oh-distributed-security-design-review
0
总安装量
4
周安装量
安装命令
npx skills add https://github.com/openharmonyinsight/openharmony-skills --skill oh-distributed-security-design-review
Agent 安装分布
opencode
3
amp
2
kimi-cli
2
github-copilot
2
claude-code
2
Skill 文档
Code Review Skill for OpenHarmony Distributed System Security
Overview
æ¬æè½æä¾OpenHarmonyåå¸å¼ä¸å¡å®å ¨ä»£ç æ£è§çä¸ä¸æ导ï¼å å«18æ¡å®å ¨è®¾è®¡è§åå对åºçæ£è§è¦ç¹ãå½æ£è§åå¸å¼ç³»ç»ä»£ç å®å ¨æ§æ¶ï¼å¨éç¨ç½ç»å®å ¨è§ååºç¡ä¸ï¼ä½¿ç¨è¿äºè§åè¿è¡å 强æ£è§ã
Trigger Phrases
- “æ£è§ä»£ç å®å ¨å®ç°”
- “代ç å®å ¨å®¡æ¥”
- “å®å ¨ä»£ç review”
- “æ£æ¥è¿æ®µä»£ç çå®å ¨æ§”
- “reviewåå¸å¼ä»£ç å®å ¨”
- “OpenHarmonyå®å ¨æ£è§”
Code Review Workflow
Step 1: Understand the Code Context
é¦å ç解代ç çä¸å¡åºæ¯åæå¨æ¨¡åï¼
-
è¯å«å ³é®æ¨¡å: ç¡®å®ä»£ç æ¯å¦æ¶å以ä¸æ¨¡å
- åå¸å¼è®¾å¤ç®¡ç
- åå¸å¼è½¯æ»çº¿
- å ¶ä»éè¦åå¸å¼è½åç模å
-
è¯å«ä¸å¡ç±»å: å¤ææ¯å¦æ¶å以ä¸å®å ¨ææä¸å¡
- 设å¤é´è®¤è¯åææ
- ç¨æ·æææ°æ®ä¼ è¾
- 跨设å¤ç¶ææºç®¡ç
- å¯ä¿¡å ³ç³»ç®¡ç
- 硬件èµæºè®¿é®
-
ç¡®å®è§è²: è¯å«ä»£ç æ¯ä¸»ä½ä¾§(客æ·ç«¯)è¿æ¯å®¢ä½ä¾§(æå¡ç«¯)
Step 2: Load Security Rules
æ ¹æ®ä»£ç æ¶åçä¸å¡ç±»åï¼å è½½security_rules.mdä¸å¯¹åºçè§åï¼
å¿«éç´¢å¼å ³é®è¯:
- 跨设å¤ä¼ è¾ â Rules 3, 8, 15, 17
- ç¶ææº â Rule 2
- ææ/é´æ â Rules 1, 5, 6, 8, 12
- PINç /ç§é¥ â Rules 3, 8, 9, 10
- èµæºç³è¯· â Rule 4
- æéé ç½® â Rules 7, 13
- å¼å ³æ è®° â Rule 14
- ç¨æ·åæ¢ â Rule 16
- å ¼å®¹ä»£ç â Rule 18
Step 3: Review Against Security Rules
对æ¯ä¸ªéç¨çå®å ¨è§åï¼æ§è¡ä»¥ä¸æ£è§ï¼
-
å®ä½ç¸å ³ä»£ç : 使ç¨Grepæç´¢å ³é®æ¨¡å¼
Grep patterns examples: - "auth", "authorize", "permission" for authorization checks - "PIN", "secret", "key" for sensitive data - "state", "status" for state machine - "random", "generate" for secret generation -
æ£æ¥å®ç°ç»è:
- å¯¹ç §è§åä¸çCheck pointsé项æ£æ¥
- æ¥æ¾æ½å¨çè¿è§æ¨¡å¼
- è¯å«ç¼ºå¤±çå®å ¨æªæ½
-
è®°å½åç°:
- æ è®°è¿è§ä»£ç ä½ç½® (file:line)
- 说æè¿åçå ·ä½è§å
- æä¾ä¿®å¤å»ºè®®
Step 4: Apply General Security Best Practices
é¤äºOpenHarmonyç¹å®è§åå¤ï¼è¿éæ£æ¥éç¨å®å ¨å®è·µï¼
- è¾å ¥éªè¯: ææå¤é¨è¾å ¥æ¯å¦ç»è¿éªè¯
- é误å¤ç: æææä½æ¯å¦æéå½çé误å¤ç
- æ¥å¿å®å ¨: æ¯å¦è®°å½äºææä¿¡æ¯
- èµæºç®¡ç: æ¯å¦æèµæºæ³æ¼é£é©
Step 5: Generate Review Report
çæç»æåçå®å ¨æ£è§æ¥åï¼å å«ï¼
- æ§è¡æè¦: åç°ç严éå®å ¨é®é¢æ°éåç级
- è¿è§æ¸ å: æ严éç¨åº¦æåºçè¿è§é¡¹
- è§åæ å°: æ¯ä¸ªé®é¢å¯¹åºçå®å ¨è§å
- ä¿®å¤å»ºè®®: å ·ä½ç代ç ä¿®æ¹å»ºè®®
Common Violation Patterns
Pattern 1: Client-controlled Authorization (è¿åè§å1)
Bad Example:
// 客ä½ä¾§ç´æ¥ä½¿ç¨ä¸»ä½ä¾§ä¼ å
¥çæ å¿æ§å¶å¼¹æ¡
void handleAuthRequest(bool showPopup) {
if (!showPopup) {
// ç´æ¥è·³è¿ææå¼¹æ¡
grantAccess();
}
}
Correct Approach:
// 客ä½ä¾§ç¬ç«å³çæ¯å¦éè¦ææ
void handleAuthRequest() {
if (isSystemBusinessAndRegistered()) {
// 已注åçå
ææä¸å¡
grantAccess();
} else {
// é»è®¤å¿
须弹æ¡
showAuthorizationDialog();
}
}
Pattern 2: Plaintext Sensitive Data (è¿åè§å3)
Bad Example:
// ææä¼ è¾PINç
message.pin_code = userPin;
sendToRemote(message);
Correct Approach:
// å å¯åä¼ è¾
encryptedPin = encryptPin(userPin, sessionKey);
message.encrypted_pin = encryptedPin;
sendToRemote(message);
Pattern 3: Custom Trust Verification (è¿åè§å8)
Bad Example:
// èªè¡æ¯å¯¹è´¦å·ä¿¡æ¯å¤æå¯ä¿¡å
³ç³»
bool isTrusted() {
return localAccount == remoteAccount;
}
Correct Approach:
// ä¾èµHiChainæ¥è¯¢
bool isTrusted() {
CredentialType type = HiChain.queryCredentialType(remoteDevice);
return type == CredentialType.SAME_ACCOUNT;
}
Pattern 4: Insecure Switch Defaults (è¿åè§å14)
Bad Example:
// é»è®¤å¼æ¾é
bool enableSecurityCheck = true; // é»è®¤å¯ç¨
Correct Approach:
// é»è®¤å¼ç¦ç¨
bool enableSecurityCheck = false; // é»è®¤ç¦ç¨ï¼éæ¾å¼å¯ç¨
Security Rule Categories
1. Authorization & Authentication
- Rule 1: Object-side Authorization Control
- Rule 5: Anti-Brute Force Protection
- Rule 6: Server-side Security Logic
- Rule 12: Sensitive Data Authorization and Audit
2. Data Protection
- Rule 3: No Plaintext Sensitive Data Transmission
- Rule 10: Secure Random Secrets
- Rule 17: Business-level Key Isolation
3. Trust Management
- Rule 7: Trusted Relationship Lifecycle Minimization
- Rule 8: Trusted Relationship Verification
- Rule 9: Trusted Relationship Persistence Timing
- Rule 15: Device Legitimacy Verification
- Rule 16: User Isolation for Distributed Trust
4. State Machine & Process Control
- Rule 2: State Machine Context Validation
5. Resource Management
- Rule 4: Resource Access Parameter Validation
- Rule 11: Resource Cleanup
- Rule 13: Minimal Permission Configuration
6. Code Quality
- Rule 14: Secure Switch Default Values
- Rule 18: Legacy Protocol Cleanup
Example Review Session
User request: “æ£è§è¿æ®µåå¸å¼è®¾å¤ç®¡ç代ç çå®å ¨æ§”
Review process:
- Load security rules â Read security_rules.md
- Identify relevant rules â Rules 1, 2, 7, 8, 9, 11 (设å¤ç®¡çç¸å ³)
- Search code patterns â Grep for authorization, trust, state machine
- Check each rule:
- â Rule 1: æææµç¨æ¯å¦å¨å®¢ä½ä¾§ç¬ç«æ§å¶
- â Rule 2: åç°ç¶ææºæªæ ¡éªä¸ä¸æ
- â Rule 7: å¯ä¿¡å ³ç³»çå½å¨æ管çæ£ç¡®
- â Rule 8: åç°èªå®ä¹å¯ä¿¡å¤æé»è¾
- Generate report â ååºè¿è§ç¹åä¿®å¤å»ºè®®
Tips
- Start with keywords: 使ç¨security_rules.mdä¸çå ³é®è¯å¿«éå®ä½å¯ç代ç
- Check both sides: åå¸å¼ä¸å¡éè¦åæ¶æ£æ¥ä¸»ä½ä¾§å客ä½ä¾§ä»£ç
- Verify complete flows: è·è¸ªå®æ´çä¸å¡æµç¨ï¼ä¸è¦åªæ£æ¥å个å½æ°
- Consider edge cases: æ£æ¥é误å¤çãè¶ æ¶ãéè¯çè¾¹çåºæ¯
- Review logging: ç¡®ä¿æ¥å¿ä¸ä¸æ³é²ææä¿¡æ¯
Resources
- Detailed Rules: See security_rules.md for complete rule descriptions and check points
- Quick Reference: Use keyword mapping at the end of security_rules.md for fast rule lookup