github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 18:39:20 -05:00
Code Issues Packages Projects Releases Wiki Activity
12,799 Commits 404 Branches 56 Tags
main
Commit Graph

17 Commits

Author SHA1 Message Date
Peter Steinberger
2e421f32df fix(security): restore trusted plugin runtime exec default 2026-02-19 16:01:29 +01:00
Peter Steinberger
808a60d3bd docs: clarify intentional network-visible canvas model in security policy 2026-02-19 14:25:41 +01:00
Peter Steinberger
5e7c3250cb fix(security): add optional workspace-only path guards for fs tools 2026-02-14 23:50:24 +01:00
Peter Steinberger
24d2c6292e refactor(security): refine safeBins hardening 2026-02-14 19:59:13 +01:00
Peter Steinberger
6a386a7886 docs(security): clarify canvas host exposure and auth 2026-02-14 14:57:19 +01:00
Peter Steinberger
e21a7aad54 docs: recommend loopback-only gateway bind 2026-02-14 12:36:32 +01:00
Jamieson O'Reilly
0657d7c772 docs: expand vulnerability reporting guidelines in SECURITY.md 2026-02-10 15:39:04 +11:00
theonejvo
74fbbda283 docs: add security & trust documentation 
Add threat model (MITRE ATLAS), contribution guide, and security
directory README. Update SECURITY.md with trust page reporting
instructions and Jamieson O'Reilly as Security & Trust.

Co-Authored-By: theonejvo <theonejvo@users.noreply.github.com>
 2026-02-08 21:53:05 +11:00
Armin Ronacher
a767c584c7 Add prompt injection attacks to out of scope section 2026-01-31 13:17:24 +01:00
Peter Steinberger
2cdfecdde3 docs: clarify security scope 2026-01-30 21:51:28 +01:00
Peter Steinberger
9a7160786a refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Peter Steinberger
6d16a658e5 refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
Peter Steinberger
83460df96f chore: update molt.bot domains 2026-01-27 12:21:01 +00:00
Peter Steinberger
8b56f0e68d docs: warn against public web binding 2026-01-27 03:30:34 +00:00
rhuanssauro
592930f10f security: apply Agents Council recommendations 
- Add USER node directive to Dockerfile for non-root container execution
- Update SECURITY.md with Node.js version requirements (CVE-2025-59466, CVE-2026-21636)
- Add Docker security best practices documentation
- Document detect-secrets usage for local security scanning

Reviewed-by: Agents Council (5/5 approval)
Security-Score: 8.8/10
Watchdog-Verdict: SAFE WITH CONDITIONS

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-26 13:39:14 +00:00
Dan Guido
48aea87028 feat: add prek pre-commit hooks and dependabot (#1720) 
* feat: add prek pre-commit hooks and dependabot

Pre-commit hooks (via prek):
- Basic hygiene: trailing-whitespace, end-of-file-fixer, check-yaml, check-added-large-files, check-merge-conflict
- Security: detect-secrets, zizmor (GitHub Actions audit)
- Linting: shellcheck, actionlint, oxlint, swiftlint
- Formatting: oxfmt, swiftformat

Dependabot:
- npm and GitHub Actions ecosystems
- Grouped updates (production/development/actions)
- 7-day cooldown for supply chain protection

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* docs: add prek install instruction to AGENTS.md

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-25 10:53:23 +00:00
Peter Steinberger
ca1902fb4e feat(security): expand audit and safe --fix 2026-01-15 05:31:43 +00:00