open/claude-code-complete-agent
1
0
Fork 0
Code Activity Actions

chore: remove completed hardening plan

Browse source 
All 6 tasks executed in previous session (841cd32).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Kjell Tore Guttormsen 2026-04-06 00:00:25 +02:00
commit d9d0e5b53a
1 changed files with 0 additions and 87 deletions
Download patch file Download diff file Expand all files Collapse all files

87
HARDENING-PLAN.md
View file

@ -1,87 +0,0 @@
# Hardening Plan: Claude Code Complete Agent
Make this repo a demonstrable proof that Claude Code handles
OpenClaw's security challenges — not just a claim, but evidence.
## Context
`security/openclaw-security-assessment.md` documents 9 OpenClaw
CVEs and maps them to Claude Code mitigations. But the repo itself
doesn't yet demonstrate these mitigations. The hooks are demo
shell scripts, settings.json is basic, and no scan data exists.
## Tasks
### 1. Harden settings.json
Replace the demo allow/deny lists with a production-quality
permission model that maps to specific OpenClaw CVEs.
**Current state:** Basic glob patterns (`Bash(ls:*)`, `Bash(rm -rf *)`)
**Target state:** Scoped permissions with clear security rationale
File: `.claude/settings.json`
Reference: llm-security `reference-config-generator.mjs` output
for what Grade A looks like.
### 2. Upgrade hooks to production quality
The current `hooks/pre-tool-use.sh` and `hooks/post-tool-use.sh`
are demo bash scripts with grep-based pattern matching. Replace
with hooks that demonstrate real security patterns.
**Option A:** Document which llm-security hooks cover which CVEs
and recommend users install the llm-security plugin.
**Option B:** Include lightweight standalone hooks in this repo
that demonstrate the patterns (not the full llm-security suite).
Option A is more honest. Option B duplicates work.
Files: `hooks/`, `.claude/settings.json` (hook config)
### 3. Create CVE-to-mitigation mapping
Add a document that explicitly connects each OpenClaw CVE to
the specific Claude Code feature or configuration that prevents it.
| CVE | Attack | Claude Code defense | Where configured |
|-----|--------|-------------------|------------------|
| CVE-2026-22172 | Client self-declares scope | Single-user, no scope model | Architecture |
| CVE-2026-25253 | WebSocket hijack | No gateway/port | Architecture |
| CVE-2026-32048 | Sandbox child escape | Permission hooks | settings.json |
| CVE-2026-30741 | Prompt injection RCE | pre-prompt-inject-scan | llm-security plugin |
| ... | ... | ... | ... |
File: `security/cve-mitigation-map.md`
### 4. Run security scan and include results
Run `/security posture` and `/security scan` against the repo.
Include the results as documentation (not raw JSON — formatted
summary with grade).
File: `security/scan-results.md`
### 5. Update security/README.md
Add the new documents to the index. Rewrite the intro to
position the security/ directory as evidence, not just docs.
### 6. Update README.md security section
Reference the scan results and CVE mapping. The security section
should answer: "How do I know this is actually secure?"
## Verification
- [ ] `settings.json` has scoped permissions (not `Bash(*)`)
- [ ] Each OpenClaw CVE maps to a specific defense in this repo
- [ ] Security scan results included and show Grade B or higher
- [ ] README security section references evidence, not just claims
- [ ] All changes committed and pushed to Forgejo
## Estimated scope
6 files modified/created. One session. No dependencies added.