* Add Picoclaw guardian + posture-review skills at v0.0.1 with wiki docs
* fix(feed): add picoclaw to core platform taxonomy and filters
* fix(picoclaw): resolve eslint errors in new skills
* chore(nvd): include picoclaw in CVE polling and cleanup report
---------
Co-authored-by: David Abutbul <David.a@prompt.security>
* feat: add severity filter tabs to advisory feed page
Add horizontal severity filter tabs (All, Critical, High, Medium, Low)
to the advisory feed page. Advisories are filtered by CVSS score ranges
matching NVD conventions. Tab counts update dynamically.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: extract severity filter tabs into data-driven map
Replace five duplicated button blocks with a SEVERITY_TABS metadata
array and a single .map() loop. Class strings are kept as full literals
for Tailwind purge compatibility.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* refactor: replace filteredAdvisories state with useMemo
filteredAdvisories is derived from advisories + selectedSeverity and
should not be independent state. Replace useState + filtering useEffect
with a single useMemo. Keep a minimal useEffect that only resets
currentPage on dependency changes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add platform filter tabs (OpenClaw / NanoClaw) to advisory feed
Add a second row of filter tabs for platform selection using the clawd
color palette. Add platforms field to Advisory type to match feed data.
Both severity and platform filters compose via useMemo.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix: extract shared FilterTabs component and treat missing platforms as universal
Extract a reusable FilterTabs component so severity and platform tab
rows share identical markup. Fix platform filter to treat advisories
with missing or empty platforms as matching all platforms, preventing
legacy entries from being silently dropped.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add clawsec-advisory-guardian hook for advisory monitoring and user approval
- Implemented clawsec-advisory-guardian hook to detect advisories for installed skills.
- Added handler for processing advisory matches and notifying users.
- Created scripts for setting up advisory hooks and cron jobs for periodic scans.
- Introduced guarded skill installation script requiring user confirmation for high-risk advisories.
- Updated skill.json to reflect new features and embedded components for advisory monitoring.
* chore(clawsec-suite): bump version to 0.0.8
* feat: enhance release script to support version tagging and improve install function
* fix: use globalThis for AbortController and timeout functions in loadRemoteFeed
* Update scripts/release-skill.sh
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/scripts/guarded_skill_install.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update scripts/release-skill.sh
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Normalize version input by removing leading 'v' in versionMatches function
* Add dirName property to InstalledSkill and update alert message paths
* Enhance file permission handling in persistState function and add warning for chmod errors
* Refactor advisory guardian hook: modularize utility functions, version handling, and feed management
- Moved utility functions (isObject, normalizeSkillName, uniqueStrings) to lib/utils.mjs
- Created version handling functions (parseSemver, compareSemver, versionMatches) in lib/version.mjs
- Implemented feed management functions (parseAffectedSpecifier, isValidFeedPayload, loadRemoteFeed) in lib/feed.mjs
- Updated handler.ts to utilize new modular functions for improved readability and maintainability
- Added new types and state management in lib/types.ts and lib/state.ts
- Updated scripts to reflect new file structure and dependencies
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/matching.ts
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Add published field to Advisory type and refine version matching logic
* Set default version to "unknown" in discoverInstalledSkills and adjust versionMatches logic
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/version.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/matching.ts
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
* Update skills/clawsec-suite/hooks/clawsec-advisory-guardian/lib/version.mjs
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
---------
Co-authored-by: baz-reviewer[bot] <174234987+baz-reviewer[bot]@users.noreply.github.com>
davida-ps
David Abutbul