gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
217 Commits 19 Branches 95 Tags
main
Commit Graph

55 Commits

Author SHA1 Message Date
davida-ps c1d1824f86 ci(skills): publish release trust packets + expand skill installer awareness (vercel) (#262) 
* ci(skills): publish release trust packets

* ci(skills): simulate beta tag releases

* ci(skills): match release version bump rules

* chore(skills): group agent skills for installer

* chore(skills): make clawtributor global

* chore(skills): bump all skills for trust release

* ci(skills): require npx install docs

* fix(skills): simulate prerelease tag versions

* fix(skills): aggregate trust artifact checksum failures

* fix(frontend): advertise npx skills suite install

* chore(frontend): drop ad hoc homepage copy test

* fix(ci): run skill release tooling tests
 2026-06-10 13:22:22 +03:00
github-actions[bot] d7312d7429 chore: update NVD/GHSA advisories - 1 NVD new, 0 NVD updated (#257) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-06-03T07:38:12Z to 2026-06-10T08:29:07.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-10 11:35:17 +03:00
github-actions[bot] f56a0864f7 chore: update NVD/GHSA advisories - 6 NVD new, 6 NVD updated (#251) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-31T07:16:20Z to 2026-06-03T07:36:53.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-06-03 11:10:10 +03:00
github-actions[bot] 58b092d6d0 chore: update NVD/GHSA advisories - 7 NVD new, 1 NVD updated (#250) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-27T06:34:09Z to 2026-05-31T07:15:12.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-31 10:32:39 +03:00
github-actions[bot] 5d868bf60f chore: update NVD/GHSA advisories - 9 NVD new, 9 NVD updated (#247) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-24T18:52:13Z to 2026-05-27T06:32:58.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-27 09:48:52 +03:00
github-actions[bot] 2e793639f2 chore: update NVD/GHSA advisories - 0 NVD new, 1 NVD updated (#241) 
Automated update from NVD CVE and GHSA advisory feeds.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-16T22:02:27Z to 2026-05-24T18:50:11.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-25 00:37:22 +03:00
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
 2026-05-24 21:41:59 +03:00
github-actions[bot] 0ee0d065ec chore: CVE advisories - 0 new, 19 updated (#233) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-12T06:56:03Z to 2026-05-16T22:00:50.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-17 01:04:46 +03:00
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-05-14 14:38:58 +03:00
github-actions[bot] 382ec4971b chore: CVE advisories - 18 new, 1 updated (#232) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-05-10T13:15:38Z to 2026-05-12T06:54:54.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-12 10:08:29 +03:00
github-actions[bot] 6e512a5e43 chore: CVE advisories - 461 new, 0 updated (#228) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-01-10T13:13:55.000Z to 2026-05-10T13:13:55.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-11 08:56:04 +03:00
github-actions[bot] 85caad5601 chore: CVE advisories - 461 new, 0 updated (#227) 
Automated update from NVD CVE feed.
Keywords: openclaw, nanoclaw, hermes, picoclaw
Poll window: 2026-01-07T12:10:52.000Z to 2026-05-07T12:10:52.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-07 15:14:30 +03:00
github-actions[bot] 4042a388a9 chore: CVE advisories - 0 new, 59 updated (#215) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-30T06:50:23Z to 2026-05-03T06:48:42.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-05-03 13:28:47 +03:00
github-actions[bot] 0e22d8f9bd chore: CVE advisories - 0 new, 12 updated (#214) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-29T06:48:08Z to 2026-04-30T06:49:19.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-30 15:04:42 +03:00
github-actions[bot] f8614a21b3 chore: CVE advisories - 53 new, 28 updated (#213) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-28T06:52:17Z to 2026-04-29T06:46:53.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-29 19:19:03 +03:00
github-actions[bot] 5e298bc1f7 chore: CVE advisories - 11 new, 16 updated (#211) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-26T11:27:34Z to 2026-04-28T06:51:12.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-28 13:29:28 +03:00
github-actions[bot] 808aefe40d chore: CVE advisories - 1 new, 1 updated (#207) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-24T06:36:58Z to 2026-04-26T11:26:31.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-26 14:38:45 +03:00
github-actions[bot] c53463c445 chore: CVE advisories - 31 new, 1 updated (#205) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2026-04-22T11:03:28Z to 2026-04-24T06:36:00.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-24 20:32:13 +03:00
github-actions[bot] 448a2bd577 chore: CVE advisories - 313 new, 0 updated (#193) 
Automated update from NVD CVE feed.
Keywords:
Poll window: 2025-12-23T11:02:04.000Z to 2026-04-22T11:02:04.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-22 20:02:11 +03:00
davida-ps caad6f698c chore(skills): harden openclaw skill metadata (#191) 
* chore(skills): harden openclaw skill metadata

* fix(openclaw-audit-watchdog): add dated release note heading

* chore(skills): normalize openclaw naming

* fix(soul-guardian): preserve legacy launchd state dir

* fix(soul-guardian): clean up legacy launchd labels
 2026-04-14 15:43:04 +03:00
github-actions[bot] 6c33384947 chore: CVE advisories - 0 new, 29 updated (#190) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-04-12T06:30:25Z to 2026-04-14T06:33:41.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-14 14:09:51 +03:00
github-actions[bot] a11314faa9 chore: CVE advisories - 58 new, 0 updated (#178) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-04-09T07:33:03Z to 2026-04-12T06:29:44.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-12 13:22:37 +03:00
github-actions[bot] 969a902fa6 chore: CVE advisories - 1 new, 0 updated (#176) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-04-08T20:59:34Z to 2026-04-09T07:32:24.000Z

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-04-09 10:47:15 +03:00
github-actions[bot] 0cfb9b4784 chore: CVE advisories - 0 new, 4 updated (#175) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-04-05T06:25:01Z to 2026-04-08T20:58:56.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-04-09 00:00:14 +03:00
github-actions[bot] bd6e9e284a chore: CVE advisories - 24 new, 20 updated (#167) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-30T06:34:41Z to 2026-04-05T06:24:22.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-04-05 12:16:06 +03:00
github-actions[bot] e0083353cf chore: CVE advisories - 19 new, 0 updated (#157) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-29T06:22:49Z to 2026-03-30T06:34:03.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-30 10:13:00 +03:00
github-actions[bot] 01f651d6aa chore: CVE advisories - 1 new, 32 updated (#155) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-25T06:21:11Z to 2026-03-29T06:22:11.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-29 11:20:51 +03:00
github-actions[bot] bd17103892 chore: CVE advisories - 0 new, 25 updated (#150) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-24T06:21:41Z to 2026-03-25T06:20:32.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-25 11:12:02 +02:00
github-actions[bot] 28bf775d47 chore: CVE advisories - 28 new, 34 updated (#149) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-20T06:16:32Z to 2026-03-24T06:21:01.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-24 13:57:22 +02:00
github-actions[bot] 30bcb96a23 chore: CVE advisories - 60 new, 14 updated (#143) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-18T06:21:47Z to 2026-03-20T06:15:50.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-23 00:39:24 +02:00
github-actions[bot] 0a320d18d4 chore: CVE advisories - 16 new, 13 updated (#141) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-15T06:18:51Z to 2026-03-18T06:21:06.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-18 12:56:05 +02:00
github-actions[bot] eb124b5f11 chore: CVE advisories - 3 new, 1 updated (#133) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-12T06:16:01Z to 2026-03-15T06:18:13.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-15 12:23:09 +02:00
github-actions[bot] 277c0abe17 chore: CVE advisories - 6 new, 20 updated (#130) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-10T06:12:56Z to 2026-03-12T06:15:22.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-12 14:03:19 +02:00
github-actions[bot] 1cced651a0 chore: CVE advisories - 0 new, 20 updated (#127) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-09T06:19:31Z to 2026-03-10T06:12:16.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-10 09:07:06 +02:00
github-actions[bot] 19b53609c1 chore: CVE advisories - 46 new, 0 updated (#116) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2026-03-01T18:07:41Z to 2026-03-09T06:18:51.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-09 10:10:59 +02:00
github-actions[bot] 56a36b7e52 chore: CVE advisories - 35 new, 0 updated (#97) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2025-11-01T18:07:01.000Z to 2026-03-01T18:07:01.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-03-01 20:14:58 +02:00
davida-ps 073e771b73 Exploitability Context for CVE Advisories (#89) 
* feat(advisories): add exploitability context for CVE advisories

* fix(ci): align exploitability workflow with signing model

* docs(skills): add patch release changelog entries

* chore(clawsec-feed): bump version to 0.0.5

* chore(clawsec-suite): bump version to 0.1.4

* fix(clawsec-nanoclaw): align exploitability handling and nanoclaw integration

* chore(clawsec-nanoclaw): bump version to 0.0.2

* refactor(scripts): share feed path and mirror sync helpers

* refactor(utils): unify cvss vector parsing flow

* refactor(clawsec-nanoclaw): centralize advisory risk evaluation

* docs(exploitability): refresh release metadata dates

* fix(review): align feed signing and advisory dedupe

* chore(clawsec-feed): bump version to 0.0.6

* chore(clawsec-nanoclaw): bump version to 0.0.3

* fix(backfill): limit signing to target feed only

* fix(review): keep skill runtime verify-only and dedupe matching

* chore(clawsec-nanoclaw): bump version to 0.0.4

* chore(skills): align versions with published tags

* feat(feed): enrich local population with exploitability analysis

* docs(exploitability): mark backfill as historical flow
 2026-03-01 18:43:24 +02:00
github-actions[bot] 448aed3261 chore: CVE advisories - 0 new, 34 updated (#73) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2025-10-28T16:48:19.000Z to 2026-02-25T16:48:19.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-02-25 18:51:57 +02:00
github-actions[bot] ea44aea49e chore: CVE advisories - 0 new, 34 updated (#68) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot NanoClaw WhatsApp-bot baileys
Poll window: 2025-10-28T12:39:05.000Z to 2026-02-25T12:39:05.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-02-25 14:40:50 +02:00
davida-ps db0339084f chore: migrate repository licensing from MIT to AGPL (#63) 
* chore(license): migrate repository licensing to AGPL-3.0-or-later

* fix(ci): skip skill dry-run when version is unchanged
 2026-02-24 15:43:14 +02:00
github-actions[bot] af0a515166 chore: CVE advisories - 0 new, 6 updated (#61) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot
Poll window: 2026-02-22T10:57:32Z to 2026-02-24T06:19:58.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-02-24 13:23:31 +02:00
github-actions[bot] e06c3952a3 chore: CVE advisories - 6 new, 9 updated (#50) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot
Poll window: 2026-02-20T06:16:59Z to 2026-02-22T10:57:13.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-02-22 12:58:09 +02:00
github-actions[bot] c61e4e5dbc chore: CVE advisories - 23 new, 0 updated (#47) 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot
Poll window: 2026-02-08T18:42:58Z to 2026-02-20T06:16:40.000Z

Co-authored-by: davida-ps <232346510+davida-ps@users.noreply.github.com>
 2026-02-22 12:55:58 +02:00
davida-ps 7f741d11da Merge branch 'main' into automated/nvd-cve-update-21793513607 2026-02-08 10:10:39 +01:00
davida-ps e329a71de6 Merge branch 'main' into automated/nvd-cve-update-21775459869 2026-02-08 10:07:37 +01:00
davida-ps 186c2ec165 Merge branch 'main' into automated/nvd-cve-update-21728874631 2026-02-08 10:04:23 +01:00
davida-ps 9ae2efa2f7 chore: CVE advisories - 1 new, 0 updated 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot
Poll window: 2026-02-05T12:53:37Z to 2026-02-08T06:16:10.000Z
 2026-02-08 06:16:29 +00:00
davida-ps 5ded815e6a chore: CVE advisories - 1 new, 0 updated 
Automated update from NVD CVE feed.
Keywords: OpenClaw clawdbot Moltbot
Poll window: 2026-02-05T12:53:37Z to 2026-02-07T06:10:40.000Z
 2026-02-07 06:10:59 +00:00
David Abutbul db091fb8b3 chore(clawsec-feed): bump version to 0.0.4 2026-02-06 00:53:56 +02:00
David Abutbul b950c7d937 chore(clawsec-suite, clawsec-feed): update installation instructions and emphasize script review 2026-02-06 00:53:43 +02:00