首页 发现 帮助
登录
logic855
/
claude-mods
镜像自地址 https://github.com/0xDarkMatter/claude-mods.git
1
0
派生 0
文件 工单管理 0 Wiki
分支: feat/r-ops-supply-chain
分支列表 标签列表
claude-mods
/
hooks
/
pre-install-scan.sh

pre-install-scan.sh 4.3 KB
永久链接 文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. #!/bin/bash
    2. 

  2. # hooks/pre-install-scan.sh
    3. 

  3. # PreToolUse hook — surfaces supply-chain hygiene before a dependency install runs.
    4. 

  4. # Matcher: Bash
    5. 

  5. #
    6. 

  6. # The 2026 worm campaign (Shai-Hulud / Mini Shai-Hulud) executes via package
    7. 

  7. # lifecycle scripts (postinstall, sdist setup.py) the moment you install, and
    8. 

  8. # poisons brand-new releases that are pulled before any advisory exists. This hook
    9. 

  9. # recognises install/add verbs and reminds you to scan + respect the release-age
    10. 

  10. # cooldown, routing through the Socket CLI when available.
    11. 

  11. #
    12. 

  12. # Configuration in .claude/settings.json:
    13. 

  13. # {
    14. 

  14. #   "hooks": {
    15. 

  15. #     "PreToolUse": [{
    16. 

  16. #       "matcher": "Bash",
    17. 

  17. #       "hooks": ["bash hooks/pre-install-scan.sh $TOOL_INPUT"]
    18. 

  18. #     }]
    19. 

  19. #   }
    20. 

  20. # }
    21. 

  21. #
    22. 

  22. # Behaviour:
    23. 

  23. #   Default          → ADVISORY. Prints guidance, exits 0 (command proceeds).
    24. 

  24. #   SUPPLY_CHAIN_BLOCK=1 → HARD GATE. Exits 2 (command blocked) so you scan first.
    25. 

  25. #
    26. 

  26. # Exit codes:
    27. 

  27. #   0 = allow (not an install, already wrapped, or advisory mode)
    28. 

  28. #   2 = block with message (install verb matched AND SUPPLY_CHAIN_BLOCK=1)
    29. 

  29. 

  30. INPUT="$1"
    31. 

  31. # Modern Claude Code delivers the tool call as JSON on stdin
    32. 

  32. # ({"tool_input":{"command":"..."}}); older configs pass it as $TOOL_INPUT/$1.
    33. 

  33. # Support both so the hook works regardless of harness version.
    34. 

  34. if [[ -z "$INPUT" && ! -t 0 ]]; then
    35. 

  35.   RAW="$(cat 2>/dev/null)"
    36. 

  36.   if [[ -n "$RAW" ]] && command -v jq >/dev/null 2>&1; then
    37. 

  37.     INPUT="$(printf '%s' "$RAW" | jq -r '.tool_input.command // .tool_input // empty' 2>/dev/null)"
    38. 

  38.   fi
    39. 

  39.   [[ -z "$INPUT" ]] && INPUT="$RAW"
    40. 

  40. fi
    41. 

  41. [[ -z "$INPUT" ]] && exit 0
    42. 

  42. 

  43. # Already routed through the behavioural scanner — let it through silently.
    44. 

  44. echo "$INPUT" | grep -qE '\bsocket\s+(npm|npx|scan|ci|package)\b' && exit 0
    45. 

  45. 

  46. # Lockfile-pinned installs are the safer path we recommend — don't nag them.
    47. 

  47. echo "$INPUT" | grep -qE '\bnpm\s+ci\b|--frozen-lockfile|--locked\b' && exit 0
    48. 

  48. 

  49. # ─── Recognise ecosystem install/add verbs ─────────────────────────────────
    50. 

  50. ECO=""
    51. 

  51. SAFE=""
    52. 

  52. if   echo "$INPUT" | grep -qE '\b(npm|pnpm)\s+(install|i|add)\b'; then
    53. 

  53.   ECO="npm";  SAFE="socket npm install <pkg>   # or: socket wrapper on"
    54. 

  54. elif echo "$INPUT" | grep -qE '\byarn\s+(add|install)\b'; then
    55. 

  55.   ECO="npm";  SAFE="socket npm install <pkg>   # yarn has no socket wrapper"
    56. 

  56. elif echo "$INPUT" | grep -qE '\bbun\s+(add|install)\b'; then
    57. 

  57.   ECO="npm";  SAFE="socket scan create .       # bun has no socket wrapper"
    58. 

  58. elif echo "$INPUT" | grep -qE '\b(pip|pip3)\s+install\b'; then
    59. 

  59.   ECO="pypi"; SAFE="socket scan create .       # no socket pip wrapper exists"
    60. 

  60. elif echo "$INPUT" | grep -qE '\buv\s+(add|pip\s+install)\b'; then
    61. 

  61.   ECO="pypi"; SAFE="socket scan create .       # scan the manifest after uv add"
    62. 

  62. elif echo "$INPUT" | grep -qE '\bpoetry\s+add\b'; then
    63. 

  63.   ECO="pypi"; SAFE="socket scan create ."
    64. 

  64. elif echo "$INPUT" | grep -qE '\bcomposer\s+(require|install)\b'; then
    65. 

  65.   ECO="composer"; SAFE="socket scan create ."
    66. 

  66. elif echo "$INPUT" | grep -qE '\bgem\s+install\b'; then
    67. 

  67.   ECO="rubygems"; SAFE="socket scan create ."
    68. 

  68. elif echo "$INPUT" | grep -qE '\bcargo\s+(add|install)\b'; then
    69. 

  69.   ECO="cargo"; SAFE="socket scan create ."
    70. 

  70. else
    71. 

  71.   exit 0
    72. 

  72. fi
    73. 

  73. 

  74. # ─── Compose the advisory ──────────────────────────────────────────────────
    75. 

  75. HAS_SOCKET=0; command -v socket >/dev/null 2>&1 && HAS_SOCKET=1
    76. 

  76. 

  77. echo "SUPPLY CHAIN: dependency install detected (${ECO})."
    78. 

  78. echo "Lifecycle scripts run on install — the 2026 worm vector. Before proceeding:"
    79. 

  79. echo "  1. Behavioural scan (not just npm audit / pip-audit — those miss fresh malware)."
    80. 

  80. echo "  2. Respect the 7-day release-age cooldown for anything that hits prod/CI."
    81. 

  81. if [[ "$HAS_SOCKET" -eq 1 ]]; then
    82. 

  82.   echo "  Route it through Socket:  ${SAFE}"
    83. 

  83. else
    84. 

  84.   echo "  Socket CLI not installed (free):  npm install -g socket"
    85. 

  85.   echo "  Or add depscore MCP (no key):  claude mcp add --transport http socket-mcp https://mcp.socket.dev/"
    86. 

  86. fi
    87. 

  87. echo "  Cooldown check:  bash skills/supply-chain-defense/scripts/preinstall-check.sh <pkg>"
    88. 

  88. 

  89. if [[ "${SUPPLY_CHAIN_BLOCK:-0}" == "1" ]]; then
    90. 

  90.   echo ""
    91. 

  91.   echo "Blocked (SUPPLY_CHAIN_BLOCK=1). Scan the package, then re-run via the Socket"
    92. 

  92.   echo "wrapper or unset SUPPLY_CHAIN_BLOCK after you've confirmed it's safe."
    93. 

  93.   exit 2
    94. 

  94. fi
    95. 

  95. 

  96. exit 0
    97.