add npm-security skill + add to config-setup defaults
This commit is contained in:
@@ -355,7 +355,7 @@ export default function (pi: ExtensionAPI) {
|
|||||||
"extensions/filechanges/index.ts",
|
"extensions/filechanges/index.ts",
|
||||||
"extensions/ask-user-question/index.ts",
|
"extensions/ask-user-question/index.ts",
|
||||||
];
|
];
|
||||||
const defaultSkills = ["skills/obsidian-cli"];
|
const defaultSkills = ["skills/obsidian-cli", "skills/npm-security"];
|
||||||
for (const d of defaultExts) {
|
for (const d of defaultExts) {
|
||||||
if (!pkg.extensions!.includes(d)) pkg.extensions!.push(d);
|
if (!pkg.extensions!.includes(d)) pkg.extensions!.push(d);
|
||||||
}
|
}
|
||||||
|
|||||||
135
skills/npm-security/SKILL.md
Normal file
135
skills/npm-security/SKILL.md
Normal file
@@ -0,0 +1,135 @@
|
|||||||
|
---
|
||||||
|
name: npm-security
|
||||||
|
description: Securely install npm/pip/git packages by scanning with SafeDep Vet, checking with npq, and wrapping installs with Socket Firewall
|
||||||
|
---
|
||||||
|
|
||||||
|
# npm Security Checklist
|
||||||
|
|
||||||
|
This skill ensures every package install follows your security guardrails.
|
||||||
|
|
||||||
|
## Prerequisites
|
||||||
|
|
||||||
|
Three tools must be installed globally:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
npm install -g @safedep/vet @socketsecurity/cli npq
|
||||||
|
```
|
||||||
|
|
||||||
|
- **vet** — SafeDep Vet: scans local code for multi-language malware signatures
|
||||||
|
- **sfw** — Socket Firewall: wraps npm/pip installs with runtime scanning
|
||||||
|
- **npq** — checks package names against typosquatting lists
|
||||||
|
|
||||||
|
Verify they're available before proceeding with any install. If missing, inform the user.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Workflow by Install Type
|
||||||
|
|
||||||
|
### npm install (registry package)
|
||||||
|
|
||||||
|
```
|
||||||
|
1. vet scan package <name> > /dev/null 2>&1 || echo "VET_CHECK_FAILED"
|
||||||
|
2. npq check <name> --json > /tmp/npq_report.json
|
||||||
|
3. If either flags the package → STOP, show findings, ask user via ask_user_question
|
||||||
|
4. If clear → sfw npm install <name>
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Step 1 — Vet the package metadata
|
||||||
|
vet scan package "$PKG" --format json 2>&1
|
||||||
|
|
||||||
|
# Step 2 — npq typosquatting check
|
||||||
|
npq check "$PKG" --json
|
||||||
|
|
||||||
|
# Step 3 — Install wrapped in Socket Firewall
|
||||||
|
sfw npm install "$PKG"
|
||||||
|
```
|
||||||
|
|
||||||
|
### git clone / direct download
|
||||||
|
|
||||||
|
Vet can scan the local directory after cloning. There's no runtime guard here.
|
||||||
|
|
||||||
|
```
|
||||||
|
1. git clone <url>
|
||||||
|
2. cd <repo>
|
||||||
|
3. vet scan -D . --format json --filter "package.malware == true" > /tmp/vet_report.json
|
||||||
|
4. If malware found → STOP, show findings to user
|
||||||
|
5. If clean → proceed
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# After clone, scan the directory
|
||||||
|
vet scan -D . --format json --filter "package.malware == true" > /tmp/vet_report.json
|
||||||
|
|
||||||
|
# Check for suspicious patterns too
|
||||||
|
vet scan -D . --format json --filter "package.suspicious == true" >> /tmp/vet_report.json
|
||||||
|
|
||||||
|
# If either has findings, warn the user
|
||||||
|
```
|
||||||
|
|
||||||
|
### pip / uv install
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Socket wraps pip too
|
||||||
|
sfw pip install -r requirements.txt
|
||||||
|
sfw uv pip install <package>
|
||||||
|
```
|
||||||
|
|
||||||
|
### pi install (npm source)
|
||||||
|
|
||||||
|
`pi install npm:<package>` eventually calls `npm install`. The sfw wrapper won't intercept Pi's internal npm calls directly, so use the manual pre-check:
|
||||||
|
|
||||||
|
```
|
||||||
|
1. vet scan package <name>
|
||||||
|
2. npq check <name>
|
||||||
|
3. If clear → tell user "safe to pi install npm:<name>"
|
||||||
|
```
|
||||||
|
|
||||||
|
### pi install (git source)
|
||||||
|
|
||||||
|
```
|
||||||
|
1. After Pi clones it (check ~/.pi/agent/git/), vet scan that directory
|
||||||
|
2. Show user the results
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Checking npmrc Security Settings
|
||||||
|
|
||||||
|
Periodically verify these are in `~/.npmrc`:
|
||||||
|
|
||||||
|
```ini
|
||||||
|
min-release-age=7
|
||||||
|
ignore-scripts=true
|
||||||
|
allow-git=root
|
||||||
|
```
|
||||||
|
|
||||||
|
If missing, inform the user and offer to add them.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## When Something Flags
|
||||||
|
|
||||||
|
- **STOP** — do not continue with the install
|
||||||
|
- Read the flagged findings
|
||||||
|
- Present them to the user via `ask_user_question` with the findings attached
|
||||||
|
- Let the user decide: proceed anyway, investigate further, or abort
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Commands Reference
|
||||||
|
|
||||||
|
| Tool | Purpose | Key Command |
|
||||||
|
|---|---|---|
|
||||||
|
| vet | Malware scan (local dir) | `vet scan -D . --format json` |
|
||||||
|
| vet | Package metadata scan | `vet scan package <name> --format json` |
|
||||||
|
| npq | Typosquatting check | `npq check <name> --json` |
|
||||||
|
| sfw | Safe npm install | `sfw npm install <name>` |
|
||||||
|
| sfw | Safe pip install | `sfw pip install <name>` |
|
||||||
|
|
||||||
|
## Limitations
|
||||||
|
|
||||||
|
- vet cannot scan packages that haven't been downloaded yet (npm metadata scan is lighter)
|
||||||
|
- sfw only intercepts when used explicitly (`sfw npm install`), not plain `npm install`
|
||||||
|
- Pi's internal package manager may not respect sfw — pre-checks are essential
|
||||||
|
- nix packages go through Nix's own trust model, not these tools
|
||||||
Reference in New Issue
Block a user