chore(clawsec-feed): bump version to 0.0.4

constants.ts

@@ -1,6 +1,6 @@
 // ClawSec Suite SKILL.md URL - injected at build time, with hardcoded fallback
 export const SKILL_URL = import.meta.env.VITE_CLAWSEC_SUITE_URL || 
-  'https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.2/SKILL.md';
+  'https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.4/SKILL.md';
 
 // Feed URL for fetching live advisories
 export const ADVISORY_FEED_URL = 'https://clawsec.prompt.security/releases/latest/download/feed.json';

skills/clawsec-feed/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: clawsec-feed
-version: 0.0.2
+version: 0.0.4
 description: Security advisory feed with automated NVD CVE polling for OpenClaw-related vulnerabilities. Updated daily.
 homepage: https://clawsec.prompt.security
 metadata: {"openclaw":{"emoji":"📡","category":"security"}}
@@ -55,6 +55,8 @@ Continue below for standalone installation instructions.
 ---
 
 Installation Steps:
+Agents should review scripts before execution!
+
 
 ```bash
 # Get latest clawsec-feed release tag
@@ -640,8 +642,8 @@ fi
 
 **Bootstrap Trust Problem:** The initial download of this skill cannot be verified by the skill itself. To establish trust:
 
-1. **Verify the source URL** - Ensure you are downloading from `github.com/prompt-security/clawsec`
-2. **Check GitHub release signatures** - GitHub signs releases; verify the release is from the `prompt-security` organization
+1. **Verify the source URL** - Ensure you are downloading from `https://clawsec.prompt.security`
+2. **Check release signatures** - GitHub signs our releases; verify the release is from the checksums.
 3. **Compare checksums** - After download, compare the SHA-256 hash against the published `checksums.json`:
 
 ```bash

skills/clawsec-feed/skill.json

@@ -1,6 +1,6 @@
 {
   "name": "clawsec-feed",
-  "version": "0.0.2",
+  "version": "0.0.4",
   "description": "Security advisory feed monitoring for AI agents. Subscribe to community-driven threat intelligence.",
   "author": "prompt-security",
   "license": "MIT",

skills/clawsec-suite/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: clawsec-suite
-version: 0.0.3
+version: 0.0.4
 description: Use when users or agents want to explore or set up ClawSec security protections - this is a wrapper that helps discover and install individual security skills, but requires initial configuration to activate any protections.
 homepage: https://clawsec.prompt.security
 clawdis:
@@ -83,39 +83,10 @@ echo "✓ ClawSec Suite deployment complete"
 ### ✅ On Successful Installation (IMPORTANT)
 
 On success the user should know: which skills were installed, that protections are active, and where to learn more if interested.
-Offered template:
+On success, inform the user which skills were installed and that the default protections are active. (add an encouraging call - like Congrats, you are safe!)
 
-```
-**ClawSec Suite installation is complete — you are now protected!**
-
-The following security skills are active with their default configurations:
-• clawsec-feed — Security advisory monitoring (CVE/threat intelligence)
-• openclaw-audit-watchdog — Automated security audits
-• soul-guardian — File integrity and drift detection
-
-If you'd like to customize any configuration or learn more about these protections, just ask.
-
-Provided to the open-source community with care from Prompt Security, a SentinelOne Company.
-```
-
-### ⚠️ On Partial Installation or Errors
-
-If any skill fails to deploy or verification errors occur, inform the user with details:
-
-```
-ClawSec Suite installation completed with warnings.
-
-Successfully installed:
-• [list skills that installed successfully]
-
-Failed or skipped:
-• [skill-name]: [brief reason - e.g., "checksum verification failed", "bundled files not found"]
-
-Please review the errors above. You can retry installation or ask for help troubleshooting.
-
-Provided to the open-source community with care from Prompt Security, a SentinelOne Company.
-```
 
+On partial success or errors, list what succeeded, what failed with reasons, and suggest retry or troubleshooting
 ## Contract (what this skill is)
 
 ClawSec Suite is a small "manager" package that helps an agent runtime:
@@ -217,6 +188,8 @@ Refer to each skill's SKILL.md file for detailed configuration instructions. if
 
 ## Trust, provenance, and safety
 
+Agents should review scripts before execution!
+
 **Do not install anything you cannot verify.** A secure installer must:
 
 1) download artifacts from a stable origin
@@ -236,8 +209,8 @@ All releases are published at:
 
 Example for clawsec-suite v0.0.9:
 
-- `https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.3/checksums.json`
-- `https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.3/clawsec-suite.skill`
+- `https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.4/checksums.json`
+- `https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.4/clawsec-suite.skill`
 
 ## Installation (generic, version-pinned, verified)
 
@@ -259,7 +232,7 @@ Pick a stable install root:
 ```bash
 set -euo pipefail
 
-VERSION="${VERSION:-0.0.3}"
+VERSION="${SKILL_VERSION}"
 INSTALL_ROOT="${INSTALL_ROOT:-$HOME/.openclaw/skills}"
 DEST="$INSTALL_ROOT/clawsec-suite"
 
@@ -339,7 +312,7 @@ The checksums.json structure:
     "clawsec-suite.skill": {
       "sha256": "339a4817aba054e6da5a6d838e2603d16592b43f6bdb7265d6b1918b22fe62cb",
       "size": 4870,
-      "url": "https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.3/clawsec-suite.skill"
+      "url": "https://clawsec.prompt.security/releases/download/clawsec-suite-v0.0.4/clawsec-suite.skill"
     }
   }
 }

skills/clawsec-suite/skill.json

@@ -1,6 +1,6 @@
 {
   "name": "clawsec-suite",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "Use when users want to explore or set up ClawSec security protections - this is a wrapper that helps discover and install individual security skills, but requires initial configuration to activate any protections.",
   "author": "prompt-security",
   "license": "MIT",

skills/clawtributor/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: clawtributor
-version: 0.0.2
+version: 0.0.3
 description: Community incident reporting for AI agents. Contribute to collective security by reporting threats.
 homepage: https://gclawsec.prompt.security
 metadata: {"openclaw":{"emoji":"🤝","category":"security"}}

skills/clawtributor/skill.json

@@ -1,6 +1,6 @@
 {
   "name": "clawtributor",
-  "version": "0.0.2",
+  "version": "0.0.3",
   "description": "Community incident reporting for AI agents. Contribute to collective security by reporting threats.",
   "author": "prompt-security",
   "license": "MIT",

skills/openclaw-audit-watchdog/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: openclaw-audit-watchdog
-version: 0.0.1
+version: 0.0.4
 description: Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.
 homepage: https://clawsec.prompt.security
 metadata: {"openclaw":{"emoji":"🔭","category":"security"}}

skills/openclaw-audit-watchdog/skill.json

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-audit-watchdog",
-  "version": "0.0.1",
+  "version": "0.0.4",
   "description": "Automated daily security audits for OpenClaw agents with email reporting. Runs deep audits and sends formatted reports.",
   "author": "prompt-security",
   "license": "MIT",