48aea87028
* feat: add prek pre-commit hooks and dependabot Pre-commit hooks (via prek): - Basic hygiene: trailing-whitespace, end-of-file-fixer, check-yaml, check-added-large-files, check-merge-conflict - Security: detect-secrets, zizmor (GitHub Actions audit) - Linting: shellcheck, actionlint, oxlint, swiftlint - Formatting: oxfmt, swiftformat Dependabot: - npm and GitHub Actions ecosystems - Grouped updates (production/development/actions) - 7-day cooldown for supply chain protection Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * docs: add prek install instruction to AGENTS.md --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
415 B
415 B
Security Policy
If you believe you’ve found a security issue in Clawdbot, please report it privately.
Reporting
- Email:
steipete@gmail.com - What to include: reproduction steps, impact assessment, and (if possible) a minimal PoC.
Operational Guidance
For threat model + hardening guidance (including clawdbot security audit --deep and --fix), see:
https://docs.clawd.bot/gateway/security