Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01V3s6WnubSSrFjAQTLQdVbG
37 lines
2.6 KiB
Markdown
37 lines
2.6 KiB
Markdown
# STATE — llm-security
|
||
|
||
**Active focus:** SkillSpector-gap scanners (TRG/SIG/AST) — DONE & pushed (Steps 1–7).
|
||
Release v7.8.0 (Step 8) DEFERRED by operator. **The next session is NOT SkillSpector** — it is
|
||
the security-fix brief (see PREREQUISITE) which must run before we resume/release this track.
|
||
|
||
## PREREQUISITE — do BEFORE continuing SkillSpector / releasing v7.8.0
|
||
- Run the security-fix session: **`docs/security-fix-brief-2026-06-20.md`**
|
||
(F-1 RCE + F-2/F-3 shell/path injection sinks; from the marketplace-wide review
|
||
`docs/review-2026-06-20.md`). Operator instruction (2026-06-20): do NOT interleave it with
|
||
SkillSpector work; it gates the v7.8.0 release — don't ship a version with F-1/F-2/F-3 open.
|
||
|
||
## What landed this session (pushed to Forgejo, main @ d19abf0)
|
||
- **TRG** `scanners/trigger-scanner.mjs` — shadow/baiting/broad triggers; decode-pipeline on
|
||
descriptions. + wiring (orchestrator/policy/4 OWASP maps). Commits 54115a9, 75aeeee. Test 16/0.
|
||
- **SIG** `scanners/signature-scanner.mjs` + `knowledge/signatures.json` (webshell/reverse_shell/
|
||
cryptominer/hacktool, matched over normalizeForScan/foldHomoglyphs/rot13 — catches obfuscated
|
||
malware). + wiring. Commits bac6f6f, 76e3543. Test 12/0.
|
||
- **AST** `scanners/ast-taint-scanner.mjs` + `scanners/lib/py-ast-taint.py` (PARSE-ONLY ast.parse,
|
||
scope-aware var taint, 5s timeout, graceful skip when python3 absent). + wiring.
|
||
Commits e497bb7, b50313e. Test 9/0. Parse-only proven (sentinel: no SENTINEL written).
|
||
- Docs/packaging `d19abf0` — scanner-reference rows + count bumps, output.mjs JSDoc prefixes,
|
||
orchestrator header (→14), `package.json` files[] += `knowledge/`.
|
||
- Full suite **1859/0**. Orchestrator runs **14** scanners (trg/sig/ast keys present). Zero-dep holds.
|
||
|
||
## Step 8 (deferred) — release v7.8.0 when ready, AFTER the security fix
|
||
- Bump 7.7.2 → 7.8.0 in `.claude-plugin/plugin.json`, `package.json`, README badge (`README.md:9`),
|
||
CHANGELOG `[7.8.0]`, `docs/version-history.md`, CLAUDE.md header. Verify w/ version-consistency grep.
|
||
Spec: Step 8 of `docs/plans/trekplan-2026-06-20-skillspector-gap-analysis.md`.
|
||
|
||
## Known pre-existing doc drift (out of this plan's scope — flagged, NOT fixed)
|
||
- `docs/scanner-reference.md` orchestrated count/list never counted `workflow` (true array = 14, docs
|
||
now say 13). Per the plan I bumped each count by +3; reconciling the workflow omission needs its own scope.
|
||
|
||
## Continuity
|
||
- STATE.md canonical + committed (never gitignored). trekexecute progress scratch deleted (run done;
|
||
git history is the durable record). origin = Forgejo `open/llm-security` (never GitHub).
|