mirror of
https://github.com/anthropics/claude-plugins-official.git
synced 2026-05-09 13:22:40 +00:00
76b35e91d1
* Tighten policy scan: hook scope, telemetry, disclosure; make blocking policy/prompt.md — adds Part 2 (hook scope and disclosure): - Enumerate every registered hook and read its source. - Flag has_broad_scope_hooks when UserPromptSubmit/PreToolUse/ PostToolUse runs without a project-relevance gate, or any hook reads user data beyond the plugin's stated scope — regardless of whether it makes network calls. - Flag has_undisclosed_telemetry when any hook or shipped code calls a non-MCP host without explicit disclosure + opt-out. - Flag description_matches_behavior=false when the install description would not lead a reasonable user to expect the hooks/telemetry/data-access found. - passes=false when any of the above trip. Violations must cite the specific hook/file and what the user wasn't told. The bar is now "handles user data responsibly," not merely "isn't malicious." A non-malicious plugin that observes more than its stated purpose justifies will fail. policy/schema.json — adds required hooks[], has_broad_scope_hooks, has_undisclosed_telemetry, description_matches_behavior. scan-plugins.yml: - fail-on-findings: true (blocking — loosen later if FP rate too high) - workflow_dispatch with scan_all input for full re-review of all external entries - timeout-minutes: 360 (full scan of 117 entries at ~96s each ≈ 3h) - trigger on .github/policy/** so prompt edits get scanned * Bump vercel SHA to test the tightened scan against it
36 lines
982 B
YAML
36 lines
982 B
YAML
name: Scan Plugins
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- '.claude-plugin/marketplace.json'
|
|
- '.github/policy/**'
|
|
workflow_dispatch:
|
|
inputs:
|
|
scan_all:
|
|
description: Scan every external entry (full re-review). Slow.
|
|
type: boolean
|
|
default: false
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
scan:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 360
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
# Blocking: policy failures fail the job. Loosen by removing
|
|
# fail-on-findings if the false-positive rate is too high.
|
|
- uses: anthropics/claude-plugins-community/.github/actions/scan-plugins@b277757588871fe55b2620de8c6dfda470e2e9d8
|
|
with:
|
|
anthropic-api-key: ${{ secrets.ANTHROPIC_API_KEY }}
|
|
policy-prompt: .github/policy/prompt.md
|
|
fail-on-findings: "true"
|
|
scan-all-external: ${{ inputs.scan_all || 'false' }}
|
|
claude-cli-version: latest
|