will/swarm-zap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(security): refresh deep-audit status and clear stale warning

Browse Source
This commit is contained in:
zap
2026-03-05 21:37:25 +00:00
parent 23c2546fc1
commit b76815b4da
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
memory/2026-03-05.md
View File

@@ -49,3 +49,8 @@
- Will wants to keep zap's "light" council skill AND have Flynn's deterministic pipeline available for delegation.
- Work to happen on feature branch `fix/council-pipeline`.
- Estimated effort: 1-2 focused sessions.
- 2026-03-05T21:36Z: Ran `openclaw security audit --deep` on request to clear stale-audit warning.
- Result: 1 critical, 2 warn, 1 info.
- Critical: plugin `acpx.bak` code-safety issue (dangerous exec pattern).
- Warnings: missing `plugins.allow` allowlist; extension tools reachable under permissive policy.
- Updated `memory/startup-health.json` + `memory/startup-health.md` to mark freshness restored and record findings.