gnezim/clawsec
1
0
Fork 0
mirror of https://github.com/prompt-security/clawsec.git synced 2026-06-13 05:28:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
4dbac421ab9400847fa1a44393b26b28fb38b052
clawsec/skills/clawsec-nanoclaw/skill.json
T
davida-ps 4dbac421ab feat(advisories): add provisional GHSA feed (#242) 
* feat(advisories): add provisional ghsa feed

* fix(workflows): include advisory signatures in checksums

* fix(workflows): mirror ghsa feed at release root

* feat(advisories): consolidate ghsa into agent feed

* ci(advisories): consolidate ghsa during nvd poll

* fix(advisories): retain unreplaced ghsa feed entries

* chore(skills): bump advisory feed consumers

* fix(release): resolve ts import closure dry run

* fix(release): preserve urls while stripping comments

* fix(release): ignore skill test-only changes

* fix(advisories): follow ghsa pagination links

* test(advisories): add nvd ghsa pipeline dry run
2026-05-24 21:41:59 +03:00

159 lines
4.8 KiB
JSON
Raw Blame History

{
"name": "clawsec-nanoclaw",
"version": "0.0.6",
"description": "ClawSec security suite for NanoClaw - Advisory feed monitoring, MCP tools for vulnerability checking, and Ed25519 signature verification for containerized WhatsApp bot agents",
"author": "prompt-security",
"license": "AGPL-3.0-or-later",
"homepage": "https://clawsec.prompt.security/",
"keywords": [
"security",
"nanoclaw",
"whatsapp-bot",
"mcp-tools",
"advisory",
"feed",
"threat-intel",
"containers",
"signature-verification",
"vulnerability-scanning",
"agents",
"ai"
],
"platform": "nanoclaw",
"sbom": {
"files": [
{
"path": "SKILL.md",
"required": true,
"description": "NanoClaw skill documentation"
},
{
"path": "CHANGELOG.md",
"required": true,
"description": "Version history and release notes"
},
{
"path": "INSTALL.md",
"required": true,
"description": "Installation guide for NanoClaw deployments"
},
{
"path": "mcp-tools/advisory-tools.ts",
"required": true,
"description": "MCP tools for advisory checking in container context"
},
{
"path": "host-services/advisory-cache.ts",
"required": true,
"description": "Host-side advisory cache manager with periodic feed fetching"
},
{
"path": "host-services/ipc-handlers.ts",
"required": true,
"description": "IPC handlers for MCP tool requests"
},
{
"path": "lib/signatures.ts",
"required": true,
"description": "Ed25519 signature verification utilities"
},
{
"path": "lib/local_file_io.ts",
"required": true,
"description": "Local file access helpers used by signature verification routines"
},
{
"path": "lib/advisories.ts",
"required": true,
"description": "Advisory matching and vulnerability detection"
},
{
"path": "lib/types.ts",
"required": true,
"description": "TypeScript type definitions"
},
{
"path": "lib/risk.ts",
"required": true,
"description": "Shared advisory risk evaluation logic for host and MCP tools"
},
{
"path": "advisories/feed-signing-public.pem",
"required": true,
"description": "Pinned Ed25519 public key for feed signature verification"
},
{
"path": "mcp-tools/signature-verification.ts",
"required": true,
"description": "Phase 1: MCP tool for skill package signature verification"
},
{
"path": "host-services/skill-signature-handler.ts",
"required": true,
"description": "Phase 1: Host-side signature verification service"
},
{
"path": "docs/SKILL_SIGNING.md",
"required": true,
"description": "Phase 1: Documentation for skill signing and verification"
},
{
"path": "mcp-tools/integrity-tools.ts",
"required": true,
"description": "Phase 2: MCP tools for file integrity monitoring"
},
{
"path": "host-services/integrity-handler.ts",
"required": true,
"description": "Phase 2: Host-side integrity monitoring service"
},
{
"path": "guardian/integrity-monitor.ts",
"required": true,
"description": "Phase 2: Core file integrity monitoring engine"
},
{
"path": "guardian/policy.json",
"required": true,
"description": "Phase 2: NanoClaw-specific file protection policy"
},
{
"path": "docs/INTEGRITY.md",
"required": true,
"description": "Phase 2: Documentation for file integrity monitoring"
}
]
},
"capabilities": [
"Advisory feed monitoring from clawsec.prompt.security",
"MCP tools for agent-initiated vulnerability scans",
"Exploitability-aware advisory prioritization for agent environments",
"Pre-installation skill safety checks",
"Ed25519 signature verification for advisory feeds",
"Platform metadata preserved in advisory records for downstream filtering",
"Containerized agent support with IPC communication"
],
"nanoclaw": {
"mcp_tools": [
"clawsec_check_advisories",
"clawsec_check_skill_safety",
"clawsec_list_advisories",
"clawsec_refresh_cache",
"clawsec_verify_skill_package",
"clawsec_check_integrity",
"clawsec_approve_change",
"clawsec_integrity_status",
"clawsec_verify_audit"
],
"requires": {
"node": ">=18.0.0",
"nanoclaw": ">=0.1.0"
},
"integration": {
"mcp_tools_file": "container/agent-runner/src/ipc-mcp-stdio.ts",
"ipc_handlers_file": "src/ipc.ts",
"cache_location": "/workspace/project/data/clawsec-advisory-cache.json"
}
}
}
Reference in New Issue View Git Blame Copy Permalink