npm - wormclaude - Versions diffs - 1.0.89 → 1.0.90 - Mend

wormclaude 1.0.89 → 1.0.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/commands.js CHANGED Viewed

@@ -743,14 +743,16 @@ export async function runSlashCommand(input, ctx) {
         case '/skill': {
             const m = (arg || '').trim().split(/\s+/).filter(Boolean);
             const sub = (m.shift() || '').toLowerCase();
-            if (['xss', 'sqli', 'recon', 'scan'].includes(sub)) {
+            // dahili (xss/sqli/recon) VEYA sunucudaki şablon id'si — sunucu doğrular
+            if (sub && !['list', 'help', 'ls', ''].includes(sub)) {
                 await pentestCmd(sub, m.join(' '), ctx);
                 return true;
             }
-            ctx.note('Güvenlik tarama skill\'leri (seviye 3+ · ayrı kurulum gerekmez, motor sunucuda):\n' +
-                '  /skill xss <url>     reflected XSS\n' +
-                '  /skill sqli <url>    SQL injection (error/boolean/time)\n' +
-                '  /skill recon <alan>  alt-alan + başlık + ifşa\n' +
+            ctx.note('Güvenlik tarama skill\'leri (seviye 3+ · motor sunucuda gizli):\n' +
+                '  /skill xss <url>          reflected XSS\n' +
+                '  /skill sqli <url>         SQL injection (error/boolean/time)\n' +
+                '  /skill recon <alan>       alt-alan + başlık + ifşa\n' +
+                '  /skill <şablon-id> <hedef>  sunucudaki özel şablonlar (.md)\n' +
                 'Çalıştırmak için sonuna "run" ekle:\n' +
                 '  /skill xss https://site/p?id=1 run\n' +
                 '(kısa yol: /xss /sqli /recon)');

package/dist/pentest.js CHANGED Viewed

@@ -36,7 +36,7 @@ async function execReq(req, allowed) {
             method: req.method || 'GET',
             headers: req.headers,
             body: req.body,
-            redirect: 'follow',
+            redirect: req.follow === false ? 'manual' : 'follow', // open-redirect vb. için Location'ı görmek
             signal: AbortSignal.timeout(Math.max(3, req.timeout || 20) * 1000),
         });
         let body = '';

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "wormclaude",
-  "version": "1.0.89",
+  "version": "1.0.90",
   "description": "WormClaude CLI - uncensored security+code assistant (ink TUI, Claude-style)",
   "type": "module",
   "bin": {