gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
1e48a955ccf7f9a4b5d4aaedfbb9f47779348595
clawsec/skills/clawsec-feed/CHANGELOG.md
T
David Abutbul 1e48a955cc fix(release): exclude tests from skill payloads (#230) 
* fix(release): exclude tests from skill payloads

* fix(release): normalize test path filtering

* fix(release): prefer GitHub artifacts for non-OpenClaw installs

* fix(release): keep legacy ClawHub publishing

* fix(release): address skill packaging review feedback

* chore(skills): bump release versions

* feat(skills): surface recommended platforms

* docs(skills): add signed release verification

* fix(skills): normalize PR version bumps

---------

Co-authored-by: David Abutbul <David.a@prompt.security>
2026-05-14 14:38:58 +03:00

1.8 KiB
Raw Blame History

Changelog

[0.0.7] - 2026-05-14

Security

  • Added explicit signed release artifact verification instructions for standalone installs, including checksums.json, checksums.sig, signing-public.pem, archive hash verification, and SKILL.md/skill.json checksum checks.

All notable changes to the ClawSec Feed skill will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.0.6] - 2026-04-14

Added

  • Operational notes in the skill docs that distinguish standalone feed installation from clawsec-suite automation responsibilities.
  • Metadata describing required standalone install tooling and operator review expectations.

Changed

  • Clarified that the standalone feed package does not itself create persistence, hooks, or cron jobs.
  • Declared checksum/extraction tooling used by the documented install flow (bash, shasum, unzip) in skill metadata.
  • Normalized product naming in the skill docs to use OpenClaw terminology.

Security

  • Made release-provenance and checksum verification expectations explicit for standalone installations on production hosts.

[0.0.5] - 2026-02-28

Added

  • Exploitability-focused advisory guidance, including filtering and prioritization examples.
  • Notification examples that include exploitability context and rationale.

Changed

  • Clarified exploitability scoring guidance to match runtime values (high|medium|low|unknown).
  • Updated response-priority guidance to align with exploitability-first triage.
  • De-duplicated exploitability filtering guidance in SKILL.md by pointing to canonical docs in wiki/exploitability-scoring.md and clawsec-suite.
Reference in New Issue View Git Blame Copy Permalink