gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 21:48:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
209 Commits 19 Branches 95 Tags
11f0fc50c4b4e1718c640bf464f0bb3e7ff894e5
Commit Graph

5 Commits

Author SHA1 Message Date
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
 2026-05-24 21:41:59 +03:00
David Abutbul 19c5113511 fix(attestation): include runtime libs in release sbom (#235) 
* fix(attestation): include runtime libs in release sbom

* ci: verify staged skill release import closure

* fix(release): include missing skill runtime sbom files

* fix(release): require files for import closure

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-05-17 00:40:12 +03:00
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
 2026-05-14 14:38:58 +03:00
davida-ps e0eae65586 refactor(ci): extract shared exploitability enrichment helper (#95) 
* refactor(ci): share exploitability enrichment script

* refactor(scripts): reuse shared exploitability enricher in local feed
 2026-03-01 21:50:10 +02:00
davida-ps 51532bc753 Added dynamic skill-catalog discovery in clawsec-suite (#26) 
* feat(clawsec-suite): integrate audit-watchdog and add email-gated setup

* fix(clawsec-suite): escape shell env assignments in watchdog setup

* fix(lint): remove unnecessary escapes in watchdog exec template

* clawsec-suite: add dynamic remote skill catalog discovery with fallback

* clawsec-suite: align signed feed defaults and checksum key compatibility

* fix(lint): use globalThis fetch/AbortController in catalog script

* Revert "fix(lint): remove unnecessary escapes in watchdog exec template"

This reverts commit 09e40d2a8861e2d179137467c9ba938776609a56.

* Revert "fix(clawsec-suite): escape shell env assignments in watchdog setup"

This reverts commit 54d97653a6f8ac14c125ef14c59bca7532cfee15.

* Revert "feat(clawsec-suite): integrate audit-watchdog and add email-gated setup"

This reverts commit 1ba55dd69ecb7a248a53123277158ce27474d5f7.

* fix(openclaw-audit-watchdog): escape shell env interpolation in setup_cron

* ci(signing): enforce key consistency across docs, repo, and generated assets

* docs(readme): document signing key consistency CI guardrails

* chore(clawsec-suite): bump to 0.1.0 and record release changelog

* chore(changelog): update to version 0.1.1 and enhance signing key drift control documentation

* chore(clawsec-suite): bump version to 0.1.1
 2026-02-16 14:47:32 +02:00