gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-16 06:51:21 +03:00
Code Issues Packages Projects Releases Wiki Activity
211 Commits 15 Branches 95 Tags
dependabot/github_actions/github/codeql-action-4.36.2
Commit Graph

9 Commits

Author SHA1 Message Date
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
 2026-05-24 21:41:59 +03:00
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-05-14 14:38:58 +03:00
davida-ps caad6f698c chore(skills): harden openclaw skill metadata (#191) 
* chore(skills): harden openclaw skill metadata

* fix(openclaw-audit-watchdog): add dated release note heading

* chore(skills): normalize openclaw naming

* fix(soul-guardian): preserve legacy launchd state dir

* fix(soul-guardian): clean up legacy launchd labels
 2026-04-14 15:43:04 +03:00
davida-ps 073e771b73 Exploitability Context for CVE Advisories (#89) 
* feat(advisories): add exploitability context for CVE advisories

* fix(ci): align exploitability workflow with signing model

* docs(skills): add patch release changelog entries

* chore(clawsec-feed): bump version to 0.0.5

* chore(clawsec-suite): bump version to 0.1.4

* fix(clawsec-nanoclaw): align exploitability handling and nanoclaw integration

* chore(clawsec-nanoclaw): bump version to 0.0.2

* refactor(scripts): share feed path and mirror sync helpers

* refactor(utils): unify cvss vector parsing flow

* refactor(clawsec-nanoclaw): centralize advisory risk evaluation

* docs(exploitability): refresh release metadata dates

* fix(review): align feed signing and advisory dedupe

* chore(clawsec-feed): bump version to 0.0.6

* chore(clawsec-nanoclaw): bump version to 0.0.3

* fix(backfill): limit signing to target feed only

* fix(review): keep skill runtime verify-only and dedupe matching

* chore(clawsec-nanoclaw): bump version to 0.0.4

* chore(skills): align versions with published tags

* feat(feed): enrich local population with exploitability analysis

* docs(exploitability): mark backfill as historical flow
 2026-03-01 18:43:24 +02:00
davida-ps db0339084f chore: migrate repository licensing from MIT to AGPL (#63) 
* chore(license): migrate repository licensing to AGPL-3.0-or-later

* fix(ci): skip skill dry-run when version is unchanged
 2026-02-24 15:43:14 +02:00
David Abutbul db091fb8b3 chore(clawsec-feed): bump version to 0.0.4 2026-02-06 00:53:56 +02:00
David Abutbul 8c4f7d594c chore(clawsec-feed): bump version to 0.0.3 2026-02-06 00:36:03 +02:00
David Abutbul 446cc690dd chore(clawsec-feed): bump version to 0.0.2 2026-02-06 00:30:33 +02:00
David Abutbul d3c703aea6 ClawSec init 2026-02-05 21:58:23 +02:00