Skip to content

v2026.2.15-beta.1

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 14 Feb 10:06
· 27 commits to main since this release
v2026.2.15-beta.1
904bcb3

Summary

This beta improves first-time buyer completion for unknown promo/download links and tightens buyer key handling guidance for agent-driven flows.

What changed

1) Buyer UX for fresh agents

  • Added clearer “Agent Quick Path” guidance across discovery surfaces.
  • Reduced verbose/blocking promo-page copy.
  • Updated promo-page CTA to a simpler human action:
    • “Copy link” now copies the promo page URL.
  • Improved unknown-link flow so agents can move faster from link → install approval → buyer flow.

2) Security policy update for buyer key setup (skill behavior)

  • Skill now supports an explicit opt-in fallback when no buyer key file exists:
    • default remains: use an existing buyer key file.
    • fallback (only with user consent): generate ./.leak/buyer.key.
  • Added safeguards in skill policy:
    • no raw key text in chat/CLI args,
    • owner-only permissions expectations (0700 dir, 0600 key file),
    • never print key material in normal output,
    • if workspace is a git repo, add ./.leak/buyer.key to .gitignore idempotently.

3) Documentation updates

  • Updated skill contract and buyer flow docs to reflect:
    • execution-first responses,
    • opt-in key creation fallback,
    • git-tracking protection guidance.

Breaking changes

  • None in CLI flags or API surface.

Risk / audit focus

  • This release intentionally changes wallet-creation policy in the skill (from strict no-create to explicit opt-in fallback).
  • Recommend extra review in ClawHub security audit and transcript QA.

Recommended validation

  • Unknown promo link on fresh agent:
    • install prompt appears,
    • concise buyer guidance,
    • no protocol deep-dive unless asked.
  • No-key scenario:
    • explicit consent requested before key creation,
    • .gitignore behavior correct in git repos,
    • no key material leaked in output.

Rollback plan

If audit flags the fallback policy, revert the policy commit on main and publish a follow-up prerelease (e.g. v2026.2.15-beta.2) with corrected behavior.

Full Changelog: v2026.2.15-beta.0...v2026.2.15-beta.1

Assets 2
Loading