Security
by @stoneyhoo
Enterprise-grade security framework for LobsterAI with audit logging, RBAC, input validation, output sanitization, code scanning, and dependency vulnerabilit...
All security features are available for import by other skills:
from security.audit_logger import audit_log_skill_start, audit_log_skill_end
from security.authorizer import Authorizer
from security.input_validator import InputValidator, ValidationError
from security.output_sanitizer import sanitize_text, create_safe_error
from security.code_scanner import CodeScanner
from security.dependency_scanner import DependencyScanner
Copy rbac_config.example.json to rbac_config.json and customize roles and permissions.
Scan Scope
The code scanner and dependency scanner are designed to scan all skills in the SKILLs directory when invoked explicitly (e.g., python -m security.code_scanner --skill all). This allows comprehensive security assessment across your entire LobsterAI installation.
Privacy Note: Scanning all skills grants this module read access to all skill code and dependencies. This is intentional for a security audit tool, but users should be aware of the broad read scope. Ensure you trust the skill source before enabling full-system scanning.
To limit scanning to specific skills, invoke with explicit skill IDs:
python -m security.code_scanner --skill web-search --skill scheduled-task
clawhub install lobsterai-security