failed to chmod exec-approvals.json"
+        fi
+
+        if [ -n "$UNSAFE_EXEC" ]; then
+            log "WARNING: Unsafe exec-approvals config requires manual review - cannot auto-fix safely"
+        fi
+    fi
+    exit 0
+fi
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Review and fix exec-approvals.json manually:
+   cat $EXEC_FILE
+
+2. Remove any entries with "security": "allow" or "ask": "off":
+   - These settings bypass confirmation prompts entirely
+   - Replace with "ask": "on" or remove the entry
+
+3. Fix file permissions:
+   chmod 600 $EXEC_FILE
+
+4. Restart OpenClaw to apply changes:
+   openclaw restart
+
+auto-fix
+EOF
+
+exit 0

package/scripts/repair/execution_sandbox/check_3.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+# CHECK 3 (origin 27 + EXEC-005/006/007): Docker Container Security
+# Usage: ./check_3.sh
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+source "$SCRIPT_DIR/_common.sh"
+
+# Guidance
+cat <<EOF
+RECOMMENDED ACTIONS:
+1. Run container as non-root user (add to docker-compose.yml or Dockerfile):
+   user: "1000:1000"
+
+2. Remove Docker socket mount if present:
+   # Remove this line from your compose/run config:
+   - /var/run/docker.sock:/var/run/docker.sock
+
+3. Disable privileged mode:
+   privileged: false
+
+4. Drop all Linux capabilities:
+   cap_drop:
+     - ALL
+
+5. Prevent privilege escalation:
+   security_opt:
+     - no-new-privileges:true
+
+6. Use bridge network instead of host:
+   network_mode: bridge
+
+7. Restart containers after applying changes:
+   docker compose down && docker compose up -d
+
+EOF
+
+exit 0