A wrapper to easily integrate new scanner into the secureCodeBox.

Usage no npm install needed!

<script type="module">
  import securecodeboxSecurecodeboxWorker from 'https://cdn.skypack.dev/@securecodebox/securecodebox-worker';


SecureCodeBox Worker

A wrapper to easily integrate new scanner into the secureCodeBox.

This bundles a few basic concernes every worker service should fullfill:

  • Fetching and completing Tasks
  • Healthcheck endpoints
  • Error handeling


This libary is compatible with Node 8 and beyond.


npm install @securecodebox/securecodebox-worker


This example shows how this libary can be used:

const SecureCodeBoxWorker = require('@securecodebox/securecodebox-worker');

const secureCodeBoxWorker = new SecureCodeBoxWorker({
    engineAddress: 'http://secureboxengine/engine-rest',
    // Used to generate the worker id. This Example would look something like this: securebox.portscan.60a6ac0c-4e26-40ea-908e-598e9c807887
    workername: 'portscan',

    // Name of the External Task specified in the Engine
    // Array of Process Variables which should be fetched
    // Callback function which will be called when a new scan should be performed
    async ({ target }) => {
        const findings = await performScan(target);

        return {
            findings, // Attributes of this Object will be saved as process variables

 * Starts a small server with two endpoints:
 *       "/" basic endpoint for healthchecks returns the worker id as a string
 * "/status" returns a json object containing basic information about this worker

Handeling Errors

In case of a scan failure you can throw Errors from the registerScanner Callback function. The Error message will be submitted back to the engine.

    ['nmap_target', 'nmap_parameter'],
    async ({ nmap_target, nmap_parameter }) => {
        // Thrown Errors will be submitted as incidents to theprocess engine.
        throw new Error('Something went wrong...');

Special Thanks

Most of this functionality of thos package comes from the awesome camunda-worker-node package.