mirror of
https://github.com/prompt-security/clawsec.git
synced 2026-06-13 05:28:02 +03:00
David Abutbul
1e48a955cc
* fix(release): exclude tests from skill payloads * fix(release): normalize test path filtering * fix(release): prefer GitHub artifacts for non-OpenClaw installs * fix(release): keep legacy ClawHub publishing * fix(release): address skill packaging review feedback * chore(skills): bump release versions * feat(skills): surface recommended platforms * docs(skills): add signed release verification * fix(skills): normalize PR version bumps --------- Co-authored-by: David Abutbul <David.a@prompt.security>
92 lines
2.3 KiB
JSON
92 lines
2.3 KiB
JSON
{
|
|
"name": "picoclaw-self-pen-testing",
|
|
"version": "0.0.2",
|
|
"description": "Picoclaw-only local posture-review skill focused on read-only findings and safe operator remediation guidance.",
|
|
"author": "prompt-security",
|
|
"license": "AGPL-3.0-or-later",
|
|
"homepage": "https://clawsec.prompt.security/",
|
|
"platform": "picoclaw",
|
|
"keywords": [
|
|
"security",
|
|
"picoclaw",
|
|
"posture-review",
|
|
"read-only-audit",
|
|
"mcp",
|
|
"auth"
|
|
],
|
|
"sbom": {
|
|
"files": [
|
|
{
|
|
"path": "SKILL.md",
|
|
"required": true,
|
|
"description": "Skill documentation and operator guidance"
|
|
},
|
|
{
|
|
"path": "README.md",
|
|
"required": true,
|
|
"description": "Quickstart overview"
|
|
},
|
|
{
|
|
"path": "CHANGELOG.md",
|
|
"required": true,
|
|
"description": "Version history"
|
|
},
|
|
{
|
|
"path": "lib/self_pen_test.mjs",
|
|
"required": true,
|
|
"description": "Local posture-review finding engine"
|
|
},
|
|
{
|
|
"path": "lib/format.mjs",
|
|
"required": true,
|
|
"description": "Stable JSON formatter for deterministic output"
|
|
},
|
|
{
|
|
"path": "scripts/self_pen_test.mjs",
|
|
"required": true,
|
|
"description": "Run posture-review checks on a profile"
|
|
}
|
|
]
|
|
},
|
|
"picoclaw": {
|
|
"emoji": "🦐",
|
|
"category": "security",
|
|
"requires": {
|
|
"bins": [
|
|
"node"
|
|
]
|
|
},
|
|
"runtime": {
|
|
"required_env": [],
|
|
"optional_env": [
|
|
"PICOCLAW_HOME"
|
|
]
|
|
},
|
|
"capabilities": {
|
|
"security_feed": false,
|
|
"config_drift": false,
|
|
"agent_self_pen_testing": true,
|
|
"supply_chain_install_verification": false
|
|
},
|
|
"execution": {
|
|
"always": false,
|
|
"persistence": "Read-only/on-demand; no scheduler is installed.",
|
|
"network_egress": "None"
|
|
},
|
|
"operator_review": [
|
|
"This package is intentionally isolated so posture-review checks can be independently published or withheld.",
|
|
"Treat findings as operator review guidance; do not auto-remediate without explicit approval."
|
|
],
|
|
"triggers": [
|
|
"picoclaw posture review",
|
|
"picoclaw local security review",
|
|
"picoclaw auth exposure review"
|
|
],
|
|
"test_requires": {
|
|
"bins": [
|
|
"node"
|
|
]
|
|
}
|
|
}
|
|
}
|