gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-23 10:21:21 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix(release): resolve metadata review comments

Browse Source
This commit is contained in:
David Abutbul
2026-06-23 00:24:51 +03:00
parent 6d155d747b
commit bd6403073e
4 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/test-skill-release-workflow.mjs
+8 -1
View File
@@ -250,10 +250,17 @@ assert.match(
assert.match(
workflow,
/comment-skillspector-report:[\s\S]*needs: release[\s\S]*issues: write[\s\S]*pull-requests: write[\s\S]*actions\/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8\.0\.1/,
/comment-skillspector-report:[\s\S]*needs: release[\s\S]*issues: write[\s\S]*actions\/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8\.0\.1/,
'Skill release workflow must download generated SkillSpector reports in a separate PR comment job with comment permissions',
);
const commentJob = workflow.match(/[ ]{2}comment-skillspector-report:[\s\S]*?\n[ ]{2}[a-z][^:\n]*:/)?.[0] || "";
assert.doesNotMatch(
commentJob,
/pull-requests: write/,
'SkillSpector PR comment publishing should not request redundant pull-requests write permissions',
);
assert.match(
workflow,
/comment-skillspector-report:[\s\S]*if: always\(\) && github\.event_name == 'pull_request' && needs\.release\.result != 'cancelled'[\s\S]*Download SkillSpector reports[\s\S]*continue-on-error: true/,
scripts/test-skill-trust-packet.mjs
+1 -1
View File
@@ -62,7 +62,7 @@ try {
const hermesResult = runTrustPacket(
"skills/hermes-attestation-guardian",
hermesOutputDir,
"hermes-attestation-guardian-v0.1.4",
"hermes-attestation-guardian-v0.1.5",
);
assert.equal(
hermesResult.status,