BlendGuard

Changelog

0.4.2

• Added RULES.md as a reference for the rules BlendGuard uses to scan and flag the .blend files.

Changelog

0.4.1

• Verbose, persistent reports: results stay in the panel with full per-concern explanations
• A "Write Full Report to Text" button for the complete report, self-explaining INCOMPLETE on compressed files, and descriptive clean summaries.

Changelog

0.4.0

• Report overhaul (review feedback): output is split into a neutral "what will run on open" inventory and a short "security concerns" list. Clean files show no red flags.
• Context signals (URL, temp file, runtime decode, plain file writes) and handler registration no longer appear as concerns on their own; autorun_hook removed as a flag.
• Network and subprocess are now "needs a partner": a lone API fetch or ffmpeg call is INFO; they only escalate in combination (e.g. download + execute).
• Every concern carries a plain-English explanation (what / when dangerous / when normal); see docs/RULES.md.
• winreg tightened to registry writes and raised to high; registry reads are no longer flagged.
• Load-time inspection is now opt-in and off by default; recommended flow is scan-before-open plus manual Inspect.

Changelog

0.3.1

• Dropper detection: file_write now also covers pathlib (write_bytes/write_text), os.write/os.open, and io.open.
• New strong script_drop signal: flags a write whose target is an executable or script file (.py .pyw .pth .bat .cmd .ps1 .psm1 .vbs .scr .sh .js .exe .dll), keyed on the write target so it survives content obfuscation. Catches chained, variable-split, open(), and .pth-into-site-packages forms.
• Reads of script files and writes of non-script files (.json, .fbx) stay unflagged. Corpora unchanged (14/14 evasion, 0 false positives). Added tests/test_droppers.py.

Changelog

0.3.0

• Block-aware .blend disk parser: isolates text from file-blocks (with a whole-file fallback) for far less byte-scan noise.
• OSL script-node detection in the in-session inspector.

0.2.0

• Capability-based ruleset (context signals cannot escalate alone) to cut false positives.
• Normalization pre-pass (string concatenation, \x/octal/\u escapes).
• Multi-codec recursive decoder (base64/85/32, hex, rot13, zlib, gzip) with depth and size caps.
• Shannon-entropy flag for undecodable encoded blobs.
• AST confirmation of exec/eval/__import__/os.system/subprocess calls.
• Driver-expression mode (Python in a driver escalates).
• Campaign IOCs (Cloudflare Workers loader, PowerShell -enc, stealer/wallet paths).
• Result vs 0.1 on the test corpora: evasion rated DANGEROUS 6/14 -> 14/14; benign false positives 1 -> 0.

Changelog

Code cleanup and documentation.

Changelog

Initial version.