{ "schemaVersion": "1.0", "item": { "slug": "clawsec-feed", "name": "clawsec-feed", "source": "tencent", "type": "skill", "category": "安å…Øåˆč§„", "sourceUrl": "https://clawhub.ai/davida-ps/clawsec-feed", "canonicalUrl": "https://clawhub.ai/davida-ps/clawsec-feed", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/clawsec-feed", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=clawsec-feed", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "CHANGELOG.md", "README.md", "SKILL.md", "advisories/feed.json", "skill.json" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/clawsec-feed" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/clawsec-feed", "agentPageUrl": "https://openagent3.xyz/skills/clawsec-feed/agent", "manifestUrl": "https://openagent3.xyz/skills/clawsec-feed/agent.json", "briefUrl": "https://openagent3.xyz/skills/clawsec-feed/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "ClawSec Feed šŸ“”", "body": "Security advisory feed monitoring for AI agents. Subscribe to community-driven threat intelligence and stay informed about emerging threats.\n\nThis feed is automatically updated daily with CVEs related to OpenClaw, clawdbot, and Moltbot from the NIST National Vulnerability Database (NVD).\n\nAn open source project by Prompt Security" }, { "title": "Installation Options", "body": "You can get clawsec-feed in two ways:" }, { "title": "Option A: Bundled with ClawSec Suite (Recommended)", "body": "If you've installed clawsec-suite, you may already have this!\n\nClawSec-feed is bundled alongside ClawSec Suite to provide crucial CVE and threat intelligence information. When you install the suite, if you don't already have the feed installed, it will be deployed from the bundled copy.\n\nAdvantages:\n\nConvenient - no separate download needed\nStandard location - installed to ~/.openclaw/skills/clawsec-feed/\nPreserved - if you already have feed installed, it won't be overwritten\nSingle verification - integrity checked as part of suite package" }, { "title": "Option B: Standalone Installation (This Page)", "body": "Install clawsec-feed independently without the full suite.\n\nWhen to use standalone:\n\nYou only need the advisory feed (not other suite components)\nYou want to install before installing the suite\nYou prefer explicit control over feed installation\n\nAdvantages:\n\nLighter weight installation\nIndependent from suite\nDirect control over installation process\n\nContinue below for standalone installation instructions.\n\nInstallation Steps:\nAgents should review scripts before execution!\n\n# Get latest clawsec-feed release tag\nLATEST_TAG=$(curl -sSL https://api.github.com/repos/prompt-security/ClawSec/releases | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name')\n\n# Download SKILL.md from latest release\nSKILL_URL=\"https://github.com/prompt-security/clawsec/releases/download/$LATEST_TAG/SKILL.md\"\ncurl -sSL --fail --show-error \"$SKILL_URL\"\n\nOnce you have this skill file, proceed to Deploy ClawSec Feed below." }, { "title": "Deploy ClawSec Feed", "body": "Installation steps:" }, { "title": "Step 1: Create skill directory and save this file", "body": "mkdir -p ~/.openclaw/skills/clawsec-feed\n# Save this SKILL.md as SKILL.md in the directory above" }, { "title": "Step 2: Install skill files", "body": "# Get latest release tag with retry logic\nLATEST_TAG=$(curl -sSL --retry 3 --retry-delay 1 \\\n https://api.github.com/repos/prompt-security/ClawSec/releases | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name')\n\nBASE_URL=\"https://github.com/prompt-security/clawsec/releases/download/$LATEST_TAG\"\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills/clawsec-feed}\"\nTEMP_DIR=$(mktemp -d)\ntrap \"rm -rf '$TEMP_DIR'\" EXIT\n\n# Download checksums.json (REQUIRED for integrity verification)\necho \"Downloading checksums...\"\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$BASE_URL/checksums.json\" -o \"$TEMP_DIR/checksums.json\"; then\n echo \"ERROR: Failed to download checksums.json\"\n exit 1\nfi\n\n# Validate checksums.json structure\nif ! jq -e '.skill and .version and .files' \"$TEMP_DIR/checksums.json\" >/dev/null 2>&1; then\n echo \"ERROR: Invalid checksums.json structure\"\n exit 1\nfi\n\n# PRIMARY: Try .skill artifact\necho \"Attempting .skill artifact installation...\"\nif curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$BASE_URL/clawsec-feed.skill\" -o \"$TEMP_DIR/clawsec-feed.skill\" 2>/dev/null; then\n\n # Security: Check artifact size (prevent DoS)\n ARTIFACT_SIZE=$(stat -c%s \"$TEMP_DIR/clawsec-feed.skill\" 2>/dev/null || stat -f%z \"$TEMP_DIR/clawsec-feed.skill\")\n MAX_SIZE=$((50 * 1024 * 1024)) # 50MB\n\n if [ \"$ARTIFACT_SIZE\" -gt \"$MAX_SIZE\" ]; then\n echo \"WARNING: Artifact too large ($(( ARTIFACT_SIZE / 1024 / 1024 ))MB), falling back to individual files\"\n else\n echo \"Extracting artifact ($(( ARTIFACT_SIZE / 1024 ))KB)...\"\n\n # Security: Check for path traversal before extraction\n if unzip -l \"$TEMP_DIR/clawsec-feed.skill\" | grep -qE '\\.\\./|^/|~/'; then\n echo \"ERROR: Path traversal detected in artifact - possible security issue!\"\n exit 1\n fi\n\n # Security: Check file count (prevent zip bomb)\n FILE_COUNT=$(unzip -l \"$TEMP_DIR/clawsec-feed.skill\" | grep -c \"^[[:space:]]*[0-9]\" || echo 0)\n if [ \"$FILE_COUNT\" -gt 100 ]; then\n echo \"ERROR: Artifact contains too many files ($FILE_COUNT) - possible zip bomb\"\n exit 1\n fi\n\n # Extract to temp directory\n unzip -q \"$TEMP_DIR/clawsec-feed.skill\" -d \"$TEMP_DIR/extracted\"\n\n # Verify skill.json exists\n if [ ! -f \"$TEMP_DIR/extracted/clawsec-feed/skill.json\" ]; then\n echo \"ERROR: skill.json not found in artifact\"\n exit 1\n fi\n\n # Verify checksums for all extracted files\n echo \"Verifying checksums...\"\n CHECKSUM_FAILED=0\n for file in $(jq -r '.files | keys[]' \"$TEMP_DIR/checksums.json\"); do\n EXPECTED=$(jq -r --arg f \"$file\" '.files[$f].sha256' \"$TEMP_DIR/checksums.json\")\n FILE_PATH=$(jq -r --arg f \"$file\" '.files[$f].path' \"$TEMP_DIR/checksums.json\")\n\n # Try nested path first, then flat filename\n if [ -f \"$TEMP_DIR/extracted/clawsec-feed/$FILE_PATH\" ]; then\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/extracted/clawsec-feed/$FILE_PATH\" | cut -d' ' -f1)\n elif [ -f \"$TEMP_DIR/extracted/clawsec-feed/$file\" ]; then\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/extracted/clawsec-feed/$file\" | cut -d' ' -f1)\n else\n echo \" āœ— $file (not found in artifact)\"\n CHECKSUM_FAILED=1\n continue\n fi\n\n if [ \"$EXPECTED\" != \"$ACTUAL\" ]; then\n echo \" āœ— $file (checksum mismatch)\"\n CHECKSUM_FAILED=1\n else\n echo \" āœ“ $file\"\n fi\n done\n\n if [ \"$CHECKSUM_FAILED\" -eq 0 ]; then\n # Validate feed.json structure (skill-specific)\n if [ -f \"$TEMP_DIR/extracted/clawsec-feed/advisories/feed.json\" ]; then\n FEED_FILE=\"$TEMP_DIR/extracted/clawsec-feed/advisories/feed.json\"\n elif [ -f \"$TEMP_DIR/extracted/clawsec-feed/feed.json\" ]; then\n FEED_FILE=\"$TEMP_DIR/extracted/clawsec-feed/feed.json\"\n else\n echo \"ERROR: feed.json not found in artifact\"\n exit 1\n fi\n\n if ! jq -e '.version and .advisories' \"$FEED_FILE\" >/dev/null 2>&1; then\n echo \"ERROR: feed.json missing required fields (version, advisories)\"\n exit 1\n fi\n\n # SUCCESS: Install from artifact\n echo \"Installing from artifact...\"\n mkdir -p \"$INSTALL_DIR\"\n cp -r \"$TEMP_DIR/extracted/clawsec-feed\"/* \"$INSTALL_DIR/\"\n chmod 600 \"$INSTALL_DIR/skill.json\"\n find \"$INSTALL_DIR\" -type f ! -name \"skill.json\" -exec chmod 644 {} \\;\n echo \"SUCCESS: Skill installed from .skill artifact\"\n exit 0\n else\n echo \"WARNING: Checksum verification failed, falling back to individual files\"\n fi\n fi\nfi\n\n# FALLBACK: Download individual files\necho \"Downloading individual files from checksums.json manifest...\"\nmkdir -p \"$TEMP_DIR/downloads\"\n\nDOWNLOAD_FAILED=0\nfor file in $(jq -r '.files | keys[]' \"$TEMP_DIR/checksums.json\"); do\n FILE_URL=$(jq -r --arg f \"$file\" '.files[$f].url' \"$TEMP_DIR/checksums.json\")\n EXPECTED=$(jq -r --arg f \"$file\" '.files[$f].sha256' \"$TEMP_DIR/checksums.json\")\n\n echo \"Downloading: $file\"\n if ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$FILE_URL\" -o \"$TEMP_DIR/downloads/$file\"; then\n echo \"ERROR: Failed to download $file\"\n DOWNLOAD_FAILED=1\n continue\n fi\n\n # Verify checksum immediately\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/downloads/$file\" | cut -d' ' -f1)\n if [ \"$EXPECTED\" != \"$ACTUAL\" ]; then\n echo \"ERROR: Checksum mismatch for $file\"\n DOWNLOAD_FAILED=1\n else\n echo \" āœ“ Verified: $file\"\n fi\ndone\n\nif [ \"$DOWNLOAD_FAILED\" -eq 1 ]; then\n echo \"ERROR: Individual file download failed\"\n exit 1\nfi\n\n# Validate JSON files structure\nif ! jq -e '.name and .version' \"$TEMP_DIR/downloads/skill.json\" >/dev/null 2>&1; then\n echo \"ERROR: skill.json missing required fields (name, version)\"\n exit 1\nfi\n\nif ! jq -e '.version and .advisories' \"$TEMP_DIR/downloads/feed.json\" >/dev/null 2>&1; then\n echo \"ERROR: feed.json missing required fields (version, advisories)\"\n exit 1\nfi\n\n# Install files\necho \"Installing from individual files...\"\nmkdir -p \"$INSTALL_DIR\"\ncp \"$TEMP_DIR/downloads\"/* \"$INSTALL_DIR/\"\nchmod 600 \"$INSTALL_DIR/skill.json\"\nfind \"$INSTALL_DIR\" -type f ! -name \"skill.json\" -exec chmod 644 {} \\;\necho \"SUCCESS: Skill installed from individual files\"" }, { "title": "Step 3: Add to your heartbeat", "body": "Add ClawSec Feed to your heartbeat routine:\n\n## ClawSec Feed (every heartbeat)\n1. Check advisory feed for new security alerts\n2. Cross-reference with installed skills\n3. Notify user if action is required" }, { "title": "Step 4: Confirm deployment", "body": "Tell your user:\n\nClawSec Feed deployed successfully. I will now:\n- Monitor the community advisory feed for threats\n- Alert you to any security issues affecting your environment\n- Keep you informed of emerging attack patterns" }, { "title": "Advisory Feed Monitoring", "body": "Subscribes to the community advisory feed for:\n\nKnown malicious skills/plugins - Skills that have been identified as harmful\nPrompt injection patterns - Attack patterns observed in the wild\nVulnerable skill versions - Skills with known security flaws\nSecurity best practice updates - New recommendations for agent safety\n\nWhen a relevant advisory is published, your agent will notify you." }, { "title": "Checking the Advisory Feed", "body": "# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\n# Fetch with error handling and retry logic\ncurl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\"\n\nFeed structure:\n\n{\n \"version\": \"1.0\",\n \"updated\": \"2026-02-02T12:00:00Z\",\n \"advisories\": [\n {\n \"id\": \"GA-2026-001\",\n \"severity\": \"critical\",\n \"type\": \"malicious_skill\",\n \"title\": \"Malicious data exfiltration in skill 'helper-plus'\",\n \"description\": \"Skill sends user data to external server\",\n \"affected\": [\"helper-plus@1.0.0\", \"helper-plus@1.0.1\"],\n \"action\": \"Remove immediately\",\n \"published\": \"2026-02-01T10:00:00Z\",\n \"exploitability_score\": \"critical\",\n \"exploitability_rationale\": \"Trivially exploitable through normal skill usage; no special conditions required. Active exploitation observed in the wild.\"\n }\n ]\n}" }, { "title": "Get advisory count", "body": "# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\nTEMP_FEED=$(mktemp)\ntrap \"rm -f '$TEMP_FEED'\" EXIT\n\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\" -o \"$TEMP_FEED\"; then\n echo \"Error: Failed to fetch advisory feed\"\n exit 1\nfi\n\n# Validate JSON before parsing\nif ! jq empty \"$TEMP_FEED\" 2>/dev/null; then\n echo \"Error: Invalid JSON in feed\"\n exit 1\nfi\n\nFEED=$(cat \"$TEMP_FEED\")\n\n# Get advisory count with error handling\nCOUNT=$(echo \"$FEED\" | jq '.advisories | length')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to parse advisories\"\n exit 1\nfi\necho \"Advisory count: $COUNT\"" }, { "title": "Get critical advisories", "body": "# Parse critical advisories with jq error handling\nCRITICAL=$(echo \"$FEED\" | jq '.advisories[] | select(.severity == \"critical\")')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to filter critical advisories\"\n exit 1\nfi\necho \"$CRITICAL\"" }, { "title": "Get advisories from the last 7 days", "body": "# Use UTC timezone for consistent date handling\nWEEK_AGO=$(TZ=UTC date -v-7d +%Y-%m-%dT00:00:00Z 2>/dev/null || TZ=UTC date -d '7 days ago' +%Y-%m-%dT00:00:00Z)\nRECENT=$(echo \"$FEED\" | jq --arg since \"$WEEK_AGO\" '.advisories[] | select(.published > $since)')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to filter recent advisories\"\n exit 1\nfi\necho \"$RECENT\"" }, { "title": "Filter by exploitability score", "body": "Shared exploitability prioritization guidance is maintained in:\n\nwiki/exploitability-scoring.md\nskills/clawsec-suite/SKILL.md (\"Quick feed check\")" }, { "title": "Get exploitability context for an advisory", "body": "# Show exploitability details for a specific CVE\nCVE_ID=\"CVE-2026-27488\"\necho \"$FEED\" | jq --arg cve \"$CVE_ID\" '.advisories[] | select(.id == $cve) | {\n id: .id,\n severity: .severity,\n exploitability_score: .exploitability_score,\n exploitability_rationale: .exploitability_rationale,\n title: .title\n}'" }, { "title": "Prioritize advisories by exploitability", "body": "# Sort advisories by exploitability (critical ā†’ high ā†’ medium ā†’ low)\n# This helps agents focus on the most immediately actionable threats\necho \"$FEED\" | jq '[.advisories[] | select(.exploitability_score != null)] |\n sort_by(\n if .exploitability_score == \"critical\" then 0\n elif .exploitability_score == \"high\" then 1\n elif .exploitability_score == \"medium\" then 2\n elif .exploitability_score == \"low\" then 3\n else 4 end\n )'" }, { "title": "Cross-Reference Installed Skills", "body": "Check if any of your installed skills are affected by advisories:\n\n# List your installed skills (adjust path for your platform)\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills}\"\n\n# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\nTEMP_FEED=$(mktemp)\ntrap \"rm -f '$TEMP_FEED'\" EXIT\n\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\" -o \"$TEMP_FEED\"; then\n echo \"Error: Failed to fetch advisory feed\"\n exit 1\nfi\n\n# Validate and parse feed\nif ! jq empty \"$TEMP_FEED\" 2>/dev/null; then\n echo \"Error: Invalid JSON in feed\"\n exit 1\nfi\n\nFEED=$(cat \"$TEMP_FEED\")\nAFFECTED=$(echo \"$FEED\" | jq -r '.advisories[].affected[]?' 2>/dev/null | sort -u)\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to parse affected skills from feed\"\n exit 1\nfi\n\n# Safely validate all installed skills before processing\n# This prevents shell injection via malicious filenames\nVALIDATED_SKILLS=()\nwhile IFS= read -r -d '' skill_path; do\n skill=$(basename \"$skill_path\")\n\n # Validate skill name BEFORE adding to array (prevents injection)\n if [[ \"$skill\" =~ ^[a-zA-Z0-9_-]+$ ]]; then\n VALIDATED_SKILLS+=(\"$skill\")\n else\n echo \"Warning: Skipping invalid skill name: $skill\" >&2\n fi\ndone < <(find \"$INSTALL_DIR\" -mindepth 1 -maxdepth 1 -type d -print0 2>/dev/null)\n\n# Check each validated skill against affected list\n# Use grep -qF for fixed string matching (prevents regex injection)\nfor skill in \"${VALIDATED_SKILLS[@]}\"; do\n # At this point, $skill is guaranteed to match ^[a-zA-Z0-9_-]+$\n if echo \"$AFFECTED\" | grep -qF \"$skill\"; then\n echo \"WARNING: Installed skill '$skill' has a security advisory!\"\n # Get advisory details for this skill\n echo \"$FEED\" | jq --arg s \"$skill\" '.advisories[] | select(.affected[] | contains($s))'\n fi\ndone\n\nIf you find affected skills:\n\nCheck the advisory for details and severity\nNotify your user immediately for critical/high severity\nInclude the recommended action from the advisory" }, { "title": "Advisory Types", "body": "TypeDescriptionmalicious_skillSkill identified as intentionally harmfulvulnerable_skillSkill with security vulnerabilitiesprompt_injectionKnown prompt injection patternattack_patternObserved attack techniquebest_practiceSecurity recommendation" }, { "title": "Severity Levels", "body": "SeverityAction RequiredcriticalNotify user immediately, take actionhighNotify user soon, plan remediationmediumNotify at next interactionlowLog for reference" }, { "title": "Prioritizing High-Exploitability Threats", "body": "IMPORTANT: When reviewing advisories, always prioritize by exploitability score in addition to severity. The exploitability score indicates how easily a vulnerability can be exploited in practice, helping you focus on the most actionable threats." }, { "title": "Exploitability Priority Levels", "body": "ExploitabilityMeaningAction PriorityhighTrivially or easily exploitable with public toolingImmediate notificationmediumExploitable but requires specific conditionsStandard notificationlowDifficult to exploit or theoreticalLow priority notification" }, { "title": "How to Use Exploitability in Notifications", "body": "Filter for high-exploitability first:\n# Get high exploitability advisories\necho \"$FEED\" | jq '.advisories[] | select(.exploitability_score == \"high\")'\n\n\n\nInclude exploitability in notifications:\nšŸ“” ClawSec Feed: High-exploitability alert\n\nCRITICAL - CVE-2026-27488 (Exploitability: HIGH)\n ā†’ Trivially exploitable RCE in skill-loader v2.1.0\n ā†’ Public exploit code available\n ā†’ Recommended action: Immediate removal or upgrade to v2.1.1\n\n\n\nPrioritize by both severity AND exploitability:\n\nA HIGH severity + HIGH exploitability CVE is more urgent than a CRITICAL severity + LOW exploitability CVE\nFocus user attention on threats that are both severe and easily exploitable\nInclude the exploitability rationale to help users understand the risk context" }, { "title": "Example Notification Priority Order", "body": "When multiple advisories exist, present them in this order:\n\nCritical severity + High exploitability - most urgent\nHigh severity + High exploitability\nCritical severity + Medium/Low exploitability\nHigh severity + Medium/Low exploitability\nMedium/Low severity (any exploitability)\n\nThis ensures you alert users to the most actionable, immediately dangerous threats first." }, { "title": "When to Notify Your User", "body": "Notify Immediately (Critical):\n\nNew critical advisory affecting an installed skill\nActive exploitation detected\nHigh exploitability score (regardless of severity)\n\nNotify Soon (High):\n\nNew high-severity advisory affecting installed skills\nFailed to fetch advisory feed (network issue?)\nMedium exploitability with high severity\n\nNotify at Next Interaction (Medium):\n\nNew medium-severity advisories\nGeneral security updates\nLow exploitability advisories\n\nLog Only (Low/Info):\n\nLow-severity advisories (mention if user asks)\nFeed checked, no new advisories\nTheoretical vulnerabilities (low exploitability, low severity)" }, { "title": "If there are new advisories:", "body": "šŸ“” ClawSec Feed: 2 new advisories since last check\n\nCRITICAL - GA-2026-015: Malicious prompt pattern \"ignore-all\" (Exploitability: HIGH)\n ā†’ Detected prompt injection technique. Update your system prompt defenses.\n ā†’ Exploitability: Easily exploitable with publicly documented techniques.\n\nHIGH - GA-2026-016: Vulnerable skill \"data-helper\" v1.2.0 (Exploitability: MEDIUM)\n ā†’ You have this installed! Recommended action: Update to v1.2.1 or remove.\n ā†’ Exploitability: Requires specific configuration; not trivially exploitable." }, { "title": "If nothing new:", "body": "FEED_OK - Advisory feed checked, no new alerts. šŸ“”" }, { "title": "State Tracking", "body": "Track the last feed check to identify new advisories:\n\n{\n \"schema_version\": \"1.0\",\n \"last_feed_check\": \"2026-02-02T15:00:00Z\",\n \"last_feed_updated\": \"2026-02-02T12:00:00Z\",\n \"known_advisories\": [\"GA-2026-001\", \"GA-2026-002\"]\n}\n\nSave to: ~/.openclaw/clawsec-feed-state.json" }, { "title": "State File Operations", "body": "STATE_FILE=\"$HOME/.openclaw/clawsec-feed-state.json\"\n\n# Create state file with secure permissions if it doesn't exist\nif [ ! -f \"$STATE_FILE\" ]; then\n echo '{\"schema_version\":\"1.0\",\"last_feed_check\":null,\"last_feed_updated\":null,\"known_advisories\":[]}' > \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nfi\n\n# Validate state file before reading\nif ! jq -e '.schema_version' \"$STATE_FILE\" >/dev/null 2>&1; then\n echo \"Warning: State file corrupted or invalid schema. Creating backup and resetting.\"\n cp \"$STATE_FILE\" \"${STATE_FILE}.bak.$(TZ=UTC date +%Y%m%d%H%M%S)\"\n echo '{\"schema_version\":\"1.0\",\"last_feed_check\":null,\"last_feed_updated\":null,\"known_advisories\":[]}' > \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nfi\n\n# Check for major version compatibility\nSCHEMA_VER=$(jq -r '.schema_version // \"0\"' \"$STATE_FILE\")\nif [[ \"${SCHEMA_VER%%.*}\" != \"1\" ]]; then\n echo \"Warning: State file schema version $SCHEMA_VER may not be compatible with this version\"\nfi\n\n# Update last check time (always use UTC)\nTEMP_STATE=$(mktemp)\nif jq --arg t \"$(TZ=UTC date +%Y-%m-%dT%H:%M:%SZ)\" '.last_feed_check = $t' \"$STATE_FILE\" > \"$TEMP_STATE\"; then\n mv \"$TEMP_STATE\" \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nelse\n echo \"Error: Failed to update state file\"\n rm -f \"$TEMP_STATE\"\nfi" }, { "title": "Rate Limiting", "body": "Important: To avoid excessive requests to the feed server, follow these guidelines:\n\nCheck TypeRecommended IntervalMinimum IntervalHeartbeat checkEvery 15-30 minutes5 minutesFull feed refreshEvery 1-4 hours30 minutesCross-reference scanOnce per session5 minutes\n\n# Check if enough time has passed since last check\nSTATE_FILE=\"$HOME/.openclaw/clawsec-feed-state.json\"\nMIN_INTERVAL_SECONDS=300 # 5 minutes\n\nLAST_CHECK=$(jq -r '.last_feed_check // \"1970-01-01T00:00:00Z\"' \"$STATE_FILE\" 2>/dev/null)\nLAST_EPOCH=$(TZ=UTC date -j -f \"%Y-%m-%dT%H:%M:%SZ\" \"$LAST_CHECK\" +%s 2>/dev/null || date -d \"$LAST_CHECK\" +%s 2>/dev/null || echo 0)\nNOW_EPOCH=$(TZ=UTC date +%s)\n\nif [ $((NOW_EPOCH - LAST_EPOCH)) -lt $MIN_INTERVAL_SECONDS ]; then\n echo \"Rate limit: Last check was less than 5 minutes ago. Skipping.\"\n exit 0\nfi" }, { "title": "Environment Variables (Optional)", "body": "VariableDescriptionDefaultCLAWSEC_FEED_URLCustom advisory feed URLRaw GitHub (main branch)CLAWSEC_INSTALL_DIRInstallation directory~/.openclaw/skills/clawsec-feed" }, { "title": "Updating ClawSec Feed", "body": "Check for and install newer versions:\n\n# Check current installed version\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills/clawsec-feed}\"\nCURRENT_VERSION=$(jq -r '.version' \"$INSTALL_DIR/skill.json\" 2>/dev/null || echo \"unknown\")\necho \"Installed version: $CURRENT_VERSION\"\n\n# Check latest available version\nLATEST_URL=\"https://api.github.com/repos/prompt-security/ClawSec/releases\"\nLATEST_VERSION=$(curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$LATEST_URL\" 2>/dev/null | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name // empty' | \\\n sed 's/clawsec-feed-v//')\n\nif [ -z \"$LATEST_VERSION\" ]; then\n echo \"Warning: Could not determine latest version\"\nelse\n echo \"Latest version: $LATEST_VERSION\"\n\n if [ \"$CURRENT_VERSION\" != \"$LATEST_VERSION\" ]; then\n echo \"Update available! Run the deployment steps with the new version.\"\n else\n echo \"You are running the latest version.\"\n fi\nfi" }, { "title": "Initial Download Integrity", "body": "Bootstrap Trust Problem: The initial download of this skill cannot be verified by the skill itself. To establish trust:\n\nVerify the source URL - Ensure you are downloading from https://clawsec.prompt.security\nCheck release signatures - GitHub signs our releases; verify the release is from the checksums.\nCompare checksums - After download, compare the SHA-256 hash against the published checksums.json:\n\n# After downloading SKILL.md, verify its integrity\nEXPECTED_HASH=\"\"\nACTUAL_HASH=$(shasum -a 256 SKILL.md | cut -d' ' -f1)\n\nif [ \"$EXPECTED_HASH\" != \"$ACTUAL_HASH\" ]; then\n echo \"ERROR: Skill file integrity check failed!\"\n echo \"This file may have been tampered with. Do not proceed.\"\n exit 1\nfi\n\nNote: For maximum security, verify checksums.json via a separate trusted channel (e.g., direct from GitHub release page UI, not via curl)." }, { "title": "Related Skills", "body": "openclaw-audit-watchdog - Automated daily security audits\nclawtributor - Report vulnerabilities to the community" }, { "title": "License", "body": "GNU AGPL v3.0 or later - See repository for details.\n\nBuilt with šŸ“” by the Prompt Security team and the agent community." } ], "body": "ClawSec Feed šŸ“”\n\nSecurity advisory feed monitoring for AI agents. Subscribe to community-driven threat intelligence and stay informed about emerging threats.\n\nThis feed is automatically updated daily with CVEs related to OpenClaw, clawdbot, and Moltbot from the NIST National Vulnerability Database (NVD).\n\nAn open source project by Prompt Security\n\nInstallation Options\n\nYou can get clawsec-feed in two ways:\n\nOption A: Bundled with ClawSec Suite (Recommended)\n\nIf you've installed clawsec-suite, you may already have this!\n\nClawSec-feed is bundled alongside ClawSec Suite to provide crucial CVE and threat intelligence information. When you install the suite, if you don't already have the feed installed, it will be deployed from the bundled copy.\n\nAdvantages:\n\nConvenient - no separate download needed\nStandard location - installed to ~/.openclaw/skills/clawsec-feed/\nPreserved - if you already have feed installed, it won't be overwritten\nSingle verification - integrity checked as part of suite package\nOption B: Standalone Installation (This Page)\n\nInstall clawsec-feed independently without the full suite.\n\nWhen to use standalone:\n\nYou only need the advisory feed (not other suite components)\nYou want to install before installing the suite\nYou prefer explicit control over feed installation\n\nAdvantages:\n\nLighter weight installation\nIndependent from suite\nDirect control over installation process\n\nContinue below for standalone installation instructions.\n\nInstallation Steps: Agents should review scripts before execution!\n\n# Get latest clawsec-feed release tag\nLATEST_TAG=$(curl -sSL https://api.github.com/repos/prompt-security/ClawSec/releases | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name')\n\n# Download SKILL.md from latest release\nSKILL_URL=\"https://github.com/prompt-security/clawsec/releases/download/$LATEST_TAG/SKILL.md\"\ncurl -sSL --fail --show-error \"$SKILL_URL\"\n\n\nOnce you have this skill file, proceed to Deploy ClawSec Feed below.\n\nDeploy ClawSec Feed\n\nInstallation steps:\n\nStep 1: Create skill directory and save this file\nmkdir -p ~/.openclaw/skills/clawsec-feed\n# Save this SKILL.md as SKILL.md in the directory above\n\nStep 2: Install skill files\n# Get latest release tag with retry logic\nLATEST_TAG=$(curl -sSL --retry 3 --retry-delay 1 \\\n https://api.github.com/repos/prompt-security/ClawSec/releases | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name')\n\nBASE_URL=\"https://github.com/prompt-security/clawsec/releases/download/$LATEST_TAG\"\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills/clawsec-feed}\"\nTEMP_DIR=$(mktemp -d)\ntrap \"rm -rf '$TEMP_DIR'\" EXIT\n\n# Download checksums.json (REQUIRED for integrity verification)\necho \"Downloading checksums...\"\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$BASE_URL/checksums.json\" -o \"$TEMP_DIR/checksums.json\"; then\n echo \"ERROR: Failed to download checksums.json\"\n exit 1\nfi\n\n# Validate checksums.json structure\nif ! jq -e '.skill and .version and .files' \"$TEMP_DIR/checksums.json\" >/dev/null 2>&1; then\n echo \"ERROR: Invalid checksums.json structure\"\n exit 1\nfi\n\n# PRIMARY: Try .skill artifact\necho \"Attempting .skill artifact installation...\"\nif curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$BASE_URL/clawsec-feed.skill\" -o \"$TEMP_DIR/clawsec-feed.skill\" 2>/dev/null; then\n\n # Security: Check artifact size (prevent DoS)\n ARTIFACT_SIZE=$(stat -c%s \"$TEMP_DIR/clawsec-feed.skill\" 2>/dev/null || stat -f%z \"$TEMP_DIR/clawsec-feed.skill\")\n MAX_SIZE=$((50 * 1024 * 1024)) # 50MB\n\n if [ \"$ARTIFACT_SIZE\" -gt \"$MAX_SIZE\" ]; then\n echo \"WARNING: Artifact too large ($(( ARTIFACT_SIZE / 1024 / 1024 ))MB), falling back to individual files\"\n else\n echo \"Extracting artifact ($(( ARTIFACT_SIZE / 1024 ))KB)...\"\n\n # Security: Check for path traversal before extraction\n if unzip -l \"$TEMP_DIR/clawsec-feed.skill\" | grep -qE '\\.\\./|^/|~/'; then\n echo \"ERROR: Path traversal detected in artifact - possible security issue!\"\n exit 1\n fi\n\n # Security: Check file count (prevent zip bomb)\n FILE_COUNT=$(unzip -l \"$TEMP_DIR/clawsec-feed.skill\" | grep -c \"^[[:space:]]*[0-9]\" || echo 0)\n if [ \"$FILE_COUNT\" -gt 100 ]; then\n echo \"ERROR: Artifact contains too many files ($FILE_COUNT) - possible zip bomb\"\n exit 1\n fi\n\n # Extract to temp directory\n unzip -q \"$TEMP_DIR/clawsec-feed.skill\" -d \"$TEMP_DIR/extracted\"\n\n # Verify skill.json exists\n if [ ! -f \"$TEMP_DIR/extracted/clawsec-feed/skill.json\" ]; then\n echo \"ERROR: skill.json not found in artifact\"\n exit 1\n fi\n\n # Verify checksums for all extracted files\n echo \"Verifying checksums...\"\n CHECKSUM_FAILED=0\n for file in $(jq -r '.files | keys[]' \"$TEMP_DIR/checksums.json\"); do\n EXPECTED=$(jq -r --arg f \"$file\" '.files[$f].sha256' \"$TEMP_DIR/checksums.json\")\n FILE_PATH=$(jq -r --arg f \"$file\" '.files[$f].path' \"$TEMP_DIR/checksums.json\")\n\n # Try nested path first, then flat filename\n if [ -f \"$TEMP_DIR/extracted/clawsec-feed/$FILE_PATH\" ]; then\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/extracted/clawsec-feed/$FILE_PATH\" | cut -d' ' -f1)\n elif [ -f \"$TEMP_DIR/extracted/clawsec-feed/$file\" ]; then\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/extracted/clawsec-feed/$file\" | cut -d' ' -f1)\n else\n echo \" āœ— $file (not found in artifact)\"\n CHECKSUM_FAILED=1\n continue\n fi\n\n if [ \"$EXPECTED\" != \"$ACTUAL\" ]; then\n echo \" āœ— $file (checksum mismatch)\"\n CHECKSUM_FAILED=1\n else\n echo \" āœ“ $file\"\n fi\n done\n\n if [ \"$CHECKSUM_FAILED\" -eq 0 ]; then\n # Validate feed.json structure (skill-specific)\n if [ -f \"$TEMP_DIR/extracted/clawsec-feed/advisories/feed.json\" ]; then\n FEED_FILE=\"$TEMP_DIR/extracted/clawsec-feed/advisories/feed.json\"\n elif [ -f \"$TEMP_DIR/extracted/clawsec-feed/feed.json\" ]; then\n FEED_FILE=\"$TEMP_DIR/extracted/clawsec-feed/feed.json\"\n else\n echo \"ERROR: feed.json not found in artifact\"\n exit 1\n fi\n\n if ! jq -e '.version and .advisories' \"$FEED_FILE\" >/dev/null 2>&1; then\n echo \"ERROR: feed.json missing required fields (version, advisories)\"\n exit 1\n fi\n\n # SUCCESS: Install from artifact\n echo \"Installing from artifact...\"\n mkdir -p \"$INSTALL_DIR\"\n cp -r \"$TEMP_DIR/extracted/clawsec-feed\"/* \"$INSTALL_DIR/\"\n chmod 600 \"$INSTALL_DIR/skill.json\"\n find \"$INSTALL_DIR\" -type f ! -name \"skill.json\" -exec chmod 644 {} \\;\n echo \"SUCCESS: Skill installed from .skill artifact\"\n exit 0\n else\n echo \"WARNING: Checksum verification failed, falling back to individual files\"\n fi\n fi\nfi\n\n# FALLBACK: Download individual files\necho \"Downloading individual files from checksums.json manifest...\"\nmkdir -p \"$TEMP_DIR/downloads\"\n\nDOWNLOAD_FAILED=0\nfor file in $(jq -r '.files | keys[]' \"$TEMP_DIR/checksums.json\"); do\n FILE_URL=$(jq -r --arg f \"$file\" '.files[$f].url' \"$TEMP_DIR/checksums.json\")\n EXPECTED=$(jq -r --arg f \"$file\" '.files[$f].sha256' \"$TEMP_DIR/checksums.json\")\n\n echo \"Downloading: $file\"\n if ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \\\n \"$FILE_URL\" -o \"$TEMP_DIR/downloads/$file\"; then\n echo \"ERROR: Failed to download $file\"\n DOWNLOAD_FAILED=1\n continue\n fi\n\n # Verify checksum immediately\n ACTUAL=$(shasum -a 256 \"$TEMP_DIR/downloads/$file\" | cut -d' ' -f1)\n if [ \"$EXPECTED\" != \"$ACTUAL\" ]; then\n echo \"ERROR: Checksum mismatch for $file\"\n DOWNLOAD_FAILED=1\n else\n echo \" āœ“ Verified: $file\"\n fi\ndone\n\nif [ \"$DOWNLOAD_FAILED\" -eq 1 ]; then\n echo \"ERROR: Individual file download failed\"\n exit 1\nfi\n\n# Validate JSON files structure\nif ! jq -e '.name and .version' \"$TEMP_DIR/downloads/skill.json\" >/dev/null 2>&1; then\n echo \"ERROR: skill.json missing required fields (name, version)\"\n exit 1\nfi\n\nif ! jq -e '.version and .advisories' \"$TEMP_DIR/downloads/feed.json\" >/dev/null 2>&1; then\n echo \"ERROR: feed.json missing required fields (version, advisories)\"\n exit 1\nfi\n\n# Install files\necho \"Installing from individual files...\"\nmkdir -p \"$INSTALL_DIR\"\ncp \"$TEMP_DIR/downloads\"/* \"$INSTALL_DIR/\"\nchmod 600 \"$INSTALL_DIR/skill.json\"\nfind \"$INSTALL_DIR\" -type f ! -name \"skill.json\" -exec chmod 644 {} \\;\necho \"SUCCESS: Skill installed from individual files\"\n\nStep 3: Add to your heartbeat\n\nAdd ClawSec Feed to your heartbeat routine:\n\n## ClawSec Feed (every heartbeat)\n1. Check advisory feed for new security alerts\n2. Cross-reference with installed skills\n3. Notify user if action is required\n\nStep 4: Confirm deployment\n\nTell your user:\n\nClawSec Feed deployed successfully. I will now:\n- Monitor the community advisory feed for threats\n- Alert you to any security issues affecting your environment\n- Keep you informed of emerging attack patterns\n\nWhat ClawSec Feed Does\nAdvisory Feed Monitoring\n\nSubscribes to the community advisory feed for:\n\nKnown malicious skills/plugins - Skills that have been identified as harmful\nPrompt injection patterns - Attack patterns observed in the wild\nVulnerable skill versions - Skills with known security flaws\nSecurity best practice updates - New recommendations for agent safety\n\nWhen a relevant advisory is published, your agent will notify you.\n\nChecking the Advisory Feed\n# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\n# Fetch with error handling and retry logic\ncurl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\"\n\n\nFeed structure:\n\n{\n \"version\": \"1.0\",\n \"updated\": \"2026-02-02T12:00:00Z\",\n \"advisories\": [\n {\n \"id\": \"GA-2026-001\",\n \"severity\": \"critical\",\n \"type\": \"malicious_skill\",\n \"title\": \"Malicious data exfiltration in skill 'helper-plus'\",\n \"description\": \"Skill sends user data to external server\",\n \"affected\": [\"helper-plus@1.0.0\", \"helper-plus@1.0.1\"],\n \"action\": \"Remove immediately\",\n \"published\": \"2026-02-01T10:00:00Z\",\n \"exploitability_score\": \"critical\",\n \"exploitability_rationale\": \"Trivially exploitable through normal skill usage; no special conditions required. Active exploitation observed in the wild.\"\n }\n ]\n}\n\nParsing the Feed\nGet advisory count\n# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\nTEMP_FEED=$(mktemp)\ntrap \"rm -f '$TEMP_FEED'\" EXIT\n\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\" -o \"$TEMP_FEED\"; then\n echo \"Error: Failed to fetch advisory feed\"\n exit 1\nfi\n\n# Validate JSON before parsing\nif ! jq empty \"$TEMP_FEED\" 2>/dev/null; then\n echo \"Error: Invalid JSON in feed\"\n exit 1\nfi\n\nFEED=$(cat \"$TEMP_FEED\")\n\n# Get advisory count with error handling\nCOUNT=$(echo \"$FEED\" | jq '.advisories | length')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to parse advisories\"\n exit 1\nfi\necho \"Advisory count: $COUNT\"\n\nGet critical advisories\n# Parse critical advisories with jq error handling\nCRITICAL=$(echo \"$FEED\" | jq '.advisories[] | select(.severity == \"critical\")')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to filter critical advisories\"\n exit 1\nfi\necho \"$CRITICAL\"\n\nGet advisories from the last 7 days\n# Use UTC timezone for consistent date handling\nWEEK_AGO=$(TZ=UTC date -v-7d +%Y-%m-%dT00:00:00Z 2>/dev/null || TZ=UTC date -d '7 days ago' +%Y-%m-%dT00:00:00Z)\nRECENT=$(echo \"$FEED\" | jq --arg since \"$WEEK_AGO\" '.advisories[] | select(.published > $since)')\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to filter recent advisories\"\n exit 1\nfi\necho \"$RECENT\"\n\nFilter by exploitability score\n\nShared exploitability prioritization guidance is maintained in:\n\nwiki/exploitability-scoring.md\nskills/clawsec-suite/SKILL.md (\"Quick feed check\")\nGet exploitability context for an advisory\n# Show exploitability details for a specific CVE\nCVE_ID=\"CVE-2026-27488\"\necho \"$FEED\" | jq --arg cve \"$CVE_ID\" '.advisories[] | select(.id == $cve) | {\n id: .id,\n severity: .severity,\n exploitability_score: .exploitability_score,\n exploitability_rationale: .exploitability_rationale,\n title: .title\n}'\n\nPrioritize advisories by exploitability\n# Sort advisories by exploitability (critical ā†’ high ā†’ medium ā†’ low)\n# This helps agents focus on the most immediately actionable threats\necho \"$FEED\" | jq '[.advisories[] | select(.exploitability_score != null)] |\n sort_by(\n if .exploitability_score == \"critical\" then 0\n elif .exploitability_score == \"high\" then 1\n elif .exploitability_score == \"medium\" then 2\n elif .exploitability_score == \"low\" then 3\n else 4 end\n )'\n\nCross-Reference Installed Skills\n\nCheck if any of your installed skills are affected by advisories:\n\n# List your installed skills (adjust path for your platform)\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills}\"\n\n# Use environment variable if set, otherwise use raw GitHub feed (always up-to-date)\nDEFAULT_FEED_URL=\"https://raw.githubusercontent.com/prompt-security/ClawSec/main/advisories/feed.json\"\nFEED_URL=\"${CLAWSEC_FEED_URL:-$DEFAULT_FEED_URL}\"\n\nTEMP_FEED=$(mktemp)\ntrap \"rm -f '$TEMP_FEED'\" EXIT\n\nif ! curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$FEED_URL\" -o \"$TEMP_FEED\"; then\n echo \"Error: Failed to fetch advisory feed\"\n exit 1\nfi\n\n# Validate and parse feed\nif ! jq empty \"$TEMP_FEED\" 2>/dev/null; then\n echo \"Error: Invalid JSON in feed\"\n exit 1\nfi\n\nFEED=$(cat \"$TEMP_FEED\")\nAFFECTED=$(echo \"$FEED\" | jq -r '.advisories[].affected[]?' 2>/dev/null | sort -u)\nif [ $? -ne 0 ]; then\n echo \"Error: Failed to parse affected skills from feed\"\n exit 1\nfi\n\n# Safely validate all installed skills before processing\n# This prevents shell injection via malicious filenames\nVALIDATED_SKILLS=()\nwhile IFS= read -r -d '' skill_path; do\n skill=$(basename \"$skill_path\")\n\n # Validate skill name BEFORE adding to array (prevents injection)\n if [[ \"$skill\" =~ ^[a-zA-Z0-9_-]+$ ]]; then\n VALIDATED_SKILLS+=(\"$skill\")\n else\n echo \"Warning: Skipping invalid skill name: $skill\" >&2\n fi\ndone < <(find \"$INSTALL_DIR\" -mindepth 1 -maxdepth 1 -type d -print0 2>/dev/null)\n\n# Check each validated skill against affected list\n# Use grep -qF for fixed string matching (prevents regex injection)\nfor skill in \"${VALIDATED_SKILLS[@]}\"; do\n # At this point, $skill is guaranteed to match ^[a-zA-Z0-9_-]+$\n if echo \"$AFFECTED\" | grep -qF \"$skill\"; then\n echo \"WARNING: Installed skill '$skill' has a security advisory!\"\n # Get advisory details for this skill\n echo \"$FEED\" | jq --arg s \"$skill\" '.advisories[] | select(.affected[] | contains($s))'\n fi\ndone\n\n\nIf you find affected skills:\n\nCheck the advisory for details and severity\nNotify your user immediately for critical/high severity\nInclude the recommended action from the advisory\nAdvisory Types\nType\tDescription\nmalicious_skill\tSkill identified as intentionally harmful\nvulnerable_skill\tSkill with security vulnerabilities\nprompt_injection\tKnown prompt injection pattern\nattack_pattern\tObserved attack technique\nbest_practice\tSecurity recommendation\nSeverity Levels\nSeverity\tAction Required\ncritical\tNotify user immediately, take action\nhigh\tNotify user soon, plan remediation\nmedium\tNotify at next interaction\nlow\tLog for reference\nPrioritizing High-Exploitability Threats\n\nIMPORTANT: When reviewing advisories, always prioritize by exploitability score in addition to severity. The exploitability score indicates how easily a vulnerability can be exploited in practice, helping you focus on the most actionable threats.\n\nExploitability Priority Levels\nExploitability\tMeaning\tAction Priority\nhigh\tTrivially or easily exploitable with public tooling\tImmediate notification\nmedium\tExploitable but requires specific conditions\tStandard notification\nlow\tDifficult to exploit or theoretical\tLow priority notification\nHow to Use Exploitability in Notifications\n\nFilter for high-exploitability first:\n\n# Get high exploitability advisories\necho \"$FEED\" | jq '.advisories[] | select(.exploitability_score == \"high\")'\n\n\nInclude exploitability in notifications:\n\nšŸ“” ClawSec Feed: High-exploitability alert\n\nCRITICAL - CVE-2026-27488 (Exploitability: HIGH)\n ā†’ Trivially exploitable RCE in skill-loader v2.1.0\n ā†’ Public exploit code available\n ā†’ Recommended action: Immediate removal or upgrade to v2.1.1\n\n\nPrioritize by both severity AND exploitability:\n\nA HIGH severity + HIGH exploitability CVE is more urgent than a CRITICAL severity + LOW exploitability CVE\nFocus user attention on threats that are both severe and easily exploitable\nInclude the exploitability rationale to help users understand the risk context\nExample Notification Priority Order\n\nWhen multiple advisories exist, present them in this order:\n\nCritical severity + High exploitability - most urgent\nHigh severity + High exploitability\nCritical severity + Medium/Low exploitability\nHigh severity + Medium/Low exploitability\nMedium/Low severity (any exploitability)\n\nThis ensures you alert users to the most actionable, immediately dangerous threats first.\n\nWhen to Notify Your User\n\nNotify Immediately (Critical):\n\nNew critical advisory affecting an installed skill\nActive exploitation detected\nHigh exploitability score (regardless of severity)\n\nNotify Soon (High):\n\nNew high-severity advisory affecting installed skills\nFailed to fetch advisory feed (network issue?)\nMedium exploitability with high severity\n\nNotify at Next Interaction (Medium):\n\nNew medium-severity advisories\nGeneral security updates\nLow exploitability advisories\n\nLog Only (Low/Info):\n\nLow-severity advisories (mention if user asks)\nFeed checked, no new advisories\nTheoretical vulnerabilities (low exploitability, low severity)\nResponse Format\nIf there are new advisories:\nšŸ“” ClawSec Feed: 2 new advisories since last check\n\nCRITICAL - GA-2026-015: Malicious prompt pattern \"ignore-all\" (Exploitability: HIGH)\n ā†’ Detected prompt injection technique. Update your system prompt defenses.\n ā†’ Exploitability: Easily exploitable with publicly documented techniques.\n\nHIGH - GA-2026-016: Vulnerable skill \"data-helper\" v1.2.0 (Exploitability: MEDIUM)\n ā†’ You have this installed! Recommended action: Update to v1.2.1 or remove.\n ā†’ Exploitability: Requires specific configuration; not trivially exploitable.\n\nIf nothing new:\nFEED_OK - Advisory feed checked, no new alerts. šŸ“”\n\nState Tracking\n\nTrack the last feed check to identify new advisories:\n\n{\n \"schema_version\": \"1.0\",\n \"last_feed_check\": \"2026-02-02T15:00:00Z\",\n \"last_feed_updated\": \"2026-02-02T12:00:00Z\",\n \"known_advisories\": [\"GA-2026-001\", \"GA-2026-002\"]\n}\n\n\nSave to: ~/.openclaw/clawsec-feed-state.json\n\nState File Operations\nSTATE_FILE=\"$HOME/.openclaw/clawsec-feed-state.json\"\n\n# Create state file with secure permissions if it doesn't exist\nif [ ! -f \"$STATE_FILE\" ]; then\n echo '{\"schema_version\":\"1.0\",\"last_feed_check\":null,\"last_feed_updated\":null,\"known_advisories\":[]}' > \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nfi\n\n# Validate state file before reading\nif ! jq -e '.schema_version' \"$STATE_FILE\" >/dev/null 2>&1; then\n echo \"Warning: State file corrupted or invalid schema. Creating backup and resetting.\"\n cp \"$STATE_FILE\" \"${STATE_FILE}.bak.$(TZ=UTC date +%Y%m%d%H%M%S)\"\n echo '{\"schema_version\":\"1.0\",\"last_feed_check\":null,\"last_feed_updated\":null,\"known_advisories\":[]}' > \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nfi\n\n# Check for major version compatibility\nSCHEMA_VER=$(jq -r '.schema_version // \"0\"' \"$STATE_FILE\")\nif [[ \"${SCHEMA_VER%%.*}\" != \"1\" ]]; then\n echo \"Warning: State file schema version $SCHEMA_VER may not be compatible with this version\"\nfi\n\n# Update last check time (always use UTC)\nTEMP_STATE=$(mktemp)\nif jq --arg t \"$(TZ=UTC date +%Y-%m-%dT%H:%M:%SZ)\" '.last_feed_check = $t' \"$STATE_FILE\" > \"$TEMP_STATE\"; then\n mv \"$TEMP_STATE\" \"$STATE_FILE\"\n chmod 600 \"$STATE_FILE\"\nelse\n echo \"Error: Failed to update state file\"\n rm -f \"$TEMP_STATE\"\nfi\n\nRate Limiting\n\nImportant: To avoid excessive requests to the feed server, follow these guidelines:\n\nCheck Type\tRecommended Interval\tMinimum Interval\nHeartbeat check\tEvery 15-30 minutes\t5 minutes\nFull feed refresh\tEvery 1-4 hours\t30 minutes\nCross-reference scan\tOnce per session\t5 minutes\n# Check if enough time has passed since last check\nSTATE_FILE=\"$HOME/.openclaw/clawsec-feed-state.json\"\nMIN_INTERVAL_SECONDS=300 # 5 minutes\n\nLAST_CHECK=$(jq -r '.last_feed_check // \"1970-01-01T00:00:00Z\"' \"$STATE_FILE\" 2>/dev/null)\nLAST_EPOCH=$(TZ=UTC date -j -f \"%Y-%m-%dT%H:%M:%SZ\" \"$LAST_CHECK\" +%s 2>/dev/null || date -d \"$LAST_CHECK\" +%s 2>/dev/null || echo 0)\nNOW_EPOCH=$(TZ=UTC date +%s)\n\nif [ $((NOW_EPOCH - LAST_EPOCH)) -lt $MIN_INTERVAL_SECONDS ]; then\n echo \"Rate limit: Last check was less than 5 minutes ago. Skipping.\"\n exit 0\nfi\n\nEnvironment Variables (Optional)\nVariable\tDescription\tDefault\nCLAWSEC_FEED_URL\tCustom advisory feed URL\tRaw GitHub (main branch)\nCLAWSEC_INSTALL_DIR\tInstallation directory\t~/.openclaw/skills/clawsec-feed\nUpdating ClawSec Feed\n\nCheck for and install newer versions:\n\n# Check current installed version\nINSTALL_DIR=\"${CLAWSEC_INSTALL_DIR:-$HOME/.openclaw/skills/clawsec-feed}\"\nCURRENT_VERSION=$(jq -r '.version' \"$INSTALL_DIR/skill.json\" 2>/dev/null || echo \"unknown\")\necho \"Installed version: $CURRENT_VERSION\"\n\n# Check latest available version\nLATEST_URL=\"https://api.github.com/repos/prompt-security/ClawSec/releases\"\nLATEST_VERSION=$(curl -sSL --fail --show-error --retry 3 --retry-delay 1 \"$LATEST_URL\" 2>/dev/null | \\\n jq -r '[.[] | select(.tag_name | startswith(\"clawsec-feed-v\"))][0].tag_name // empty' | \\\n sed 's/clawsec-feed-v//')\n\nif [ -z \"$LATEST_VERSION\" ]; then\n echo \"Warning: Could not determine latest version\"\nelse\n echo \"Latest version: $LATEST_VERSION\"\n\n if [ \"$CURRENT_VERSION\" != \"$LATEST_VERSION\" ]; then\n echo \"Update available! Run the deployment steps with the new version.\"\n else\n echo \"You are running the latest version.\"\n fi\nfi\n\nInitial Download Integrity\n\nBootstrap Trust Problem: The initial download of this skill cannot be verified by the skill itself. To establish trust:\n\nVerify the source URL - Ensure you are downloading from https://clawsec.prompt.security\nCheck release signatures - GitHub signs our releases; verify the release is from the checksums.\nCompare checksums - After download, compare the SHA-256 hash against the published checksums.json:\n# After downloading SKILL.md, verify its integrity\nEXPECTED_HASH=\"\"\nACTUAL_HASH=$(shasum -a 256 SKILL.md | cut -d' ' -f1)\n\nif [ \"$EXPECTED_HASH\" != \"$ACTUAL_HASH\" ]; then\n echo \"ERROR: Skill file integrity check failed!\"\n echo \"This file may have been tampered with. Do not proceed.\"\n exit 1\nfi\n\n\nNote: For maximum security, verify checksums.json via a separate trusted channel (e.g., direct from GitHub release page UI, not via curl).\n\nRelated Skills\nopenclaw-audit-watchdog - Automated daily security audits\nclawtributor - Report vulnerabilities to the community\nLicense\n\nGNU AGPL v3.0 or later - See repository for details.\n\nBuilt with šŸ“” by the Prompt Security team and the agent community." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/davida-ps/clawsec-feed", "publisherUrl": "https://clawhub.ai/davida-ps/clawsec-feed", "owner": "davida-ps", "version": "0.0.5", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/clawsec-feed", "downloadUrl": "https://openagent3.xyz/downloads/clawsec-feed", "agentUrl": "https://openagent3.xyz/skills/clawsec-feed/agent", "manifestUrl": "https://openagent3.xyz/skills/clawsec-feed/agent.json", "briefUrl": "https://openagent3.xyz/skills/clawsec-feed/agent.md" } }