diff --git a/skills/clawsec-suite/CHANGELOG.md b/skills/clawsec-suite/CHANGELOG.md
index 143c9c9..bafad20 100644
--- a/skills/clawsec-suite/CHANGELOG.md
+++ b/skills/clawsec-suite/CHANGELOG.md
@@ -5,7 +5,27 @@ All notable changes to the ClawSec Suite will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [0.1.2]
+
+### Added
+
+- Advisory suppression module (`hooks/clawsec-advisory-guardian/lib/suppression.mjs`).
+- `loadAdvisorySuppression()` -- loads suppression config with `enabledFor: ["advisory"]` sentinel gate.
+- `isAdvisorySuppressed()` -- matches `advisory.id === rule.checkId` + case-insensitive skill name.
+- Advisory guardian handler integration: partitions matches into active/suppressed after `findMatches()`.
+- Suppressed matches tracked in state file (prevents re-evaluation) but not alerted.
+- Soft notification message for suppressed matches count.
+- Advisory suppression tests (13 tests in `advisory_suppression.test.mjs`).
+- Documentation in SKILL.md for advisory suppression/allowlist mechanism.
+
+### Changed
+
+- Advisory guardian handler (`handler.ts`) now loads suppression config and filters matches before alerting.
+
+### Security
+
+- Advisory suppression gated by config file sentinel (`enabledFor: ["advisory"]`) -- no CLI flag needed but config must explicitly opt in.
+- Suppressed matches are still tracked in state to maintain audit trail.
 
 ## [0.1.1] - 2026-02-16
 
diff --git a/skills/openclaw-audit-watchdog/CHANGELOG.md b/skills/openclaw-audit-watchdog/CHANGELOG.md
new file mode 100644
index 0000000..16120bc
--- /dev/null
+++ b/skills/openclaw-audit-watchdog/CHANGELOG.md
@@ -0,0 +1,30 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.1.0]
+
+### Added
+
+- Suppression/allowlist mechanism with explicit opt-in gating (defense in depth).
+- `--enable-suppressions` CLI flag for `run_audit_and_format.sh`, `render_report.mjs`, and `runner.sh`.
+- `enabledFor` config sentinel -- config must declare `"enabledFor": ["audit"]` for audit suppression to activate.
+- 4-tier config file resolution: explicit `--config` path > `OPENCLAW_AUDIT_CONFIG` env var > `~/.openclaw/security-audit.json` > `.clawsec/allowlist.json`.
+- `INFO-SUPPRESSED` section in report output showing suppressed findings with metadata.
+- Integration tests for suppression behavior (11 tests in `render_report_suppression.test.mjs`).
+- Unit tests for config loading and opt-in gating (15 tests in `suppression_config.test.mjs`).
+- Test fixtures: `empty-suppressions.json`, `invalid-json.json`, `malformed-config.json`.
+
+### Changed
+
+- `load_suppression_config.mjs` now requires explicit `{ enabled: true }` parameter -- returns empty suppressions by default.
+- `render_report.mjs` passes suppression enabled state to config loader.
+- Summary counts in report output are recalculated after filtering suppressed findings.
+
+### Security
+
+- Suppression is never active by default -- requires BOTH CLI flag AND config sentinel (defense in depth).
+- Environment variables alone cannot activate suppression (prevents ambient attack vector).