tqcq/openclaw
0
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 08:37:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,737 Commits 397 Branches 54 Tags
client-side-security-initial
Commit Graph

10737 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
theonejvo
b3c52c4145 feat(security): add client-side skill security enforcement 
Add a capability-based security model for community skills, inspired by
how mobile and Apple ecosystem apps declare capabilities upfront. This is
not a silver bullet for prompt injection, but it's a significant step up
from the status quo and encourages responsible developer practices by
making capability requirements explicit and visible.

Runtime enforcement for community skills installed from ClawHub:

- Capability declarations (shell, filesystem, network, browser, sessions)
  parsed from SKILL.md frontmatter and enforced at tool-call time
- Static SKILL.md scanner detecting prompt injection patterns, suspicious
  constructs, and capability mismatches
- Global skill security context tracking loaded community skills and
  their aggregate capabilities
- Before-tool-call enforcement gate blocking undeclared tool usage
- Command-dispatch capability check preventing shell/filesystem access
  without explicit declaration
- Trust tier classification (builtin/community/local) — only community
  skills are subject to enforcement
- System prompt trust context warning for skills with scan warnings or
  missing capability declarations
- CLI: `skills list -v`, `skills info`, `skills check` now surface
  capabilities, scan results, and security status
- TUI security log panel for skill enforcement events
- Docs updated across 7 files covering the full security model

Companion PR: openclaw/clawhub (capability visibility + UI badges)
 2026-02-17 02:28:55 +11:00
Alejandro Santander
9a344da298 fix(cron): treat missing enabled as true in update() (openclaw#15477) thanks @eternauta1337 
Verified:
- pnpm exec vitest src/cron/service.issue-regressions.test.ts

Co-authored-by: eternauta1337 <550409+eternauta1337@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-15 08:52:02 -06:00
Peter Steinberger
a7b6555195 refactor(test): share memory embedding mocks 2026-02-15 14:48:23 +00:00
Peter Steinberger
e2c68cb169 refactor(test): share plugin hook registry helper 2026-02-15 14:44:15 +00:00
Peter Steinberger
6ec76af3a6 refactor(test): share slack slash mocks 2026-02-15 14:41:45 +00:00
Peter Steinberger
dd11a6bcda refactor(test): share sessions_spawn e2e harness 2026-02-15 14:38:43 +00:00
Peter Steinberger
893d2fb862 refactor(test): share audio provider ssrf hooks 2026-02-15 14:33:30 +00:00
Peter Steinberger
85b267aae9 refactor(agents): dedupe exec spawn and process failures 2026-02-15 14:28:55 +00:00
Peter Steinberger
34b6c743f5 refactor(shared): share requirements eval for remote context 2026-02-15 14:26:10 +00:00
Peter Steinberger
33a3a56ee1 refactor(auto-reply): share agent-runner test harness mocks 2026-02-15 14:24:06 +00:00
Peter Steinberger
af34c8fafe refactor(onboard): share local workspace+gateway config 2026-02-15 14:21:28 +00:00
Peter Steinberger
1a758135d8 refactor(cli): share configure section runner 2026-02-15 14:20:06 +00:00
Peter Steinberger
a58088383b refactor(config): dedupe irc schema refinements 2026-02-15 14:18:06 +00:00
Peter Steinberger
b060afd3a5 refactor(cli): dedupe directory table rendering 2026-02-15 14:17:07 +00:00
Peter Steinberger
d458131821 refactor(cli): dedupe approvals allowlist actions 2026-02-15 14:14:39 +00:00
Peter Steinberger
0f86ee531b refactor(agents): dedupe sentence break scanning 2026-02-15 14:12:25 +00:00
Peter Steinberger
0c29ffac09 refactor(agents): dedupe forward-compat template clone 2026-02-15 14:09:57 +00:00
Peter Steinberger
ebf44f5096 refactor(auto-reply): dedupe on/off/full normalization 2026-02-15 14:07:28 +00:00
Peter Steinberger
7b39aa3444 refactor(auto-reply): reuse inline directive clearer 2026-02-15 14:05:47 +00:00
Peter Steinberger
384a886b70 refactor(cli): share commander reparse helper 2026-02-15 14:02:18 +00:00
Peter Steinberger
42b0d6f43e refactor(agents): share workspace dir enumeration 2026-02-15 13:59:46 +00:00
大猫子
0931a35709 fix(sessions): guard withSessionStoreLock against undefined storePath (#14717) (openclaw#14755) thanks @lailoo 
Verified:
- pnpm build
- pnpm check
- pnpm test:macmini

Co-authored-by: lailoo <20536249+lailoo@users.noreply.github.com>
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
 2026-02-15 07:57:51 -06:00
Peter Steinberger
3d0e568007 refactor(infra): share jsonl socket requester 2026-02-15 13:56:50 +00:00
Peter Steinberger
7d0c0bfc7c refactor(media): share outbound attachment resolver 2026-02-15 13:53:22 +00:00
Peter Steinberger
abb4b7c91c refactor(line): share messaging client setup 2026-02-15 13:49:37 +00:00
Peter Steinberger
26a831e2c3 refactor(commands): dedupe auth choice agent model notes 2026-02-15 13:46:13 +00:00
Peter Steinberger
9d7113c74c refactor(channels): share allowlist config patch helper 2026-02-15 13:44:00 +00:00
Tak Hoffman
df7fff8fd7 test: add serial macmini test profile 2026-02-15 07:40:55 -06:00
Peter Steinberger
c1cc28a4e1 refactor(gateway): share broadcast function types 2026-02-15 13:39:59 +00:00
Peter Steinberger
0d47bea3bf refactor(memory): dedupe embedding batch runner options 2026-02-15 13:37:42 +00:00
Peter Steinberger
18342b0a5b refactor(node-host): dedupe exec finished event emission 2026-02-15 13:35:37 +00:00
Peter Steinberger
80e5aebf6a refactor(tts): dedupe provider error formatting 2026-02-15 13:32:35 +00:00
Peter Steinberger
9f9978635c refactor(gateway): share rpc attachment normalization 2026-02-15 13:30:42 +00:00
Tak Hoffman
abf36ddd5f doc: Remove agent submission policy 2026-02-15 07:29:31 -06:00
Peter Steinberger
ab6f080d80 refactor(commands): share provider config merge wrapper 2026-02-15 13:27:37 +00:00
Peter Steinberger
9e2233da7f refactor(gateway): dedupe json endpoint prelude 2026-02-15 13:24:37 +00:00
Peter Steinberger
052d988add test(auto-reply): move inbound provider contract test into unit suite 2026-02-15 13:21:27 +00:00
Peter Steinberger
26b3859b18 refactor(infra): dedupe provider api key resolution 2026-02-15 13:18:41 +00:00
Peter Steinberger
360b73bbb8 refactor(discord): dedupe onboarding config patching 2026-02-15 13:14:50 +00:00
Peter Steinberger
2944c7d6af refactor(slack): dedupe onboarding config patching 2026-02-15 13:13:21 +00:00
Peter Steinberger
d80ccdb9e0 refactor(plugin-sdk): dedupe file lock release 2026-02-15 13:11:25 +00:00
Peter Steinberger
d7079b5578 refactor(security): share sandbox tool policy picker 2026-02-15 13:10:07 +00:00
Peter Steinberger
428b6e0dee refactor(web): share creds json reader 2026-02-15 13:07:44 +00:00
Peter Steinberger
8a4f9f168b refactor(agents): share sandboxed session tool context 2026-02-15 13:06:19 +00:00
Peter Steinberger
b838429e2f refactor(status): share emoji/homepage resolver 2026-02-15 13:01:39 +00:00
Peter Steinberger
b9cbe71faa refactor(agents): dedupe gateway config write params 2026-02-15 12:59:47 +00:00
Peter Steinberger
5c7869ae6c refactor(daemon-cli): dedupe not-loaded hints 2026-02-15 12:57:51 +00:00
Peter Steinberger
fa472623f6 perf(test): use prebuilt hook install fixtures 2026-02-15 12:56:38 +00:00
Peter Steinberger
37aaca0d4e refactor(discord): share component DM auth context 2026-02-15 12:56:06 +00:00
Peter Steinberger
fcd2eca9c7 refactor(commands): share provider catalog config helper 2026-02-15 12:54:09 +00:00