gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-19 08:21:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into skill/clawsec-clawhub-checker

Browse Source
This commit is contained in:
davida-ps
2026-02-16 18:56:06 +01:00
committed by GitHub
parent e6b9e90bac bfd230a178
commit 269ff94b84
48 changed files with 4575 additions and 252 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/dependabot.yml
+19
View File
@@ -0,0 +1,19 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 5
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 5
- package-ecosystem: "pip"
directory: "/.github"
schedule:
interval: "weekly"
open-pull-requests-limit: 5
.github/requirements-lint-python.txt
+2 -2
View File
@@ -1,2 +1,2 @@
ruff==0.6.9
bandit==1.7.9
ruff==0.15.1
bandit==1.9.3
.github/workflows/ci.yml
+6 -8
View File
@@ -6,6 +6,8 @@ on:
push:
branches: [main]
permissions: read-all
jobs:
lint-typescript:
name: Lint TypeScript/React
@@ -32,14 +34,10 @@ jobs:
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.12'
cache: 'pip'
cache-dependency-path: '.github/requirements-lint-python.txt'
- name: Install linters
run: python -m pip install -r .github/requirements-lint-python.txt
- name: Ruff (lint + format check)
run: ruff check utils/ --output-format=github
run: pipx run --spec "ruff==0.6.9" ruff check utils/ --output-format=github
- name: Bandit (security)
run: bandit -r utils/ -ll
run: pipx run --spec "bandit==1.7.9" bandit -r utils/ -ll
lint-shell:
name: Lint Shell Scripts
@@ -58,7 +56,7 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Trivy FS Scan
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
scan-type: 'fs'
scan-ref: '.'
@@ -66,7 +64,7 @@ jobs:
exit-code: '1'
ignore-unfixed: true
- name: Trivy Config Scan
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
scan-type: 'config'
scan-ref: '.'
.github/workflows/codeql.yml
+41
View File
@@ -0,0 +1,41 @@
name: CodeQL
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: "17 3 * * 1"
permissions: read-all
jobs:
analyze:
name: Analyze (CodeQL)
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: ["javascript-typescript"]
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Initialize CodeQL
uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4
with:
languages: ${{ matrix.language }}
- name: Install dependencies
run: npm ci
- name: Build project
run: npm run build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4
.github/workflows/community-advisory.yml
+5 -4
View File
@@ -4,10 +4,7 @@ on:
issues:
types: [labeled]
permissions:
contents: write
issues: write
pull-requests: write
permissions: read-all
concurrency:
group: community-advisory
@@ -23,6 +20,10 @@ jobs:
process-advisory:
if: github.event.label.name == 'advisory-approved'
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
pull-requests: write
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
.github/workflows/deploy-pages.yml
+15
View File
@@ -25,6 +25,9 @@ jobs:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Verify signing key consistency (repo + docs)
run: ./scripts/ci/verify_signing_key_consistency.sh
- name: Auto-discover skills from releases
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -274,6 +277,18 @@ jobs:
input_file: public/checksums.json
signature_file: public/checksums.sig
- name: Verify generated public signing key matches canonical key
run: |
set -euo pipefail
CANONICAL_FPR=$(openssl pkey -pubin -in clawsec-signing-public.pem -outform DER | sha256sum | awk '{print $1}')
GENERATED_FPR=$(openssl pkey -pubin -in public/signing-public.pem -outform DER | sha256sum | awk '{print $1}')
echo "Canonical key fingerprint: $CANONICAL_FPR"
echo "Generated key fingerprint: $GENERATED_FPR"
if [ "$CANONICAL_FPR" != "$GENERATED_FPR" ]; then
echo "::error::public/signing-public.pem fingerprint mismatch vs clawsec-signing-public.pem"
exit 1
fi
- name: Copy public key to advisory directory
run: |
# Clients expect the public key at advisories/feed-signing-public.pem
.github/workflows/poll-nvd-cves.yml
+4 -3
View File
@@ -12,9 +12,7 @@ on:
default: 'false'
type: boolean
permissions:
contents: write
pull-requests: write
permissions: read-all
concurrency:
group: poll-nvd-cves
@@ -31,6 +29,9 @@ env:
jobs:
poll-and-update:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
.github/workflows/scorecard.yml
+78
View File
@@ -0,0 +1,78 @@
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.
name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '19 23 * * 0'
push:
branches: [ "main" ]
# Declare default permissions as read only.
permissions: read-all
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
# `publish_results: true` only works when run from the default branch. conditional can be removed if disabled.
if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request'
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
# Uncomment the permissions below if installing in a private repository.
# contents: read
# actions: read
steps:
- name: "Checkout code"
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
with:
results_file: results.sarif
results_format: sarif
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecard on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action?tab=readme-ov-file#authentication-with-fine-grained-pat-optional.
# repo_token: ${{ secrets.SCORECARD_TOKEN }}
# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories:
# - `publish_results` will always be set to `false`, regardless
# of the value entered here.
publish_results: true
# (Optional) Uncomment file_mode if you have a .gitattributes with files marked export-ignore
# file_mode: git
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
with:
sarif_file: results.sarif
.github/workflows/skill-release.yml
+27 -6
View File
@@ -15,10 +15,7 @@ on:
required: true
type: string
permissions:
contents: write
pages: write
id-token: write
permissions: read-all
concurrency:
group: skill-release-${{ github.ref }}
@@ -36,6 +33,9 @@ jobs:
with:
fetch-depth: 0
- name: Verify signing key consistency (repo + docs)
run: ./scripts/ci/verify_signing_key_consistency.sh
- name: Validate version parity for bumped skills
env:
BASE_SHA: ${{ github.event.pull_request.base.sha }}
@@ -502,6 +502,8 @@ jobs:
release-tag:
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
permissions:
contents: write
outputs:
skill_name: ${{ steps.parse.outputs.skill_name }}
version: ${{ steps.parse.outputs.version }}
@@ -526,6 +528,9 @@ jobs:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Verify signing key consistency (repo + docs)
run: ./scripts/ci/verify_signing_key_consistency.sh
- name: Validate skill exists
run: |
SKILL_PATH="${{ steps.parse.outputs.skill_path }}"
@@ -782,6 +787,18 @@ jobs:
signature_file: release-assets/checksums.sig
public_key_output: release-assets/signing-public.pem
- name: Verify generated release signing key matches canonical key
run: |
set -euo pipefail
CANONICAL_FPR=$(openssl pkey -pubin -in clawsec-signing-public.pem -outform DER | sha256sum | awk '{print $1}')
GENERATED_FPR=$(openssl pkey -pubin -in release-assets/signing-public.pem -outform DER | sha256sum | awk '{print $1}')
echo "Canonical key fingerprint: $CANONICAL_FPR"
echo "Generated key fingerprint: $GENERATED_FPR"
if [ "$CANONICAL_FPR" != "$GENERATED_FPR" ]; then
echo "::error::release-assets/signing-public.pem fingerprint mismatch vs clawsec-signing-public.pem"
exit 1
fi
- name: Show signed release assets
run: |
echo "Signed and verified release-assets/checksums.json"
@@ -929,6 +946,8 @@ jobs:
needs: release-tag
runs-on: ubuntu-latest
continue-on-error: true
permissions:
contents: read
env:
CLAWHUB_TOKEN: ${{ secrets.CLAWHUB_TOKEN }}
steps:
@@ -950,7 +969,7 @@ jobs:
- name: Install clawhub CLI
if: needs.release-tag.outputs.publishable == 'true' && env.CLAWHUB_TOKEN != ''
run: npm install -g clawhub
run: npm install -g clawhub@0.7.0
- name: Login to ClawHub
if: needs.release-tag.outputs.publishable == 'true' && env.CLAWHUB_TOKEN != ''
@@ -1004,6 +1023,8 @@ jobs:
# Usage: Go to Actions → Skill Release → Run workflow → Enter tag name
if: github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
permissions:
contents: read
env:
CLAWHUB_TOKEN: ${{ secrets.CLAWHUB_TOKEN }}
steps:
@@ -1059,7 +1080,7 @@ jobs:
node-version: 20
- name: Install clawhub CLI
run: npm install -g clawhub
run: npm install -g clawhub@0.7.0
- name: Login to ClawHub
run: |
AGENTS.md
+12
View File
@@ -0,0 +1,12 @@
- Delete unused or obsolete files when your changes make them irrelevant (refactors, feature removals, etc.), and revert files only when the change is yours or explicitly requested. If a git operation leaves you unsure about other agents' in-flight work, stop and coordinate instead of deleting.
- **Before attempting to delete a file to resolve a local type/lint failure, stop and ask the user.** Other agents are often editing adjacent files; deleting their work to silence an error is never acceptable without explicit approval.
- NEVER edit `.env` or any environment variable files—only the user may change them.
- Coordinate with other agents before removing their in-progress edits—don't revert or delete work you didn't author unless everyone agrees.
- Moving/renaming and restoring files is allowed.
- ABSOLUTELY NEVER run destructive git operations (e.g., `git reset --hard`, `rm`, `git checkout`/`git restore` to an older commit) unless the user gives an explicit, written instruction in this conversation. Treat these commands as catastrophic; if you are even slightly unsure, stop and ask before touching them. *(When working within Cursor or Codex Web, these git limitations do not apply; use the tooling's capabilities as needed.)*
- Never use `git restore` (or similar commands) to revert files you didn't author—coordinate with other agents instead so their in-progress work stays intact.
- Always double-check git status before any commit
- Keep commits atomic: commit only the files you touched and list each path explicitly. For tracked files run `git commit -m "<scoped message>" -- path/to/file1 path/to/file2`. For brand-new files, use the one-liner `git restore --staged :/ && git add "path/to/file1" "path/to/file2" && git commit -m "<scoped message>" -- path/to/file1 path/to/file2`.
- Quote any git paths containing brackets or parentheses (e.g., `src/app/[candidate]/**`) when staging or committing so the shell does not treat them as globs or subshells.
- When running `git rebase`, avoid opening editors—export `GIT_EDITOR=:` and `GIT_SEQUENCE_EDITOR=:` (or pass `--no-edit`) so the default messages are used automatically.
- Never amend commits unless you have explicit written approval in the task thread.
CLAUDE.md
+116
View File
@@ -0,0 +1,116 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Development Setup
```bash
npm install # install JS dependencies
npm run dev # start Vite dev server on http://localhost:3000
npm run build # production build to dist/
```
Python environment (use `uv`, not raw `pip`):
```bash
uv venv # create .venv in repo root
source .venv/bin/activate
uv pip install ruff bandit # linters configured in pyproject.toml
```
Required tools: Node 20+, Python 3.10+, openssl, jq, shellcheck (`brew install shellcheck`).
## Common Commands
**Pre-push validation** (mirrors CI — run before pushing):
```bash
./scripts/prepare-to-push.sh # lint, typecheck, build, security scans
./scripts/prepare-to-push.sh --fix # auto-fix where possible
```
**Lint:**
```bash
npx eslint . --ext .ts,.tsx,.js,.jsx,.mjs --max-warnings 0 # JS/TS
ruff check utils/ # Python
bandit -r utils/ -ll # Python security
```
**Tests** (vanilla Node.js — no framework, no npm test script):
```bash
node skills/clawsec-suite/test/feed_verification.test.mjs
node skills/clawsec-suite/test/guarded_install.test.mjs
node skills/clawsec-suite/test/skill_catalog_discovery.test.mjs
```
**Validate a skill's structure:**
```bash
python utils/validate_skill.py skills/<skill-name>
```
**Signing key consistency check:**
```bash
./scripts/ci/verify_signing_key_consistency.sh
```
**Populate local dev data:**
```bash
./scripts/populate-local-skills.sh # build public/skills/index.json from local skills/
./scripts/populate-local-feed.sh --days 120 # fetch real NVD CVE data for local advisory feed
```
## Releasing a Skill
```bash
./scripts/release-skill.sh <skill-name> <version> [--force-tag]
# Example: ./scripts/release-skill.sh clawsec-feed 0.0.5
```
- **Feature branch:** bumps version in skill.json + SKILL.md frontmatter, commits. No tag.
- **Main branch:** same + creates annotated git tag + GitHub release with changelog.
- Tag format: `<skill-name>-v<semver>` (e.g., `clawsec-suite-v0.1.0`).
- Pushing the tag triggers the `skill-release.yml` workflow (sign, package, publish).
## Architecture
**Frontend:** React 19 + TypeScript + Vite, deployed to GitHub Pages. Hash-based routing. Tailwind via CDN.
**Skills:** Each skill lives in `skills/<name>/` with:
- `skill.json` — metadata, SBOM (file manifest), OpenClaw config (emoji, triggers, required bins)
- `SKILL.md` — YAML frontmatter (`name`, `version`, `description`) + agent-readable markdown
- Version in `skill.json` and `SKILL.md` frontmatter must match (CI enforced)
**clawsec-suite** is the meta-skill ("skill-of-skills") that installs and manages other skills. It embeds:
- Advisory feed with Ed25519 signature verification (`hooks/clawsec-advisory-guardian/`)
- Guarded skill installer with two-stage approval for advisory-flagged skills
- Dynamic catalog discovery from `https://clawsec.prompt.security/skills/index.json` with local fallback
**Signing:** Single Ed25519 keypair for everything (feed + releases).
- Private key lives only in GitHub secret `CLAWSEC_SIGNING_PRIVATE_KEY` — never committed.
- Public key committed in three canonical locations: `clawsec-signing-public.pem`, `advisories/feed-signing-public.pem`, `skills/clawsec-suite/advisories/feed-signing-public.pem`.
- `SKILL.md` embeds the same key inline for offline installation verification.
- Drift guard: `scripts/ci/verify_signing_key_consistency.sh` enforces all references resolve to the same fingerprint. Runs on every PR and tag push.
## CI Workflows
| Workflow | Trigger | What it does |
|---|---|---|
| `ci.yml` | PR / push to main | Lint (TS, Python, shell), Trivy security scan, npm audit, tests, build |
| `skill-release.yml` | Tag `*-v*.*.*` or PR touching skill files | Sign checksums, publish to GitHub Releases, supersede old versions |
| `deploy-pages.yml` | After CI or release succeeds | Build web frontend + skills catalog, deploy to GitHub Pages |
| `poll-nvd-cves.yml` | Daily 06:00 UTC | Poll NVD for CVEs, update `advisories/feed.json` + signature |
| `community-advisory.yml` | Issue labeled `advisory-approved` | Process community report into `CLAW-YYYY-NNNN` advisory |
## Key Conventions
- **ESLint:** flat config (`eslint.config.js`), zero warnings policy
- **Python:** ruff + bandit, configured in `pyproject.toml`, line-length 120
- **Shell:** shellcheck on `scripts/*.sh`
- **Tests:** each `.test.mjs` is a standalone Node.js script with its own pass/fail counters and `process.exit(1)` on failure. Tests generate ephemeral Ed25519 keys — they don't use the repo signing keys.
- **Advisory feed:** fail-closed signature verification by default. `CLAWSEC_ALLOW_UNSIGNED_FEED=1` is a temporary migration bypass only.
- **Hook event model:** hooks mutate `event.messages` array in-place (not return values). Rate-limited to 300s by default (`CLAWSEC_HOOK_INTERVAL_SECONDS`).
README.md
+28 -5
View File
@@ -78,7 +78,7 @@ The **clawsec-suite** is a skill-of-skills manager that installs, verifies, and
| Skill | Description | Installation | Compatibility |
|-------|-------------|--------------|---------------|
| 📡 **clawsec-feed** | Security advisory feed monitoring with live CVE updates | ✅ Included by default | All agents |
| 🔭 **openclaw-audit-watchdog** | Automated daily audits with email reporting | ✅ Included by default | OpenClaw/MoltBot/ClawdBot |
| 🔭 **openclaw-audit-watchdog** | Automated daily audits with email reporting | ⚙️ Optional (install separately) | OpenClaw/MoltBot/ClawdBot |
| 👻 **soul-guardian** | Drift detection and file integrity guard with auto-restore | ⚙️ Optional | All agents |
| 🤝 **clawtributor** | Community incident reporting | ❌ Optional (Explicit request) | All agents |
@@ -169,10 +169,33 @@ ClawSec uses automated pipelines for continuous security updates and skill distr
When a skill is tagged (e.g., `soul-guardian-v1.0.0`), the pipeline:
1. **Validates** - Checks `skill.json` version matches tag
2. **Generates Checksums** - Creates `checksums.json` with SHA256 hashes for all SBOM files
3. **Releases** - Publishes to GitHub Releases with all artifacts
4. **Supersedes Old Releases** - Marks older versions (same major) as pre-releases
5. **Triggers Pages Update** - Refreshes the skills catalog on the website
2. **Enforces key consistency** - Verifies pinned release key references are consistent across repo PEMs and `skills/clawsec-suite/SKILL.md`
3. **Generates Checksums** - Creates `checksums.json` with SHA256 hashes for all SBOM files
4. **Signs + verifies** - Signs `checksums.json` and validates the generated `signing-public.pem` fingerprint against canonical repo key material
5. **Releases** - Publishes to GitHub Releases with all artifacts
6. **Supersedes Old Releases** - Marks older versions (same major) as pre-releases
7. **Triggers Pages Update** - Refreshes the skills catalog on the website
### Signing Key Consistency Guardrails
To prevent supply-chain drift, CI now fails fast when signing key references diverge.
Guardrail script:
- `scripts/ci/verify_signing_key_consistency.sh`
What it checks:
- `skills/clawsec-suite/SKILL.md` inline public key fingerprint matches `RELEASE_PUBKEY_SHA256`
- Canonical PEM files all match the same fingerprint:
- `clawsec-signing-public.pem`
- `advisories/feed-signing-public.pem`
- `skills/clawsec-suite/advisories/feed-signing-public.pem`
- Generated public key in workflows matches canonical key:
- `release-assets/signing-public.pem` (release workflow)
- `public/signing-public.pem` (pages workflow)
Where enforced:
- `.github/workflows/skill-release.yml`
- `.github/workflows/deploy-pages.yml`
### Release Versioning & Superseding
SECURITY-SIGNING.md
+3 -3
View File
@@ -24,7 +24,7 @@ As of branch `integration/signing-work`, advisory distribution is **unsigned**:
- Feed consumers:
- `skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts`
- `skills/clawsec-suite/scripts/guarded_skill_install.mjs`
- both default to `https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json`
- both default to `https://clawsec.prompt.security/advisories/feed.json`
This document defines the **target operating model** for signed artifacts while preserving compatibility during migration.
@@ -37,7 +37,7 @@ This document defines the **target operating model** for signed artifacts while
### Release artifact channel (recommended)
- `<release>/checksums.json`
- `<release>/checksums.json.sig`
- `<release>/checksums.sig`
- `advisories/release-signing-public.pem` (or equivalent repo-pinned location)
## 4) Key roles and custody
@@ -138,7 +138,7 @@ Current release generator:
Target update:
- sign `checksums.json` before `softprops/action-gh-release`
- attach `checksums.json.sig` to each release
- attach `checksums.sig` to each release
## 8) Rotation policy and runbook
eslint.config.js
+4
View File
@@ -1,3 +1,7 @@
// NOTE: @eslint/js is pinned to ~9.x because v10 introduces a peerOptional
// dependency on eslint@^10, and the typescript-eslint / react plugin ecosystem
// hasn't published eslint-10-compatible releases yet. Upgrade @eslint/js to ^10
// once @typescript-eslint and eslint-plugin-react declare eslint@^10 support.
import js from '@eslint/js';
import typescript from '@typescript-eslint/eslint-plugin';
import typescriptParser from '@typescript-eslint/parser';
package-lock.json
Generated
+211 -131
View File
@@ -9,7 +9,7 @@
"version": "0.0.0",
"license": "MIT",
"dependencies": {
"lucide-react": "^0.563.0",
"lucide-react": "^0.564.0",
"react": "^19.2.4",
"react-dom": "^19.2.4",
"react-markdown": "^10.1.0",
@@ -17,10 +17,10 @@
"remark-gfm": "^4.0.1"
},
"devDependencies": {
"@eslint/js": "^9.39.2",
"@eslint/js": "~9.28.0",
"@types/node": "^22.14.0",
"@typescript-eslint/eslint-plugin": "^8.54.0",
"@typescript-eslint/parser": "^8.54.0",
"@typescript-eslint/eslint-plugin": "^8.55.0",
"@typescript-eslint/parser": "^8.55.0",
"@vitejs/plugin-react": "^5.0.0",
"eslint": "^9.39.2",
"eslint-plugin-react": "^7.37.5",
@@ -550,6 +550,7 @@
},
"node_modules/@eslint/config-array": {
"version": "0.21.1",
"resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.21.1.tgz",
"integrity": "sha512-aw1gNayWpdI/jSYVgzN5pL0cfzU02GT3NBpeT/DXbx1/1x7ZKxFPd9bwrzygx/qiwIQiJ1sw/zD8qY/kRvlGHA==",
"dev": true,
"dependencies": {
@@ -563,6 +564,7 @@
},
"node_modules/@eslint/config-array/node_modules/brace-expansion": {
"version": "1.1.12",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
"integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
"dev": true,
"dependencies": {
@@ -572,6 +574,7 @@
},
"node_modules/@eslint/config-array/node_modules/minimatch": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
"integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
"dev": true,
"dependencies": {
@@ -583,6 +586,7 @@
},
"node_modules/@eslint/config-helpers": {
"version": "0.4.2",
"resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.4.2.tgz",
"integrity": "sha512-gBrxN88gOIf3R7ja5K9slwNayVcZgK6SOUORm2uBzTeIEfeVaIhOpCtTox3P6R7o2jLFwLFTLnC7kU/RGcYEgw==",
"dev": true,
"dependencies": {
@@ -594,6 +598,7 @@
},
"node_modules/@eslint/core": {
"version": "0.17.0",
"resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.17.0.tgz",
"integrity": "sha512-yL/sLrpmtDaFEiUj1osRP4TI2MDz1AddJL+jZ7KSqvBuliN4xqYY54IfdN8qD8Toa6g1iloph1fxQNkjOxrrpQ==",
"dev": true,
"dependencies": {
@@ -605,6 +610,7 @@
},
"node_modules/@eslint/eslintrc": {
"version": "3.3.3",
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.3.tgz",
"integrity": "sha512-Kr+LPIUVKz2qkx1HAMH8q1q6azbqBAsXJUxBl/ODDuVPX45Z9DfwB8tPjTi6nNZ8BuM3nbJxC5zCAg5elnBUTQ==",
"dev": true,
"dependencies": {
@@ -627,6 +633,7 @@
},
"node_modules/@eslint/eslintrc/node_modules/brace-expansion": {
"version": "1.1.12",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
"integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
"dev": true,
"dependencies": {
@@ -636,6 +643,7 @@
},
"node_modules/@eslint/eslintrc/node_modules/ignore": {
"version": "5.3.2",
"resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
"integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
"dev": true,
"engines": {
@@ -644,6 +652,7 @@
},
"node_modules/@eslint/eslintrc/node_modules/minimatch": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
"integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
"dev": true,
"dependencies": {
@@ -654,8 +663,9 @@
}
},
"node_modules/@eslint/js": {
"version": "9.39.2",
"integrity": "sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA==",
"version": "9.28.0",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.28.0.tgz",
"integrity": "sha512-fnqSjGWd/CoIp4EXIxWVK/sHA6DOHN4+8Ix2cX5ycOY7LG0UY8nHCU5pIp2eaE1Mc7Qd8kHspYNzYXT2ojPLzg==",
"dev": true,
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
@@ -666,6 +676,7 @@
},
"node_modules/@eslint/object-schema": {
"version": "2.1.7",
"resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.7.tgz",
"integrity": "sha512-VtAOaymWVfZcmZbp6E2mympDIHvyjXs/12LqWYjVw6qjrfF+VK+fyG33kChz3nnK+SU5/NeHOqrTEHS8sXO3OA==",
"dev": true,
"engines": {
@@ -674,6 +685,7 @@
},
"node_modules/@eslint/plugin-kit": {
"version": "0.4.1",
"resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.4.1.tgz",
"integrity": "sha512-43/qtrDUokr7LJqoF2c3+RInu/t4zfrpYdoSDfYyhg52rwLV6TnOvdG4fXm7IkSB3wErkcmJS9iEhjVtOSEjjA==",
"dev": true,
"dependencies": {
@@ -987,6 +999,7 @@
},
"node_modules/@types/json-schema": {
"version": "7.0.15",
"resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz",
"integrity": "sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==",
"dev": true
},
@@ -1010,8 +1023,9 @@
}
},
"node_modules/@types/react": {
"version": "19.2.11",
"integrity": "sha512-tORuanb01iEzWvMGVGv2ZDhYZVeRMrw453DCSAIn/5yvcSVnMoUMTyf33nQJLahYEnv9xqrTNbgz4qY5EfSh0g==",
"version": "19.2.14",
"resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.14.tgz",
"integrity": "sha512-ilcTH/UniCkMdtexkoCN0bI7pMcJDvmQFPvuPvmEaYA/NSfFTAgdUSLAoVjaRJm7+6PvcM+q1zYOwS4wTYMF9w==",
"peer": true,
"dependencies": {
"csstype": "^3.2.2"
@@ -1022,15 +1036,17 @@
"integrity": "sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q=="
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.54.0",
"integrity": "sha512-hAAP5io/7csFStuOmR782YmTthKBJ9ND3WVL60hcOjvtGFb+HJxH4O5huAcmcZ9v9G8P+JETiZ/G1B8MALnWZQ==",
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.55.0.tgz",
"integrity": "sha512-1y/MVSz0NglV1ijHC8OT49mPJ4qhPYjiK08YUQVbIOyu+5k862LKUHFkpKHWu//zmr7hDR2rhwUm6gnCGNmGBQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"@eslint-community/regexpp": "^4.12.2",
"@typescript-eslint/scope-manager": "8.54.0",
"@typescript-eslint/type-utils": "8.54.0",
"@typescript-eslint/utils": "8.54.0",
"@typescript-eslint/visitor-keys": "8.54.0",
"@typescript-eslint/scope-manager": "8.55.0",
"@typescript-eslint/type-utils": "8.55.0",
"@typescript-eslint/utils": "8.55.0",
"@typescript-eslint/visitor-keys": "8.55.0",
"ignore": "^7.0.5",
"natural-compare": "^1.4.0",
"ts-api-utils": "^2.4.0"
@@ -1043,93 +1059,20 @@
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"@typescript-eslint/parser": "^8.54.0",
"@typescript-eslint/parser": "^8.55.0",
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/parser": {
"version": "8.54.0",
"integrity": "sha512-BtE0k6cjwjLZoZixN0t5AKP0kSzlGu7FctRXYuPAm//aaiZhmfq1JwdYpYr1brzEspYyFeF+8XF5j2VK6oalrA==",
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/type-utils": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.55.0.tgz",
"integrity": "sha512-x1iH2unH4qAt6I37I2CGlsNs+B9WGxurP2uyZLRz6UJoZWDBx9cJL1xVN/FiOmHEONEg6RIufdvyT0TEYIgC5g==",
"dev": true,
"dependencies": {
"@typescript-eslint/scope-manager": "8.54.0",
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/typescript-estree": "8.54.0",
"@typescript-eslint/visitor-keys": "8.54.0",
"debug": "^4.4.3"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/project-service": {
"version": "8.54.0",
"integrity": "sha512-YPf+rvJ1s7MyiWM4uTRhE4DvBXrEV+d8oC3P9Y2eT7S+HBS0clybdMIPnhiATi9vZOYDc7OQ1L/i6ga6NFYK/g==",
"dev": true,
"dependencies": {
"@typescript-eslint/tsconfig-utils": "^8.54.0",
"@typescript-eslint/types": "^8.54.0",
"debug": "^4.4.3"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "8.54.0",
"integrity": "sha512-27rYVQku26j/PbHYcVfRPonmOlVI6gihHtXFbTdB5sb6qA0wdAQAbyXFVarQ5t4HRojIz64IV90YtsjQSSGlQg==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/visitor-keys": "8.54.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
}
},
"node_modules/@typescript-eslint/tsconfig-utils": {
"version": "8.54.0",
"integrity": "sha512-dRgOyT2hPk/JwxNMZDsIXDgyl9axdJI3ogZ2XWhBPsnZUv+hPesa5iuhdYt2gzwA9t8RE5ytOJ6xB0moV0Ujvw==",
"dev": true,
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "8.54.0",
"integrity": "sha512-hiLguxJWHjjwL6xMBwD903ciAwd7DmK30Y9Axs/etOkftC3ZNN9K44IuRD/EB08amu+Zw6W37x9RecLkOo3pMA==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/typescript-estree": "8.54.0",
"@typescript-eslint/utils": "8.54.0",
"@typescript-eslint/types": "8.55.0",
"@typescript-eslint/typescript-estree": "8.55.0",
"@typescript-eslint/utils": "8.55.0",
"debug": "^4.4.3",
"ts-api-utils": "^2.4.0"
},
@@ -1145,10 +1088,117 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/types": {
"version": "8.54.0",
"integrity": "sha512-PDUI9R1BVjqu7AUDsRBbKMtwmjWcn4J3le+5LpcFgWULN3LvHC5rkc9gCVxbrsrGmO1jfPybN5s6h4Jy+OnkAA==",
"node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.55.0.tgz",
"integrity": "sha512-BqZEsnPGdYpgyEIkDC1BadNY8oMwckftxBT+C8W0g1iKPdeqKZBtTfnvcq0nf60u7MkjFO8RBvpRGZBPw4L2ow==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.9.1",
"@typescript-eslint/scope-manager": "8.55.0",
"@typescript-eslint/types": "8.55.0",
"@typescript-eslint/typescript-estree": "8.55.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/parser": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.55.0.tgz",
"integrity": "sha512-4z2nCSBfVIMnbuu8uinj+f0o4qOeggYJLbjpPHka3KH1om7e+H9yLKTYgksTaHcGco+NClhhY2vyO3HsMH1RGw==",
"dev": true,
"license": "MIT",
"dependencies": {
"@typescript-eslint/scope-manager": "8.55.0",
"@typescript-eslint/types": "8.55.0",
"@typescript-eslint/typescript-estree": "8.55.0",
"@typescript-eslint/visitor-keys": "8.55.0",
"debug": "^4.4.3"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/project-service": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.55.0.tgz",
"integrity": "sha512-zRcVVPFUYWa3kNnjaZGXSu3xkKV1zXy8M4nO/pElzQhFweb7PPtluDLQtKArEOGmjXoRjnUZ29NjOiF0eCDkcQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"@typescript-eslint/tsconfig-utils": "^8.55.0",
"@typescript-eslint/types": "^8.55.0",
"debug": "^4.4.3"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.55.0.tgz",
"integrity": "sha512-fVu5Omrd3jeqeQLiB9f1YsuK/iHFOwb04bCtY4BSCLgjNbOD33ZdV6KyEqplHr+IlpgT0QTZ/iJ+wT7hvTx49Q==",
"dev": true,
"license": "MIT",
"dependencies": {
"@typescript-eslint/types": "8.55.0",
"@typescript-eslint/visitor-keys": "8.55.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
}
},
"node_modules/@typescript-eslint/tsconfig-utils": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.55.0.tgz",
"integrity": "sha512-1R9cXqY7RQd7WuqSN47PK9EDpgFUK3VqdmbYrvWJZYDd0cavROGn+74ktWBlmJ13NXUQKlZ/iAEQHI/V0kKe0Q==",
"dev": true,
"license": "MIT",
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/types": {
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.55.0.tgz",
"integrity": "sha512-ujT0Je8GI5BJWi+/mMoR0wxwVEQaxM+pi30xuMiJETlX80OPovb2p9E8ss87gnSVtYXtJoU9U1Cowcr6w2FE0w==",
"dev": true,
"license": "MIT",
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
@@ -1158,14 +1208,16 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "8.54.0",
"integrity": "sha512-BUwcskRaPvTk6fzVWgDPdUndLjB87KYDrN5EYGetnktoeAvPtO4ONHlAZDnj5VFnUANg0Sjm7j4usBlnoVMHwA==",
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.55.0.tgz",
"integrity": "sha512-EwrH67bSWdx/3aRQhCoxDaHM+CrZjotc2UCCpEDVqfCE+7OjKAGWNY2HsCSTEVvWH2clYQK8pdeLp42EVs+xQw==",
"dev": true,
"license": "MIT",
"dependencies": {
"@typescript-eslint/project-service": "8.54.0",
"@typescript-eslint/tsconfig-utils": "8.54.0",
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/visitor-keys": "8.54.0",
"@typescript-eslint/project-service": "8.55.0",
"@typescript-eslint/tsconfig-utils": "8.55.0",
"@typescript-eslint/types": "8.55.0",
"@typescript-eslint/visitor-keys": "8.55.0",
"debug": "^4.4.3",
"minimatch": "^9.0.5",
"semver": "^7.7.3",
@@ -1183,34 +1235,14 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/utils": {
"version": "8.54.0",
"integrity": "sha512-9Cnda8GS57AQakvRyG0PTejJNlA2xhvyNtEVIMlDWOOeEyBkYWhGPnfrIAnqxLMTSTo6q8g12XVjjev5l1NvMA==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.9.1",
"@typescript-eslint/scope-manager": "8.54.0",
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/typescript-estree": "8.54.0"
},
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"type": "opencollective",
"url": "https://opencollective.com/typescript-eslint"
},
"peerDependencies": {
"eslint": "^8.57.0 || ^9.0.0",
"typescript": ">=4.8.4 <6.0.0"
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "8.54.0",
"integrity": "sha512-VFlhGSl4opC0bprJiItPQ1RfUhGDIBokcPwaFH4yiBCaNPeld/9VeXbiPO1cLyorQi1G1vL+ecBk1x8o1axORA==",
"version": "8.55.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.55.0.tgz",
"integrity": "sha512-AxNRwEie8Nn4eFS1FzDMJWIISMGoXMb037sgCBJ3UR6o0fQTzr2tqN9WT+DkWJPhIdQCfV7T6D387566VtnCJA==",
"dev": true,
"license": "MIT",
"dependencies": {
"@typescript-eslint/types": "8.54.0",
"@typescript-eslint/types": "8.55.0",
"eslint-visitor-keys": "^4.2.1"
},
"engines": {
@@ -1223,8 +1255,10 @@
},
"node_modules/@typescript-eslint/visitor-keys/node_modules/eslint-visitor-keys": {
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
"integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
"dev": true,
"license": "Apache-2.0",
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
@@ -1257,6 +1291,7 @@
},
"node_modules/acorn": {
"version": "8.15.0",
"resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
"integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
"dev": true,
"bin": {
@@ -1268,6 +1303,7 @@
},
"node_modules/acorn-jsx": {
"version": "5.3.2",
"resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz",
"integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==",
"dev": true,
"peerDependencies": {
@@ -1276,6 +1312,7 @@
},
"node_modules/ajv": {
"version": "6.12.6",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
"integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
"dev": true,
"dependencies": {
@@ -1291,6 +1328,7 @@
},
"node_modules/ansi-styles": {
"version": "4.3.0",
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
"integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
"dev": true,
"dependencies": {
@@ -1305,6 +1343,7 @@
},
"node_modules/argparse": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
"integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
"dev": true
},
@@ -1561,6 +1600,7 @@
},
"node_modules/callsites": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz",
"integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==",
"dev": true,
"engines": {
@@ -1596,6 +1636,7 @@
},
"node_modules/chalk": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
"integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
"dev": true,
"dependencies": {
@@ -1643,6 +1684,7 @@
},
"node_modules/color-convert": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
"integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
"dev": true,
"dependencies": {
@@ -1654,6 +1696,7 @@
},
"node_modules/color-name": {
"version": "1.1.4",
"resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
"integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==",
"dev": true
},
@@ -1701,6 +1744,7 @@
},
"node_modules/csstype": {
"version": "3.2.3",
"resolved": "https://registry.npmjs.org/csstype/-/csstype-3.2.3.tgz",
"integrity": "sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==",
"peer": true
},
@@ -2084,6 +2128,7 @@
},
"node_modules/eslint": {
"version": "9.39.2",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-9.39.2.tgz",
"integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==",
"dev": true,
"dependencies": {
@@ -2219,6 +2264,7 @@
},
"node_modules/eslint-scope": {
"version": "8.4.0",
"resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.4.0.tgz",
"integrity": "sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg==",
"dev": true,
"dependencies": {
@@ -2243,8 +2289,21 @@
"url": "https://opencollective.com/eslint"
}
},
"node_modules/eslint/node_modules/@eslint/js": {
"version": "9.39.2",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.39.2.tgz",
"integrity": "sha512-q1mjIoW1VX4IvSocvM/vbTiveKC4k9eLrajNEuSsmjymSDEbpGddtpfOoN7YGAqBK3NG+uqo8ia4PDTt8buCYA==",
"dev": true,
"engines": {
"node": "^18.18.0 || ^20.9.0 || >=21.1.0"
},
"funding": {
"url": "https://eslint.org/donate"
}
},
"node_modules/eslint/node_modules/brace-expansion": {
"version": "1.1.12",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
"integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
"dev": true,
"dependencies": {
@@ -2254,6 +2313,7 @@
},
"node_modules/eslint/node_modules/eslint-visitor-keys": {
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
"integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
"dev": true,
"engines": {
@@ -2273,6 +2333,7 @@
},
"node_modules/eslint/node_modules/minimatch": {
"version": "3.1.2",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
"integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
"dev": true,
"dependencies": {
@@ -2284,6 +2345,7 @@
},
"node_modules/espree": {
"version": "10.4.0",
"resolved": "https://registry.npmjs.org/espree/-/espree-10.4.0.tgz",
"integrity": "sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ==",
"dev": true,
"dependencies": {
@@ -2300,6 +2362,7 @@
},
"node_modules/espree/node_modules/eslint-visitor-keys": {
"version": "4.2.1",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
"integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
"dev": true,
"engines": {
@@ -2322,6 +2385,7 @@
},
"node_modules/esrecurse": {
"version": "4.3.0",
"resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz",
"integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==",
"dev": true,
"dependencies": {
@@ -2361,11 +2425,13 @@
},
"node_modules/fast-deep-equal": {
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
"integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==",
"dev": true
},
"node_modules/fast-json-stable-stringify": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz",
"integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==",
"dev": true
},
@@ -2572,6 +2638,7 @@
},
"node_modules/globals": {
"version": "14.0.0",
"resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz",
"integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==",
"dev": true,
"engines": {
@@ -2620,6 +2687,7 @@
},
"node_modules/has-flag": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
"integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==",
"dev": true,
"engines": {
@@ -2754,6 +2822,7 @@
},
"node_modules/import-fresh": {
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.1.tgz",
"integrity": "sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==",
"dev": true,
"dependencies": {
@@ -3205,6 +3274,7 @@
},
"node_modules/js-yaml": {
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
"dev": true,
"dependencies": {
@@ -3232,6 +3302,7 @@
},
"node_modules/json-schema-traverse": {
"version": "0.4.1",
"resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
"integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
"dev": true
},
@@ -3301,6 +3372,7 @@
},
"node_modules/lodash.merge": {
"version": "4.6.2",
"resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
"integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==",
"dev": true
},
@@ -3332,8 +3404,10 @@
}
},
"node_modules/lucide-react": {
"version": "0.563.0",
"integrity": "sha512-8dXPB2GI4dI8jV4MgUDGBeLdGk8ekfqVZ0BdLcrRzocGgG75ltNEmWS+gE7uokKF/0oSUuczNDT+g9hFJ23FkA==",
"version": "0.564.0",
"resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.564.0.tgz",
"integrity": "sha512-JJ8GVTQqFwuliifD48U6+h7DXEHdkhJ/E87kksGByII3qHxtPciVb8T8woQONHBQgHVOl7rSMrrip3SeVNy7Fg==",
"license": "ISC",
"peerDependencies": {
"react": "^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0"
}
@@ -4312,6 +4386,7 @@
},
"node_modules/parent-module": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
"integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==",
"dev": true,
"dependencies": {
@@ -4442,6 +4517,7 @@
},
"node_modules/punycode": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
"integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
"dev": true,
"engines": {
@@ -4653,6 +4729,7 @@
},
"node_modules/resolve-from": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz",
"integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==",
"dev": true,
"engines": {
@@ -5030,6 +5107,7 @@
},
"node_modules/strip-json-comments": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz",
"integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==",
"dev": true,
"engines": {
@@ -5055,6 +5133,7 @@
},
"node_modules/supports-color": {
"version": "7.2.0",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
"integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
"dev": true,
"dependencies": {
@@ -5338,6 +5417,7 @@
},
"node_modules/uri-js": {
"version": "4.4.1",
"resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz",
"integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==",
"dev": true,
"dependencies": {
package.json
+4 -4
View File
@@ -10,7 +10,7 @@
"preview": "vite preview"
},
"dependencies": {
"lucide-react": "^0.563.0",
"lucide-react": "^0.564.0",
"react": "^19.2.4",
"react-dom": "^19.2.4",
"react-markdown": "^10.1.0",
@@ -18,10 +18,10 @@
"remark-gfm": "^4.0.1"
},
"devDependencies": {
"@eslint/js": "^9.39.2",
"@eslint/js": "~9.28.0",
"@types/node": "^22.14.0",
"@typescript-eslint/eslint-plugin": "^8.54.0",
"@typescript-eslint/parser": "^8.54.0",
"@typescript-eslint/eslint-plugin": "^8.55.0",
"@typescript-eslint/parser": "^8.55.0",
"@vitejs/plugin-react": "^5.0.0",
"eslint": "^9.39.2",
"eslint-plugin-react": "^7.37.5",
pages/Checksums.tsx
+1 -1
View File
@@ -101,7 +101,7 @@ export default function Checksums() {
</tr>
</thead>
<tbody className="divide-y divide-clawd-700">
{Object.entries(checksums.files).map(([filename, data]) => (
{(Object.entries(checksums.files) as [string, FileChecksum][]).map(([filename, data]) => (
<tr key={filename} className="hover:bg-clawd-700/50 transition-colors">
<td className="px-6 py-4">
<div className="font-mono text-sm text-clawd-accent">{filename}</div>
scripts/ci/verify_signing_key_consistency.sh
Executable
+73
View File
@@ -0,0 +1,73 @@
#!/usr/bin/env bash
set -euo pipefail
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
cd "$REPO_ROOT"
SKILL_MD="skills/clawsec-suite/SKILL.md"
CANONICAL_KEYS=(
"clawsec-signing-public.pem"
"advisories/feed-signing-public.pem"
"skills/clawsec-suite/advisories/feed-signing-public.pem"
)
fingerprint_for_pem() {
local pem_file="$1"
openssl pkey -pubin -in "$pem_file" -outform DER | shasum -a 256 | awk '{print $1}'
}
if [[ ! -f "$SKILL_MD" ]]; then
echo "ERROR: missing $SKILL_MD" >&2
exit 1
fi
DOC_EXPECTED_FPR="$(awk -F'"' '/RELEASE_PUBKEY_SHA256=/{print $2; exit}' "$SKILL_MD")"
if [[ -z "$DOC_EXPECTED_FPR" ]]; then
echo "ERROR: could not parse RELEASE_PUBKEY_SHA256 from $SKILL_MD" >&2
exit 1
fi
TMP_DOC_KEY="$(mktemp)"
trap 'rm -f "$TMP_DOC_KEY"' EXIT
awk '
/-----BEGIN PUBLIC KEY-----/ {in_key=1}
in_key {print}
/-----END PUBLIC KEY-----/ {exit}
' "$SKILL_MD" > "$TMP_DOC_KEY"
if ! grep -q "BEGIN PUBLIC KEY" "$TMP_DOC_KEY"; then
echo "ERROR: could not extract inline public key from $SKILL_MD" >&2
exit 1
fi
DOC_INLINE_FPR="$(fingerprint_for_pem "$TMP_DOC_KEY")"
if [[ "$DOC_INLINE_FPR" != "$DOC_EXPECTED_FPR" ]]; then
echo "ERROR: SKILL.md mismatch: inline key fingerprint ($DOC_INLINE_FPR) != RELEASE_PUBKEY_SHA256 ($DOC_EXPECTED_FPR)" >&2
exit 1
fi
echo "SKILL.md inline key fingerprint matches RELEASE_PUBKEY_SHA256: $DOC_EXPECTED_FPR"
CANONICAL_FPR=""
for key_file in "${CANONICAL_KEYS[@]}"; do
if [[ ! -f "$key_file" ]]; then
echo "ERROR: missing canonical key file: $key_file" >&2
exit 1
fi
fpr="$(fingerprint_for_pem "$key_file")"
echo "$key_file -> $fpr"
if [[ -z "$CANONICAL_FPR" ]]; then
CANONICAL_FPR="$fpr"
elif [[ "$fpr" != "$CANONICAL_FPR" ]]; then
echo "ERROR: key fingerprint mismatch among canonical pem files" >&2
exit 1
fi
done
if [[ "$CANONICAL_FPR" != "$DOC_EXPECTED_FPR" ]]; then
echo "ERROR: canonical pem fingerprint ($CANONICAL_FPR) != SKILL.md RELEASE_PUBKEY_SHA256 ($DOC_EXPECTED_FPR)" >&2
exit 1
fi
echo "All signing key references are consistent: $CANONICAL_FPR"
skills/clawsec-suite/CHANGELOG.md
+44
View File
@@ -5,6 +5,50 @@ All notable changes to the ClawSec Suite will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [0.1.2]
### Added
- Advisory suppression module (`hooks/clawsec-advisory-guardian/lib/suppression.mjs`).
- `loadAdvisorySuppression()` -- loads suppression config with `enabledFor: ["advisory"]` sentinel gate.
- `isAdvisorySuppressed()` -- matches `advisory.id === rule.checkId` + case-insensitive skill name.
- Advisory guardian handler integration: partitions matches into active/suppressed after `findMatches()`.
- Suppressed matches tracked in state file (prevents re-evaluation) but not alerted.
- Soft notification message for suppressed matches count.
- Advisory suppression tests (13 tests in `advisory_suppression.test.mjs`).
- Documentation in SKILL.md for advisory suppression/allowlist mechanism.
### Changed
- Advisory guardian handler (`handler.ts`) now loads suppression config and filters matches before alerting.
### Security
- Advisory suppression gated by config file sentinel (`enabledFor: ["advisory"]`) -- no CLI flag needed but config must explicitly opt in.
- Suppressed matches are still tracked in state to maintain audit trail.
## [0.1.1] - 2026-02-16
### Added
- Added `scripts/discover_skill_catalog.mjs` to dynamically discover installable skills from `https://clawsec.prompt.security/skills/index.json`.
- Added `test/skill_catalog_discovery.test.mjs` to validate remote-catalog loading and fallback behavior.
- Added CI signing-key drift guard script: `scripts/ci/verify_signing_key_consistency.sh`.
### Changed
- Updated `SKILL.md` to use dynamic catalog discovery commands instead of hard-coded optional-skill names.
- Updated advisory feed defaults to signed-host URL (`https://clawsec.prompt.security/advisories/feed.json`).
- Improved checksum manifest key compatibility in feed verification logic (supports basename and `advisories/*` key formats).
- Kept `openclaw-audit-watchdog` as a standalone skill (not embedded in `clawsec-suite`).
### Security
- **Signing key drift control**: CI now enforces that all public key references (inline SKILL.md PEM, canonical `.pem` files, workflow-generated keys) resolve to the same fingerprint. Prevents stale, fabricated, or rotated-but-not-propagated key material from reaching releases.
- Enforced in: `.github/workflows/skill-release.yml`, `.github/workflows/deploy-pages.yml`
- Guard script: `scripts/ci/verify_signing_key_consistency.sh`
### Fixed
- **Fixed fabricated signing key in SKILL.md**: The manual installation script contained a hallucinated Ed25519 public key and fingerprint (`35866e1b...`) that never corresponded to the actual release signing key. Replaced with the real public key derived from the GitHub-secret-held private key. The bogus key was introduced in v0.0.10 (`Integration/signing work #20`) and went undetected because no consistency check existed at the time.
- Corrected `checksums.sig` naming in release verification documentation.
## [0.0.10] - 2026-02-11
### Security
skills/clawsec-suite/HEARTBEAT.md
+1 -1
View File
@@ -16,7 +16,7 @@ Run this periodically (cron/systemd/CI/agent scheduler). It assumes POSIX shell,
INSTALL_ROOT="${INSTALL_ROOT:-$HOME/.openclaw/skills}"
SUITE_DIR="$INSTALL_ROOT/clawsec-suite"
CHECKSUMS_URL="${CHECKSUMS_URL:-https://clawsec.prompt.security/releases/latest/download/checksums.json}"
FEED_URL="${CLAWSEC_FEED_URL:-https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json}"
FEED_URL="${CLAWSEC_FEED_URL:-https://clawsec.prompt.security/advisories/feed.json}"
STATE_FILE="${CLAWSEC_SUITE_STATE_FILE:-$HOME/.openclaw/clawsec-suite-feed-state.json}"
MIN_FEED_INTERVAL_SECONDS="${MIN_FEED_INTERVAL_SECONDS:-300}"
```
skills/clawsec-suite/SKILL.md
+146 -64
View File
@@ -1,6 +1,6 @@
---
name: clawsec-suite
version: 0.0.10
version: 0.1.2
description: ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup for additional security skills.
homepage: https://clawsec.prompt.security
clawdis:
@@ -27,11 +27,21 @@ This means `clawsec-suite` can:
- OpenClaw advisory guardian hook package: `hooks/clawsec-advisory-guardian/`
- Setup scripts for hook and optional cron scheduling: `scripts/`
- Guarded installer: `scripts/guarded_skill_install.mjs`
- Dynamic catalog discovery for installable skills: `scripts/discover_skill_catalog.mjs`
### installed separately
- `openclaw-audit-watchdog`
- `soul-guardian`
- `clawtributor` (explicit opt-in)
### Installed separately (dynamic catalog)
`clawsec-suite` does not hard-code add-on skill names in this document.
Discover the current catalog from the authoritative index (`https://clawsec.prompt.security/skills/index.json`) at runtime:
```bash
SUITE_DIR="${INSTALL_ROOT:-$HOME/.openclaw/skills}/clawsec-suite"
node "$SUITE_DIR/scripts/discover_skill_catalog.mjs"
```
Fallback behavior:
- If the remote catalog index is reachable and valid, the suite uses it.
- If the remote index is unavailable or malformed, the script falls back to suite-local catalog metadata in `skill.json`.
## Installation
@@ -52,16 +62,14 @@ DEST="$INSTALL_ROOT/clawsec-suite"
BASE="https://github.com/prompt-security/clawsec/releases/download/clawsec-suite-v${VERSION}"
TEMP_DIR="$(mktemp -d)"
DOWNLOAD_DIR="$TEMP_DIR/downloads"
trap 'rm -rf "$TEMP_DIR"' EXIT
mkdir -p "$DOWNLOAD_DIR"
# Pinned release-signing public key (verify fingerprint out-of-band on first use)
# Fingerprint (SHA-256 of SPKI DER): 35866e1b1479a043ae816899562ac877e879320c3c5660be1e79f06241ca0854
RELEASE_PUBKEY_SHA256="35866e1b1479a043ae816899562ac877e879320c3c5660be1e79f06241ca0854"
# Fingerprint (SHA-256 of SPKI DER): 711424e4535f84093fefb024cd1ca4ec87439e53907b305b79a631d5befba9c8
RELEASE_PUBKEY_SHA256="711424e4535f84093fefb024cd1ca4ec87439e53907b305b79a631d5befba9c8"
cat > "$TEMP_DIR/release-signing-public.pem" <<'PEM'
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEAtaRGONGp0Syl9EBS17hEYgGTwUtfZgigklS6vAe5MlQ=
MCowBQYDK2VwAyEAS7nijfMcUoOBCj4yOXJX+GYGv2pFl2Yaha1P4v5Cm6A=
-----END PUBLIC KEY-----
PEM
@@ -71,70 +79,48 @@ if [ "$ACTUAL_KEY_SHA256" != "$RELEASE_PUBKEY_SHA256" ]; then
exit 1
fi
# 1) Download checksums manifest + detached signature
curl -fsSL "$BASE/checksums.json" -o "$TEMP_DIR/checksums.json"
curl -fsSL "$BASE/checksums.json.sig" -o "$TEMP_DIR/checksums.json.sig"
ZIP_NAME="clawsec-suite-v${VERSION}.zip"
# 2) Verify checksums manifest signature before trusting any file URLs or hashes
openssl base64 -d -A -in "$TEMP_DIR/checksums.json.sig" -out "$TEMP_DIR/checksums.json.sig.bin"
# 1) Download release archive + signed checksums manifest + signing public key
curl -fsSL "$BASE/$ZIP_NAME" -o "$TEMP_DIR/$ZIP_NAME"
curl -fsSL "$BASE/checksums.json" -o "$TEMP_DIR/checksums.json"
curl -fsSL "$BASE/checksums.sig" -o "$TEMP_DIR/checksums.sig"
# 2) Verify checksums manifest signature before trusting any hashes
openssl base64 -d -A -in "$TEMP_DIR/checksums.sig" -out "$TEMP_DIR/checksums.sig.bin"
if ! openssl pkeyutl -verify \
-pubin \
-inkey "$TEMP_DIR/release-signing-public.pem" \
-sigfile "$TEMP_DIR/checksums.json.sig.bin" \
-sigfile "$TEMP_DIR/checksums.sig.bin" \
-rawin \
-in "$TEMP_DIR/checksums.json" >/dev/null 2>&1; then
echo "ERROR: checksums.json signature verification failed" >&2
exit 1
fi
if ! jq -e '.skill and .version and .files' "$TEMP_DIR/checksums.json" >/dev/null 2>&1; then
echo "ERROR: Invalid checksums.json format" >&2
EXPECTED_ZIP_SHA="$(jq -r '.archive.sha256 // empty' "$TEMP_DIR/checksums.json")"
if [ -z "$EXPECTED_ZIP_SHA" ]; then
echo "ERROR: checksums.json missing archive.sha256" >&2
exit 1
fi
echo "Checksums manifest signature verified."
if command -v shasum >/dev/null 2>&1; then
ACTUAL_ZIP_SHA="$(shasum -a 256 "$TEMP_DIR/$ZIP_NAME" | awk '{print $1}')"
else
ACTUAL_ZIP_SHA="$(sha256sum "$TEMP_DIR/$ZIP_NAME" | awk '{print $1}')"
fi
# 3) Download every file listed in checksums and verify immediately
DOWNLOAD_FAILED=0
for file in $(jq -r '.files | keys[]' "$TEMP_DIR/checksums.json"); do
FILE_URL="$(jq -r --arg f "$file" '.files[$f].url' "$TEMP_DIR/checksums.json")"
EXPECTED="$(jq -r --arg f "$file" '.files[$f].sha256' "$TEMP_DIR/checksums.json")"
if ! curl -fsSL "$FILE_URL" -o "$DOWNLOAD_DIR/$file"; then
echo "ERROR: Download failed for $file" >&2
DOWNLOAD_FAILED=1
continue
fi
if command -v shasum >/dev/null 2>&1; then
ACTUAL="$(shasum -a 256 "$DOWNLOAD_DIR/$file" | awk '{print $1}')"
else
ACTUAL="$(sha256sum "$DOWNLOAD_DIR/$file" | awk '{print $1}')"
fi
if [ "$EXPECTED" != "$ACTUAL" ]; then
echo "ERROR: Checksum mismatch for $file" >&2
DOWNLOAD_FAILED=1
else
echo "Verified: $file"
fi
done
if [ "$DOWNLOAD_FAILED" -eq 1 ]; then
echo "ERROR: One or more files failed verification" >&2
if [ "$EXPECTED_ZIP_SHA" != "$ACTUAL_ZIP_SHA" ]; then
echo "ERROR: Archive checksum mismatch for $ZIP_NAME" >&2
exit 1
fi
# 4) Install files using paths from checksums.json
while IFS= read -r file; do
[ -z "$file" ] && continue
REL_PATH="$(jq -r --arg f "$file" '.files[$f].path // $f' "$TEMP_DIR/checksums.json")"
SRC_PATH="$DOWNLOAD_DIR/$file"
DST_PATH="$DEST/$REL_PATH"
echo "Checksums manifest signature and archive hash verified."
mkdir -p "$(dirname "$DST_PATH")"
cp "$SRC_PATH" "$DST_PATH"
done < <(jq -r '.files | keys[]' "$TEMP_DIR/checksums.json")
# 3) Install verified archive
mkdir -p "$INSTALL_ROOT"
rm -rf "$DEST"
unzip -q "$TEMP_DIR/$ZIP_NAME" -d "$INSTALL_ROOT"
chmod 600 "$DEST/skill.json"
find "$DEST" -type f ! -name "skill.json" -exec chmod 644 {} \;
@@ -194,7 +180,7 @@ This enforces:
The embedded feed logic uses these defaults:
- Remote feed URL: `https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json`
- Remote feed URL: `https://clawsec.prompt.security/advisories/feed.json`
- Remote feed signature URL: `${CLAWSEC_FEED_URL}.sig` (override with `CLAWSEC_FEED_SIG_URL`)
- Remote checksums manifest URL: sibling `checksums.json` (override with `CLAWSEC_FEED_CHECKSUMS_URL`)
- Local seed fallback: `~/.openclaw/skills/clawsec-suite/advisories/feed.json`
@@ -204,12 +190,12 @@ The embedded feed logic uses these defaults:
- State file: `~/.openclaw/clawsec-suite-feed-state.json`
- Hook rate-limit env (OpenClaw hook): `CLAWSEC_HOOK_INTERVAL_SECONDS` (default `300`)
**Fail-closed verification:** Both signature and checksum manifest verification are required by default. Set `CLAWSEC_ALLOW_UNSIGNED_FEED=1` only as a temporary migration bypass when adopting this version before signed feed artifacts are available upstream.
**Fail-closed verification:** Feed signatures are required by default. Checksum manifests are verified when companion checksum artifacts are available. Set `CLAWSEC_ALLOW_UNSIGNED_FEED=1` only as a temporary migration bypass when adopting this version before signed feed artifacts are available upstream.
### Quick feed check
```bash
FEED_URL="${CLAWSEC_FEED_URL:-https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json}"
FEED_URL="${CLAWSEC_FEED_URL:-https://clawsec.prompt.security/advisories/feed.json}"
STATE_FILE="${CLAWSEC_SUITE_STATE_FILE:-$HOME/.openclaw/clawsec-suite-feed-state.json}"
TMP="$(mktemp -d)"
@@ -271,15 +257,111 @@ If an advisory indicates a malicious or removal-recommended skill and that skill
The suite hook and heartbeat guidance are intentionally non-destructive by default.
## Advisory Suppression / Allowlist
The advisory guardian pipeline supports opt-in suppression for advisories that have been reviewed and accepted by your security team. This is useful for first-party tooling or advisories that do not apply to your deployment.
### Activation
Advisory suppression requires a single gate: the configuration file must contain `"enabledFor"` with `"advisory"` in the array. No CLI flag is needed -- the sentinel in the config file IS the opt-in gate.
If the `enabledFor` array is missing, empty, or does not include `"advisory"`, all advisories are reported normally.
### Config File Resolution (4-tier)
The advisory guardian resolves the suppression config using the same priority order as the audit pipeline:
1. Explicit `--config <path>` argument
2. `OPENCLAW_AUDIT_CONFIG` environment variable
3. `~/.openclaw/security-audit.json`
4. `.clawsec/allowlist.json`
### Config Format
```json
{
"enabledFor": ["advisory"],
"suppressions": [
{
"checkId": "CVE-2026-25593",
"skill": "clawsec-suite",
"reason": "First-party security tooling — reviewed by security team",
"suppressedAt": "2026-02-15"
},
{
"checkId": "CLAW-2026-0001",
"skill": "example-skill",
"reason": "Advisory does not apply to our deployment configuration",
"suppressedAt": "2026-02-16"
}
]
}
```
### Sentinel Semantics
- `"enabledFor": ["advisory"]` -- only advisory suppression active
- `"enabledFor": ["audit"]` -- only audit suppression active (no effect on advisory pipeline)
- `"enabledFor": ["audit", "advisory"]` -- both pipelines honor suppressions
- Missing or empty `enabledFor` -- no suppression active (safe default)
### Matching Rules
- **checkId:** exact match against the advisory ID (e.g., `CVE-2026-25593` or `CLAW-2026-0001`)
- **skill:** case-insensitive match against the affected skill name from the advisory
- Both fields must match for an advisory to be suppressed
### Required Fields per Suppression Entry
| Field | Description | Example |
|-------|-------------|---------|
| `checkId` | Advisory ID to suppress | `CVE-2026-25593` |
| `skill` | Affected skill name | `clawsec-suite` |
| `reason` | Justification for audit trail (required) | `First-party tooling, reviewed by security team` |
| `suppressedAt` | ISO 8601 date (YYYY-MM-DD) | `2026-02-15` |
### Shared Config with Audit Pipeline
The advisory and audit pipelines share the same config file. Use the `enabledFor` array to control which pipelines honor the suppression list:
```json
{
"enabledFor": ["audit", "advisory"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party tooling — audit finding accepted",
"suppressedAt": "2026-02-15"
},
{
"checkId": "CVE-2026-25593",
"skill": "clawsec-suite",
"reason": "First-party tooling — advisory reviewed",
"suppressedAt": "2026-02-15"
}
]
}
```
Audit entries (with check identifiers like `skills.code_safety`) are only matched by the audit pipeline. Advisory entries (with advisory IDs like `CVE-2026-25593` or `CLAW-2026-0001`) are only matched by the advisory pipeline. Each pipeline filters for its own relevant entries.
## Optional Skill Installation
Install additional protections as needed:
Discover currently available installable skills dynamically, then install the ones you want:
```bash
npx clawhub@latest install openclaw-audit-watchdog
npx clawhub@latest install soul-guardian
# opt-in only:
npx clawhub@latest install clawtributor
SUITE_DIR="${INSTALL_ROOT:-$HOME/.openclaw/skills}/clawsec-suite"
node "$SUITE_DIR/scripts/discover_skill_catalog.mjs"
# then install any discovered skill by name
npx clawhub@latest install <skill-name>
```
Machine-readable output is also available for automation:
```bash
node "$SUITE_DIR/scripts/discover_skill_catalog.mjs" --json
```
## Security Notes
skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts
+30 -3
View File
@@ -6,9 +6,10 @@ import { defaultChecksumsUrl, loadLocalFeed, loadRemoteFeed } from "./lib/feed.m
import type { HookEvent, FeedPayload, AdvisoryMatch } from "./lib/types.ts";
import { loadState, persistState } from "./lib/state.ts";
import { discoverInstalledSkills, findMatches, matchKey, buildAlertMessage } from "./lib/matching.ts";
import { loadAdvisorySuppression, isAdvisorySuppressed } from "./lib/suppression.mjs";
const DEFAULT_FEED_URL =
"https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json";
"https://clawsec.prompt.security/advisories/feed.json";
const DEFAULT_SCAN_INTERVAL_SECONDS = 300;
let unsignedModeWarningShown = false;
@@ -171,13 +172,33 @@ const handler = async (event: HookEvent): Promise<void> => {
state.known_advisories = uniqueStrings([...state.known_advisories, ...advisoryIds]);
const installedSkills = await discoverInstalledSkills(installRoot);
const matches = findMatches(feed, installedSkills);
const allMatches = findMatches(feed, installedSkills);
if (matches.length === 0) {
if (allMatches.length === 0) {
await persistState(stateFile, state);
return;
}
// Load advisory suppression config (sentinel-gated: requires enabledFor: ["advisory"])
let suppressionConfig;
try {
suppressionConfig = await loadAdvisorySuppression();
} catch (err) {
console.warn(`[clawsec-advisory-guardian] failed to load suppression config: ${String(err)}`);
suppressionConfig = { suppressions: [], enabledFor: [], source: "none" };
}
// Partition matches into active and suppressed
const matches: AdvisoryMatch[] = [];
const suppressedMatches: AdvisoryMatch[] = [];
for (const match of allMatches) {
if (isAdvisorySuppressed(match, suppressionConfig.suppressions)) {
suppressedMatches.push(match);
} else {
matches.push(match);
}
}
const unseenMatches: AdvisoryMatch[] = [];
for (const match of matches) {
const key = matchKey(match);
@@ -192,6 +213,12 @@ const handler = async (event: HookEvent): Promise<void> => {
event.messages.push(buildAlertMessage(unseenMatches, installRoot));
}
if (suppressedMatches.length > 0 && Array.isArray(event.messages)) {
event.messages.push(
`[clawsec-advisory-guardian] ${suppressedMatches.length} advisory match(es) suppressed by allowlist config.`,
);
}
await persistState(stateFile, state);
};
skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/feed.mjs
+60 -4
View File
@@ -273,6 +273,62 @@ function parseChecksumsManifest(manifestRaw) {
};
}
/**
* @param {string} entryName
* @returns {string}
*/
function normalizeChecksumEntryName(entryName) {
return String(entryName ?? "")
.trim()
.replace(/\\/g, "/")
.replace(/^(?:\.\/)+/, "")
.replace(/^\/+/, "");
}
/**
* @param {Record<string, string>} files
* @param {string} entryName
* @returns {{ key: string; digest: string } | null}
*/
function resolveChecksumManifestEntry(files, entryName) {
const normalizedEntry = normalizeChecksumEntryName(entryName);
if (!normalizedEntry) return null;
const directCandidates = [
normalizedEntry,
path.posix.basename(normalizedEntry),
`advisories/${path.posix.basename(normalizedEntry)}`,
].filter((candidate, index, all) => candidate && all.indexOf(candidate) === index);
for (const candidate of directCandidates) {
if (Object.prototype.hasOwnProperty.call(files, candidate)) {
return { key: candidate, digest: files[candidate] };
}
}
const basename = path.posix.basename(normalizedEntry);
if (!basename) return null;
const basenameMatches = Object.entries(files).filter(([key]) => {
const normalizedKey = normalizeChecksumEntryName(key);
return path.posix.basename(normalizedKey) === basename;
});
if (basenameMatches.length > 1) {
throw new Error(
`Checksum manifest entry is ambiguous for ${entryName}; ` +
`multiple manifest keys share basename ${basename}`,
);
}
if (basenameMatches.length === 1) {
const [resolvedKey, digest] = basenameMatches[0];
return { key: resolvedKey, digest };
}
return null;
}
/**
* @param {{ files: Record<string, string> }} manifest
* @param {Record<string, string | Buffer>} expectedEntries
@@ -281,14 +337,14 @@ function verifyChecksums(manifest, expectedEntries) {
for (const [entryName, entryContent] of Object.entries(expectedEntries)) {
if (!entryName) continue;
const expectedDigest = manifest.files[entryName];
if (!expectedDigest) {
const resolved = resolveChecksumManifestEntry(manifest.files, entryName);
if (!resolved) {
throw new Error(`Checksum manifest missing required entry: ${entryName}`);
}
const actualDigest = sha256Hex(entryContent);
if (actualDigest !== expectedDigest) {
throw new Error(`Checksum mismatch for ${entryName}`);
if (actualDigest !== resolved.digest) {
throw new Error(`Checksum mismatch for ${entryName} (manifest key: ${resolved.key})`);
}
}
}
skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/suppression.mjs
+142
View File
@@ -0,0 +1,142 @@
import fs from "node:fs/promises";
import path from "node:path";
import os from "node:os";
import { isObject, normalizeSkillName } from "./utils.mjs";
const DEFAULT_PRIMARY_PATH = path.join(os.homedir(), ".openclaw", "security-audit.json");
const DEFAULT_FALLBACK_PATH = ".clawsec/allowlist.json";
const EMPTY_CONFIG = Object.freeze({
suppressions: [],
enabledFor: [],
source: "none",
});
/**
* @param {unknown} entry
* @param {number} index
* @param {string} source
* @returns {{ checkId: string, skill: string, reason: string, suppressedAt: string }}
*/
function normalizeRule(entry, index, source) {
if (!isObject(entry)) {
throw new Error(`Suppression entry at index ${index} in ${source} must be an object`);
}
const checkId = typeof entry.checkId === "string" ? entry.checkId.trim() : "";
const skill = typeof entry.skill === "string" ? entry.skill.trim() : "";
const reason = typeof entry.reason === "string" ? entry.reason.trim() : "";
const suppressedAt = typeof entry.suppressedAt === "string" ? entry.suppressedAt.trim() : "";
if (!checkId) throw new Error(`Suppression entry at index ${index} in ${source} missing required field: checkId`);
if (!skill) throw new Error(`Suppression entry at index ${index} in ${source} missing required field: skill`);
if (!reason) throw new Error(`Suppression entry at index ${index} in ${source} missing required field: reason`);
if (!suppressedAt) throw new Error(`Suppression entry at index ${index} in ${source} missing required field: suppressedAt`);
return { checkId, skill, reason, suppressedAt };
}
/**
* @param {unknown} raw
* @param {string} source
* @returns {{ suppressions: Array, enabledFor: string[], source: string }}
*/
function parseConfig(raw, source) {
if (!isObject(raw)) {
throw new Error(`Config at ${source} must be a JSON object`);
}
if (!Array.isArray(raw.suppressions)) {
throw new Error(`Config at ${source} missing 'suppressions' array`);
}
const suppressions = [];
for (let i = 0; i < raw.suppressions.length; i++) {
suppressions.push(normalizeRule(raw.suppressions[i], i, source));
}
const enabledFor = Array.isArray(raw.enabledFor)
? raw.enabledFor
.filter((v) => typeof v === "string" && v.trim() !== "")
.map((v) => v.trim().toLowerCase())
: [];
return { suppressions, enabledFor, source };
}
/**
* @param {string} configPath
* @returns {Promise<{ suppressions: Array, enabledFor: string[], source: string } | null>}
*/
async function loadConfigFromPath(configPath) {
try {
const raw = await fs.readFile(configPath, "utf8");
return parseConfig(JSON.parse(raw), configPath);
} catch (err) {
if (err.code === "ENOENT") return null;
if (err.code === "EACCES") throw new Error(`Permission denied reading config: ${configPath}`, { cause: err });
if (err instanceof SyntaxError) throw new Error(`Malformed JSON in ${configPath}: ${err.message}`, { cause: err });
throw err;
}
}
/**
* Load advisory suppression config using the same 4-tier path resolution
* as the audit watchdog config loader.
*
* The config file must include "advisory" in its enabledFor sentinel
* array for advisory suppression to activate. No CLI flag needed -- the
* sentinel in the config file IS the gate.
*
* @param {string} [configPath] - Optional explicit config file path
* @returns {Promise<{ suppressions: Array, enabledFor: string[], source: string }>}
*/
export async function loadAdvisorySuppression(configPath) {
// Priority 1: Explicit path
if (configPath) {
const config = await loadConfigFromPath(configPath);
if (!config) throw new Error(`Advisory suppression config not found: ${configPath}`);
if (!config.enabledFor.includes("advisory")) return { ...EMPTY_CONFIG };
return config;
}
// Priority 2: Environment variable
const envPath = process.env.OPENCLAW_AUDIT_CONFIG;
if (typeof envPath === "string" && envPath.trim()) {
const config = await loadConfigFromPath(envPath.trim());
if (config && config.enabledFor.includes("advisory")) return config;
return { ...EMPTY_CONFIG };
}
// Priority 3: Primary default path
const primary = await loadConfigFromPath(DEFAULT_PRIMARY_PATH);
if (primary && primary.enabledFor.includes("advisory")) return primary;
// Priority 4: Fallback path
const fallback = await loadConfigFromPath(DEFAULT_FALLBACK_PATH);
if (fallback && fallback.enabledFor.includes("advisory")) return fallback;
return { ...EMPTY_CONFIG };
}
/**
* Check if an advisory match should be suppressed.
*
* Matching requires BOTH:
* - advisory.id === rule.checkId (exact)
* - normalizeSkillName(skill.name) === normalizeSkillName(rule.skill) (case-insensitive)
*
* @param {{ advisory: { id?: string }, skill: { name: string } }} match
* @param {Array<{ checkId: string, skill: string }>} suppressions
* @returns {boolean}
*/
export function isAdvisorySuppressed(match, suppressions) {
if (!Array.isArray(suppressions) || suppressions.length === 0) return false;
const advisoryId = match.advisory.id ?? "";
const skillName = normalizeSkillName(match.skill.name);
return suppressions.some(
(rule) => rule.checkId === advisoryId && normalizeSkillName(rule.skill) === skillName,
);
}
skills/clawsec-suite/scripts/discover_skill_catalog.mjs
+301
View File
@@ -0,0 +1,301 @@
#!/usr/bin/env node
import fs from "node:fs/promises";
import path from "node:path";
import { fileURLToPath } from "node:url";
const DEFAULT_INDEX_URL = "https://clawsec.prompt.security/skills/index.json";
const DEFAULT_TIMEOUT_MS = 5000;
const SCRIPT_DIR = path.dirname(fileURLToPath(import.meta.url));
const SUITE_DIR = path.resolve(SCRIPT_DIR, "..");
const SUITE_SKILL_JSON = path.join(SUITE_DIR, "skill.json");
function isObject(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function normalizeSkillId(value) {
return String(value ?? "")
.trim()
.toLowerCase();
}
function normalizeBoolean(value) {
return value === true;
}
function parseTimeoutMs() {
const raw = String(process.env.CLAWSEC_SKILLS_INDEX_TIMEOUT_MS ?? "").trim();
if (!raw) return DEFAULT_TIMEOUT_MS;
const parsed = Number.parseInt(raw, 10);
if (!Number.isFinite(parsed) || parsed <= 0) {
return DEFAULT_TIMEOUT_MS;
}
return parsed;
}
function parseArgs(argv) {
const args = {
json: false,
};
for (const token of argv) {
if (token === "--json") {
args.json = true;
continue;
}
if (token === "--help" || token === "-h") {
printUsage();
process.exit(0);
}
throw new Error(`Unknown argument: ${token}`);
}
return args;
}
function printUsage() {
process.stdout.write(
[
"Usage:",
" node scripts/discover_skill_catalog.mjs [--json]",
"",
"Behavior:",
" - Fetches dynamic catalog from CLAWSEC_SKILLS_INDEX_URL (default: https://clawsec.prompt.security/skills/index.json)",
" - Falls back to suite-local catalog metadata in skill.json when remote index is unavailable/invalid",
"",
"Environment:",
" CLAWSEC_SKILLS_INDEX_URL Override remote catalog index URL",
" CLAWSEC_SKILLS_INDEX_TIMEOUT_MS HTTP timeout in milliseconds (default: 5000)",
"",
].join("\n"),
);
}
function normalizeRemoteSkills(payload) {
if (!isObject(payload)) {
throw new Error("Catalog index payload must be a JSON object");
}
const rawSkills = payload.skills;
if (!Array.isArray(rawSkills)) {
throw new Error("Catalog index missing skills array");
}
const dedup = new Map();
for (const entry of rawSkills) {
if (!isObject(entry)) continue;
const id = normalizeSkillId(entry.id ?? entry.name);
if (!id) continue;
dedup.set(id, {
id,
name: String(entry.name ?? id),
version: String(entry.version ?? "").trim() || null,
description: String(entry.description ?? "").trim() || null,
emoji: String(entry.emoji ?? "").trim() || null,
category: String(entry.category ?? "").trim() || null,
tag: String(entry.tag ?? "").trim() || null,
trust: entry.trust ?? null,
source: "remote",
});
}
return {
version: String(payload.version ?? "").trim() || null,
updated: String(payload.updated ?? "").trim() || null,
skills: [...dedup.values()].sort((a, b) => a.id.localeCompare(b.id)),
};
}
async function loadFallbackCatalog() {
const raw = await fs.readFile(SUITE_SKILL_JSON, "utf8");
const parsed = JSON.parse(raw);
const catalogSkills = isObject(parsed?.catalog?.skills) ? parsed.catalog.skills : {};
const dedup = new Map();
for (const [rawId, meta] of Object.entries(catalogSkills)) {
const id = normalizeSkillId(rawId);
if (!id) continue;
const safeMeta = isObject(meta) ? meta : {};
dedup.set(id, {
id,
name: id,
version: null,
description: String(safeMeta.description ?? "").trim() || null,
emoji: null,
category: null,
tag: null,
trust: null,
source: "fallback",
integrated_in_suite: normalizeBoolean(safeMeta.integrated_in_suite),
requires_explicit_consent: normalizeBoolean(safeMeta.requires_explicit_consent),
default_install: normalizeBoolean(safeMeta.default_install),
});
}
return {
version: null,
updated: null,
skills: [...dedup.values()].sort((a, b) => a.id.localeCompare(b.id)),
};
}
function mergeWithFallbackMetadata(remoteSkills, fallbackSkills) {
const fallbackById = new Map(fallbackSkills.map((skill) => [skill.id, skill]));
return remoteSkills.map((skill) => {
const fallback = fallbackById.get(skill.id);
if (!fallback) {
return {
...skill,
integrated_in_suite: false,
requires_explicit_consent: false,
default_install: false,
};
}
return {
...skill,
description: skill.description || fallback.description || null,
integrated_in_suite: normalizeBoolean(fallback.integrated_in_suite),
requires_explicit_consent: normalizeBoolean(fallback.requires_explicit_consent),
default_install: normalizeBoolean(fallback.default_install),
};
});
}
async function loadRemoteCatalog(indexUrl, timeoutMs) {
if (typeof globalThis.fetch !== "function") {
throw new Error("fetch is unavailable in this runtime");
}
if (typeof globalThis.AbortController !== "function") {
throw new Error("AbortController is unavailable in this runtime");
}
const controller = new globalThis.AbortController();
const timeout = setTimeout(() => controller.abort(), timeoutMs);
try {
const response = await globalThis.fetch(indexUrl, {
method: "GET",
headers: { Accept: "application/json" },
signal: controller.signal,
});
if (!response.ok) {
throw new Error(`HTTP ${response.status} while fetching catalog`);
}
const payload = await response.json();
return normalizeRemoteSkills(payload);
} finally {
clearTimeout(timeout);
}
}
function formatFlags(skill) {
const flags = [];
if (skill.id === "clawsec-suite") {
flags.push("this suite");
}
if (skill.integrated_in_suite) {
flags.push("already integrated in suite");
}
if (skill.requires_explicit_consent) {
flags.push("explicit opt-in");
}
if (skill.default_install) {
flags.push("recommended default");
}
return flags;
}
function printHumanSummary(result) {
process.stdout.write("=== ClawSec Skill Catalog Discovery ===\n");
process.stdout.write(`Source: ${result.source}\n`);
process.stdout.write(`Index URL: ${result.index_url}\n`);
if (result.updated) {
process.stdout.write(`Catalog updated: ${result.updated}\n`);
}
if (result.warning) {
process.stdout.write(`Fallback reason: ${result.warning}\n`);
}
process.stdout.write("\nAvailable installable skills:\n");
if (!Array.isArray(result.skills) || result.skills.length === 0) {
process.stdout.write("- none\n");
return;
}
for (const skill of result.skills) {
const label = skill.version ? `${skill.id} (v${skill.version})` : skill.id;
process.stdout.write(`- ${label}\n`);
if (skill.description) {
process.stdout.write(` ${skill.description}\n`);
}
const flags = formatFlags(skill);
if (flags.length > 0) {
process.stdout.write(` notes: ${flags.join("; ")}\n`);
}
process.stdout.write(` install: npx clawhub@latest install ${skill.id}\n`);
}
}
async function discoverCatalog() {
const indexUrl = process.env.CLAWSEC_SKILLS_INDEX_URL || DEFAULT_INDEX_URL;
const timeoutMs = parseTimeoutMs();
const fallback = await loadFallbackCatalog();
try {
const remote = await loadRemoteCatalog(indexUrl, timeoutMs);
return {
source: "remote",
index_url: indexUrl,
version: remote.version,
updated: remote.updated,
skills: mergeWithFallbackMetadata(remote.skills, fallback.skills),
warning: null,
};
} catch (error) {
return {
source: "fallback",
index_url: indexUrl,
version: fallback.version,
updated: fallback.updated,
skills: fallback.skills,
warning: String(error),
};
}
}
async function main() {
const args = parseArgs(process.argv.slice(2));
const result = await discoverCatalog();
if (args.json) {
process.stdout.write(`${JSON.stringify(result, null, 2)}\n`);
return;
}
printHumanSummary(result);
}
main().catch((error) => {
process.stderr.write(`${String(error)}\n`);
process.exit(1);
});
skills/clawsec-suite/scripts/guarded_skill_install.mjs
+1 -1
View File
@@ -14,7 +14,7 @@ import {
} from "../hooks/clawsec-advisory-guardian/lib/feed.mjs";
const DEFAULT_FEED_URL =
"https://raw.githubusercontent.com/prompt-security/clawsec/main/advisories/feed.json";
"https://clawsec.prompt.security/advisories/feed.json";
const DEFAULT_SUITE_DIR = path.join(os.homedir(), ".openclaw", "skills", "clawsec-suite");
const DEFAULT_LOCAL_FEED = path.join(DEFAULT_SUITE_DIR, "advisories", "feed.json");
const DEFAULT_LOCAL_FEED_SIG = `${DEFAULT_LOCAL_FEED}.sig`;
skills/clawsec-suite/scripts/setup_advisory_cron.mjs
+1
View File
@@ -33,6 +33,7 @@ function requireOpenClawCli() {
throw new Error(
"openclaw CLI is required. Install OpenClaw and ensure `openclaw` is available in PATH. " +
`Original error: ${String(error)}`,
{ cause: error },
);
}
}
skills/clawsec-suite/scripts/setup_advisory_hook.mjs
+1
View File
@@ -37,6 +37,7 @@ function requireOpenClawCli() {
throw new Error(
"openclaw CLI is required. Install OpenClaw and ensure `openclaw` is available in PATH. " +
`Original error: ${String(error)}`,
{ cause: error },
);
}
}
skills/clawsec-suite/test/advisory_suppression.test.mjs
+368
View File
@@ -0,0 +1,368 @@
#!/usr/bin/env node
/**
* Advisory suppression tests for clawsec-suite.
*
* Tests cover:
* - isAdvisorySuppressed matching logic (exact checkId + normalized skill name)
* - Partial matches do not suppress (checkId only, skill only)
* - Empty suppressions never suppress
* - loadAdvisorySuppression sentinel gating (enabledFor: ["advisory"])
* - Missing sentinel returns empty config
* - Wrong sentinel (only "audit") returns empty config
*
* Run: node skills/clawsec-suite/test/advisory_suppression.test.mjs
*/
import fs from "node:fs/promises";
import os from "node:os";
import path from "node:path";
import { fileURLToPath } from "node:url";
const __dirname = path.dirname(fileURLToPath(import.meta.url));
const LIB_PATH = path.resolve(__dirname, "..", "hooks", "clawsec-advisory-guardian", "lib");
const { isAdvisorySuppressed, loadAdvisorySuppression } = await import(
`${LIB_PATH}/suppression.mjs`
);
let tempDir;
let passCount = 0;
let failCount = 0;
function pass(name) {
passCount++;
console.log(`\u2713 ${name}`);
}
function fail(name, error) {
failCount++;
console.error(`\u2717 ${name}`);
console.error(` ${String(error)}`);
}
async function setupTestDir() {
tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "advisory-suppression-test-"));
}
async function cleanupTestDir() {
if (tempDir) {
await fs.rm(tempDir, { recursive: true, force: true });
}
}
function makeMatch(advisoryId, skillName, version = "1.0.0") {
return {
advisory: { id: advisoryId, severity: "high", title: `Advisory ${advisoryId}` },
skill: { name: skillName, dirName: skillName, version },
matchedAffected: [`${skillName}@<=${version}`],
};
}
function makeRules(entries) {
return entries.map(([checkId, skill, reason]) => ({
checkId,
skill,
reason: reason || "Test suppression",
suppressedAt: "2026-02-15",
}));
}
// ---------------------------------------------------------------------------
// isAdvisorySuppressed tests
// ---------------------------------------------------------------------------
async function testExactMatch() {
const testName = "isAdvisorySuppressed: exact match suppresses";
try {
const match = makeMatch("CVE-2026-25593", "clawsec-suite");
const rules = makeRules([["CVE-2026-25593", "clawsec-suite"]]);
if (isAdvisorySuppressed(match, rules) === true) {
pass(testName);
} else {
fail(testName, "Expected suppression but got false");
}
} catch (error) {
fail(testName, error);
}
}
async function testCaseInsensitiveSkillMatch() {
const testName = "isAdvisorySuppressed: case-insensitive skill name match";
try {
const match = makeMatch("CVE-2026-25593", "ClawSec-Suite");
const rules = makeRules([["CVE-2026-25593", "clawsec-suite"]]);
if (isAdvisorySuppressed(match, rules) === true) {
pass(testName);
} else {
fail(testName, "Expected case-insensitive match to suppress");
}
} catch (error) {
fail(testName, error);
}
}
async function testCheckIdMismatch() {
const testName = "isAdvisorySuppressed: checkId mismatch does not suppress";
try {
const match = makeMatch("CVE-2026-99999", "clawsec-suite");
const rules = makeRules([["CVE-2026-25593", "clawsec-suite"]]);
if (isAdvisorySuppressed(match, rules) === false) {
pass(testName);
} else {
fail(testName, "Expected no suppression for mismatched checkId");
}
} catch (error) {
fail(testName, error);
}
}
async function testSkillMismatch() {
const testName = "isAdvisorySuppressed: skill mismatch does not suppress";
try {
const match = makeMatch("CVE-2026-25593", "other-skill");
const rules = makeRules([["CVE-2026-25593", "clawsec-suite"]]);
if (isAdvisorySuppressed(match, rules) === false) {
pass(testName);
} else {
fail(testName, "Expected no suppression for mismatched skill");
}
} catch (error) {
fail(testName, error);
}
}
async function testEmptySuppressions() {
const testName = "isAdvisorySuppressed: empty suppressions never suppress";
try {
const match = makeMatch("CVE-2026-25593", "clawsec-suite");
if (isAdvisorySuppressed(match, []) === false) {
pass(testName);
} else {
fail(testName, "Expected no suppression with empty rules");
}
} catch (error) {
fail(testName, error);
}
}
async function testMultipleRules() {
const testName = "isAdvisorySuppressed: multiple rules match correct one";
try {
const match = makeMatch("CLAW-2026-0001", "openclaw-audit-watchdog");
const rules = makeRules([
["CVE-2026-25593", "clawsec-suite"],
["CLAW-2026-0001", "openclaw-audit-watchdog"],
]);
if (isAdvisorySuppressed(match, rules) === true) {
pass(testName);
} else {
fail(testName, "Expected match against second rule");
}
} catch (error) {
fail(testName, error);
}
}
async function testMissingAdvisoryId() {
const testName = "isAdvisorySuppressed: missing advisory.id does not suppress";
try {
const match = {
advisory: { severity: "high", title: "No ID advisory" },
skill: { name: "clawsec-suite", dirName: "clawsec-suite", version: "1.0.0" },
matchedAffected: [],
};
const rules = makeRules([["CVE-2026-25593", "clawsec-suite"]]);
if (isAdvisorySuppressed(match, rules) === false) {
pass(testName);
} else {
fail(testName, "Expected no suppression when advisory has no id");
}
} catch (error) {
fail(testName, error);
}
}
// ---------------------------------------------------------------------------
// loadAdvisorySuppression tests
// ---------------------------------------------------------------------------
async function testLoadWithAdvisorySentinel() {
const testName = "loadAdvisorySuppression: loads config with advisory sentinel";
try {
const configFile = path.join(tempDir, "advisory-config.json");
await fs.writeFile(configFile, JSON.stringify({
enabledFor: ["advisory"],
suppressions: [{
checkId: "CVE-2026-25593",
skill: "clawsec-suite",
reason: "First-party tooling",
suppressedAt: "2026-02-15",
}],
}));
const config = await loadAdvisorySuppression(configFile);
if (config.suppressions.length === 1 && config.source === configFile) {
pass(testName);
} else {
fail(testName, `Expected 1 suppression from ${configFile}, got: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
}
}
async function testLoadWithMissingSentinel() {
const testName = "loadAdvisorySuppression: missing sentinel returns empty config";
try {
const configFile = path.join(tempDir, "no-sentinel.json");
await fs.writeFile(configFile, JSON.stringify({
suppressions: [{
checkId: "CVE-2026-25593",
skill: "clawsec-suite",
reason: "First-party tooling",
suppressedAt: "2026-02-15",
}],
}));
const config = await loadAdvisorySuppression(configFile);
if (config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Expected empty suppressions without sentinel, got: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
}
}
async function testLoadWithAuditOnlySentinel() {
const testName = "loadAdvisorySuppression: audit-only sentinel returns empty for advisory";
try {
const configFile = path.join(tempDir, "audit-only.json");
await fs.writeFile(configFile, JSON.stringify({
enabledFor: ["audit"],
suppressions: [{
checkId: "CVE-2026-25593",
skill: "clawsec-suite",
reason: "First-party tooling",
suppressedAt: "2026-02-15",
}],
}));
const config = await loadAdvisorySuppression(configFile);
if (config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Expected empty for audit-only sentinel, got: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
}
}
async function testLoadWithBothSentinels() {
const testName = "loadAdvisorySuppression: both audit+advisory sentinels activates advisory";
try {
const configFile = path.join(tempDir, "both-sentinel.json");
await fs.writeFile(configFile, JSON.stringify({
enabledFor: ["audit", "advisory"],
suppressions: [{
checkId: "CVE-2026-25593",
skill: "clawsec-suite",
reason: "First-party tooling",
suppressedAt: "2026-02-15",
}],
}));
const config = await loadAdvisorySuppression(configFile);
if (config.suppressions.length === 1) {
pass(testName);
} else {
fail(testName, `Expected 1 suppression with both sentinels, got: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
}
}
async function testLoadNonexistentExplicitPath() {
const testName = "loadAdvisorySuppression: explicit nonexistent path throws";
try {
await loadAdvisorySuppression(path.join(tempDir, "does-not-exist.json"));
fail(testName, "Expected error for nonexistent explicit path");
} catch (error) {
if (String(error).includes("not found")) {
pass(testName);
} else {
fail(testName, `Unexpected error: ${error}`);
}
}
}
async function testLoadNoConfigReturnsEmpty() {
const testName = "loadAdvisorySuppression: no config available returns empty";
try {
// Clear env var to ensure no ambient config
const savedEnv = process.env.OPENCLAW_AUDIT_CONFIG;
delete process.env.OPENCLAW_AUDIT_CONFIG;
try {
// Call without explicit path and with no env var — falls through to default paths
// which likely don't exist in test environment
const config = await loadAdvisorySuppression();
if (config.suppressions.length === 0 && config.source === "none") {
pass(testName);
} else {
fail(testName, `Expected empty config, got: ${JSON.stringify(config)}`);
}
} finally {
if (savedEnv !== undefined) process.env.OPENCLAW_AUDIT_CONFIG = savedEnv;
else delete process.env.OPENCLAW_AUDIT_CONFIG;
}
} catch (error) {
fail(testName, error);
}
}
// ---------------------------------------------------------------------------
// Main test runner
// ---------------------------------------------------------------------------
async function runAllTests() {
console.log("=== Advisory Suppression Tests ===\n");
await setupTestDir();
try {
// isAdvisorySuppressed tests
await testExactMatch();
await testCaseInsensitiveSkillMatch();
await testCheckIdMismatch();
await testSkillMismatch();
await testEmptySuppressions();
await testMultipleRules();
await testMissingAdvisoryId();
// loadAdvisorySuppression tests
await testLoadWithAdvisorySentinel();
await testLoadWithMissingSentinel();
await testLoadWithAuditOnlySentinel();
await testLoadWithBothSentinels();
await testLoadNonexistentExplicitPath();
await testLoadNoConfigReturnsEmpty();
} finally {
await cleanupTestDir();
}
console.log("");
console.log(`=== Results: ${passCount} passed, ${failCount} failed ===`);
if (failCount > 0) {
process.exit(1);
}
}
runAllTests().catch((err) => {
console.error("Test runner failed:", err);
process.exit(1);
});
skills/clawsec-suite/test/feed_verification.test.mjs
+52
View File
@@ -283,6 +283,57 @@ async function testLoadLocalFeed_ValidSignedFeed() {
}
}
// -----------------------------------------------------------------------------
// Test: loadLocalFeed - supports advisories/* checksum keys
// -----------------------------------------------------------------------------
async function testLoadLocalFeed_AdvisoriesPrefixedChecksumKeys() {
const testName = "loadLocalFeed: advisories/* checksum keys are accepted";
try {
const { publicKeyPem, privateKeyPem } = generateEd25519KeyPair();
const feedContent = createValidFeed();
const feedSignature = signPayload(feedContent, privateKeyPem);
const advisoriesDir = path.join(tempDir, "advisories");
await fs.mkdir(advisoriesDir, { recursive: true });
const checksumManifest = createChecksumManifest({
"advisories/feed.json": feedContent,
"advisories/feed.json.sig": feedSignature + "\n",
"advisories/feed-signing-public.pem": publicKeyPem,
});
const checksumSignature = signPayload(checksumManifest, privateKeyPem);
const feedPath = path.join(advisoriesDir, "feed.json");
const sigPath = path.join(advisoriesDir, "feed.json.sig");
const checksumPath = path.join(advisoriesDir, "checksums.json");
const checksumSigPath = path.join(advisoriesDir, "checksums.json.sig");
const keyPath = path.join(advisoriesDir, "feed-signing-public.pem");
await fs.writeFile(feedPath, feedContent);
await fs.writeFile(sigPath, feedSignature + "\n");
await fs.writeFile(checksumPath, checksumManifest);
await fs.writeFile(checksumSigPath, checksumSignature + "\n");
await fs.writeFile(keyPath, publicKeyPem);
const feed = await loadLocalFeed(feedPath, {
signaturePath: sigPath,
checksumsPath: checksumPath,
checksumsSignaturePath: checksumSigPath,
publicKeyPem,
verifyChecksumManifest: true,
checksumPublicKeyEntry: path.basename(keyPath),
});
if (feed && feed.version === "1.0.0" && feed.advisories.length === 1) {
pass(testName);
} else {
fail(testName, "Feed did not load with advisories/* checksum keys");
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: loadLocalFeed - tampered feed fails (fail-closed)
// -----------------------------------------------------------------------------
@@ -542,6 +593,7 @@ async function runTests() {
// Local feed loading tests
await testLoadLocalFeed_ValidSignedFeed();
await testLoadLocalFeed_AdvisoriesPrefixedChecksumKeys();
await testLoadLocalFeed_TamperedFeedFails();
await testLoadLocalFeed_MissingSignatureFails();
await testLoadLocalFeed_AllowUnsignedBypasses();
skills/clawsec-suite/test/skill_catalog_discovery.test.mjs
+250
View File
@@ -0,0 +1,250 @@
#!/usr/bin/env node
/**
* Dynamic skill catalog discovery tests for clawsec-suite.
*
* Tests cover:
* - Remote index fetch and normalization
* - Enrichment with suite-local metadata (non-breaking compatibility)
* - Fallback behavior when remote index is invalid/unavailable
*
* Run: node skills/clawsec-suite/test/skill_catalog_discovery.test.mjs
*/
import http from "node:http";
import path from "node:path";
import { spawn } from "node:child_process";
import { fileURLToPath } from "node:url";
const __dirname = path.dirname(fileURLToPath(import.meta.url));
const SCRIPT_PATH = path.resolve(__dirname, "..", "scripts", "discover_skill_catalog.mjs");
let passCount = 0;
let failCount = 0;
function pass(name) {
passCount += 1;
console.log(`${name}`);
}
function fail(name, error) {
failCount += 1;
console.error(`${name}`);
console.error(` ${String(error)}`);
}
function runCatalogScript(args, env = {}) {
return new Promise((resolve) => {
const proc = spawn("node", [SCRIPT_PATH, ...args], {
env: { ...process.env, ...env },
stdio: ["ignore", "pipe", "pipe"],
});
let stdout = "";
let stderr = "";
proc.stdout.on("data", (chunk) => {
stdout += chunk.toString();
});
proc.stderr.on("data", (chunk) => {
stderr += chunk.toString();
});
proc.on("close", (code) => {
resolve({ code, stdout, stderr });
});
});
}
function withServer(handler) {
return new Promise((resolve, reject) => {
const server = http.createServer(handler);
server.listen(0, "127.0.0.1", () => {
const addr = server.address();
if (!addr || typeof addr === "string") {
reject(new Error("Failed to bind test server"));
return;
}
resolve({
url: `http://127.0.0.1:${addr.port}`,
close: () =>
new Promise((done) => {
server.close(() => done());
}),
});
});
server.on("error", reject);
});
}
// -----------------------------------------------------------------------------
// Test: remote index is used when valid
// -----------------------------------------------------------------------------
async function testRemoteCatalogSuccess() {
const testName = "discover_skill_catalog: uses remote index when valid";
let fixture = null;
try {
fixture = await withServer((req, res) => {
if (req.url !== "/index.json") {
res.writeHead(404, { "Content-Type": "application/json" });
res.end(JSON.stringify({ error: "not found" }));
return;
}
res.writeHead(200, { "Content-Type": "application/json" });
res.end(
JSON.stringify({
version: "1.0.0",
updated: "2026-02-16T08:20:00Z",
skills: [
{
id: "soul-guardian",
name: "soul-guardian",
version: "9.9.9",
description: "Remote skill metadata",
emoji: "👻",
category: "security",
tag: "soul-guardian-v9.9.9",
},
{
id: "clawtributor",
name: "clawtributor",
version: "1.2.3",
description: "Remote clawtributor metadata",
emoji: "🤝",
category: "security",
tag: "clawtributor-v1.2.3",
},
],
}),
);
});
const result = await runCatalogScript(["--json"], {
CLAWSEC_SKILLS_INDEX_URL: `${fixture.url}/index.json`,
CLAWSEC_SKILLS_INDEX_TIMEOUT_MS: "2000",
});
if (result.code !== 0) {
fail(testName, `Expected exit 0, got ${result.code}: ${result.stderr}`);
return;
}
const payload = JSON.parse(result.stdout);
const clawtributor = payload.skills.find((entry) => entry.id === "clawtributor");
const soulGuardian = payload.skills.find((entry) => entry.id === "soul-guardian");
if (
payload.source === "remote" &&
payload.updated === "2026-02-16T08:20:00Z" &&
soulGuardian?.version === "9.9.9" &&
clawtributor?.requires_explicit_consent === true
) {
pass(testName);
} else {
fail(testName, `Unexpected payload: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.close();
}
}
}
// -----------------------------------------------------------------------------
// Test: invalid remote payload falls back to suite-local catalog
// -----------------------------------------------------------------------------
async function testInvalidRemotePayloadFallsBack() {
const testName = "discover_skill_catalog: invalid remote payload falls back";
let fixture = null;
try {
fixture = await withServer((_req, res) => {
res.writeHead(200, { "Content-Type": "application/json" });
res.end(JSON.stringify({ version: "1.0.0", note: "missing skills" }));
});
const result = await runCatalogScript(["--json"], {
CLAWSEC_SKILLS_INDEX_URL: `${fixture.url}/index.json`,
CLAWSEC_SKILLS_INDEX_TIMEOUT_MS: "2000",
});
if (result.code !== 0) {
fail(testName, `Expected exit 0, got ${result.code}: ${result.stderr}`);
return;
}
const payload = JSON.parse(result.stdout);
const hasSoulGuardian = Array.isArray(payload.skills)
? payload.skills.some((entry) => entry.id === "soul-guardian")
: false;
if (payload.source === "fallback" && hasSoulGuardian && String(payload.warning).includes("skills array")) {
pass(testName);
} else {
fail(testName, `Unexpected payload: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.close();
}
}
}
// -----------------------------------------------------------------------------
// Test: unreachable remote index falls back to suite-local catalog
// -----------------------------------------------------------------------------
async function testUnreachableRemoteFallsBack() {
const testName = "discover_skill_catalog: unreachable remote index falls back";
try {
const result = await runCatalogScript(["--json"], {
CLAWSEC_SKILLS_INDEX_URL: "http://127.0.0.1:9/index.json",
CLAWSEC_SKILLS_INDEX_TIMEOUT_MS: "250",
});
if (result.code !== 0) {
fail(testName, `Expected exit 0, got ${result.code}: ${result.stderr}`);
return;
}
const payload = JSON.parse(result.stdout);
if (payload.source === "fallback" && Array.isArray(payload.skills) && payload.skills.length > 0) {
pass(testName);
} else {
fail(testName, `Unexpected payload: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Main test runner
// -----------------------------------------------------------------------------
async function runTests() {
console.log("=== ClawSec Skill Catalog Discovery Tests ===\n");
await testRemoteCatalogSuccess();
await testInvalidRemotePayloadFallsBack();
await testUnreachableRemoteFallsBack();
console.log(`\n=== Results: ${passCount} passed, ${failCount} failed ===`);
if (failCount > 0) {
process.exit(1);
}
}
runTests().catch((error) => {
console.error("Test runner failed:", error);
process.exit(1);
});
skills/openclaw-audit-watchdog/CHANGELOG.md
+30
View File
@@ -0,0 +1,30 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [0.1.0]
### Added
- Suppression/allowlist mechanism with explicit opt-in gating (defense in depth).
- `--enable-suppressions` CLI flag for `run_audit_and_format.sh`, `render_report.mjs`, and `runner.sh`.
- `enabledFor` config sentinel -- config must declare `"enabledFor": ["audit"]` for audit suppression to activate.
- 4-tier config file resolution: explicit `--config` path > `OPENCLAW_AUDIT_CONFIG` env var > `~/.openclaw/security-audit.json` > `.clawsec/allowlist.json`.
- `INFO-SUPPRESSED` section in report output showing suppressed findings with metadata.
- Integration tests for suppression behavior (11 tests in `render_report_suppression.test.mjs`).
- Unit tests for config loading and opt-in gating (15 tests in `suppression_config.test.mjs`).
- Test fixtures: `empty-suppressions.json`, `invalid-json.json`, `malformed-config.json`.
### Changed
- `load_suppression_config.mjs` now requires explicit `{ enabled: true }` parameter -- returns empty suppressions by default.
- `render_report.mjs` passes suppression enabled state to config loader.
- Summary counts in report output are recalculated after filtering suppressed findings.
### Security
- Suppression is never active by default -- requires BOTH CLI flag AND config sentinel (defense in depth).
- Environment variables alone cannot activate suppression (prevents ambient attack vector).
skills/openclaw-audit-watchdog/README.md
+109
View File
@@ -37,6 +37,115 @@ export PROMPTSEC_HOST_LABEL="prod-agent-1"
| `PROMPTSEC_EMAIL_TO` | Email recipient for reports | `target@example.com` |
| `PROMPTSEC_HOST_LABEL` | Host identifier in reports | hostname |
| `PROMPTSEC_GIT_PULL` | Pull latest before audit (0/1) | `0` |
| `OPENCLAW_AUDIT_CONFIG` | Path to suppression config file | Auto-detected |
## Suppression / Allowlist
Manage false-positive findings with the built-in suppression mechanism. Suppressed findings remain visible in reports but are demoted to informational status and do not count toward critical/warning totals.
Suppression is **opt-in with defense in depth**: the audit pipeline requires BOTH a CLI flag AND a config-file sentinel before any finding is suppressed. This prevents accidental or unauthorized suppression.
### Activation (Two Gates)
Both of the following must be true for audit suppressions to take effect:
1. **CLI flag:** Pass `--enable-suppressions` when invoking the runner.
2. **Config sentinel:** The configuration file must contain `"enabledFor": ["audit"]` (or a list that includes `"audit"`).
If either gate is missing, the suppression list is ignored entirely and all findings are reported normally.
### Config File Resolution
The audit scanner resolves the suppression config file using this 4-tier priority:
1. `--config <path>` CLI argument (highest priority)
2. `OPENCLAW_AUDIT_CONFIG` environment variable
3. `~/.openclaw/security-audit.json`
4. `.clawsec/allowlist.json` (fallback)
### Example Configuration
```json
{
"enabledFor": ["audit"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling, reviewed 2026-02-13",
"suppressedAt": "2026-02-13"
},
{
"checkId": "skills.permissions",
"skill": "my-internal-tool",
"reason": "Broad permissions required for legitimate functionality",
"suppressedAt": "2026-02-16"
}
]
}
```
The `enabledFor` array controls which pipelines honor the suppression list:
| Value | Effect |
|-------|--------|
| `["audit"]` | Only audit suppression active (still requires `--enable-suppressions` flag) |
| `["advisory"]` | Only advisory suppression active (used by clawsec-suite) |
| `["audit", "advisory"]` | Both pipelines honor suppressions |
| Missing or `[]` | No suppression in any pipeline (safe default) |
### Required Fields per Suppression Entry
| Field | Description | Example |
|-------|-------------|---------|
| `checkId` | Audit check identifier to suppress | `skills.code_safety` |
| `skill` | Skill name the suppression applies to | `clawsec-suite` |
| `reason` | Justification for audit trail (required) | `First-party tooling, reviewed by security team` |
| `suppressedAt` | ISO 8601 date (YYYY-MM-DD) | `2026-02-15` |
**Matching:** Suppression requires an exact `checkId` match and a case-insensitive `skill` name match. Both must match for a finding to be suppressed.
### Usage
```bash
# Enable suppressions with default config location
./scripts/runner.sh --enable-suppressions
# Enable suppressions with explicit config path
./scripts/runner.sh --enable-suppressions --config /path/to/config.json
# Enable suppressions with config via environment variable
export OPENCLAW_AUDIT_CONFIG=~/.openclaw/custom-audit.json
./scripts/runner.sh --enable-suppressions
```
Without `--enable-suppressions`, the config file is not consulted for suppressions:
```bash
# Suppressions NOT active (flag missing)
./scripts/runner.sh
./scripts/runner.sh --config /path/to/config.json
```
### Report Output
Suppressed findings appear in a separate informational section:
```
CRITICAL (0):
(none)
WARNINGS (1):
[skills.network] some-skill: Unrestricted network access
INFO - SUPPRESSED (2):
[skills.code_safety] clawsec-suite: dangerous-exec detected
Reason: First-party security tooling, reviewed 2026-02-13
[skills.permissions] my-tool: Broad permission scope
Reason: Validated by security team, suppressedAt 2026-02-16
```
See `examples/security-audit-config.example.json` for a complete template.
## Scripts
skills/openclaw-audit-watchdog/SKILL.md
+194 -1
View File
@@ -1,6 +1,6 @@
---
name: openclaw-audit-watchdog
version: 0.0.4
version: 0.1.0
description: Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.
homepage: https://clawsec.prompt.security
metadata: {"openclaw":{"emoji":"🔭","category":"security"}}
@@ -64,6 +64,199 @@ Default schedule: **daily at 23:00 (11pm)** in the chosen timezone.
Delivery:
- DM to last active session
## Usage Examples
### Example 1: Quick Start (Environment Variables)
For automated/MDM deployments, set environment variables before invoking:
```bash
export PROMPTSEC_DM_CHANNEL="telegram"
export PROMPTSEC_DM_TO="@yourhandle"
export PROMPTSEC_TZ="America/New_York"
export PROMPTSEC_HOST_LABEL="prod-server-01"
# Then invoke the skill
/openclaw-audit-watchdog
```
The skill will automatically configure and create the cron job without prompts.
### Example 2: Interactive Setup
If environment variables aren't set, the skill will prompt minimally:
```
User: /openclaw-audit-watchdog
Agent: Setting up daily security audit watchdog...
What channel should I use for delivery? (e.g., telegram, slack)
User: telegram
Agent: What's the recipient ID or handle?
User: @myhandle
Agent: Which timezone for the 23:00 daily run? (default: UTC)
User: America/Los_Angeles
Agent: ✓ Created cron job "Daily security audit (Prompt Security)"
Schedule: Daily at 23:00 America/Los_Angeles
Delivery: telegram → @myhandle
```
### Example 3: Updating Existing Job
If a job already exists, the skill updates it instead of creating duplicates:
```
User: /openclaw-audit-watchdog
Agent: Found existing "Daily security audit (Prompt Security)" job.
Current: Daily at 23:00 UTC → telegram:@oldhandle
Update delivery target? (current: telegram:@oldhandle)
User: slack:#security-alerts
Agent: ✓ Updated cron job
Schedule: Daily at 23:00 UTC
Delivery: slack:#security-alerts
```
### Example 4: What Gets Delivered
Each day at the scheduled time, you'll receive a report like:
```
🔭 Daily Security Audit Report
Host: prod-server-01
Time: 2026-02-16 23:00:00 America/New_York
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
SUMMARY
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✓ Standard Audit: 12 checks passed, 2 warnings
✓ Deep Audit: 8 probes passed, 1 critical
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
CRITICAL FINDINGS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
[CRIT-001] Unencrypted API Keys Detected
→ Remediation: Move credentials to encrypted vault or use environment variables
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
WARNINGS
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
[WARN-003] Outdated Dependencies Found
→ Remediation: Run `openclaw security audit --fix` to update
[WARN-007] Weak Permission on Config File
→ Remediation: chmod 600 ~/.openclaw/config.json
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Run `openclaw security audit --deep` for full details.
```
### Example 5: Custom Schedule
Want a different schedule? Set it before invoking:
```bash
# Run every 6 hours instead of daily
export PROMPTSEC_SCHEDULE="0 */6 * * *"
/openclaw-audit-watchdog
```
### Example 6: Multiple Environments
For managing multiple servers, use different host labels:
```bash
# On dev server
export PROMPTSEC_HOST_LABEL="dev-01"
export PROMPTSEC_DM_TO="@dev-team"
/openclaw-audit-watchdog
# On prod server
export PROMPTSEC_HOST_LABEL="prod-01"
export PROMPTSEC_DM_TO="@oncall"
/openclaw-audit-watchdog
```
Each will send reports with clear host identification.
### Example 7: Suppressing Known Findings
To suppress audit findings that have been reviewed and accepted, pass the `--enable-suppressions` flag and ensure the config file includes the `"enabledFor": ["audit"]` sentinel:
```bash
# Create or edit the suppression config
cat > ~/.openclaw/security-audit.json <<'JSON'
{
"enabledFor": ["audit"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling — reviewed by security team",
"suppressedAt": "2026-02-15"
}
]
}
JSON
# Run with suppressions enabled
/openclaw-audit-watchdog --enable-suppressions
```
Suppressed findings still appear in the report under an informational section but are excluded from critical/warning totals.
## Suppression / Allowlist
The audit pipeline supports an opt-in suppression mechanism for managing reviewed findings. Suppression uses defense-in-depth activation: two independent gates must both be satisfied.
### Activation Requirements
1. **CLI flag:** The `--enable-suppressions` flag must be passed at invocation.
2. **Config sentinel:** The configuration file must include `"enabledFor"` with `"audit"` in the array.
If either gate is absent, all findings are reported normally and the suppression list is ignored.
### Config File Resolution (4-tier)
1. Explicit `--config <path>` argument
2. `OPENCLAW_AUDIT_CONFIG` environment variable
3. `~/.openclaw/security-audit.json`
4. `.clawsec/allowlist.json`
### Config Format
```json
{
"enabledFor": ["audit"],
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling — reviewed by security team",
"suppressedAt": "2026-02-15"
}
]
}
```
### Sentinel Semantics
- `"enabledFor": ["audit"]` -- audit suppression active (requires `--enable-suppressions` flag too)
- `"enabledFor": ["advisory"]` -- only advisory pipeline suppression (no effect on audit)
- `"enabledFor": ["audit", "advisory"]` -- both pipelines honor suppressions
- Missing or empty `enabledFor` -- no suppression active (safe default)
### Matching Rules
- **checkId:** exact match against the audit finding's check identifier (e.g., `skills.code_safety`)
- **skill:** case-insensitive match against the skill name from the finding
- Both fields must match for a finding to be suppressed
## Installation flow (interactive)
Provisioning (MDM-friendly): prefer environment variables (no prompts).
skills/openclaw-audit-watchdog/examples/README.md
+109
View File
@@ -0,0 +1,109 @@
# Security Audit Configuration Examples
## Overview
This directory contains example configuration files for the OpenClaw security audit suppression mechanism.
## Configuration File Format
The suppression configuration file must be valid JSON with the following structure:
```json
{
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling, reviewed 2026-02-13",
"suppressedAt": "2026-02-13"
}
]
}
```
### Required Fields
Each suppression entry must include:
- **`checkId`** (string, required): The security check identifier that flagged the finding
- Example: `"skills.code_safety"`, `"skills.permissions"`, `"skills.network"`
- **`skill`** (string, required): The exact skill name being suppressed
- Example: `"clawsec-suite"`, `"openclaw-audit-watchdog"`
- **`reason`** (string, required): Justification for the suppression (audit trail)
- Example: `"First-party security tooling, reviewed 2026-02-13"`
- Example: `"False positive - validated by security team on 2026-02-10"`
- **`suppressedAt`** (string, required): ISO 8601 date when suppression was added
- Format: `YYYY-MM-DD`
- Example: `"2026-02-13"`
### Configuration File Locations
The suppression config is loaded from these locations (in priority order):
1. **Custom path**: Specified via `--config` flag
2. **Environment variable**: `OPENCLAW_AUDIT_CONFIG` env var
3. **Primary default**: `~/.openclaw/security-audit.json`
4. **Fallback**: `.clawsec/allowlist.json`
If no config file is found, the audit runs normally without suppressions (backward compatible).
## Usage Examples
### Basic Setup
1. Copy the example config:
```bash
mkdir -p ~/.openclaw
cp security-audit-config.example.json ~/.openclaw/security-audit.json
```
2. Customize the suppressions for your needs
3. Run the audit:
```bash
openclaw security audit --deep
```
### Using Custom Config Path
```bash
openclaw security audit --deep --config /path/to/custom-config.json
```
### Managing False Positives
When you encounter a false positive:
1. Identify the `checkId` and `skill` name from the audit report
2. Add a suppression entry with a clear reason
3. Include the current date in ISO format
4. Re-run the audit to verify the suppression works
Example suppression entry:
```json
{
"checkId": "skills.permissions",
"skill": "my-internal-tool",
"reason": "Broad permissions required for legitimate functionality, approved by security team",
"suppressedAt": "2026-02-16"
}
```
## Important Notes
- **Transparency**: Suppressed findings remain visible in the audit report under "INFO - SUPPRESSED"
- **Matching**: Suppressions require BOTH `checkId` AND `skill` to match (prevents over-suppression)
- **Audit Trail**: Always document the reason and date for compliance
- **Validation**: The config is validated on load - malformed JSON will produce a clear error
## Example Use Case: First-Party Tools
The example config demonstrates suppressing false positives for ClawSec's own security tools:
- **clawsec-suite**: Legitimately executes CLI commands for security scanning
- **openclaw-audit-watchdog**: Legitimately accesses environment variables for auditing
These tools are flagged as "dangerous" by the security scanner but are safe first-party tools that have been reviewed.
skills/openclaw-audit-watchdog/examples/security-audit-config.example.json
+16
View File
@@ -0,0 +1,16 @@
{
"suppressions": [
{
"checkId": "skills.code_safety",
"skill": "clawsec-suite",
"reason": "First-party security tooling, reviewed 2026-02-13",
"suppressedAt": "2026-02-13"
},
{
"checkId": "skills.code_safety",
"skill": "openclaw-audit-watchdog",
"reason": "First-party security tooling, reviewed 2026-02-13",
"suppressedAt": "2026-02-13"
}
]
}
skills/openclaw-audit-watchdog/scripts/load_suppression_config.mjs
Executable
+227
View File
@@ -0,0 +1,227 @@
#!/usr/bin/env node
import fs from "node:fs/promises";
import path from "node:path";
import os from "node:os";
const DEFAULT_PRIMARY_PATH = path.join(os.homedir(), ".openclaw", "security-audit.json");
const DEFAULT_FALLBACK_PATH = ".clawsec/allowlist.json";
function isObject(value) {
return typeof value === "object" && value !== null && !Array.isArray(value);
}
function normalizeString(value, fallback = "") {
return String(value ?? fallback).trim();
}
function normalizeDate(value) {
const str = normalizeString(value);
if (!str) return null;
// Validate ISO 8601 date format (YYYY-MM-DD)
const iso8601Pattern = /^\d{4}-\d{2}-\d{2}$/;
if (!iso8601Pattern.test(str)) {
return null;
}
return str;
}
function validateSuppression(entry, index) {
if (!isObject(entry)) {
throw new Error(`Suppression entry at index ${index} must be an object`);
}
const checkId = normalizeString(entry.checkId);
if (!checkId) {
throw new Error(`Suppression entry at index ${index} missing required field: checkId`);
}
const skill = normalizeString(entry.skill);
if (!skill) {
throw new Error(`Suppression entry at index ${index} missing required field: skill`);
}
const reason = normalizeString(entry.reason);
if (!reason) {
throw new Error(`Suppression entry at index ${index} missing required field: reason`);
}
if (!entry.suppressedAt) {
throw new Error(`Suppression entry at index ${index} missing required field: suppressedAt`);
}
const suppressedAt = normalizeDate(entry.suppressedAt);
if (!suppressedAt) {
// Warn but don't fail - allow suppression to work with malformed date
process.stderr.write(
`Warning: Suppression entry at index ${index} has malformed date '${entry.suppressedAt}'. Expected ISO 8601 format (YYYY-MM-DD).\n`
);
}
return {
checkId,
skill,
reason,
suppressedAt: suppressedAt || normalizeString(entry.suppressedAt),
};
}
function normalizeSuppressionConfig(payload, source) {
if (!isObject(payload)) {
throw new Error(`Config file at ${source} must be a JSON object`);
}
const rawSuppressions = payload.suppressions;
if (!Array.isArray(rawSuppressions)) {
throw new Error(`Config file at ${source} missing 'suppressions' array`);
}
const suppressions = [];
for (let i = 0; i < rawSuppressions.length; i++) {
try {
const normalized = validateSuppression(rawSuppressions[i], i);
suppressions.push(normalized);
} catch (err) {
throw new Error(`Invalid suppression at index ${i} in ${source}: ${err.message}`, { cause: err });
}
}
// Extract enabledFor sentinel (array of pipeline names this config activates for)
const enabledFor = Array.isArray(payload.enabledFor)
? payload.enabledFor.filter((v) => typeof v === "string" && v.trim() !== "").map((v) => v.trim().toLowerCase())
: [];
return {
suppressions,
enabledFor,
source,
};
}
async function loadConfigFromPath(configPath) {
try {
const raw = await fs.readFile(configPath, "utf8");
const parsed = JSON.parse(raw);
return normalizeSuppressionConfig(parsed, configPath);
} catch (err) {
if (err.code === "ENOENT") {
// File doesn't exist - return null to try fallback
return null;
}
if (err.code === "EACCES") {
throw new Error(`Permission denied reading config file: ${configPath}`, { cause: err });
}
if (err instanceof SyntaxError) {
throw new Error(`Malformed JSON in config file ${configPath}: ${err.message}`, { cause: err });
}
// Re-throw validation errors or other errors
throw err;
}
}
const EMPTY_RESULT = Object.freeze({ suppressions: [], source: "none" });
/**
* Resolve config from the 4-tier priority chain.
* Returns the loaded config or null if no config found.
*/
async function resolveConfig(customPath) {
// Priority 1: Custom path provided as argument
if (customPath) {
const config = await loadConfigFromPath(customPath);
if (!config) {
throw new Error(`Custom config file not found: ${customPath}`);
}
return config;
}
// Priority 2: Environment variable
const envPath = process.env.OPENCLAW_AUDIT_CONFIG;
if (envPath) {
const config = await loadConfigFromPath(envPath);
if (!config) {
throw new Error(`Config file from OPENCLAW_AUDIT_CONFIG not found: ${envPath}`);
}
return config;
}
// Priority 3: Primary default path
const primaryConfig = await loadConfigFromPath(DEFAULT_PRIMARY_PATH);
if (primaryConfig) return primaryConfig;
// Priority 4: Fallback path
const fallbackConfig = await loadConfigFromPath(DEFAULT_FALLBACK_PATH);
if (fallbackConfig) return fallbackConfig;
return null;
}
/**
* Load suppression configuration with multi-path fallback and opt-in gating.
*
* Suppression requires explicit opt-in to prevent ambient activation:
* 1. The `enabled` flag must be true (set via --enable-suppressions CLI flag)
* 2. The config file must contain an `enabledFor` array including "audit"
*
* Without both gates, returns empty suppressions.
*
* @param {string} [customPath] - Optional custom config file path
* @param {object} [options]
* @param {boolean} [options.enabled=false] - Whether suppression is explicitly enabled
* @param {string} [options.pipeline="audit"] - Pipeline to check in enabledFor sentinel
* @returns {Promise<{suppressions: Array, source: string}>}
*/
export async function loadSuppressionConfig(customPath = null, { enabled = false, pipeline = "audit" } = {}) {
// Gate 1: suppression must be explicitly opted-in via CLI flag
if (!enabled) {
return EMPTY_RESULT;
}
const config = await resolveConfig(customPath);
if (!config) {
return EMPTY_RESULT;
}
// Gate 2: config must declare this pipeline in enabledFor sentinel
if (!Array.isArray(config.enabledFor) || !config.enabledFor.includes(pipeline)) {
return EMPTY_RESULT;
}
process.stderr.write(
`WARNING: Suppression mechanism is enabled for "${pipeline}" pipeline via --enable-suppressions flag.\n`
);
return config;
}
// CLI usage when run directly
if (import.meta.url === `file://${process.argv[1]}`) {
const args = process.argv.slice(2);
const enableFlag = args.includes("--enable-suppressions");
const customPath = args.find((a) => !a.startsWith("--")) || null;
if (!enableFlag) {
process.stdout.write("Suppression is disabled. Pass --enable-suppressions to activate.\n");
process.exit(0);
}
try {
const config = await loadSuppressionConfig(customPath, { enabled: true });
if (config.suppressions.length === 0) {
process.stdout.write("No active suppressions (config missing, no enabledFor sentinel, or empty)\n");
process.stdout.write(JSON.stringify(config, null, 2) + "\n");
process.exit(0);
}
process.stdout.write(`Config loaded successfully from: ${config.source}\n`);
process.stdout.write(`Found ${config.suppressions.length} suppression(s):\n`);
process.stdout.write(JSON.stringify(config, null, 2) + "\n");
process.exit(0);
} catch (err) {
process.stderr.write(`Error loading suppression config: ${err.message}\n`);
process.exit(1);
}
}
skills/openclaw-audit-watchdog/scripts/render_report.mjs
+147 -4
View File
@@ -3,10 +3,11 @@
* Render a human-readable security audit report from openclaw JSON.
*
* Usage:
* node render_report.mjs --audit audit.json --deep deep.json --label "host label"
* node render_report.mjs --audit audit.json --deep deep.json --label "host label" [--enable-suppressions] [--config config.json]
*/
import fs from "node:fs";
import { loadSuppressionConfig } from "./load_suppression_config.mjs";
function readJsonSafe(p, label) {
if (!p) return { findings: [], summary: {}, error: `${label} missing` };
@@ -29,15 +30,104 @@ function pickFindings(report) {
};
}
/**
* Extract skill name from a finding object.
* Tries multiple fields in priority order.
*
* @param {object} finding - The finding object
* @returns {string|null} - The skill name or null if not found
*/
function extractSkillName(finding) {
if (!finding) return null;
// Try common fields where skill name might be stored
if (finding.skill) return String(finding.skill).trim();
if (finding.skillName) return String(finding.skillName).trim();
if (finding.target) return String(finding.target).trim();
// Attempt to extract from path (e.g., "skills/my-skill/...")
if (finding.path && typeof finding.path === "string") {
const pathMatch = finding.path.match(/skills\/([^/]+)/);
if (pathMatch) return pathMatch[1];
}
// Attempt to extract from title (e.g., "[my-skill] some issue")
if (finding.title && typeof finding.title === "string") {
const titleMatch = finding.title.match(/^\[([^\]]+)\]/);
if (titleMatch) return titleMatch[1];
}
return null;
}
/**
* Filter findings into active and suppressed based on suppression config.
* Matches require BOTH checkId AND skill name to match (exact match).
*
* @param {Array} findings - Array of finding objects
* @param {Array} suppressions - Array of suppression rules
* @returns {{active: Array, suppressed: Array}}
*/
function filterFindings(findings, suppressions) {
if (!Array.isArray(findings)) {
return { active: [], suppressed: [] };
}
if (!Array.isArray(suppressions) || suppressions.length === 0) {
return { active: findings, suppressed: [] };
}
const active = [];
const suppressed = [];
for (const finding of findings) {
const checkId = finding?.checkId ?? "";
const skillName = extractSkillName(finding);
// Check if this finding matches any suppression rule
const isSuppressed = suppressions.some((rule) => {
// BOTH checkId AND skill must match (exact match, case-sensitive)
return rule.checkId === checkId && rule.skill === skillName;
});
if (isSuppressed) {
// Find the matching rule to attach suppression metadata
const matchingRule = suppressions.find(
(rule) => rule.checkId === checkId && rule.skill === skillName
);
suppressed.push({
...finding,
suppressionReason: matchingRule?.reason,
suppressedAt: matchingRule?.suppressedAt,
});
} else {
active.push(finding);
}
}
return { active, suppressed };
}
function lineForFinding(f) {
const id = f?.checkId ?? "(no-checkId)";
const skillName = extractSkillName(f);
const skillLabel = skillName ? `[${skillName}] ` : "";
const title = f?.title ?? "(no-title)";
const fix = (f?.remediation ?? "").trim();
const fixLine = fix ? `Fix: ${fix}` : "";
return `- ${id} ${title}${fixLine ? `\n ${fixLine}` : ""}`;
return `- ${id} ${skillLabel}${title}${fixLine ? `\n ${fixLine}` : ""}`;
}
function render({ audit, deep, label }) {
function lineForSuppressedFinding(f) {
const id = f?.checkId ?? "(no-checkId)";
const skillName = extractSkillName(f) ?? "(unknown-skill)";
const title = f?.title ?? "(no-title)";
const reason = f?.suppressionReason ?? "(no reason)";
const date = f?.suppressedAt ?? "(no date)";
return `- ${id} [${skillName}] ${title}\n Suppressed: ${reason} (${date})`;
}
function render({ audit, deep, label, suppressedFindings = [] }) {
const now = new Date().toISOString();
const a = pickFindings(audit);
const d = pickFindings(deep);
@@ -84,6 +174,15 @@ function render({ audit, deep, label }) {
for (const e of errors) lines.push(`- ${e}`);
}
// Show suppressed findings
if (suppressedFindings.length) {
lines.push("");
lines.push("INFO-SUPPRESSED:");
for (const f of suppressedFindings) {
lines.push(lineForSuppressedFinding(f));
}
}
return lines.join("\n");
}
@@ -94,12 +193,56 @@ function parseArgs(argv) {
if (a === "--audit") out.audit = argv[++i];
else if (a === "--deep") out.deep = argv[++i];
else if (a === "--label") out.label = argv[++i];
else if (a === "--config") out.config = argv[++i];
else if (a === "--enable-suppressions") out.enableSuppressions = true;
}
return out;
}
// Main execution
const args = parseArgs(process.argv.slice(2));
// Load suppression config (requires explicit opt-in)
const suppressionConfig = await loadSuppressionConfig(args.config || null, {
enabled: !!args.enableSuppressions,
});
const suppressions = suppressionConfig.suppressions || [];
// Read audit results
const audit = readJsonSafe(args.audit, "audit");
const deep = readJsonSafe(args.deep, "deep");
const report = render({ audit, deep, label: args.label });
// Apply suppression filtering to findings
const allFindings = [...(audit.findings || []), ...(deep.findings || [])];
const { active: activeFindings, suppressed: suppressedFindings } = filterFindings(
allFindings,
suppressions
);
// Replace findings in audit/deep with filtered active findings
if (audit.findings) {
audit.findings = activeFindings.filter((f) =>
(audit.findings || []).some((orig) => orig === f)
);
// Recalculate summary counts after filtering
audit.summary = {
critical: audit.findings.filter((f) => f?.severity === "critical").length,
warn: audit.findings.filter((f) => f?.severity === "warn").length,
info: audit.findings.filter((f) => f?.severity === "info").length,
};
}
if (deep.findings) {
deep.findings = activeFindings.filter((f) =>
(deep.findings || []).some((orig) => orig === f)
);
// Recalculate summary counts after filtering
deep.summary = {
critical: deep.findings.filter((f) => f?.severity === "critical").length,
warn: deep.findings.filter((f) => f?.severity === "warn").length,
info: deep.findings.filter((f) => f?.severity === "info").length,
};
}
// Render report with suppressed findings
const report = render({ audit, deep, label: args.label, suppressedFindings });
process.stdout.write(report + "\n");
skills/openclaw-audit-watchdog/scripts/run_audit_and_format.sh
+41 -4
View File
@@ -4,13 +4,35 @@ set -euo pipefail
# Runs openclaw security audits and prints a formatted report to stdout.
#
# Usage:
# ./run_audit_and_format.sh [--label "custom label"]
# ./run_audit_and_format.sh [--label "custom label"] [--config <path>]
show_help() {
cat <<EOF
Usage: run_audit_and_format.sh [OPTIONS]
Options:
--label <text> Custom label for the report
--config <path> Path to config file (e.g., allowlist.json)
--enable-suppressions Explicitly enable the suppression mechanism
--help Show this help message
EOF
exit 0
}
LABEL=""
CONFIG=""
ENABLE_SUPPRESSIONS=0
while [[ $# -gt 0 ]]; do
case "$1" in
--label)
LABEL="${2:-}"; shift 2 ;;
--config)
CONFIG="${2:-}"; shift 2 ;;
--enable-suppressions)
ENABLE_SUPPRESSIONS=1; shift ;;
--help)
show_help ;;
*)
echo "Unknown arg: $1" >&2
exit 2
@@ -35,14 +57,19 @@ run_audit() {
local errfile
errfile="$(mktemp "${TMPDIR%/}/openclaw_audit.XXXXXX.err")"
local config_args=()
if [[ -n "$CONFIG" ]]; then
config_args=(--config "$CONFIG")
fi
# kind is either: "audit" or "deep"
if [[ "$kind" == "audit" ]]; then
if ! openclaw security audit --json >"$outfile" 2>"$errfile"; then
if ! openclaw security audit --json "${config_args[@]}" >"$outfile" 2>"$errfile"; then
printf '{"findings":[],"summary":{"critical":0,"warn":0,"info":0},"error":"audit failed: %s"}\n' \
"$(head -n 20 "$errfile" | tr '\n' ' ')" >"$outfile"
fi
else
if ! openclaw security audit --deep --json >"$outfile" 2>"$errfile"; then
if ! openclaw security audit --deep --json "${config_args[@]}" >"$outfile" 2>"$errfile"; then
printf '{"findings":[],"summary":{"critical":0,"warn":0,"info":0},"error":"deep failed: %s"}\n' \
"$(head -n 20 "$errfile" | tr '\n' ' ')" >"$outfile"
fi
@@ -64,4 +91,14 @@ else
fi
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
node "$SCRIPT_DIR/render_report.mjs" --audit "$AUDIT_JSON" --deep "$DEEP_JSON" --label "$LABEL"
# Build args for render_report
RENDER_ARGS=(--audit "$AUDIT_JSON" --deep "$DEEP_JSON" --label "$LABEL")
if [[ "$ENABLE_SUPPRESSIONS" -eq 1 ]]; then
RENDER_ARGS+=(--enable-suppressions)
fi
if [[ -n "$CONFIG" ]]; then
RENDER_ARGS+=(--config "$CONFIG")
fi
node "$SCRIPT_DIR/render_report.mjs" "${RENDER_ARGS[@]}"
skills/openclaw-audit-watchdog/scripts/runner.sh
+20
View File
@@ -10,10 +10,24 @@ set -euo pipefail
COMPANY_EMAIL="${PROMPTSEC_EMAIL_TO:-target@example.com}"
HOST_LABEL="${PROMPTSEC_HOST_LABEL:-}"
DO_PULL="${PROMPTSEC_GIT_PULL:-0}"
ENABLE_SUPPRESSIONS=0
AUDIT_CONFIG=""
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
# Parse CLI arguments
while [[ $# -gt 0 ]]; do
case "$1" in
--enable-suppressions)
ENABLE_SUPPRESSIONS=1; shift ;;
--config)
AUDIT_CONFIG="${2:-}"; shift 2 ;;
*)
shift ;;
esac
done
if [[ "$DO_PULL" == "1" ]]; then
if command -v git >/dev/null 2>&1 && [[ -d "$ROOT_DIR/.git" ]]; then
git -C "$ROOT_DIR" pull --ff-only >/dev/null 2>&1 || true
@@ -24,6 +38,12 @@ args=( )
if [[ -n "$HOST_LABEL" ]]; then
args+=(--label "$HOST_LABEL")
fi
if [[ "$ENABLE_SUPPRESSIONS" -eq 1 ]]; then
args+=(--enable-suppressions)
fi
if [[ -n "$AUDIT_CONFIG" ]]; then
args+=(--config "$AUDIT_CONFIG")
fi
REPORT="$($SCRIPT_DIR/run_audit_and_format.sh "${args[@]}")"
SUBJECT_HOST="${HOST_LABEL:-$(hostname -s 2>/dev/null || hostname 2>/dev/null || echo unknown-host)}"
skills/openclaw-audit-watchdog/scripts/setup_cron.mjs
+14 -2
View File
@@ -52,8 +52,18 @@ function envOrEmpty(name) {
function oneline(v) {
return String(v ?? "")
.replace(/[\r\n]+/g, " ")
.replace(/\\/g, "\\\\")
.replace(/"/g, "\\\"")
.trim();
}
function escapeForShellEnvVar(v) {
return String(v ?? "")
.replace(/[\r\n]+/g, " ")
.replace(/\\/g, "\\\\")
.replace(/\$/g, "\\$")
.replace(/`/g, "\\`")
.replace(/"/g, "\\\"")
.trim();
}
@@ -66,7 +76,9 @@ function defaultInstallDir() {
}
function buildAgentMessage({ dmChannel, dmTo, hostLabel, installDir }) {
const safeDir = oneline(installDir || "");
const safeDir = escapeForShellEnvVar(installDir || "");
const escapedHostLabel = escapeForShellEnvVar(hostLabel);
return [
"Run daily openclaw security audits and deliver report (DM + email).",
"",
@@ -74,7 +86,7 @@ function buildAgentMessage({ dmChannel, dmTo, hostLabel, installDir }) {
`Email: ${COMPANY_EMAIL} (local sendmail)`,
"",
"Execute:",
`- Run via exec: cd "${safeDir}" && PROMPTSEC_HOST_LABEL="${oneline(hostLabel)}" ./scripts/runner.sh`,
`- Run via exec: cd "${safeDir}" && PROMPTSEC_HOST_LABEL="${escapedHostLabel}" ./scripts/runner.sh`,
"",
"Output requirements:",
"- Print the report to stdout (cron deliver will DM it).",
skills/openclaw-audit-watchdog/skill.json
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "openclaw-audit-watchdog",
"version": "0.0.4",
"version": "0.1.0",
"description": "Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.",
"author": "prompt-security",
"license": "MIT",
skills/openclaw-audit-watchdog/test/E2E-TEST-RESULTS.md
+145
View File
@@ -0,0 +1,145 @@
# E2E Test Results: Suppression Mechanism
## Test Date
2026-02-16
## Test Overview
Manual end-to-end test of the security audit suppression mechanism using mock audit data that simulates real openclaw security audit output.
## Test Setup
### Mock Data Created
1. **mock-audit.json**: Simulates standard audit findings
- 1 critical finding from `clawsec-suite` (code_safety check)
- 1 warning finding from `example-skill` (permissions check)
2. **mock-deep.json**: Simulates deep scan findings
- 1 critical finding from `openclaw-audit-watchdog` (code_safety check)
- 1 warning finding from `network-tool` (network check)
3. **suppression-config.json**: Suppression rules
- Suppress `skills.code_safety` + `clawsec-suite`
- Suppress `skills.code_safety` + `openclaw-audit-watchdog`
## Test Execution
### Test 1: Baseline (No Suppression)
**Command:**
```bash
node render_report.mjs --audit mock-audit.json --deep mock-deep.json --label "No Suppression"
```
**Expected Behavior:**
- All findings appear in report
- 2 critical findings shown
- 2 warning findings shown
**Result:** ✅ PASSED
- Summary showed: 1 critical · 1 warn
- All findings displayed in critical/warn section
- Skill names displayed: [clawsec-suite], [example-skill]
### Test 2: With Suppression Config
**Command:**
```bash
node render_report.mjs --audit mock-audit.json --deep mock-deep.json \
--label "With Suppression" --config suppression-config.json
```
**Expected Behavior:**
- Suppressed findings appear in INFO-SUPPRESSED section
- Summary counts exclude suppressed findings
- Suppression reason and date displayed
- Non-suppressed findings remain in active section
**Result:** ✅ PASSED
**Verification Points:**
1. ✅ INFO-SUPPRESSED section present
2. ✅ Suppression reason displayed: "First-party security tooling, reviewed 2026-02-16"
3. ✅ Suppression date displayed: "2026-02-16"
4. ✅ clawsec-suite finding suppressed and shown with [clawsec-suite] label
5. ✅ openclaw-audit-watchdog finding suppressed and shown with [openclaw-audit-watchdog] label
6. ✅ Non-suppressed findings still present: [example-skill] permission warning
7. ✅ Critical count reduced to 0 (was 1, now suppressed)
8. ✅ Warning count remains 1 (non-suppressed finding)
## Sample Output
### Without Suppression
```
openclaw security audit report -- No Suppression
Time: 2026-02-16T13:55:39.984Z
Summary: 1 critical · 1 warn · 0 info
Findings (critical/warn):
- skills.code_safety [clawsec-suite] Dangerous code execution pattern detected
Fix: Review code execution patterns
- skills.permissions [example-skill] Broad permission scope detected
Fix: Reduce permission scope
```
### With Suppression
```
openclaw security audit report -- With Suppression
Time: 2026-02-16T13:55:40.017Z
Summary: 0 critical · 1 warn · 0 info
Findings (critical/warn):
- skills.permissions [example-skill] Broad permission scope detected
Fix: Reduce permission scope
INFO-SUPPRESSED:
- skills.code_safety [clawsec-suite] Dangerous code execution pattern detected
Suppressed: First-party security tooling, reviewed 2026-02-16 (2026-02-16)
- skills.code_safety [openclaw-audit-watchdog] Environment variable access detected
Suppressed: First-party audit watchdog, reviewed 2026-02-16 (2026-02-16)
```
## Key Findings
### ✅ Successes
1. **Config Loading**: Suppression config loaded successfully from custom path
2. **Matching Logic**: Findings correctly matched by BOTH checkId AND skill name
3. **Filtering**: Suppressed findings excluded from critical/warning counts
4. **Transparency**: Suppressed findings remain visible in INFO-SUPPRESSED section
5. **Audit Trail**: Reason and date displayed for each suppression
6. **Backward Compatibility**: Running without config works identically to before
7. **Skill Name Display**: Skill names now displayed in both active and suppressed sections
### 🔧 Improvements Made During Testing
1. **Bug Fix**: Added --config flag passthrough in run_audit_and_format.sh
- Script was accepting --config but not passing it to render_report.mjs
- Fixed by building RENDER_ARGS array with conditional --config inclusion
2. **Enhancement**: Added skill name display to active findings
- Improves consistency between active and suppressed findings
- Makes it clearer which skill each finding comes from
- Format: `[skill-name]` appears after checkId in output
## Test Automation
Created `run-e2e-test.mjs` script for automated E2E validation with 8 verification points:
- Baseline report correctness
- INFO-SUPPRESSED section presence
- Suppression reason display
- Suppression date display
- clawsec-suite suppression
- openclaw-audit-watchdog suppression
- Non-suppressed findings preservation
- Summary count accuracy
## Conclusion
**All E2E tests PASSED**
The suppression mechanism is working correctly end-to-end:
- Configuration loads from custom paths
- Matching requires both checkId and skill name (prevents over-suppression)
- Suppressed findings remain visible with full audit trail
- Summary counts accurately reflect only active findings
- Non-suppressed findings continue to be reported normally
- Skill names provide clear context for all findings
## Next Steps
1. ✅ Integration tests verified (10/10 passing)
2. ✅ E2E test completed and documented
3. ⏭️ Proceed to documentation phase (Phase 5)
skills/openclaw-audit-watchdog/test/empty-suppressions.json
+3
View File
@@ -0,0 +1,3 @@
{
"suppressions": []
}
skills/openclaw-audit-watchdog/test/invalid-json.json
+5
View File
@@ -0,0 +1,5 @@
{
"suppressions": [
invalid json here
]
}
skills/openclaw-audit-watchdog/test/malformed-config.json
+8
View File
@@ -0,0 +1,8 @@
{
"suppressions": [
{
"checkId": "test.check",
"skill": "test-skill"
}
]
}
skills/openclaw-audit-watchdog/test/render_report_suppression.test.mjs
Executable
+773
View File
@@ -0,0 +1,773 @@
#!/usr/bin/env node
/**
* Integration tests for render_report with suppression mechanism.
*
* Tests cover:
* - Suppressed findings appear in INFO-SUPPRESSED section
* - Active findings appear in CRITICAL/WARN section
* - Summary counts exclude suppressed findings
* - Backward compatibility (no config)
* - Partial matches don't suppress
* - Multiple suppressions
* - Skill name extraction from different fields
*
* Run: node skills/openclaw-audit-watchdog/test/render_report_suppression.test.mjs
*/
import fs from "node:fs/promises";
import os from "node:os";
import path from "node:path";
import { spawn } from "node:child_process";
import { fileURLToPath } from "node:url";
import { execSync } from "node:child_process";
const __dirname = path.dirname(fileURLToPath(import.meta.url));
const SCRIPT_PATH = path.resolve(__dirname, "..", "scripts", "render_report.mjs");
// Find node executable (may not be in PATH in restricted environments)
let NODE_BIN = "node";
try {
NODE_BIN = execSync("which node 2>/dev/null || echo /opt/homebrew/bin/node", {
encoding: "utf8",
}).trim();
} catch {
NODE_BIN = "/opt/homebrew/bin/node";
}
let tempDir;
let passCount = 0;
let failCount = 0;
function pass(name) {
passCount++;
console.log(`${name}`);
}
function fail(name, error) {
failCount++;
console.error(`${name}`);
console.error(` ${String(error)}`);
}
async function setupTestDir() {
tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "render-report-test-"));
}
async function cleanupTestDir() {
if (tempDir) {
await fs.rm(tempDir, { recursive: true, force: true });
}
}
function createAuditJson(findings) {
return JSON.stringify({
findings: findings,
summary: {
critical: findings.filter((f) => f.severity === "critical").length,
warn: findings.filter((f) => f.severity === "warn").length,
info: findings.filter((f) => f.severity === "info").length,
},
});
}
function createConfigJson(suppressions, enabledFor = ["audit"]) {
return JSON.stringify({
enabledFor,
suppressions,
});
}
async function runRenderReport(args) {
return new Promise((resolve) => {
const proc = spawn(NODE_BIN, [SCRIPT_PATH, ...args], {
stdio: ["ignore", "pipe", "pipe"],
});
let stdout = "";
let stderr = "";
proc.stdout.on("data", (data) => {
stdout += data.toString();
});
proc.stderr.on("data", (data) => {
stderr += data.toString();
});
proc.on("close", (code) => {
resolve({ code, stdout, stderr });
});
});
}
// -----------------------------------------------------------------------------
// Test: Suppressed findings appear in INFO-SUPPRESSED section
// -----------------------------------------------------------------------------
async function testSuppressedFindingsDisplayed() {
const testName = "render_report: suppressed findings appear in INFO-SUPPRESSED section";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
if (
result.stdout.includes("INFO-SUPPRESSED:") &&
result.stdout.includes("dangerous-exec detected") &&
result.stdout.includes("First-party security tooling") &&
result.stdout.includes("2026-02-13")
) {
pass(testName);
} else {
fail(testName, `Missing INFO-SUPPRESSED section or metadata: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Active findings appear in CRITICAL/WARN section
// -----------------------------------------------------------------------------
async function testActiveFindingsDisplayed() {
const testName = "render_report: active findings appear in CRITICAL/WARN section";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "malicious-skill",
title: "dangerous-exec detected",
},
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected in clawsec",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Check that the non-suppressed finding appears in active section
// and the suppressed finding appears in INFO-SUPPRESSED section
const hasActiveFindings = result.stdout.includes("Findings (critical/warn):");
const hasInfoSuppressed = result.stdout.includes("INFO-SUPPRESSED:");
const hasClawsecInSuppressed = result.stdout.includes("dangerous-exec detected in clawsec");
if (hasActiveFindings && hasInfoSuppressed && hasClawsecInSuppressed) {
pass(testName);
} else {
fail(testName, `Missing active findings or suppressed section: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Summary counts exclude suppressed findings
// -----------------------------------------------------------------------------
async function testSummaryExcludesSuppressed() {
const testName = "render_report: summary counts exclude suppressed findings";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
{
severity: "critical",
checkId: "skills.code_safety",
skill: "openclaw-audit-watchdog",
title: "dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
{
checkId: "skills.code_safety",
skill: "openclaw-audit-watchdog",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Summary should show 0 critical (both suppressed)
if (
result.stdout.includes("Summary: 0 critical") &&
result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Summary should show 0 critical: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Backward compatibility (no config)
// -----------------------------------------------------------------------------
async function testBackwardCompatibilityNoConfig() {
const testName = "render_report: backward compatibility without config file";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
const result = await runRenderReport(["--audit", auditFile, "--deep", deepFile]);
// Without config, findings should appear in critical section, NOT suppressed
if (
result.stdout.includes("Summary: 1 critical") &&
result.stdout.includes("Findings (critical/warn):") &&
!result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Findings should not be suppressed without config: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Partial matches don't suppress (checkId only)
// -----------------------------------------------------------------------------
async function testPartialMatchCheckIdOnly() {
const testName = "render_report: partial match (checkId only) does not suppress";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "different-skill",
title: "dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Finding should NOT be suppressed (skill name mismatch)
if (
result.stdout.includes("Summary: 1 critical") &&
result.stdout.includes("Findings (critical/warn):") &&
!result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Partial match should not suppress: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Partial matches don't suppress (skill only)
// -----------------------------------------------------------------------------
async function testPartialMatchSkillOnly() {
const testName = "render_report: partial match (skill only) does not suppress";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "different.check",
skill: "clawsec-suite",
title: "some finding",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Finding should NOT be suppressed (checkId mismatch)
if (
result.stdout.includes("Summary: 1 critical") &&
result.stdout.includes("Findings (critical/warn):") &&
!result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Partial match should not suppress: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Multiple suppressions work correctly
// -----------------------------------------------------------------------------
async function testMultipleSuppressions() {
const testName = "render_report: multiple suppressions work correctly";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
{
severity: "critical",
checkId: "skills.env_harvesting",
skill: "openclaw-audit-watchdog",
title: "env access detected",
},
{
severity: "critical",
checkId: "skills.code_safety",
skill: "malicious-skill",
title: "dangerous-exec in bad skill",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
{
checkId: "skills.env_harvesting",
skill: "openclaw-audit-watchdog",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Should have 1 critical (malicious-skill), 2 suppressed
const hasCorrectSummary = result.stdout.includes("Summary: 1 critical");
const hasActiveFindings = result.stdout.includes("dangerous-exec in bad skill");
const hasSuppressed = result.stdout.includes("INFO-SUPPRESSED:");
const hasSuppressed1 = result.stdout.includes("dangerous-exec detected");
const hasSuppressed2 = result.stdout.includes("env access detected");
if (hasCorrectSummary && hasActiveFindings && hasSuppressed && hasSuppressed1 && hasSuppressed2) {
pass(testName);
} else {
fail(testName, `Multiple suppressions not working correctly: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Skill name extraction from path field
// -----------------------------------------------------------------------------
async function testSkillNameExtractionFromPath() {
const testName = "render_report: skill name extraction from path field";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
path: "skills/clawsec-suite/some-file.js",
title: "dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Should suppress based on path extraction
if (
result.stdout.includes("Summary: 0 critical") &&
result.stdout.includes("INFO-SUPPRESSED:") &&
result.stdout.includes("dangerous-exec detected")
) {
pass(testName);
} else {
fail(testName, `Skill name extraction from path failed: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Skill name extraction from title field
// -----------------------------------------------------------------------------
async function testSkillNameExtractionFromTitle() {
const testName = "render_report: skill name extraction from title field";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
title: "[clawsec-suite] dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Should suppress based on title extraction
if (
result.stdout.includes("Summary: 0 critical") &&
result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Skill name extraction from title failed: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Empty suppressions array works (no suppressions applied)
// -----------------------------------------------------------------------------
async function testEmptySuppressions() {
const testName = "render_report: empty suppressions array behaves like no config";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson([]));
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--enable-suppressions",
"--config",
configFile,
]);
// Should NOT suppress with empty suppressions array
if (
result.stdout.includes("Summary: 1 critical") &&
result.stdout.includes("Findings (critical/warn):") &&
!result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Empty suppressions should not suppress findings: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: Config without --enable-suppressions flag does NOT suppress
// -----------------------------------------------------------------------------
async function testConfigWithoutEnableFlagDoesNotSuppress() {
const testName = "render_report: config without --enable-suppressions flag does not suppress";
try {
const auditFile = path.join(tempDir, "audit.json");
const deepFile = path.join(tempDir, "deep.json");
const configFile = path.join(tempDir, "config.json");
const findings = [
{
severity: "critical",
checkId: "skills.code_safety",
skill: "clawsec-suite",
title: "dangerous-exec detected",
},
];
const suppressions = [
{
checkId: "skills.code_safety",
skill: "clawsec-suite",
reason: "First-party security tooling",
suppressedAt: "2026-02-13",
},
];
await fs.writeFile(auditFile, createAuditJson(findings));
await fs.writeFile(deepFile, createAuditJson([]));
await fs.writeFile(configFile, createConfigJson(suppressions));
// Pass --config but NOT --enable-suppressions
const result = await runRenderReport([
"--audit",
auditFile,
"--deep",
deepFile,
"--config",
configFile,
]);
// Findings should NOT be suppressed without the explicit opt-in flag
if (
result.stdout.includes("Summary: 1 critical") &&
result.stdout.includes("Findings (critical/warn):") &&
!result.stdout.includes("INFO-SUPPRESSED:")
) {
pass(testName);
} else {
fail(testName, `Config alone should not suppress without --enable-suppressions: ${result.stdout}`);
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Main test runner
// -----------------------------------------------------------------------------
async function runAllTests() {
await setupTestDir();
try {
await testSuppressedFindingsDisplayed();
await testActiveFindingsDisplayed();
await testSummaryExcludesSuppressed();
await testBackwardCompatibilityNoConfig();
await testPartialMatchCheckIdOnly();
await testPartialMatchSkillOnly();
await testMultipleSuppressions();
await testSkillNameExtractionFromPath();
await testSkillNameExtractionFromTitle();
await testEmptySuppressions();
await testConfigWithoutEnableFlagDoesNotSuppress();
} finally {
await cleanupTestDir();
}
console.log("");
console.log(`Passed: ${passCount}`);
console.log(`Failed: ${failCount}`);
if (failCount > 0) {
process.exit(1);
}
}
runAllTests().catch((err) => {
console.error("Test runner failed:", err);
process.exit(1);
});
skills/openclaw-audit-watchdog/test/suppression_config.test.mjs
Executable
+687
View File
@@ -0,0 +1,687 @@
#!/usr/bin/env node
/**
* Suppression config loading tests for openclaw-audit-watchdog.
*
* Tests cover:
* - Valid config file loading and normalization
* - Required field validation
* - Date format validation with graceful fallback
* - Malformed JSON error handling
* - File not found graceful fallback
* - Multi-path priority (custom path > env var > primary > fallback)
* - Opt-in gate (enabled flag must be true)
* - enabledFor sentinel validation
*
* Run: node skills/openclaw-audit-watchdog/test/suppression_config.test.mjs
*/
import fs from "node:fs/promises";
import path from "node:path";
import os from "node:os";
import { loadSuppressionConfig } from "../scripts/load_suppression_config.mjs";
let passCount = 0;
let failCount = 0;
function pass(name) {
passCount += 1;
console.log(`\u2713 ${name}`);
}
function fail(name, error) {
failCount += 1;
console.error(`\u2717 ${name}`);
console.error(` ${String(error)}`);
}
async function withTempFile(content) {
const tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-test-"));
const tmpFile = path.join(tmpDir, "test-config.json");
await fs.writeFile(tmpFile, content, "utf8");
return {
path: tmpFile,
cleanup: async () => {
try {
await fs.rm(tmpDir, { recursive: true, force: true });
} catch {
// Ignore cleanup errors
}
},
};
}
async function withEnv(key, value, fn) {
const oldValue = process.env[key];
try {
if (value === undefined) {
delete process.env[key];
} else {
process.env[key] = value;
}
return await fn();
} finally {
if (oldValue === undefined) {
delete process.env[key];
} else {
process.env[key] = oldValue;
}
}
}
/** Suppress stderr output during a function call (avoids noisy warnings in test output). */
async function silenceStderr(fn) {
const original = process.stderr.write;
process.stderr.write = () => true;
try {
return await fn();
} finally {
process.stderr.write = original;
}
}
/** Create a valid config JSON string with enabledFor sentinel. */
function makeConfig(suppressions, enabledFor = ["audit"]) {
return JSON.stringify({ enabledFor, suppressions });
}
// -----------------------------------------------------------------------------
// Test: valid config with all required fields
// -----------------------------------------------------------------------------
async function testValidConfig() {
const testName = "loadSuppressionConfig: loads valid config with all required fields";
let fixture = null;
try {
const validConfig = makeConfig([
{
checkId: "SCAN-001",
skill: "soul-guardian",
reason: "False positive - reviewed by security team",
suppressedAt: "2026-02-15",
},
{
checkId: "SCAN-002",
skill: "clawtributor",
reason: "Accepted risk for legacy code",
suppressedAt: "2026-02-14",
},
]);
fixture = await withTempFile(validConfig);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (
config.source === fixture.path &&
config.suppressions.length === 2 &&
config.suppressions[0].checkId === "SCAN-001" &&
config.suppressions[0].skill === "soul-guardian" &&
config.suppressions[0].reason === "False positive - reviewed by security team" &&
config.suppressions[0].suppressedAt === "2026-02-15" &&
config.suppressions[1].checkId === "SCAN-002" &&
config.suppressions[1].skill === "clawtributor"
) {
pass(testName);
} else {
fail(testName, `Unexpected config: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: malformed date warns but doesn't fail
// -----------------------------------------------------------------------------
async function testMalformedDateWarning() {
const testName = "loadSuppressionConfig: malformed date warns but doesn't fail";
let fixture = null;
try {
const configWithBadDate = makeConfig([
{
checkId: "SCAN-003",
skill: "soul-guardian",
reason: "Test suppression",
suppressedAt: "02/15/2026",
},
]);
fixture = await withTempFile(configWithBadDate);
// Capture stderr to check for warning
let stderrOutput = "";
const originalStderrWrite = process.stderr.write;
process.stderr.write = function (chunk) {
stderrOutput += chunk.toString();
return true;
};
try {
const config = await loadSuppressionConfig(fixture.path, { enabled: true });
if (
config.suppressions.length === 1 &&
config.suppressions[0].checkId === "SCAN-003" &&
config.suppressions[0].suppressedAt === "02/15/2026" &&
stderrOutput.includes("Warning") &&
stderrOutput.includes("malformed date")
) {
pass(testName);
} else {
fail(testName, `Expected warning but got: ${stderrOutput}`);
}
} finally {
process.stderr.write = originalStderrWrite;
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: missing required field fails
// -----------------------------------------------------------------------------
async function testMissingRequiredField() {
const testName = "loadSuppressionConfig: missing required field fails";
let fixture = null;
try {
const configMissingReason = makeConfig([
{
checkId: "SCAN-004",
skill: "soul-guardian",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(configMissingReason);
try {
await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
fail(testName, "Expected error for missing required field");
} catch (err) {
if (err.message.includes("missing required field: reason")) {
pass(testName);
} else {
fail(testName, `Wrong error message: ${err.message}`);
}
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: malformed JSON fails
// -----------------------------------------------------------------------------
async function testMalformedJSON() {
const testName = "loadSuppressionConfig: malformed JSON fails";
let fixture = null;
try {
const invalidJSON = "{ suppressions: [ { not valid json } ] }";
fixture = await withTempFile(invalidJSON);
try {
await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
fail(testName, "Expected error for malformed JSON");
} catch (err) {
if (err.message.includes("Malformed JSON")) {
pass(testName);
} else {
fail(testName, `Wrong error message: ${err.message}`);
}
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: file not found returns empty suppressions
// -----------------------------------------------------------------------------
async function testFileNotFoundGracefulFallback() {
const testName = "loadSuppressionConfig: file not found returns empty suppressions";
try {
await withEnv("OPENCLAW_AUDIT_CONFIG", undefined, async () => {
const nonExistentPath1 = path.join(os.homedir(), ".openclaw", "non-existent-12345.json");
// Ensure path does not exist
try {
await fs.access(nonExistentPath1);
fail(testName, "Test precondition failed: primary path should not exist");
return;
} catch {
// Expected - file should not exist
}
const config = await silenceStderr(() =>
loadSuppressionConfig(null, { enabled: true })
);
if (config.source === "none" && Array.isArray(config.suppressions) && config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Expected empty suppressions but got: ${JSON.stringify(config)}`);
}
});
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: custom path has highest priority
// -----------------------------------------------------------------------------
async function testCustomPathPriority() {
const testName = "loadSuppressionConfig: custom path has highest priority";
let fixture = null;
try {
const customConfig = makeConfig([
{
checkId: "CUSTOM-001",
skill: "custom-skill",
reason: "Custom path config",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(customConfig);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (
config.source === fixture.path &&
config.suppressions.length === 1 &&
config.suppressions[0].checkId === "CUSTOM-001"
) {
pass(testName);
} else {
fail(testName, `Unexpected config: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: environment variable override
// -----------------------------------------------------------------------------
async function testEnvironmentVariableOverride() {
const testName = "loadSuppressionConfig: environment variable overrides default paths";
let fixture = null;
try {
const envConfig = makeConfig([
{
checkId: "ENV-001",
skill: "env-skill",
reason: "Environment variable config",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(envConfig);
await withEnv("OPENCLAW_AUDIT_CONFIG", fixture.path, async () => {
const config = await silenceStderr(() =>
loadSuppressionConfig(null, { enabled: true })
);
if (
config.source === fixture.path &&
config.suppressions.length === 1 &&
config.suppressions[0].checkId === "ENV-001"
) {
pass(testName);
} else {
fail(testName, `Unexpected config: ${JSON.stringify(config)}`);
}
});
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: missing suppressions array fails
// -----------------------------------------------------------------------------
async function testMissingSuppressions() {
const testName = "loadSuppressionConfig: missing suppressions array fails";
let fixture = null;
try {
const configWithoutSuppressions = JSON.stringify({
enabledFor: ["audit"],
note: "This config is missing the suppressions array",
});
fixture = await withTempFile(configWithoutSuppressions);
try {
await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
fail(testName, "Expected error for missing suppressions array");
} catch (err) {
if (err.message.includes("missing 'suppressions' array")) {
pass(testName);
} else {
fail(testName, `Wrong error message: ${err.message}`);
}
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: empty suppressions array is valid
// -----------------------------------------------------------------------------
async function testEmptySuppressions() {
const testName = "loadSuppressionConfig: empty suppressions array is valid";
let fixture = null;
try {
const emptyConfig = makeConfig([], ["audit"]);
fixture = await withTempFile(emptyConfig);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (config.source === fixture.path && config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Unexpected config: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) {
await fixture.cleanup();
}
}
}
// -----------------------------------------------------------------------------
// Test: custom path not found throws error
// -----------------------------------------------------------------------------
async function testCustomPathNotFoundFails() {
const testName = "loadSuppressionConfig: custom path not found throws error";
try {
const nonExistentPath = path.join(os.tmpdir(), "absolutely-does-not-exist-12345.json");
try {
await silenceStderr(() =>
loadSuppressionConfig(nonExistentPath, { enabled: true })
);
fail(testName, "Expected error for custom path not found");
} catch (err) {
if (err.message.includes("Custom config file not found")) {
pass(testName);
} else {
fail(testName, `Wrong error message: ${err.message}`);
}
}
} catch (error) {
fail(testName, error);
}
}
// -----------------------------------------------------------------------------
// Test: disabled by default (enabled flag not set)
// -----------------------------------------------------------------------------
async function testDisabledByDefault() {
const testName = "loadSuppressionConfig: returns empty when enabled flag is not set";
let fixture = null;
try {
const validConfig = makeConfig([
{
checkId: "SCAN-001",
skill: "test-skill",
reason: "Should not be loaded",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(validConfig);
// Custom path provided but enabled=false (default)
const config1 = await loadSuppressionConfig(fixture.path);
if (config1.source !== "none" || config1.suppressions.length !== 0) {
fail(testName, "Custom path should be ignored when enabled is not set");
return;
}
// Env var set but enabled=false (default)
await withEnv("OPENCLAW_AUDIT_CONFIG", fixture.path, async () => {
const config2 = await loadSuppressionConfig();
if (config2.source !== "none" || config2.suppressions.length !== 0) {
fail(testName, "Env var should be ignored when enabled is not set");
return;
}
});
pass(testName);
} catch (error) {
fail(testName, error);
} finally {
if (fixture) await fixture.cleanup();
}
}
// -----------------------------------------------------------------------------
// Test: enabled explicitly loads config
// -----------------------------------------------------------------------------
async function testEnabledExplicitly() {
const testName = "loadSuppressionConfig: loads config when explicitly enabled with sentinel";
let fixture = null;
try {
const validConfig = makeConfig([
{
checkId: "SCAN-001",
skill: "test-skill",
reason: "Should be loaded",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(validConfig);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (config.source === fixture.path && config.suppressions.length === 1) {
pass(testName);
} else {
fail(testName, `Expected config to be loaded: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) await fixture.cleanup();
}
}
// -----------------------------------------------------------------------------
// Test: env var alone does not activate suppression
// -----------------------------------------------------------------------------
async function testEnvVarAloneDoesNotActivate() {
const testName = "loadSuppressionConfig: OPENCLAW_AUDIT_CONFIG alone does not activate suppression";
let fixture = null;
try {
const validConfig = makeConfig([
{
checkId: "ENV-ATTACK",
skill: "target-skill",
reason: "Attacker suppression",
suppressedAt: "2026-02-15",
},
]);
fixture = await withTempFile(validConfig);
await withEnv("OPENCLAW_AUDIT_CONFIG", fixture.path, async () => {
// Without enabled: true, env var should be ignored
const config = await loadSuppressionConfig(null, { enabled: false });
if (config.source === "none" && config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Env var should not activate suppression: ${JSON.stringify(config)}`);
}
});
} catch (error) {
fail(testName, error);
} finally {
if (fixture) await fixture.cleanup();
}
}
// -----------------------------------------------------------------------------
// Test: missing enabledFor sentinel returns empty
// -----------------------------------------------------------------------------
async function testMissingSentinel() {
const testName = "loadSuppressionConfig: missing enabledFor sentinel returns empty";
let fixture = null;
try {
// Config has suppressions but NO enabledFor field
const configNoSentinel = JSON.stringify({
suppressions: [
{
checkId: "SCAN-001",
skill: "test-skill",
reason: "Should not activate",
suppressedAt: "2026-02-15",
},
],
});
fixture = await withTempFile(configNoSentinel);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (config.source === "none" && config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Missing sentinel should return empty: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) await fixture.cleanup();
}
}
// -----------------------------------------------------------------------------
// Test: wrong enabledFor sentinel returns empty
// -----------------------------------------------------------------------------
async function testWrongSentinel() {
const testName = "loadSuppressionConfig: wrong enabledFor sentinel returns empty for audit";
let fixture = null;
try {
// Config has enabledFor: ["advisory"] but not "audit"
const configWrongSentinel = makeConfig(
[
{
checkId: "SCAN-001",
skill: "test-skill",
reason: "Should not activate for audit",
suppressedAt: "2026-02-15",
},
],
["advisory"]
);
fixture = await withTempFile(configWrongSentinel);
const config = await silenceStderr(() =>
loadSuppressionConfig(fixture.path, { enabled: true })
);
if (config.source === "none" && config.suppressions.length === 0) {
pass(testName);
} else {
fail(testName, `Wrong sentinel should return empty: ${JSON.stringify(config)}`);
}
} catch (error) {
fail(testName, error);
} finally {
if (fixture) await fixture.cleanup();
}
}
// -----------------------------------------------------------------------------
// Main test runner
// -----------------------------------------------------------------------------
async function runTests() {
console.log("=== OpenClaw Audit Watchdog - Suppression Config Tests ===\n");
await testValidConfig();
await testMalformedDateWarning();
await testMissingRequiredField();
await testMalformedJSON();
await testFileNotFoundGracefulFallback();
await testCustomPathPriority();
await testEnvironmentVariableOverride();
await testMissingSuppressions();
await testEmptySuppressions();
await testCustomPathNotFoundFails();
await testDisabledByDefault();
await testEnabledExplicitly();
await testEnvVarAloneDoesNotActivate();
await testMissingSentinel();
await testWrongSentinel();
console.log(`\n=== Results: ${passCount} passed, ${failCount} failed ===`);
if (failCount > 0) {
process.exit(1);
}
}
runTests().catch((error) => {
console.error("Test runner failed:", error);
process.exit(1);
});