* Add Picoclaw guardian + posture-review skills at v0.0.1 with wiki docs
* fix(feed): add picoclaw to core platform taxonomy and filters
* fix(picoclaw): resolve eslint errors in new skills
* chore(nvd): include picoclaw in CVE polling and cleanup report
---------
Co-authored-by: David Abutbul <David.a@prompt.security>
* feat: add clawsec-advisory-guardian hook for advisory monitoring and user approval
- Implemented clawsec-advisory-guardian hook to detect advisories for installed skills.
- Added handler for processing advisory matches and notifying users.
- Created scripts for setting up advisory hooks and cron jobs for periodic scans.
- Introduced guarded skill installation script requiring user confirmation for high-risk advisories.
- Updated skill.json to reflect new features and embedded components for advisory monitoring.
* chore(clawsec-suite): bump version to 0.0.8
* feat: enhance release script to support version tagging and improve install function
* fix: use globalThis for AbortController and timeout functions in loadRemoteFeed
* Update scripts/release-skill.sh
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/scripts/guarded_skill_install.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update scripts/release-skill.sh
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Normalize version input by removing leading 'v' in versionMatches function
* Add dirName property to InstalledSkill and update alert message paths
* Enhance file permission handling in persistState function and add warning for chmod errors
* Refactor advisory guardian hook: modularize utility functions, version handling, and feed management
- Moved utility functions (isObject, normalizeSkillName, uniqueStrings) to lib/utils.mjs
- Created version handling functions (parseSemver, compareSemver, versionMatches) in lib/version.mjs
- Implemented feed management functions (parseAffectedSpecifier, isValidFeedPayload, loadRemoteFeed) in lib/feed.mjs
- Updated handler.ts to utilize new modular functions for improved readability and maintainability
- Added new types and state management in lib/types.ts and lib/state.ts
- Updated scripts to reflect new file structure and dependencies
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/matching.ts
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Add published field to Advisory type and refine version matching logic
* Set default version to "unknown" in discoverInstalledSkills and adjust versionMatches logic
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/version.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/matching.ts
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/version.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
---------
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
David Abutbul
davida-ps