概述

shipcheck — pre-publish PII & secret check

shipcheck is a best-effort pre-publish safety net. Run it before npm publish,

clawhub publish, or pushing a repo public to catch the stuff you'll regret shipping:

absolute /Users// paths, internal IPs, Tailscale hostnames, API keys, internal

project codenames, and soft natural-language personal leaks in markdown.

It is NOT:

a replacement for manual review
a full secret scanner (gitleaks / trufflehog cover more)
a security audit

It is one more pair of eyes before you hit publish.

When to use this skill

Trigger this skill when the user is about to publish or push something public:

npm publish / npm publish --dry-run
clawhub publish ./my-skill ...
git push to a brand-new public repo
"check leaks", "is it safe to share?", "扫一下个人信息", "发布前体检"

Install

npm i -g @symbolstar/shipcheck
# or one-shot
npx -y @symbolstar/shipcheck

Run

npm package (default mode)

Scans only files that would actually be published — resolves package.json.files,

.npmignore, .gitignore statically (does not invoke npm pack).

cd /path/to/npm-package
shipcheck

Skill folder / generic repo

shipcheck --scan-mode=dir ./path/to/skill-or-repo

Common flags

shipcheck --scan-mode=dir|npm     # default: npm
shipcheck --allow <id>            # acknowledge a finding by id
shipcheck --config ./shipcheck.config.json

What it catches

Category	Examples	Severity
----------	------------------------------------------------------------------------------------------------------------	----------
`secrets`	AWS keys, GitHub PAT (`ghp_/gho_/ghu_/ghs_/ghr_`), OpenAI `sk-…`, Anthropic `sk-ant-…`, Google `AIza…`, Slack `xox[bp]-…`, JWT, PEM/SSH private keys (~30 rules)	`critical`
`identity`	Emails, China mobile + E.164, `/Users//` & `/home//` absolute paths, SSH fingerprint	`high`
`infra`	RFC1918 IPs, Tailscale CGNAT `100.64/10`, `.tail.ts.net`, `.lan`/`*.local`, private git remotes	`high`
`business`	User-defined `forbidden_terms` from `shipcheck.config.json` (codenames, internal product names…)	`medium`
`softNL`	Chinese first-person personal context in `*.md` (我家 / 我老板 / 我同事 + 关系词)	`info`
`binaries`	`*.png/.jpg/.mp4/.zip/.pdf` > 50 KB inside the publish set	`warn`

Recommended workflow

# 1. Run it
shipcheck                       # or: shipcheck --scan-mode=dir .

# 2. Triage findings
#    - real leak → fix the file
#    - false positive → add to shipcheck.config.json allow / forbidden_terms

# 3. Re-run until 0 critical / high
shipcheck

# 4. Publish
npm publish    # or: clawhub publish ./skill --slug ...

Exit codes

Code	Meaning
----	------------------------------------------------------------------
`0`	No findings, or only allow-listed / `info` / `warn`
`1`	One or more `critical` / `high` / `medium` findings — do not ship

Use the exit code in CI or prepublishOnly:

{
  "scripts": {
    "prepublishOnly": "shipcheck && npm run build && npm test"
  }
}

Configuration (optional)

shipcheck.config.json in the project root:

{
  "forbidden_terms": ["AcmeInternalCodename", "ProjectStarfish"],
  "allow": [
    "rule:identity.absolute-home:fixtures/golden/01/setup.md#L12"
  ],
  "scanMode": "npm"
}

Links

npm:
source: _(public mirror — main dev on local repo)_
author: SymbolStar

版本历史

共 1 个版本

v0.1.0 当前

2026-05-21 14:46 安全安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)