gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
4dbac421ab9400847fa1a44393b26b28fb38b052
clawsec/skills/clawsec-nanoclaw/CHANGELOG.md
T
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
2026-05-24 21:41:59 +03:00

2.8 KiB
Raw Blame History

Changelog

[0.0.6] - 2026-05-24

Changed

  • Documented that NanoClaw consumes the consolidated signed advisory feed containing NVD CVEs, approved community advisories, and provisional GHSA-without-CVE records.
  • Added advisory metadata typing for GHSA lifecycle fields used by the consolidated feed.

[0.0.5] - 2026-05-14

Security

  • Added explicit signed release artifact verification instructions for standalone installs, including checksums.json, checksums.sig, signing-public.pem, archive hash verification, and SKILL.md/skill.json checksum checks.

All notable changes to the ClawSec NanoClaw compatibility skill will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.0.4] - 2026-04-16

Changed

  • Moved signature-related local file reads into lib/local_file_io.ts and kept network fetch logic isolated in lib/signatures.ts.

Security

  • Reduced static false-positive exfiltration signals by separating local file I/O and remote fetch code paths.

[0.0.3] - 2026-03-09

Security

  • Removed runtime public-key override from host-side package signature verification; verification now always uses the pinned ClawSec key.
  • Removed unsigned-package override path in host-side verification flow.
  • Added strict package/signature path policy for signature verification (/tmp, /var/tmp, /workspace/ipc, /workspace/project/data, /workspace/project/tmp, /workspace/project/downloads) with absolute-path, extension, symlink, and realpath boundary checks.
  • Added policy-bound path enforcement for integrity approvals: approvals now require normalized paths that are explicitly present in non-ignored integrity policy targets.

Changed

  • Updated MCP signature verification tool docs and behavior to align with bounded path policy and pinned-key-only verification.
  • Added regression tests for signature-verification and integrity-approval hardening invariants.

[0.0.2] - 2026-02-28

Added

  • Exploitability-aware advisory output in NanoClaw MCP tools (exploitability_score, exploitability_rationale).
  • Exploitability filtering (exploitabilityScore) for clawsec_list_advisories.

Changed

  • Updated NanoClaw advisory sorting and pre-install safety recommendation logic to prioritize exploitability context.
  • Updated NanoClaw integration docs to match current host/container integration points (src/ipc.ts, src/index.ts) and current cache schema.
  • Removed duplicate exploitability normalization logic from MCP advisory tools and now reuse normalizeExploitabilityScore from lib/risk.ts.
  • Reused matchesAffectedSpecifier from lib/advisories.ts in MCP advisory tools to keep skill/version matching logic centralized and consistent.
Reference in New Issue View Git Blame Copy Permalink