Skip to content

Commit e350850

Browse files
authored
Merge pull request #14 from Kilo-Org/chore/rebrand-to-shell-security
Chore rebrand to shell security
2 parents 5e8eb6d + fc8d205 commit e350850

19 files changed

Lines changed: 2241 additions & 191 deletions

.github/workflows/publish.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
publish:
4343
name: Publish to npm
4444
runs-on: ubuntu-24.04
45-
if: github.repository == 'Kilo-Org/openclaw-security-advisor'
45+
if: github.repository == 'Kilo-Org/shell-security'
4646
steps:
4747
- uses: actions/checkout@v4
4848
with:
@@ -122,10 +122,10 @@ jobs:
122122
env:
123123
VERSION: ${{ steps.version.outputs.version }}
124124
run: |
125-
echo "Probing registry for @kilocode/openclaw-security-advisor@$VERSION..."
125+
echo "Probing registry for @kilocode/shell-security@$VERSION..."
126126
for i in 1 2 3 4 5 6; do
127127
STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
128-
"https://registry.npmjs.org/@kilocode/openclaw-security-advisor/$VERSION")
128+
"https://registry.npmjs.org/@kilocode/shell-security/$VERSION")
129129
if [ "$STATUS" = "200" ]; then
130130
echo "::notice::Verified $VERSION is live on the registry"
131131
exit 0
@@ -254,7 +254,7 @@ jobs:
254254
PARTIAL PUBLISH STATE
255255
============================================================
256256
257-
npm publish for @kilocode/openclaw-security-advisor@$VERSION
257+
npm publish for @kilocode/shell-security@$VERSION
258258
SUCCEEDED, but the post-publish git/GitHub-release operations
259259
FAILED.
260260
@@ -265,12 +265,12 @@ jobs:
265265
266266
To complete the release manually, run from your local checkout:
267267
268-
cd /path/to/openclaw-security-advisor
268+
cd /path/to/shell-security
269269
git fetch origin --tags
270270
271271
# First check what already exists:
272272
git ls-remote --tags origin "$TAG"
273-
gh release view "$TAG" --repo Kilo-Org/openclaw-security-advisor
273+
gh release view "$TAG" --repo Kilo-Org/shell-security
274274
275275
MSG
276276
@@ -319,7 +319,7 @@ jobs:
319319
# If the GH release is missing, create it:
320320
321321
gh release create "$TAG" \\
322-
--repo Kilo-Org/openclaw-security-advisor \\
322+
--repo Kilo-Org/shell-security \\
323323
--title "$TAG" \\
324324
--generate-notes${PRERELEASE_FLAG}
325325

AGENTS.md

Lines changed: 13 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,9 @@
11
# AGENTS.md
22

3-
`@kilocode/openclaw-security-advisor` is an OpenClaw plugin that runs a local
4-
`openclaw security audit`, sends it to the KiloCode Security Advisor API, and
5-
renders the returned markdown report inline in chat.
3+
`@kilocode/shell-security` (previously `@kilocode/openclaw-security-advisor`)
4+
is an OpenClaw plugin that runs a local `openclaw security audit`, sends it
5+
to the KiloCode ShellSecurity API, and renders the returned markdown report
6+
inline in chat.
67

78
- The default branch is `main`.
89
- Releases are gated on manual `workflow_dispatch` — never publish from a push trigger.
@@ -53,7 +54,7 @@ Releases are triggered manually from GitHub Actions → `publish` workflow →
5354

5455
- **`latest`** — public stable releases (`X.Y.Z`). Default for `npm install`.
5556
- **`dev`** — internal dogfood snapshots (`X.Y.Z-dev.N`). Available via
56-
`npm install @kilocode/openclaw-security-advisor@dev`.
57+
`npm install @kilocode/shell-security@dev`.
5758

5859
There is no `beta`, `rc`, `next`, or `canary`. Two channels, that's it.
5960

@@ -107,19 +108,22 @@ Until then, release commits:
107108

108109
## Code layout
109110

110-
- `index.ts` — plugin entry point; registers `/security-checkup` command and
111-
`kilocode_security_advisor` tool; shared `runSecurityAdvisorFlow` handles
112-
all auth paths (env token, saved token, pending device auth, new device auth).
111+
- `index.ts` — plugin entry point; registers the `kilocode_shell_security`
112+
tool and two slash commands (`/shell-security` canonical, `/security-checkup`
113+
legacy alias for users migrating from `@kilocode/openclaw-security-advisor`).
114+
Both slash commands route to the same handler. Shared `runShellSecurityFlow`
115+
handles all auth paths (env token, saved token, pending device auth, new
116+
device auth).
113117
- `src/audit.ts` — runs `openclaw security audit --json`, parses + validates
114118
output, fetches public IP.
115-
- `src/client.ts` — HTTP client for the Security Advisor API; throws
119+
- `src/client.ts` — HTTP client for the ShellSecurity API; throws
116120
`AuthExpiredError` on 401.
117121
- `src/platform.ts` — detects `kiloclaw` vs `openclaw`. Kept separate from
118122
`audit.ts` so the plugin loader's "env read + network send" security
119123
heuristic doesn't flag the combined file.
120124
- `src/auth/device-auth.ts``startDeviceAuth` + `pollDeviceAuth` helpers.
121125
- `src/auth/token-store.ts` — persists auth token to
122-
`~/.openclaw/secrets/openclaw-security-advisor-auth-token` (mode 600) and
126+
`~/.openclaw/secrets/shell-security-auth-token` (mode 600) and
123127
patches `openclaw.json` with a `SecretRef`. Also manages the pending
124128
device-auth code file. `patchConfig` is covered by unit tests.
125129

CHANGELOG.md

Lines changed: 83 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,40 +1,101 @@
11
# Changelog
22

3-
All notable changes to `@kilocode/openclaw-security-advisor` are documented here.
3+
All notable changes to `@kilocode/shell-security` (formerly
4+
`@kilocode/openclaw-security-advisor`) are documented here.
45

56
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
67
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
78

89
## [Unreleased]
910

10-
## [0.1.5] - Migration stub
11+
### Fixed
1112

12-
This release is a migration stub. The plugin has been renamed to `@kilocode/shell-security`. Installing or invoking `@kilocode/openclaw-security-advisor@0.1.5` no longer runs a security checkup. Both the `/security-checkup` slash command and the `kilocode_security_advisor` tool return a notice explaining how to install the new package.
13+
- `getPublicIp()` now clears its 5-second abort timer on error paths as
14+
well as success, so repeated checkups on a flaky network don't leak
15+
dangling timeouts.
16+
- Device-auth poll requests now carry a per-request `AbortController`
17+
(10s) so a hung HTTP call can no longer outlive the overall 30s
18+
`POLL_TIMEOUT_MS` budget. Sleep interval and request timeout are
19+
both clamped to the remaining budget at each iteration, so
20+
`pollDeviceAuth()` honors its advertised deadline even when a
21+
fetch is started late in the cycle.
22+
- Expired plugin-managed auth tokens now fall through to the file-based
23+
auto re-auth path (Path B) instead of returning the "update your
24+
openclaw.json" message. `runShellSecurityFlow` inspects the raw
25+
config via `isPluginManagedAuthToken()` and skips Path 0 when the
26+
`authToken` is a SecretRef pointing at our own provider — that shape
27+
is only ever written by `writeStoredToken()` after device auth, so
28+
the plugin (not the user) owns recovery.
29+
- `pollDeviceAuth()` now `encodeURIComponent()`s the device-auth code
30+
before interpolating it into the poll URL. Defense-in-depth against
31+
a compromised or MITM-ed server returning a code with URL meta-chars
32+
that would silently redirect polling to a different endpoint.
33+
- `submitAudit()` now validates that `report.markdown` is a string on
34+
the success path. A malformed server response previously surfaced as
35+
a confusing `TypeError: Cannot read properties of undefined (reading
36+
'markdown')`; it now throws a clear
37+
"unexpected response shape" error.
1338

1439
### Changed
1540

16-
- `index.ts` rewritten as a two-entry-point stub that returns the migration notice. The previous audit flow, auth flow, platform detection, client, and token-store modules are removed from this release (via `git rm` so the commit can be cleanly reverted on the renamed repo).
17-
- `openclaw.plugin.json` description and name reflect the deprecation; config schema removed (stub requires no config).
18-
- `README.md` replaced with a migration page.
41+
- Removed the unreachable `{ kind: "pending" }` variant from
42+
`DeviceAuthPollResult`. `pollDeviceAuth()` loops internally and only
43+
returns terminal states or `timeout`, so the `"pending"` branch in
44+
`runShellSecurityFlow` was dead code and confused the contract.
45+
- Renumbered the ordered list in `src/platform.ts`'s module doc
46+
comment. Signals 2–5 are now 1–4.
1947

20-
### Removed
48+
## [0.2.0]
49+
50+
First release under the new `@kilocode/shell-security` name. The plugin
51+
was renamed from `@kilocode/openclaw-security-advisor` to `ShellSecurity`
52+
to reflect a broader mission than any single agent-shell runtime.
53+
Functionally identical to `@kilocode/openclaw-security-advisor@0.1.4`.
54+
55+
### Changed
56+
57+
- npm package: `@kilocode/openclaw-security-advisor``@kilocode/shell-security`.
58+
- GitHub repo: `Kilo-Org/openclaw-security-advisor``Kilo-Org/shell-security` (old URLs redirect).
59+
- OpenClaw plugin id: `openclaw-security-advisor``shell-security`.
60+
- Plugin display name: `OpenClaw Security Advisor``ShellSecurity`.
61+
- Tool name: `kilocode_security_advisor``kilocode_shell_security`.
62+
- Install dir: `~/.openclaw/extensions/openclaw-security-advisor/``~/.openclaw/extensions/shell-security/`.
63+
- Secret file: `~/.openclaw/secrets/openclaw-security-advisor-auth-token``~/.openclaw/secrets/shell-security-auth-token`.
64+
65+
### Added
66+
67+
- New `/shell-security` slash command, the canonical name matching the
68+
plugin id. The existing `/security-checkup` command is also registered
69+
and works identically, so users migrating from the old plugin can keep
70+
typing the command they're used to. Both are routed to the same handler.
71+
72+
### Migration
73+
74+
Existing users of `@kilocode/openclaw-security-advisor` should run:
2175

22-
- `src/audit.ts`, `src/client.ts`, `src/platform.ts`, `src/auth/device-auth.ts`, `src/auth/token-store.ts`.
23-
- Tests that exercised the removed modules (`audit`, `device-auth`, `token-store`, `platform`).
76+
```
77+
openclaw plugins install @kilocode/shell-security
78+
openclaw plugins enable shell-security
79+
openclaw gateway restart
80+
openclaw plugins uninstall openclaw-security-advisor
81+
```
2482

25-
### Migration path for existing users
83+
Device auth runs fresh on first use of the new plugin. The old plugin
84+
remains installable from npm (deprecated) but is no longer receiving
85+
updates.
2686

27-
1. `openclaw plugins install @kilocode/shell-security`
28-
2. `openclaw plugins enable shell-security`
29-
3. `openclaw gateway restart`
30-
4. `openclaw plugins uninstall openclaw-security-advisor`
31-
5. Run `/security-checkup` and complete device auth once on the new plugin.
87+
## [0.1.5] - 2026-04-22
3288

33-
The new plugin's runtime behavior is identical to 0.1.4 (including the `source.channel` forwarding added in 0.1.4). The rename is strictly a name change — no feature regressions.
89+
Migration stub. Final release under `@kilocode/openclaw-security-advisor`.
3490

35-
Published with provenance attestation via npm OIDC trusted publishing; verify with `npm audit signatures`.
91+
- Replaced the audit flow with a short migration notice directing users to
92+
`@kilocode/shell-security`. The `/security-checkup` slash command and
93+
the `kilocode_security_advisor` tool both return the notice; no audit
94+
runs, no network call, no auth flow.
95+
- npm package `@kilocode/openclaw-security-advisor` marked deprecated with
96+
the same migration message.
3697

37-
## [0.1.4] - 2026-04-21
98+
## [0.1.4] - 2026-04-20
3899

39100
### Added
40101

@@ -83,5 +144,7 @@ Initial dev release.
83144
- Audit output validated with a Zod schema at the plugin boundary.
84145
- Public IP detection via `ifconfig.me` with IPv4/IPv6 validation.
85146

86-
[Unreleased]: https://github.com/Kilo-Org/openclaw-security-advisor/compare/v0.1.0-dev.1...HEAD
87-
[0.1.0-dev.1]: https://github.com/Kilo-Org/openclaw-security-advisor/releases/tag/v0.1.0-dev.1
147+
[0.2.0]: https://github.com/Kilo-Org/shell-security/compare/v0.1.5...v0.2.0
148+
[0.1.5]: https://github.com/Kilo-Org/shell-security/compare/v0.1.4...v0.1.5
149+
[0.1.4]: https://github.com/Kilo-Org/shell-security/compare/v0.1.0-dev.1...v0.1.4
150+
[0.1.0-dev.1]: https://github.com/Kilo-Org/shell-security/releases/tag/v0.1.0-dev.1

0 commit comments

Comments
 (0)