You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Added enforcement-strength generated test surfaces and audit artifacts on top of v0.3.0, including:
policy matrix, witness integrity, OWASP ASI-2026, EU AI Act, adversarial evasion, adapter matrix, cross-session isolation, SARIF export, engine parity, and fuzzing suites added across commits ac2ebd6 through d32190a.
documented audit baseline and authoring standard in:
docs/test-suite-audit-summary.md
docs/test-authoring-guide.md
Added compliance attestation CLI surface in clawzero compliance verify (commit 6776cdf; hardened in later commits), including signed attestation payload output and suite presence checks.
Added official SARIF schema validation contracts (tests/exports/test_sarif_official_schema_contract.py, commit db4db6e).
Security Hardening (Post-PR81–PR86 MVAR Baseline)
Integrated and validated against the post-PR81–PR86 MVAR hardening baseline (52f2038, 6fbbb89, 174beee, 7513c7f, 3f53bc7, a9a1dfd) used in this workspace:
Ed25519 default signing with truthful algorithm labeling (ed25519 vs hmac-sha256), removing algorithm-label misrepresentation in audit output.
Vault-mediated credential execution path for credentials.access, with token-reference mediation and no raw credential material returned to the agent path.
Cryptographic policy lineage enforcement with lineage-chain verification and fail-closed behavior in prod_locked.
Advanced risk scoring in the default execution path with profile-aware modes (BLOCKING in prod_locked) and counterfactual injection signals.