UNPKG

@openguardrails/moltguard

Version:

AI agent security plugin for OpenClaw: prompt injection detection, PII sanitization, and monitoring dashboard

github.com/openguardrails/openguardrails/tree/main/moltguard

openguardrails/openguardrails

137 lines 4.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
/** * File System Watcher for Auto-Scanning * * Monitors workspace .md files for changes and triggers automatic security scans. * Debounces rapid changes to avoid excessive scanning. */ import fs from "node:fs"; import path from "node:path"; import os from "node:os"; export class FileWatcher { watchers = []; pendingFiles = new Set(); debounceTimer = null; config; isRunning = false; constructor(config) { this.config = { workspaceDir: config.workspaceDir || path.join(os.homedir(), ".openclaw"), debounceMs: config.debounceMs ?? 3000, onFilesChanged: config.onFilesChanged, logger: config.logger, }; } /** * Start watching workspace directories */ start() { if (this.isRunning) return; this.isRunning = true; const watchPaths = [ this.config.workspaceDir, // Root (soul.md, agent.md, heartbeat.md) path.join(this.config.workspaceDir, "memories"), path.join(this.config.workspaceDir, "skills"), path.join(this.config.workspaceDir, "plugins"), ]; for (const watchPath of watchPaths) { try { if (!fs.existsSync(watchPath)) continue; const watcher = fs.watch(watchPath, { recursive: true }, (eventType, filename) => { if (!filename) return; // Only watch .md files if (!filename.endsWith(".md")) return; // Ignore node_modules and hidden directories if (filename.includes("node_modules") || filename.includes("/.")) return; const fullPath = path.join(watchPath, filename); this.scheduleScann(fullPath); }); watcher.unref(); this.watchers.push(watcher); this.config.logger?.debug?.(`Watching: ${watchPath}`); } catch (err) { this.config.logger?.debug?.(`Failed to watch ${watchPath}: ${err}`); } } if (this.watchers.length > 0) { this.config.logger?.info(`File watcher started (${this.watchers.length} directories)`); } } /** * Stop watching */ stop() { if (!this.isRunning) return; for (const watcher of this.watchers) { watcher.close(); } this.watchers = []; if (this.debounceTimer) { clearTimeout(this.debounceTimer); this.debounceTimer = null; } this.pendingFiles.clear(); this.isRunning = false; this.config.logger?.info("File watcher stopped"); } /** * Schedule a file for scanning (debounced) */ scheduleScann(filePath) { this.pendingFiles.add(filePath); if (this.debounceTimer) { clearTimeout(this.debounceTimer); } this.debounceTimer = setTimeout(() => { this.processPendingScans(); }, this.config.debounceMs); this.debounceTimer.unref(); } /** * Process all pending scans */ async processPendingScans() { if (this.pendingFiles.size === 0) return; const files = Array.from(this.pendingFiles); this.pendingFiles.clear(); this.debounceTimer = null; // Filter to only existing files const existingFiles = files.filter(f => { try { return fs.existsSync(f) && fs.statSync(f).isFile(); } catch { return false; } }); if (existingFiles.length === 0) return; this.config.logger?.debug?.(`Auto-scanning ${existingFiles.length} changed file(s)...`); try { await this.config.onFilesChanged(existingFiles); } catch (err) { this.config.logger?.debug?.(`Auto-scan failed: ${err}`); } } /** * Check if watcher is running */ get running() { return this.isRunning; } /** * Get number of watched directories */ get watchCount() { return this.watchers.length; } } //# sourceMappingURL=file-watcher.js.map