Home Explore Help
Sign In
logic855
/
claude-mods
mirror of https://github.com/0xDarkMatter/claude-mods.git
1
0
Fork 0
Files Issues 0 Wiki
Branch: main
Branches Tags
claude-mods
/
skills
/
supply-chain-defense
/
scripts
/
scan-extensions.sh

scan-extensions.sh 8.6 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. #!/usr/bin/env bash
    2. 

  2. # Inventory, recency, and (optional) behavioural scan of installed editor
    3. 

  3. # extensions, Claude Code plugins, and skills — the "what's on this machine, what
    4. 

  4. # changed recently, and is any of it malicious?" audit.
    5. 

  5. #
    6. 

  6. # DEFAULT (zero-dependency): lists every installed editor extension, Claude plugin,
    7. 

  7. #   and skill with its version + whether it changed within the recency window. The
    8. 

  8. #   2026 campaign exploits exactly the gap this closes — fresh malicious versions
    9. 

  9. #   live for minutes (Nx Console: 11 min) and most teams have no inventory. This
    10. 

  10. #   mode has NO false positives; it is an inventory, not a verdict.
    11. 

  11. #
    12. 

  12. # --deep (auto-detects guarddog + semgrep): runs GuardDog's AST/semgrep behavioural
    13. 

  13. #   rules against editor extensions changed within the window (or --all) — the real
    14. 

  14. #   "unknown bad" engine. If the engine is NOT installed it does NOT pretend: it runs
    15. 

  15. #   inventory + recency, then LOUDLY reports that the behavioural scan was skipped and
    16. 

  16. #   recommends `uv tool install guarddog semgrep` (on-demand — kept off the machine by
    17. 

  17. #   default to stay lean). It never reports "clean" for a scan it didn't run.
    18. 

  18. #   Note: extension bundles are minified, so even AST scanning is best-effort here;
    19. 

  19. #   inventory + recency + IOC (exposure-check.py) remain the backbone for extensions.
    20. 

  20. #
    21. 

  21. # Usage:   scan-extensions.sh [--json] [--days N]              # inventory + recency
    22. 

  22. #          scan-extensions.sh --deep [--all] [--days N]        # behavioural (needs guarddog+semgrep)
    23. 

  23. # Input:   editor-extension dirs (SC_EXT_DIRS overrides), ~/.claude/plugins, ~/.claude/skills
    24. 

  24. # Output:  stdout = inventory / findings (tab-separated, or JSON with --json)
    25. 

  25. # Stderr:  framing, plugin SHA inventory, verdict
    26. 

  26. # Exit:    0 ok (incl. --deep with engine absent — behavioural skipped, not failed),
    27. 

  27. #          2 usage, 10 behavioural finding(s)
    28. 

  28. #
    29. 

  29. # Examples:
    30. 

  30. #   scan-extensions.sh                       # full inventory + recency
    31. 

  31. #   scan-extensions.sh --days 7 --json       # JSON, 7-day recency window
    32. 

  32. #   scan-extensions.sh --deep --days 7       # behavioural-scan extensions changed in 7d
    33. 

  33. 

  34. set -uo pipefail
    35. 

  35. EXIT_OK=0; EXIT_USAGE=2; EXIT_MISSING_DEP=5; EXIT_FINDING=10
    36. 

  36. 

  37. JSON=0; QUIET=0; DEEP=0; ALL=0; DAYS=14
    38. 

  38. while [[ $# -gt 0 ]]; do
    39. 

  39.   case "$1" in
    40. 

  40.     --json) JSON=1 ;;
    41. 

  41.     -q|--quiet) QUIET=1 ;;
    42. 

  42.     --deep) DEEP=1 ;;
    43. 

  43.     --all) ALL=1 ;;
    44. 

  44.     --days) DAYS="${2:?--days needs a value}"; shift ;;
    45. 

  45.     -h|--help) sed -n '2,33p' "$0" | sed 's/^# \{0,1\}//'; exit "$EXIT_OK" ;;
    46. 

  46.     -*) echo "ERROR: unknown flag: $1 (try --help)" >&2; exit "$EXIT_USAGE" ;;
    47. 

  47.     *) echo "ERROR: unexpected argument: $1" >&2; exit "$EXIT_USAGE" ;;
    48. 

  48.   esac
    49. 

  49.   shift
    50. 

  50. done
    51. 

  51. 

  52. HAS_JQ=0; command -v jq >/dev/null 2>&1 && HAS_JQ=1
    53. 

  53. if [[ -t 2 && -z "${NO_COLOR:-}" ]]; then C_Y=$'\033[33m'; C_G=$'\033[32m'; C_D=$'\033[2m'; C_R=$'\033[31m'; C_O=$'\033[0m'
    54. 

  54. else C_Y=""; C_G=""; C_D=""; C_R=""; C_O=""; fi
    55. 

  55. section(){ [[ "$QUIET" -eq 1 ]] || printf '%s== %s ==%s %s\n' "$C_D" "$1" "$C_O" "${2:-}" >&2; }
    56. 

  56. info(){ [[ "$QUIET" -eq 1 ]] || printf '   %s\n' "$1" >&2; }
    57. 

  57. 

  58. # ── --deep: auto-detect the engine; recommend (don't require) if absent ────
    59. 

  59. # Lean by default — guarddog+semgrep are NOT kept on the machine. If --deep is asked
    60. 

  60. # for and they're present, use them; if absent, run inventory+recency and LOUDLY skip
    61. 

  61. # the behavioural pass (never report a scan we didn't run as clean).
    62. 

  62. DEEP_OK=0; DEEP_SKIPPED=0
    63. 

  63. if [[ "$DEEP" -eq 1 ]]; then
    64. 

  64.   if command -v guarddog >/dev/null 2>&1 && command -v semgrep >/dev/null 2>&1 && semgrep --version >/dev/null 2>&1; then
    65. 

  65.     DEEP_OK=1
    66. 

  66.   else
    67. 

  67.     DEEP_SKIPPED=1
    68. 

  68.   fi
    69. 

  69. fi
    70. 

  70. 

  71. now_epoch=$(date +%s); window=$(( DAYS * 86400 ))
    72. 

  72. EXT_DIRS=("$HOME/.vscode/extensions" "$HOME/.vscode-server/extensions" "$HOME/.vscode-oss/extensions" "$HOME/.cursor/extensions" "$HOME/.windsurf/extensions")
    73. 

  73. [[ -n "${SC_EXT_DIRS:-}" ]] && IFS="$(printf ':')" read -ra EXT_DIRS <<< "$SC_EXT_DIRS"
    74. 

  74. 

  75. INV_JSON=(); FIND_JSON=(); FINDINGS=0; RECENT=0
    76. 

  76. 

  77. dir_recent() {  # echoes yes/no — any code file in $1 modified within window
    78. 

  78.   local newest
    79. 

  79.   newest=$(find "$1" -type f \( -name '*.js' -o -name '*.ts' -o -name '*.cjs' -o -name '*.mjs' -o -name '*.py' -o -name '*.sh' -o -name 'package.json' \) -printf '%T@\n' 2>/dev/null | sort -rn | head -1)
    80. 

  80.   [[ -n "$newest" && $(( now_epoch - ${newest%.*} )) -lt $window ]] && echo yes || echo no
    81. 

  81. }
    82. 

  82. 

  83. # ── 1. Editor extensions: inventory (+ behavioural if --deep) ──────────────
    84. 

  84. section "Editor extensions" "inventory + recency <${DAYS}d$( [[ $DEEP_OK -eq 1 ]] && echo ' + GuardDog behavioural' )"
    85. 

  85. for base in "${EXT_DIRS[@]}"; do
    86. 

  86.   [[ -d "$base" ]] || continue
    87. 

  87.   for ext in "$base"/*/; do
    88. 

  88.     [[ -f "$ext/package.json" ]] || continue
    89. 

  89.     pub=$(jq -r '.publisher // empty' "$ext/package.json" 2>/dev/null)
    90. 

  90.     name=$(jq -r '.name // empty' "$ext/package.json" 2>/dev/null)
    91. 

  91.     ver=$(jq -r '.version // empty' "$ext/package.json" 2>/dev/null)
    92. 

  92.     [[ -z "$pub" || -z "$name" ]] && continue
    93. 

  93.     id="$pub.$name"; recent=$(dir_recent "$ext")
    94. 

  94.     [[ "$recent" == yes ]] && RECENT=$((RECENT+1))
    95. 

  95.     [[ "$JSON" -eq 0 && "$QUIET" -eq 0 ]] && printf '%s\t%s\trecent=%s\n' "$id" "${ver:-?}" "$recent"
    96. 

  96.     [[ "$HAS_JQ" -eq 1 ]] && INV_JSON+=("$(jq -cn --arg i "$id" --arg v "$ver" --argjson r "$([[ $recent == yes ]] && echo true || echo false)" '{kind:"editor-extension",id:$i,version:$v,recent:$r}')")
    97. 

  97.     # behavioural scan: --deep, gated to recent unless --all
    98. 

  98.     if [[ "$DEEP_OK" -eq 1 && ( "$ALL" -eq 1 || "$recent" == yes ) ]]; then
    99. 

  99.       gout=$(PYTHONUTF8=1 guarddog npm scan "$ext" --exit-non-zero-on-finding 2>/dev/null); grc=$?
    100. 

  100.       if [[ $grc -ne 0 ]] && echo "$gout" | grep -qiE 'potentially malicious|source code matches'; then
    101. 

  101.         FINDINGS=$((FINDINGS+1))
    102. 

  102.         printf '   %s[FINDING]%s %s\n' "$C_R" "$C_O" "$id" >&2
    103. 

  103.         echo "$gout" | grep -iE 'found|matches|: This' | head -5 | sed 's/^/        /' >&2
    104. 

  104.         [[ "$HAS_JQ" -eq 1 ]] && FIND_JSON+=("$(jq -cn --arg i "$id" --arg d "$(echo "$gout" | tr '\n' ' ' | head -c 400)" '{id:$i,engine:"guarddog",detail:$d}')")
    105. 

  105.       fi
    106. 

  106.     fi
    107. 

  107.   done
    108. 

  108. done
    109. 

  109. 

  110. # ── 2. Claude Code plugins: inventory + pinned-commit ──────────────────────
    111. 

  111. section "Claude Code plugins" "pinned-commit inventory — verify each against its marketplace"
    112. 

  112. PMETA="$HOME/.claude/plugins/installed_plugins.json"
    113. 

  113. if [[ -f "$PMETA" && "$HAS_JQ" -eq 1 ]]; then
    114. 

  114.   while IFS= read -r line; do info "$line"; done < <(jq -r '.plugins | to_entries[] | .key as $n | .value[] | "\($n)  sha=\(.gitCommitSha[0:12])  scope=\(.scope)  updated=\(.lastUpdated)"' "$PMETA" 2>/dev/null)
    115. 

  115. else
    116. 

  116.   info "no installed_plugins.json (no marketplace plugins) or jq missing"
    117. 

  117. fi
    118. 

  118. 

  119. # ── 3. Installed skills: inventory + recency ───────────────────────────────
    120. 

  120. section "Installed skills" "recency <${DAYS}d (review recently-changed you didn't edit)"
    121. 

  121. for sk in "$HOME/.claude/skills"/*/; do
    122. 

  122.   [[ -d "$sk" ]] || continue
    123. 

  123.   recent=$(dir_recent "$sk")
    124. 

  124.   if [[ "$recent" == yes ]]; then
    125. 

  125.     RECENT=$((RECENT+1))
    126. 

  126.     [[ "$QUIET" -eq 0 ]] && printf '%s\t(recently changed)\n' "$(basename "$sk")"
    127. 

  127.   fi
    128. 

  128. done
    129. 

  129. 

  130. # ── Output + verdict ───────────────────────────────────────────────────────
    131. 

  131. if [[ "$JSON" -eq 1 ]]; then
    132. 

  132.   printf '%s\n' "${INV_JSON[@]:-}" | jq -s \
    133. 

  133.     --argjson f "$(printf '%s\n' "${FIND_JSON[@]:-}" | jq -s 'map(select(length>0))' 2>/dev/null || echo '[]')" \
    134. 

  134.     --argjson deep "$DEEP" --argjson days "$DAYS" \
    135. 

  135.     '{data:{inventory: map(select(length>0)), findings:$f}, meta:{deep:($deep==1), recency_days:$days, finding_count:($f|length), schema:"axiom.tool.scan-extensions.report/v1"}}'
    136. 

  136. fi
    137. 

  137. 

  138. if [[ "$DEEP_OK" -eq 1 ]]; then
    139. 

  139.   if [[ "$FINDINGS" -eq 0 ]]; then
    140. 

  140.     [[ "$QUIET" -eq 1 ]] || printf '%sBehavioural: GuardDog found no indicators in scanned extensions.%s\n' "$C_G" "$C_O" >&2
    141. 

  141.     exit "$EXIT_OK"
    142. 

  142.   fi
    143. 

  143.   [[ "$QUIET" -eq 1 ]] || printf '%s%d extension(s) with behavioural findings — inspect + treat as incident.%s\n' "$C_R" "$FINDINGS" "$C_O" >&2
    144. 

  144.   exit "$EXIT_FINDING"
    145. 

  145. fi
    146. 

  146. if [[ "$DEEP_SKIPPED" -eq 1 ]]; then
    147. 

  147.   [[ "$QUIET" -eq 1 ]] || {
    148. 

  148.     printf '%sBEHAVIOURAL SCAN SKIPPED%s — guarddog/semgrep not installed (kept off by default).\n' "$C_Y" "$C_O" >&2
    149. 

  149.     printf '   Ran inventory + recency only — this is NOT a clean behavioural verdict.\n' >&2
    150. 

  150.     printf '   Enable on-demand:  uv tool install guarddog semgrep   (then re-run --deep)\n' >&2
    151. 

  151.   }
    152. 

  152. fi
    153. 

  153. [[ "$QUIET" -eq 1 ]] || printf '%sInventory done. %d item(s) changed within %dd — review those; run exposure-check.py for known-IOC matching.%s\n' "$C_D" "$RECENT" "$DAYS" "$C_O" >&2
    154. 

  154. exit "$EXIT_OK"
    155.