tweek 0.1.0__py3-none-any.whl → 0.2.1__py3-none-any.whl

{tweek-0.1.0.dist-info → tweek-0.2.1.dist-info}/entry_points.txt

@@ -2,24 +2,31 @@
 tweek = tweek.cli:main
 
 [tweek.compliance]
+gdpr = tweek.plugins.compliance:GDPRCompliancePlugin
 gov = tweek.plugins.compliance:GovCompliancePlugin
 hipaa = tweek.plugins.compliance:HIPAACompliancePlugin
 legal = tweek.plugins.compliance:LegalCompliancePlugin
 pci = tweek.plugins.compliance:PCICompliancePlugin
+soc2 = tweek.plugins.compliance:SOC2CompliancePlugin
 
 [tweek.llm_providers]
 anthropic = tweek.plugins.providers:AnthropicProvider
+azure_openai = tweek.plugins.providers:AzureOpenAIProvider
 bedrock = tweek.plugins.providers:BedrockProvider
 google = tweek.plugins.providers:GoogleProvider
 openai = tweek.plugins.providers:OpenAIProvider
 
 [tweek.screening]
+heuristic_scorer = tweek.plugins.screening:HeuristicScorerPlugin
 llm_reviewer = tweek.plugins.screening:LLMReviewerPlugin
+local_model_reviewer = tweek.plugins.screening:LocalModelReviewerPlugin
 pattern_matcher = tweek.plugins.screening:PatternMatcherPlugin
 rate_limiter = tweek.plugins.screening:RateLimiterPlugin
 session_analyzer = tweek.plugins.screening:SessionAnalyzerPlugin
 
 [tweek.tool_detectors]
 continue = tweek.plugins.detectors:ContinueDetector
+copilot = tweek.plugins.detectors:CopilotDetector
 cursor = tweek.plugins.detectors:CursorDetector
-moltbot = tweek.plugins.detectors:MoltbotDetector
+openclaw = tweek.plugins.detectors:OpenClawDetector
+windsurf = tweek.plugins.detectors:WindsurfDetector

{tweek-0.1.0.dist-info → tweek-0.2.1.dist-info}/licenses/LICENSE

@@ -188,3 +188,83 @@
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
+
+   ====================================================================
+   ADDITIONAL NOTICE — BETA SOFTWARE DISCLAIMER
+   ====================================================================
+
+   Tweek is currently beta software. The AI security landscape, including
+   the threats, attack techniques, and tools that Tweek is designed to
+   defend against, is rapidly evolving. New vulnerabilities, bypass
+   methods, and attack vectors emerge frequently, and no security tool
+   can guarantee complete protection against all threats at all times.
+
+   BY USING TWEEK, YOU ACKNOWLEDGE AND AGREE THAT:
+
+   1. BETA STATUS. Tweek is pre-release software that is still under
+      active development. It may contain bugs, errors, or defects that
+      could result in incomplete or inaccurate threat detection. Features
+      may be added, changed, or removed without prior notice.
+
+   2. NO GUARANTEE OF SECURITY. Tweek is a defense-in-depth tool
+      designed to reduce risk, not eliminate it. Tweek, LLC makes no
+      representation or warranty that the Software will detect, prevent,
+      or mitigate all security threats, prompt injection attacks,
+      credential theft attempts, data exfiltration, or other malicious
+      activity targeting AI coding assistants or any other software.
+      The inclusion of attack patterns, detection rules, or security
+      layers does not constitute a guarantee of protection.
+
+   3. USE AT YOUR OWN RISK. You assume full responsibility and risk
+      for your use of Tweek. You are solely responsible for evaluating
+      the suitability of the Software for your use case, safeguarding
+      your data, credentials, and systems, and implementing additional
+      security measures as you deem appropriate. You should not rely
+      solely on Tweek for the security of any system, data, or
+      credentials.
+
+   4. HOLD HARMLESS AND INDEMNIFICATION. To the maximum extent
+      permitted by applicable law, you agree to indemnify, defend,
+      and hold harmless Tweek, LLC, its owners, officers, employees,
+      contributors, and agents from and against any and all claims,
+      damages, losses, liabilities, costs, and expenses (including
+      reasonable attorneys' fees) arising out of or related to your
+      use of the Software, including but not limited to any failure
+      of the Software to detect or prevent a security threat, any
+      data loss, credential exposure, system compromise, or other
+      damages resulting from the use or inability to use the Software.
+
+   5. LIMITATION OF DAMAGES. In no event shall Tweek, LLC be liable
+      for any indirect, incidental, special, consequential, or punitive
+      damages, or any loss of profits, data, use, goodwill, or other
+      intangible losses, arising out of or in connection with your use
+      of the Software, even if Tweek, LLC has been advised of the
+      possibility of such damages. To the extent permitted by applicable
+      law, the total aggregate liability of Tweek, LLC for all claims
+      arising out of or related to the Software shall not exceed the
+      amount you paid to Tweek, LLC for the Software in the twelve (12)
+      months preceding the claim, or fifty U.S. dollars ($50.00),
+      whichever is greater.
+
+   6. NOT A SUBSTITUTE FOR PROFESSIONAL SECURITY. Tweek is not a
+      substitute for professional security auditing, penetration
+      testing, or comprehensive security programs. Users operating in
+      regulated environments (including but not limited to those subject
+      to HIPAA, PCI-DSS, SOC 2, or similar compliance frameworks)
+      should consult qualified security professionals and should not
+      rely on Tweek alone to satisfy compliance requirements.
+
+   7. RAPIDLY EVOLVING FIELD. The AI security landscape changes
+      rapidly. Attack techniques that did not exist at the time of any
+      given release may emerge at any time. Tweek, LLC undertakes no
+      obligation to update the Software on any particular schedule or
+      to address any specific threat, vulnerability, or attack vector.
+
+   This additional notice supplements and does not replace the
+   warranty disclaimer and limitation of liability provisions in
+   Sections 7 and 8 of the Apache License, Version 2.0, above. In
+   the event of any conflict between this notice and the Apache
+   License, the provision that provides greater protection to
+   Tweek, LLC shall control.
+
+   ====================================================================

tweek-0.2.1.dist-info/top_level.txt

@@ -0,0 +1,2 @@
+tweek
+tweek-openclaw-plugin

tweek-openclaw-plugin/node_modules/flatted/python/flatted.py

@@ -0,0 +1,149 @@
+# ISC License
+#
+# Copyright (c) 2018-2025, Andrea Giammarchi, @WebReflection
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+import json as _json
+
+class _Known:
+    def __init__(self):
+        self.key = []
+        self.value = []
+
+class _String:
+    def __init__(self, value):
+        self.value = value
+
+
+def _array_keys(value):
+    keys = []
+    i = 0
+    for _ in value:
+        keys.append(i)
+        i += 1
+    return keys
+
+def _object_keys(value):
+    keys = []
+    for key in value:
+        keys.append(key)
+    return keys
+
+def _is_array(value):
+    return isinstance(value, (list, tuple))
+
+def _is_object(value):
+    return isinstance(value, dict)
+
+def _is_string(value):
+    return isinstance(value, str)
+
+def _index(known, input, value):
+    input.append(value)
+    index = str(len(input) - 1)
+    known.key.append(value)
+    known.value.append(index)
+    return index
+
+def _loop(keys, input, known, output):
+    for key in keys:
+        value = output[key]
+        if isinstance(value, _String):
+            _ref(key, input[int(value.value)], input, known, output)
+
+    return output
+
+def _ref(key, value, input, known, output):
+    if _is_array(value) and value not in known:
+        known.append(value)
+        value = _loop(_array_keys(value), input, known, value)
+    elif _is_object(value) and value not in known:
+        known.append(value)
+        value = _loop(_object_keys(value), input, known, value)
+
+    output[key] = value
+
+def _relate(known, input, value):
+    if _is_string(value) or _is_array(value) or _is_object(value):
+        try:
+            return known.value[known.key.index(value)]
+        except:
+            return _index(known, input, value)
+
+    return value
+
+def _transform(known, input, value):
+    if _is_array(value):
+        output = []
+        for val in value:
+            output.append(_relate(known, input, val))
+        return output
+
+    if _is_object(value):
+        obj = {}
+        for key in value:
+            obj[key] = _relate(known, input, value[key])
+        return obj
+
+    return value
+
+def _wrap(value):
+    if _is_string(value):
+        return _String(value)
+
+    if _is_array(value):
+        i = 0
+        for val in value:
+            value[i] = _wrap(val)
+            i += 1
+
+    elif _is_object(value):
+        for key in value:
+            value[key] = _wrap(value[key])
+
+    return value
+
+def parse(value, *args, **kwargs):
+    json = _json.loads(value, *args, **kwargs)
+    wrapped = []
+    for value in json:
+        wrapped.append(_wrap(value))
+
+    input = []
+    for value in wrapped:
+        if isinstance(value, _String):
+            input.append(value.value)
+        else:
+            input.append(value)
+
+    value = input[0]
+
+    if _is_array(value):
+        return _loop(_array_keys(value), input, [value], value)
+
+    if _is_object(value):
+        return _loop(_object_keys(value), input, [value], value)
+
+    return value
+
+
+def stringify(value, *args, **kwargs):
+    known = _Known()
+    input = []
+    output = []
+    i = int(_index(known, input, value))
+    while i < len(input):
+        output.append(_transform(known, input, input[i]))
+        i += 1
+    return _json.dumps(output, *args, **kwargs)

tweek/integrations/moltbot.py

@@ -1,243 +0,0 @@
-"""
-Tweek Moltbot Integration - One-command protection setup.
-
-Detects Moltbot, configures proxy wrapping, and starts screening
-all tool calls through Tweek's defense pipeline.
-"""
-
-import json
-import subprocess
-from dataclasses import dataclass, field
-from pathlib import Path
-from typing import Optional
-
-
-@dataclass
-class MoltbotSetupResult:
-    """Result of Moltbot protection setup."""
-    success: bool = False
-    moltbot_detected: bool = False
-    moltbot_version: Optional[str] = None
-    gateway_port: Optional[int] = None
-    gateway_running: bool = False
-    proxy_port: Optional[int] = None
-    preset: str = "cautious"
-    config_path: Optional[str] = None
-    error: Optional[str] = None
-    warnings: list = field(default_factory=list)
-
-
-def detect_moltbot_installation() -> dict:
-    """
-    Detect Moltbot installation details.
-
-    Returns dict with:
-        installed: bool
-        version: str or None
-        config_path: Path or None
-        gateway_port: int
-        process_running: bool
-        gateway_active: bool
-    """
-    info = {
-        "installed": False,
-        "version": None,
-        "config_path": None,
-        "gateway_port": 18789,
-        "process_running": False,
-        "gateway_active": False,
-    }
-
-    # Check npm global installation
-    try:
-        proc = subprocess.run(
-            ["npm", "list", "-g", "moltbot", "--json"],
-            capture_output=True,
-            text=True,
-            timeout=10,
-        )
-        if proc.returncode == 0:
-            data = json.loads(proc.stdout)
-            deps = data.get("dependencies", {})
-            if "moltbot" in deps:
-                info["installed"] = True
-                info["version"] = deps["moltbot"].get("version")
-    except (subprocess.TimeoutExpired, json.JSONDecodeError, FileNotFoundError):
-        pass
-
-    # Check which/where
-    if not info["installed"]:
-        try:
-            import os
-            cmd = ["which", "moltbot"] if os.name != "nt" else ["where", "moltbot"]
-            proc = subprocess.run(cmd, capture_output=True, text=True, timeout=5)
-            if proc.returncode == 0 and proc.stdout.strip():
-                info["installed"] = True
-        except (subprocess.TimeoutExpired, FileNotFoundError):
-            pass
-
-    # Check for config file
-    config_locations = [
-        Path.home() / ".moltbot" / "config.json",
-        Path.home() / ".config" / "moltbot" / "config.json",
-    ]
-    for config_path in config_locations:
-        if config_path.exists():
-            info["installed"] = True
-            info["config_path"] = config_path
-            try:
-                with open(config_path) as f:
-                    config = json.load(f)
-                port = config.get("gateway", {}).get("port")
-                if port:
-                    info["gateway_port"] = port
-            except (json.JSONDecodeError, IOError):
-                pass
-            break
-
-    # Check for running process
-    try:
-        proc = subprocess.run(
-            ["pgrep", "-f", "moltbot"],
-            capture_output=True,
-            text=True,
-            timeout=5,
-        )
-        if proc.returncode == 0 and proc.stdout.strip():
-            info["process_running"] = True
-    except (subprocess.TimeoutExpired, FileNotFoundError):
-        pass
-
-    # Check if gateway port is active
-    import socket
-    try:
-        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
-            s.settimeout(1)
-            result = s.connect_ex(("127.0.0.1", info["gateway_port"]))
-            info["gateway_active"] = result == 0
-    except (socket.error, OSError):
-        pass
-
-    return info
-
-
-def setup_moltbot_protection(
-    port: Optional[int] = None,
-    preset: str = "cautious",
-) -> MoltbotSetupResult:
-    """
-    Configure Tweek to protect Moltbot gateway.
-
-    Args:
-        port: Override Moltbot gateway port (default: auto-detect)
-        preset: Security preset to apply (paranoid, cautious, trusted)
-
-    Returns:
-        MoltbotSetupResult with setup details
-    """
-    result = MoltbotSetupResult(preset=preset)
-
-    # 1. Detect Moltbot
-    moltbot = detect_moltbot_installation()
-    result.moltbot_detected = moltbot["installed"]
-    result.moltbot_version = moltbot["version"]
-
-    if not moltbot["installed"]:
-        result.error = "Moltbot not detected on this system"
-        return result
-
-    # 2. Resolve gateway port
-    if port is not None:
-        result.gateway_port = port
-    else:
-        result.gateway_port = moltbot["gateway_port"]
-
-    result.gateway_running = moltbot["gateway_active"]
-
-    # 3. Configure Tweek proxy
-    from tweek.proxy import TWEEK_DEFAULT_PORT
-    result.proxy_port = TWEEK_DEFAULT_PORT
-
-    # Check if Tweek port is already in use by something else
-    import socket
-    try:
-        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
-            s.settimeout(1)
-            if s.connect_ex(("127.0.0.1", TWEEK_DEFAULT_PORT)) == 0:
-                result.warnings.append(
-                    f"Port {TWEEK_DEFAULT_PORT} is already in use. "
-                    "Tweek proxy may need a different port."
-                )
-    except (socket.error, OSError):
-        pass
-
-    # 4. Write config to ~/.tweek/config.yaml
-    tweek_dir = Path.home() / ".tweek"
-    tweek_dir.mkdir(parents=True, exist_ok=True)
-    config_path = tweek_dir / "config.yaml"
-
-    try:
-        import yaml
-    except ImportError:
-        # Fall back to writing YAML manually if PyYAML not available
-        yaml = None
-
-    tweek_config = {}
-    if config_path.exists():
-        try:
-            if yaml:
-                with open(config_path) as f:
-                    tweek_config = yaml.safe_load(f) or {}
-            else:
-                tweek_config = {}
-        except Exception:
-            tweek_config = {}
-
-    # Set proxy configuration
-    tweek_config["proxy"] = tweek_config.get("proxy", {})
-    tweek_config["proxy"]["enabled"] = True
-    tweek_config["proxy"]["port"] = TWEEK_DEFAULT_PORT
-    tweek_config["proxy"]["moltbot"] = {
-        "enabled": True,
-        "gateway_port": result.gateway_port,
-        "wrap_gateway": True,
-    }
-
-    # Set security preset
-    tweek_config["security"] = tweek_config.get("security", {})
-    tweek_config["security"]["preset"] = preset
-
-    try:
-        if yaml:
-            with open(config_path, "w") as f:
-                yaml.dump(tweek_config, f, default_flow_style=False)
-        else:
-            # Manual YAML writing as fallback
-            lines = [
-                "proxy:",
-                f"  enabled: true",
-                f"  port: {TWEEK_DEFAULT_PORT}",
-                "  moltbot:",
-                "    enabled: true",
-                f"    gateway_port: {result.gateway_port}",
-                "    wrap_gateway: true",
-                "security:",
-                f"  preset: {preset}",
-            ]
-            config_path.write_text("\n".join(lines) + "\n")
-
-        result.config_path = str(config_path)
-    except Exception as e:
-        result.error = f"Failed to write config: {e}"
-        return result
-
-    # 5. Apply security preset
-    try:
-        from tweek.config.manager import ConfigManager
-        cfg = ConfigManager()
-        cfg.apply_preset(preset)
-    except Exception as e:
-        result.warnings.append(f"Could not apply preset: {e}")
-
-    result.success = True
-    return result