Skip to content

Fix: replace exec/spawn with open package and declare filesystem permissions #45

Merged
web3-jeff merged 2 commits intomainfrom
fix/use-open-package
Apr 21, 2026
Merged

Fix: replace exec/spawn with open package and declare filesystem permissions #45
web3-jeff merged 2 commits intomainfrom
fix/use-open-package

Conversation

@web3-jeff
Copy link
Copy Markdown
Collaborator

@web3-jeff web3-jeff commented Apr 21, 2026

Summary

Brief description of the changes.

Type

  • Bug fix
  • New feature / detection rule
  • Refactoring
  • Documentation

Testing

  • npm run build passes
  • npm test passes (32 tests)
  • Manually tested the change

Related Issues

Closes #

web3-jeff and others added 2 commits April 20, 2026 18:39
@web3-jeff
replace exec/spawn with open package to avoid shell command security …
402caa0 
…alerts

use the `open` npm package (pinned to 11.0.0) instead of manual platform
detection with exec/spawn, which triggered high-risk warnings on clawhub.
dependency added to skills/agentguard/package.json for standalone install.
@web3-jeff @claude
declare filesystem access paths in SKILL.md to match actual behavior
3e0e364 
add filesystem-access field to frontmatter listing all sensitive paths
accessed during checkup/patrol (~/.ssh, ~/.gnupg, ~/.claude, ~/.openclaw,
~/.qclaw, ~/.agentguard) with access level and reason, so clawhub scan
no longer flags a mismatch between declared permissions and actual operations.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@web3-jeff web3-jeff merged commit 30f2d71 into main Apr 21, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@web3-jeff