will/swarm-zap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(security): refresh deep-audit status and clear stale warning

Browse Source
This commit is contained in:
zap
2026-03-05 21:37:25 +00:00
parent 23c2546fc1
commit b76815b4da
3 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
memory/2026-03-05.md
View File

@@ -49,3 +49,8 @@
- Will wants to keep zap's "light" council skill AND have Flynn's deterministic pipeline available for delegation.
- Work to happen on feature branch `fix/council-pipeline`.
- Estimated effort: 1-2 focused sessions.
- 2026-03-05T21:36Z: Ran `openclaw security audit --deep` on request to clear stale-audit warning.
- Result: 1 critical, 2 warn, 1 info.
- Critical: plugin `acpx.bak` code-safety issue (dangerous exec pattern).
- Warnings: missing `plugins.allow` allowlist; extension tools reachable under permissive policy.
- Updated `memory/startup-health.json` + `memory/startup-health.md` to mark freshness restored and record findings.

11
memory/startup-health.json
View File

@@ -1,6 +1,6 @@
{
"last_run_utc": "2026-03-05T04:28:00Z",
"status": "warn",
"last_run_utc": "2026-03-05T21:36:00Z",
"status": "critical",
"checks_passed": [
"core-workspace-files: AGENTS.md, SOUL.md, USER.md, TOOLS.md, HEARTBEAT.md",
"skill-folders: all 7 required skills present",
@@ -9,14 +9,15 @@
"permissions: ~/.openclaw is 700; all credentials are 600",
"network-exposure: gateway local-only (127.0.0.1 / ::1 only)",
"backup-freshness: last backup ~4.1h ago (within 8h threshold)",
"update-status: no update available (current: 2026.3.2)"
"update-status: no update available (current: 2026.3.2)",
"security-audit-freshness: deep audit run just now (age ~0h)"
],
"checks_failed": [],
"warnings": [
"security-audit: no recent openclaw security audit --deep result found (stale/missing)"
"security-audit: latest deep audit reports 1 critical, 2 warn, 1 info (plugin posture)"
],
"gateway_exposure": "local-only",
"last_backup_age_hours": 4.1,
"last_security_audit_age_hours": null,
"last_security_audit_age_hours": 0.0,
"update_status": "up-to-date (2026.3.2 stable)"
}

2
memory/startup-health.md
View File

@@ -3,3 +3,5 @@
[2026-03-05T04:28:00Z] WARN hooks-missing: 0 hooks installed (expected: session-memory, command-logger, bootstrap-extra-files, boot-md). Fix: run `openclaw hooks install <pack>` for each required hook.
[2026-03-05T04:28:00Z] WARN security-audit-stale: no recent `openclaw security audit --deep` result found. Fix: run `openclaw security audit --deep` and save output to memory/.
[2026-03-05T21:33:31Z] RESOLVED hooks-missing: `openclaw hooks` reports 5/5 ready (boot-md, bootstrap-extra-files, command-logger, model-skill-injector, session-memory).
[2026-03-05T21:36:00Z] RESOLVED security-audit-stale: ran `openclaw security audit --deep`; freshness restored.
[2026-03-05T21:36:00Z] CRITICAL security-audit-findings: latest deep audit = 1 critical, 2 warn, 1 info. Key issue: extension plugin `acpx.bak` flagged for dangerous exec pattern.