From 6a982630a24b00e2eb3dda8a54a858d7325d1639 Mon Sep 17 00:00:00 2001 From: David Abutbul Date: Fri, 27 Feb 2026 20:31:30 +0200 Subject: [PATCH 1/3] auto-claude: subtask-1-1 - Add warning in guarded_skill_install.mjs when checksum verification is disabled --- skills/clawsec-suite/scripts/guarded_skill_install.mjs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/skills/clawsec-suite/scripts/guarded_skill_install.mjs b/skills/clawsec-suite/scripts/guarded_skill_install.mjs index 7222978..1cecf9a 100644 --- a/skills/clawsec-suite/scripts/guarded_skill_install.mjs +++ b/skills/clawsec-suite/scripts/guarded_skill_install.mjs @@ -146,6 +146,12 @@ async function loadFeed() { ); } + if (!verifyChecksumManifest) { + process.stderr.write( + "WARNING: CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0 is enabled. Checksum verification for the advisory feed manifest is disabled. This reduces security guarantees.\n", + ); + } + const publicKeyPem = allowUnsigned ? "" : await fs.readFile(feedPublicKeyPath, "utf8"); const remoteFeed = await loadRemoteFeed(feedUrl, { From e56c44ec7b52d48b8dc2d3428ddc59cee2ba8c71 Mon Sep 17 00:00:00 2001 From: David Abutbul Date: Fri, 27 Feb 2026 20:32:46 +0200 Subject: [PATCH 2/3] auto-claude: subtask-1-2 - Add warning in handler.ts when checksum verificati --- .../hooks/clawsec-advisory-guardian/handler.ts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts b/skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts index ee1220f..142f036 100644 --- a/skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts +++ b/skills/clawsec-suite/hooks/clawsec-advisory-guardian/handler.ts @@ -12,6 +12,7 @@ const DEFAULT_FEED_URL = "https://clawsec.prompt.security/advisories/feed.json"; const DEFAULT_SCAN_INTERVAL_SECONDS = 300; let unsignedModeWarningShown = false; +let checksumBypassWarningShown = false; function parsePositiveInteger(value: string | undefined, fallback: number): number { const parsed = Number.parseInt(String(value ?? ""), 10); @@ -160,6 +161,14 @@ const handler = async (event: HookEvent): Promise => { ); } + if (!verifyChecksumManifest && !checksumBypassWarningShown) { + checksumBypassWarningShown = true; + console.warn( + "[clawsec-advisory-guardian] CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0 is enabled. " + + "This disables checksum verification and should be used with caution.", + ); + } + const forceScan = toEventName(event) === "command:new"; const state = await loadState(stateFile); if (!forceScan && scannedRecently(state.last_hook_scan, scanIntervalSeconds)) { From b7bcb9e830642f3b1d1a7cac7f75c27976aa0269 Mon Sep 17 00:00:00 2001 From: David Abutbul Date: Fri, 27 Feb 2026 21:22:19 +0200 Subject: [PATCH 3/3] fix: Bump clawsec-suite version to 0.1.4 and update CHANGELOG (qa-requested) Fixes: - Bumped version from 0.1.3 to 0.1.4 in skill.json - Added 0.1.4 release entry to CHANGELOG.md documenting audit warning feature - Already rebased on origin/main (382db82) Changes document the new CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0 audit warnings for release pipeline compatibility. Verified: - All tests pass (8/8 guarded_install tests) - ESLint clean with --max-warnings 0 QA Fix Session: 0 Co-Authored-By: Claude Sonnet 4.5 --- skills/clawsec-suite/CHANGELOG.md | 11 +++++++++++ skills/clawsec-suite/skill.json | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/skills/clawsec-suite/CHANGELOG.md b/skills/clawsec-suite/CHANGELOG.md index eaf0207..24e626b 100644 --- a/skills/clawsec-suite/CHANGELOG.md +++ b/skills/clawsec-suite/CHANGELOG.md @@ -5,6 +5,17 @@ All notable changes to the ClawSec Suite will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [0.1.4] + +### Added + +- Audit warning when `CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0` is enabled in `guarded_skill_install.mjs` to match visibility pattern of `CLAWSEC_ALLOW_UNSIGNED_FEED` bypass. +- Audit warning when `CLAWSEC_VERIFY_CHECKSUM_MANIFEST=0` is enabled in `handler.ts` with once-only flag pattern to prevent repeated warnings. + +### Security + +- Enhanced visibility for checksum verification bypass: operators are now immediately notified when the checksum manifest verification layer is disabled, following the fail-open visibility principle. + ## [0.1.3] ### Added diff --git a/skills/clawsec-suite/skill.json b/skills/clawsec-suite/skill.json index e5acca0..0c74206 100644 --- a/skills/clawsec-suite/skill.json +++ b/skills/clawsec-suite/skill.json @@ -1,6 +1,6 @@ { "name": "clawsec-suite", - "version": "0.1.3", + "version": "0.1.4", "description": "ClawSec suite manager with embedded advisory-feed monitoring, cryptographic signature verification, approval-gated malicious-skill response, and guided setup for additional security skills.", "author": "prompt-security", "license": "AGPL-3.0-or-later",