gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-21 09:21:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

auto-claude: subtask-1-1 - Add warning in guarded_skill_install.mjs when checksum verification is disabled

Browse Source
This commit is contained in:
David Abutbul
2026-02-27 20:31:30 +02:00
parent 382db82483
commit 6a982630a2
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/clawsec-suite/scripts/guarded_skill_install.mjs
+6
View File
@@ -146,6 +146,12 @@ async function loadFeed() {
);
}
if (!verifyChecksumManifest) {
process.stderr.write(
"WARNING: CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0 is enabled. Checksum verification for the advisory feed manifest is disabled. This reduces security guarantees.\n",
);
}
const publicKeyPem = allowUnsigned ? "" : await fs.readFile(feedPublicKeyPath, "utf8");
const remoteFeed = await loadRemoteFeed(feedUrl, {