Skip to content

v0.6.0

Choose a tag to compare

@SuperMarioYL SuperMarioYL released this 05 Jul 23:23

Two verification-correctness fixes.

Security / Fixed

  • verify now actually checks the signature bundle (high). runVerify never called the verifier package — verifier.VerifySkill was fully implemented but had zero callers, so a scope-clean skill with no/invalid bundle still read TRUSTED. A tampered manifest + missing bundle passed verify --ci TRUSTED at cold-start — the exact supply-chain vector skillsig exists to catch. verify now folds signature verification into every row: missing bundle → UNSIGNED, bundle that doesn't verify → SCOPE-DRIFTED (fails --ci), keyless → pending, and TRUSTED requires a valid signature. New internal/verifier/verifier_test.go covers signed / no-bundle / tampered / corrupt / keyless.
  • verify --trust no longer silently re-baselines a drifted scope (high). ScanAndTrust recorded the current (possibly broadened) declares into the lock for every in-version-TRUSTED skill, erasing cross-version drift. It now runs the lock-drift check first — a drifted skill reports SCOPE-DRIFTED and its baseline is preserved; re-baselining a drifted skill requires the new explicit verify --trust --force-trust.

Full notes: CHANGELOG.md.