From 07349e6107d1435eea33d475d4190de8051be92a Mon Sep 17 00:00:00 2001
From: vignesh07 <vigneshnatarajan92@gmail.com>
Date: Thu, 29 Jan 2026 09:14:41 -0800
Subject: [PATCH] chore(moderation): block ClawdAuthenticatorTool listing

---
 convex/lib/moderation.ts | 4 ++++
 convex/lib/public.ts     | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/convex/lib/moderation.ts b/convex/lib/moderation.ts
index e8702a9..491070f 100644
--- a/convex/lib/moderation.ts
+++ b/convex/lib/moderation.ts
@@ -1,6 +1,10 @@
 import type { Doc } from '../_generated/dataModel'
 
 const FLAG_RULES: Array<{ flag: string; pattern: RegExp }> = [
+  // Known-bad / known-suspicious identifiers.
+  // NOTE: keep these narrowly scoped; use staff review to confirm removals.
+  { flag: 'blocked.malware', pattern: /(keepcold131\/ClawdAuthenticatorTool|ClawdAuthenticatorTool)/i },
+
   { flag: 'suspicious.keyword', pattern: /(malware|stealer|phish|phishing|keylogger)/i },
   { flag: 'suspicious.secrets', pattern: /(api[-_ ]?key|token|password|private key|secret)/i },
   { flag: 'suspicious.crypto', pattern: /(wallet|seed phrase|mnemonic|crypto)/i },
diff --git a/convex/lib/public.ts b/convex/lib/public.ts
index e7fc6e0..239927d 100644
--- a/convex/lib/public.ts
+++ b/convex/lib/public.ts
@@ -53,6 +53,8 @@ export function toPublicUser(user: Doc<'users'> | null | undefined): PublicUser
 
 export function toPublicSkill(skill: Doc<'skills'> | null | undefined): PublicSkill | null {
   if (!skill || skill.softDeletedAt) return null
+  if (skill.moderationStatus && skill.moderationStatus !== 'active') return null
+  if (skill.moderationFlags?.includes('blocked.malware')) return null
   return {
     _id: skill._id,
     _creationTime: skill._creationTime,
@@ -73,6 +75,8 @@ export function toPublicSkill(skill: Doc<'skills'> | null | undefined): PublicSk
 
 export function toPublicSoul(soul: Doc<'souls'> | null | undefined): PublicSoul | null {
   if (!soul || soul.softDeletedAt) return null
+  if (soul.moderationStatus && soul.moderationStatus !== 'active') return null
+  if (soul.moderationFlags?.includes('blocked.malware')) return null
   return {
     _id: soul._id,
     _creationTime: soul._creationTime,