Releases: SuperMarioYL/skillsig
Releases · SuperMarioYL/skillsig
Release list
v0.7.0
v0.6.0
Two verification-correctness fixes.
Security / Fixed
verifynow actually checks the signature bundle (high).runVerifynever called theverifierpackage —verifier.VerifySkillwas fully implemented but had zero callers, so a scope-clean skill with no/invalid bundle still readTRUSTED. A tampered manifest + missing bundle passedverify --ciTRUSTEDat cold-start — the exact supply-chain vector skillsig exists to catch.verifynow folds signature verification into every row: missing bundle →UNSIGNED, bundle that doesn't verify →SCOPE-DRIFTED(fails--ci), keyless → pending, andTRUSTEDrequires a valid signature. Newinternal/verifier/verifier_test.gocovers signed / no-bundle / tampered / corrupt / keyless.verify --trustno longer silently re-baselines a drifted scope (high).ScanAndTrustrecorded the current (possibly broadened) declares into the lock for every in-version-TRUSTEDskill, erasing cross-version drift. It now runs the lock-drift check first — a drifted skill reportsSCOPE-DRIFTEDand its baseline is preserved; re-baselining a drifted skill requires the new explicitverify --trust --force-trust.
Full notes: CHANGELOG.md.
v0.5.0
Signed manifest + cross-version scope-drift detector for Claude Code skills
v0.4.0
Signed manifest + scope-drift detector for Claude Code skills
v0.3.0
Signed manifest + scope-drift detector for Claude Code skills
v0.2.0
First feature iteration on the v0.1 line.
Added
verify --json/diff --json— machine-readable reports so CI can branch on results withjqinstead of scraping the colored table.verify --jsoncarries a per-skill array, a summary tally, and a top-leveldriftboolean (same condition--ciexits non-zero on).diff --jsoncarries anescalationboolean plus the offending grants.
Fixed
- Glob-aware cross-version diff —
skillsig diffand the~/.skillsig/lock.yamllock check previously used a literal string set-difference, so tightening an existing grant was wrongly reported as an escalation (e.g. narrowingBash(git status*)→Bash(git status -s), or\${WORKSPACE}/**→\${WORKSPACE}/build/out.txt). The diff now reuses the same coverage predicate as the in-versionverifycheck on every axis (tools + fs_write + network_egress), so only a genuinely new, uncovered grant fails CI.
Full notes: CHANGELOG.md
v0.1.1
skillsig v0.1.0
Signed manifest + scope-drift detector for Claude Code skills.