The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Fetches security advisory feeds from the vendor's infrastructure (prompt.security) and GitHub. These network operations are performed using a secure wrapper that enforces TLS 1.2+ and validates URLs against a strict whitelist of allowed domains.- [SAFE]: Implements robust authenticity and integrity controls by requiring Ed25519 digital signatures for all remote feeds and skill packages before they are processed or installed.- [SAFE]: File integrity monitoring utilizes a hash-chained, tamper-evident audit log and atomic write operations to protect critical configuration files like group registrations and agent instructions.- [SAFE]: Employs multi-layer path validation and filesystem boundary checks in both the container-side tools and host-side handlers, ensuring file operations are restricted to authorized directories and rejecting symbolic links to prevent traversal attacks.

clawsec-nanoclaw