gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-16 23:11:20 +03:00
Code Issues Packages Projects Releases Wiki Activity
211 Commits 16 Branches 95 Tags
dependabot/github_actions/github/codeql-action-4.36.2
Commit Graph

4 Commits

Author SHA1 Message Date
davida-ps 3cef7aa46b fix(security): harden high scan findings (#258) 
* fix(security): harden high scan findings

* fix(security): tighten review hardening

* fix(nanoclaw): preserve prerelease advisory matching
 2026-06-07 13:00:56 +03:00
davida-ps f0f33b8121 fix(clawsec-clawhub-checker): remove suspicious install patterns (#197) 
* fix(clawsec-clawhub-checker): remove mutating setup and install scraping

* fix(clawsec-clawhub-checker): harden fail-closed reputation paths
 2026-04-17 03:01:08 +03:00
davida-ps caad6f698c chore(skills): harden openclaw skill metadata (#191) 
* chore(skills): harden openclaw skill metadata

* fix(openclaw-audit-watchdog): add dated release note heading

* chore(skills): normalize openclaw naming

* fix(soul-guardian): preserve legacy launchd state dir

* fix(soul-guardian): clean up legacy launchd labels
 2026-04-14 15:43:04 +03:00
David Abutbul f43f792a88 feat(skills): add clawsec-clawhub-checker reputation checking skill (#41) 
* feat(skills): add clawsec-clawhub-checker reputation checking skill

- Adds ClawHub reputation checks to guarded installer
- Integrates VirusTotal Code Insight scores
- Requires --confirm-reputation for suspicious skills
- Enhances advisory guardian hook with reputation warnings
- Defense-in-depth layer for skill installation security

* feat: add clawsec-clawhub-checker skill

- Enhanced guarded installer with reputation checks
- VirusTotal Code Insight integration
- Reputation scoring (0-100) with multiple signals
- New exit code 43 for reputation warnings
- Requires --confirm-reputation for suspicious skills
- Integration with clawsec-advisory-guardian hook
- Standalone skill compatible with dynamic catalog system

Note: Removed hardcoded catalog entry to work with new
dynamic catalog system (discover_skill_catalog.mjs).

* fix: lint errors in clawsec-clawhub-checker

- Remove unused imports (fs, os, path) from check_clawhub_reputation.mjs
- Remove unused variable in setup_reputation_hook.mjs
- Remove unused os import from update_suite_catalog.mjs
- All ESLint checks now pass
- TypeScript check passes
- Build check passes

* refactor: remove PR_NOTES.md and update documentation in README.md and SKILL.md
feat: add input validation for skill slug and version in check_clawhub_reputation.mjs
fix: enhance argument parsing in enhanced_guarded_install.mjs
test: add reputation check tests for input validation and output formatting
chore: delete unused update_suite_catalog.mjs script

* feat: enhance clawsec-clawhub-checker with setup script and reputation checks

* feat: integrate reputation checks into clawhub setup script and enhance installer

* docs: update README and SKILL documentation to reflect new installer scripts and usage instructions

* feat: enhance CLI validation for skill version and reputation threshold; update documentation

---------

Co-authored-by: davida-ps <david.a@prompt.security>
 2026-02-16 21:27:32 +02:00