mirror of
https://github.com/prompt-security/clawsec.git
synced 2026-06-13 05:28:02 +03:00
davida-ps
c1d1824f86
* ci(skills): publish release trust packets * ci(skills): simulate beta tag releases * ci(skills): match release version bump rules * chore(skills): group agent skills for installer * chore(skills): make clawtributor global * chore(skills): bump all skills for trust release * ci(skills): require npx install docs * fix(skills): simulate prerelease tag versions * fix(skills): aggregate trust artifact checksum failures * fix(frontend): advertise npx skills suite install * chore(frontend): drop ad hoc homepage copy test * fix(ci): run skill release tooling tests
3.2 KiB
3.2 KiB
Changelog
[0.0.8] - 2026-06-10
Changed
- Re-released skill package with updated marketplace grouping and signed release trust artifacts for Vercel-compatible skill installation.
[0.0.7] - 2026-06-07
Security
- Added comparator range support for NanoClaw advisory matching and fail-closed handling for malformed affected specifiers.
- Added strict integrity IPC request ID validation and result path containment before host-side result writes.
[0.0.6] - 2026-05-24
Changed
- Documented that NanoClaw consumes the consolidated signed advisory feed containing NVD CVEs, approved community advisories, and provisional GHSA-without-CVE records.
- Added advisory metadata typing for GHSA lifecycle fields used by the consolidated feed.
[0.0.5] - 2026-05-14
Security
- Added explicit signed release artifact verification instructions for standalone installs, including
checksums.json,checksums.sig,signing-public.pem, archive hash verification, andSKILL.md/skill.jsonchecksum checks.
All notable changes to the ClawSec NanoClaw compatibility skill will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[0.0.4] - 2026-04-16
Changed
- Moved signature-related local file reads into
lib/local_file_io.tsand kept network fetch logic isolated inlib/signatures.ts.
Security
- Reduced static false-positive exfiltration signals by separating local file I/O and remote fetch code paths.
[0.0.3] - 2026-03-09
Security
- Removed runtime public-key override from host-side package signature verification; verification now always uses the pinned ClawSec key.
- Removed unsigned-package override path in host-side verification flow.
- Added strict package/signature path policy for signature verification (
/tmp,/var/tmp,/workspace/ipc,/workspace/project/data,/workspace/project/tmp,/workspace/project/downloads) with absolute-path, extension, symlink, and realpath boundary checks. - Added policy-bound path enforcement for integrity approvals: approvals now require normalized paths that are explicitly present in non-ignored integrity policy targets.
Changed
- Updated MCP signature verification tool docs and behavior to align with bounded path policy and pinned-key-only verification.
- Added regression tests for signature-verification and integrity-approval hardening invariants.
[0.0.2] - 2026-02-28
Added
- Exploitability-aware advisory output in NanoClaw MCP tools (
exploitability_score,exploitability_rationale). - Exploitability filtering (
exploitabilityScore) forclawsec_list_advisories.
Changed
- Updated NanoClaw advisory sorting and pre-install safety recommendation logic to prioritize exploitability context.
- Updated NanoClaw integration docs to match current host/container integration points (
src/ipc.ts,src/index.ts) and current cache schema. - Removed duplicate exploitability normalization logic from MCP advisory tools and now reuse
normalizeExploitabilityScorefromlib/risk.ts. - Reused
matchesAffectedSpecifierfromlib/advisories.tsin MCP advisory tools to keep skill/version matching logic centralized and consistent.