gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
19c5113511ccd853be17f10117c16fe566648479
clawsec/types.ts
T
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
2026-05-14 14:38:58 +03:00

140 lines
3.1 KiB
TypeScript
Raw Blame History

export interface Skill {
id: string;
name: string;
version: string;
description: string;
installCommand: string;
hash: string;
tags: string[];
}
export interface FeedItem {
id: string;
date: string;
severity: 'low' | 'medium' | 'high' | 'critical';
title: string;
description: string;
}
export type AdvisoryType =
| 'malicious_skill'
| 'vulnerable_skill'
| 'prompt_injection'
| 'attack_pattern'
| 'best_practice'
| 'tampering_attempt'
// NVD CVE advisories use normalized weakness names (for example:
// "missing_authentication_for_critical_function", "os_command_injection").
// Keep this open for new categories without requiring type updates.
| string;
export const CORE_PLATFORM_SLUGS = ['openclaw', 'nanoclaw', 'hermes', 'picoclaw'] as const;
export type CorePlatformSlug = (typeof CORE_PLATFORM_SLUGS)[number];
export type AdvisoryPlatformSlug = CorePlatformSlug | (string & {});
export type AdvisoryPlatformFilter = 'all' | CorePlatformSlug | 'other';
// Full advisory type from NVD CVE feed or community reports
export interface Advisory {
id: string;
severity: 'low' | 'medium' | 'high' | 'critical';
type: AdvisoryType;
title: string;
description: string;
affected?: string[];
action: string;
published: string;
references?: string[];
cvss_score?: number | null;
nvd_url?: string;
platforms?: AdvisoryPlatformSlug[];
// Community report fields (source defaults to "Prompt Security Staff" when absent)
source?: string;
github_issue_url?: string;
reporter?: {
agent_name?: string;
opener_type?: 'human' | 'agent';
};
}
export interface AdvisoryFeed {
version: string;
updated: string;
description: string;
advisories: Advisory[];
}
export interface NavItem {
label: string;
path: string;
external?: boolean;
}
// Multi-skill distribution types
export interface SkillMetadata {
id: string;
name: string;
version: string;
description: string;
emoji: string;
category: string;
platforms?: AdvisoryPlatformSlug[];
tag: string;
}
export interface SkillsIndex {
version: string;
updated: string;
skills: SkillMetadata[];
}
export interface SkillChecksums {
skill: string;
version: string;
generated_at: string;
repository: string;
tag: string;
files: Record<string, {
sha256: string;
size: number;
path?: string;
url: string;
}>;
}
export interface SkillPlatformMetadata {
emoji?: string;
category?: string;
feed_url?: string;
requires?: {
bins?: string[];
[key: string]: unknown;
};
triggers?: string[];
internal?: boolean;
[key: string]: unknown;
}
export interface SkillJson {
name: string;
version: string;
description: string;
author: string;
license: string;
homepage: string;
keywords: string[];
sbom: {
files: Array<{
path: string;
required: boolean;
description: string;
}>;
};
platforms?: AdvisoryPlatformSlug[];
platform?: CorePlatformSlug | (string & {});
openclaw?: SkillPlatformMetadata | null;
hermes?: SkillPlatformMetadata | null;
nanoclaw?: SkillPlatformMetadata | null;
picoclaw?: SkillPlatformMetadata | null;
}
Reference in New Issue View Git Blame Copy Permalink