mirror of
https://github.com/prompt-security/clawsec.git
synced 2026-06-13 05:28:02 +03:00
David Abutbul
600c945fe2
* feat(hermes-attestation-guardian): harden attestation verification and drift controls * docs(wiki): add human-friendly claim mapping for hermes attestation guardian * docs(wiki): expand hermes attestation claim narratives and archive draft * fix(attestation): address Baz review findings for schema and verifier * fix(attestation): reject broken symlink output paths * docs(attestation): pass clean community install guard without force * fix(attestation): harden writes and fail-closed config parsing * feat(ui): add Hermes to rotating platform text * test(attestation): add sandboxed Hermes regression runner script --------- Co-authored-by: David Abutbul <David.a@prompt.security>
55 lines
2.2 KiB
Markdown
55 lines
2.2 KiB
Markdown
# Module History: Hermes Attestation Guardian Draft (Archived)
|
|
|
|
## Purpose
|
|
This page preserves the original planning draft that led to `hermes-attestation-guardian` v0.0.1.
|
|
It is historical context, not current behavior contract.
|
|
|
|
## Status
|
|
- Draft date: 2026-04-15
|
|
- Current status: implemented in repository as `skills/hermes-attestation-guardian` v0.0.1
|
|
- Source of truth for live behavior: skill code, tests, and `wiki/modules/hermes-attestation-guardian.md`
|
|
|
|
## What the draft got right
|
|
- Hermes-only positioning (not OpenClaw hook runtime scope).
|
|
- Fail-closed verification as a core requirement.
|
|
- Deterministic attestation and digest binding requirements.
|
|
- Baseline-vs-current drift detection with severity ranking.
|
|
- Safe cron automation expectations (explicit apply, non-destructive defaults).
|
|
|
|
## Original design intent (summarized)
|
|
1) Identity and scope
|
|
- Name should clearly indicate Hermes scope and guardian role.
|
|
- Metadata should make platform targeting explicit.
|
|
|
|
2) Security outcomes
|
|
- Snapshot posture and integrity-sensitive inputs.
|
|
- Detect risky toggles, verification regressions, and trust/file drift.
|
|
- Prioritize high-signal alerts for operators.
|
|
|
|
3) Alignment rules
|
|
- Keep side effects under Hermes paths.
|
|
- Avoid destructive remediation in MVP.
|
|
- Keep operator-facing criticality clear.
|
|
|
|
4) Packaging/release compatibility
|
|
- Match ClawSec skill metadata and changelog requirements.
|
|
- Ensure local validation and test gates pass before release.
|
|
|
|
5) Delegate implementation scope
|
|
- Build generator, verifier, diff logic, cron helper, and tests.
|
|
- Keep docs aligned to implemented behavior.
|
|
|
|
## What changed from draft to implementation
|
|
- Implementation hardened path-scope checks (including symlink-aware escape defense).
|
|
- Verifier baseline trust was made explicit and fail-closed before diffing.
|
|
- Cron managed-marker parser hardened to fail closed on malformed marker structure.
|
|
- Wiki documentation now maps each PR claim to wiring and tests with human-readable operator guidance.
|
|
|
|
## Where to look now
|
|
- Live module documentation:
|
|
- `wiki/modules/hermes-attestation-guardian.md`
|
|
- Live skill implementation:
|
|
- `skills/hermes-attestation-guardian/`
|
|
- Validation tests:
|
|
- `skills/hermes-attestation-guardian/test/`
|