Diablo_Rain/Diablo_ClaudeMD_Ricing_example
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
29f6e9829b
Diablo_ClaudeMD_Ricing_example/hooks/post-download-scan.sh
diablo 50fa79407d
Some checks are pending
CI — CoM Config Validation / Validate JSON Configs (push) Waiting to run
Details
CI — CoM Config Validation / Validate YAML Configs (push) Waiting to run
Details
CI — CoM Config Validation / Lint Shell Scripts (push) Waiting to run
Details
CI — CoM Config Validation / Secret Detection (push) Waiting to run
Details
CI — CoM Config Validation / Lint Markdown (push) Waiting to run
Details
CI — CoM Config Validation / Validate CODEOWNERS (push) Waiting to run
Details
CoM Claude Command Center — sanitized public configuration 
Public, sanitized mirror of an AI orchestration command center: agents, skills,
MCP servers, slash-command workflows. All infrastructure identifiers, hostnames,
mesh IPs/subnets, repo paths, maintainer identity, and hardware fleet specifics
scrubbed to <placeholders>; session debug logs and host-specific memory removed.
No live credentials. Verified clean by automated leak sweep. See SANITIZATION.md.

churchofmalware.org . authorized research only
2026-06-10 02:02:03 -04:00

41 lines
1.4 KiB
Bash
Raw Blame History

#!/bin/sh
# CoM Enterprise — PostToolUse Download Validation Hook
# Scans downloaded files for suspicious patterns.
# POSIX-compatible (Git Bash + Linux).
# Usage: post-download-scan.sh <filepath>
FILE="$1"
if [ -z "$FILE" ] || [ ! -f "$FILE" ]; then
echo "post-download-scan: No file to scan or file not found." >&2
exit 0
fi
BASENAME=$(basename "$FILE")
LOGFILE="$(dirname "$0")/audit.log"
# Check for extension/content mismatch (text file with executable content)
case "$BASENAME" in
*.txt|*.md|*.json|*.yaml|*.yml|*.toml)
# Check if file has executable markers
if head -c 4 "$FILE" 2>/dev/null | grep -q "MZ\|ELF\|\x7fELF"; then
echo "WARNING: $BASENAME claims to be text but contains executable headers." >&2
echo "$(date -u '+%Y-%m-%dT%H:%M:%SZ') WARN extension-mismatch $FILE" >> "$LOGFILE"
exit 1
fi
;;
esac
# Scan for obfuscated eval/exec patterns in text files
if file "$FILE" 2>/dev/null | grep -qi "text\|ascii\|utf"; then
if grep -qE '(eval\s*\(|exec\s*\(|base64_decode|fromCharCode|\\x[0-9a-fA-F]{2}{4,})' "$FILE" 2>/dev/null; then
echo "WARNING: $BASENAME contains potentially obfuscated code (eval/exec/base64)." >&2
echo "$(date -u '+%Y-%m-%dT%H:%M:%SZ') WARN obfuscated-code $FILE" >> "$LOGFILE"
# Warn but don't block — human review required
fi
fi
# Log clean scan
echo "$(date -u '+%Y-%m-%dT%H:%M:%SZ') OK scan-clean $FILE" >> "$LOGFILE"
exit 0
Reference in New Issue View Git Blame Copy Permalink