Diablo_Rain/Diablo_ClaudeMD_Ricing_example
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
29f6e9829b
Diablo_ClaudeMD_Ricing_example/hooks/session-cleanup.sh
diablo 50fa79407d
Some checks are pending
CI — CoM Config Validation / Validate JSON Configs (push) Waiting to run
Details
CI — CoM Config Validation / Validate YAML Configs (push) Waiting to run
Details
CI — CoM Config Validation / Lint Shell Scripts (push) Waiting to run
Details
CI — CoM Config Validation / Secret Detection (push) Waiting to run
Details
CI — CoM Config Validation / Lint Markdown (push) Waiting to run
Details
CI — CoM Config Validation / Validate CODEOWNERS (push) Waiting to run
Details
CoM Claude Command Center — sanitized public configuration 
Public, sanitized mirror of an AI orchestration command center: agents, skills,
MCP servers, slash-command workflows. All infrastructure identifiers, hostnames,
mesh IPs/subnets, repo paths, maintainer identity, and hardware fleet specifics
scrubbed to <placeholders>; session debug logs and host-specific memory removed.
No live credentials. Verified clean by automated leak sweep. See SANITIZATION.md.

churchofmalware.org . authorized research only
2026-06-10 02:02:03 -04:00

54 lines
1.7 KiB
Bash
Raw Blame History

#!/bin/sh
# CoM Enterprise — Session Cleanup Hook
# Scrubs credentials from shell history, prunes old snapshots.
# POSIX-compatible (Git Bash + Linux).
# Run at session end or via cron.
LOGFILE="$(dirname "$0")/audit.log"
echo "=== CoM Session Cleanup — $(date -u '+%Y-%m-%dT%H:%M:%SZ') ==="
# 1. Scan shell history for credential patterns
CRED_PATTERNS='(API_KEY|SECRET|TOKEN|PASSWORD|PRIVATE_KEY|sk-ant-|ghp_|gho_|xoxb-|xoxp-)'
FOUND=0
for HISTFILE_PATH in "$HOME/.bash_history" "$HOME/.zsh_history"; do
if [ -f "$HISTFILE_PATH" ]; then
MATCHES=$(grep -cE "$CRED_PATTERNS" "$HISTFILE_PATH" 2>/dev/null || echo 0)
if [ "$MATCHES" -gt 0 ]; then
echo "WARNING: $MATCHES potential credential patterns found in $HISTFILE_PATH"
echo " Run: grep -nE '$CRED_PATTERNS' $HISTFILE_PATH"
FOUND=$((FOUND + MATCHES))
fi
fi
done
if [ "$FOUND" -eq 0 ]; then
echo "Shell history: CLEAN (no credential patterns detected)"
fi
# 2. Prune old shell snapshots (older than 7 days)
SNAPSHOT_DIR="$HOME/.claude/shell-snapshots"
if [ -d "$SNAPSHOT_DIR" ]; then
PRUNED=$(find "$SNAPSHOT_DIR" -type f -mtime +7 2>/dev/null | wc -l)
if [ "$PRUNED" -gt 0 ]; then
find "$SNAPSHOT_DIR" -type f -mtime +7 -delete 2>/dev/null
echo "Pruned $PRUNED shell snapshots older than 7 days"
else
echo "Shell snapshots: No stale files to prune"
fi
else
echo "Shell snapshots directory not found — skipping"
fi
# 3. Report audit log size
if [ -f "$LOGFILE" ]; then
LINES=$(wc -l < "$LOGFILE")
echo "Audit log: $LINES entries"
if [ "$LINES" -gt 1000 ]; then
echo "WARNING: Audit log exceeds 1000 lines. Consider rotating."
fi
fi
echo "=== Cleanup complete ==="
Reference in New Issue View Git Blame Copy Permalink