npm - @upx-us/shield - Versions diffs - 0.4.36 → 0.6.0 - Mend

@upx-us/shield 0.4.36 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/CHANGELOG.md +43 -561
package/README.md +19 -24
package/dist/index.js +153 -15
package/dist/src/case-monitor.d.ts +46 -1
package/dist/src/case-monitor.js +167 -19
package/dist/src/cli-cases.js +46 -0
package/dist/src/events/browser/enrich.js +1 -0
package/dist/src/events/exec/enrich.d.ts +1 -0
package/dist/src/events/exec/enrich.js +23 -0
package/dist/src/events/file/enrich.js +7 -0
package/dist/src/events/message/enrich.js +26 -0
package/dist/src/exclusions.d.ts +16 -0
package/dist/src/exclusions.js +122 -0
package/dist/src/rpc/exclusion-handlers.d.ts +8 -0
package/dist/src/rpc/exclusion-handlers.js +36 -0
package/dist/src/rpc/handlers.d.ts +7 -7
package/dist/src/rpc/handlers.js +138 -9
package/dist/src/rpc/index.js +4 -0
package/openclaw.plugin.json +3 -3
package/package.json +2 -2
package/skills/shield/README.md +10 -10
package/skills/shield/SKILL.md +29 -8

package/CHANGELOG.md CHANGED Viewed

@@ -4,209 +4,47 @@ All notable changes to this project will be documented in this file.
 ---
-## [0.4.12] — 2026-03-04
+## [0.5.18] — 2026-03-06
 ### Added
-- `openclaw shield cases` CLI command — list open security cases from the platform.
-- `openclaw shield cases show <ID>` — full case detail with events, rule info, and playbook.
-- `openclaw shield cases resolve <ID>` — resolve a case with `--resolution`, `--root-cause`, and `--comment` flags.
-- `callPlatformApi` now supports GET and POST methods.
-### Changed
-- README updated with features table and complete RPC reference (9 RPCs).
-- SKILL.md updated with case CLI commands.
----
-## [0.4.11] — 2026-03-04
-### Added
-- Case notification system — agent polls platform for new cases and notifies users.
-- Case resolution — close cases with categorization (resolution + root cause) via RPC.
-- 4 new RPCs: `shield.cases_list`, `shield.case_detail`, `shield.case_resolve`, `shield.cases_ack`.
-- Case monitor with pending notification queue and acknowledgment.
-- Platform attribution in case detail responses.
-### Fixed
-- HMAC signing in RPC client aligned with sender format (`fingerprint:nonce`).
-### Changed
-- SKILL.md updated with case handling section.
-- README updated with features table and RPC documentation.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.6] — 2026-03-04
+- **User-friendly case notifications** — notifications now use plain language summaries when available, with technical details (rule title, MITRE technique) as a `📎` footnote.
+- **False positive exclusions** — mark a case as false positive and Shield auto-suppresses identical future alerts for your instance.
+  - `openclaw shield exclusions` — list active exclusions.
+  - `openclaw shield exclusions remove <ID>` — re-enable alerts by removing an exclusion.
+  - RPCs: `shield.exclusions_list`, `shield.exclusion_add`, `shield.exclusion_remove`.
+  - Pattern normalization: IPs, UUIDs, timestamps, and hashes are generalized so the same type of event matches regardless of specific values.
 ### Fixed
-- Auto-update no longer kills bridge when gateway restart fails — continues running with old version in memory instead of disconnecting.
-- Stale PID detection in `shield status` — warns when daemon PID is no longer running.
-### Added
-- Atomic file writes (`writeJsonSafe`) for status, stats, vault, updater state, and IP cache — prevents corruption on crash or disk-full.
-- Corrupt JSON recovery (`readJsonSafe`) — auto-recovers from corrupted state files instead of crash-looping. Corrupt files preserved as `.corrupt.<timestamp>` for forensics.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
+- Campaign URLs updated to English (`/en/` instead of `/pt/`).
 ---
-## [0.4.5] — 2026-03-04
-### Fixed
-- OpenClaw version detection: replaced hardcoded macOS paths with platform-independent require.resolve + execSync fallback. Fixes incorrect version in telemetry on Windows and non-standard installs.
----
+## [0.4.36] — 2026-03-05
-## [0.4.7] — 2026-03-04
+Consolidated from 0.4.0–0.4.12.
 ### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.4] — 2026-03-04
-### Added
-- `vault show` now displays redaction token summary (host:HASH, user:HASH counts) alongside agent inventory.
-- Multi-machine warning in README for shared config setups.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.3] — 2026-03-04
-### Changed
-- SKILL.md: added YAML frontmatter with ClawHub metadata, gating via requires.config, full status output example, vault show documentation, redaction token table.
-- Cross-references between npm, ClawHub, and dashboard in SKILL.md and skill README.
-- openclaw.plugin.json: added clawhub.slug and skillVersion tracking.
-### Added
-- Skill validation tests (26 tests): prevent infrastructure leaks in ClaWHub-published content.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.2] — 2026-03-04
-### Changed
-- **SKILL.md**: added `vault show` command docs, redaction token type reference, vault output interpretation guide.
-- **Skill README**: added links to npm package and ClawHub listing.
-- **package.json**: added `homepage` → ClawHub, `clawhub.slug` metadata, expanded keywords for discoverability.
+- **Case management** — `openclaw shield cases` CLI command to list open security cases, `cases show <ID>` for full detail with events, rule info, and playbook, `cases resolve <ID>` with `--resolution`, `--root-cause`, and `--comment` flags.
+- **Case notification system** — agent polls platform for new cases and notifies users. Case monitor with pending notification queue and acknowledgment.
+- 4 case RPCs: `shield.cases_list`, `shield.case_detail`, `shield.case_resolve`, `shield.cases_ack`.
+- **Local event buffer** — rolling store of recently sent events for offline inspection and debugging. `openclaw shield logs` command with `--last`, `--type`, `--since`, and `--format` options. `shield.events_recent` and `shield.events_summary` RPCs now return local data. Configurable via `SHIELD_LOCAL_EVENT_BUFFER` and `SHIELD_LOCAL_EVENT_LIMIT`.
+- **Host agent/workspace inventory** — scans agents on startup, persists to local vault. Cross-workspace access detection enriches events. New token categories: `agent:HASH`, `workspace:HASH`. `openclaw shield vault show` displays inventory with hashed IDs and redaction token summary.
+- **Auto-update** — plugin checks for updates on gateway restart and every 6 hours. Patch and minor versions install automatically with backup and rollback safety. Major versions notify only.
+- **Chained command detection** — exec events parse shell chains (`&&`, `||`, `;`) to detect destructive commands regardless of position.
+- **Atomic file writes** (`writeJsonSafe`) for status, stats, vault, updater state, and IP cache — prevents corruption on crash or disk-full.
+- **Corrupt JSON recovery** (`readJsonSafe`) — auto-recovers from corrupted state files instead of crash-looping.
+- Skill validation tests (26 tests) to prevent infrastructure leaks in ClawHub-published content.
+- ClawHub frontmatter metadata, gating via `requires.config`, cross-references between npm/ClawHub/dashboard.
+- `callPlatformApi` now supports GET and POST methods.
+- Platform attribution in case detail responses.
+- Tarball shasum preserved in `openclaw.json` after self-update.
+- Plugin metadata sync prevents OpenClaw core updates from removing the plugin.
 ### Fixed
-- Skill and plugin now cross-reference each other: SKILL.md links to npm, package.json links to ClawHub.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.1] — 2026-03-04
-### Added
-- Host agent/workspace inventory: scans agents on startup, persists to local vault.
-- Cross-workspace access detection: enriches events when an agent accesses another agent's workspace.
-- New token categories for redaction: `agent:HASH`, `workspace:HASH`.
-- New CLI command: `openclaw shield vault show` — displays host agent inventory with hashed IDs.
-### Changed
-- README: updated redaction explanation with full token category list.
-- PUBLISHING.md: added audience rule and token dictionary rule for public docs.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.4.0] — 2026-03-03
-### Added
-- **Auto-update**: plugin checks for updates on gateway restart and every 6 hours. Patch and minor versions install automatically with backup and rollback safety. Major versions notify only. Default: enabled.
-- **Chained command detection**: exec events parse shell chains (`&&`, `||`, `;`) to detect destructive commands regardless of position.
-- Startup update check with explicit logging.
-- Tarball shasum preserved in openclaw.json after self-update.
-- Plugin metadata sync prevents OpenClaw core updates from removing the plugin.
+- Auto-update no longer kills bridge when gateway restart fails — continues running with old version in memory.
+- Stale PID detection in `shield status` — warns when daemon PID is no longer running.
+- OpenClaw version detection: replaced hardcoded macOS paths with platform-independent `require.resolve` + `execSync` fallback.
+- HMAC signing in RPC client aligned with sender format (`fingerprint:nonce`).
 ### Changed
 - Installation instructions rewritten: three options (Quick Install, Agent Configure, Agent Full) with command reference table and agent refusal guidance.
@@ -214,386 +52,30 @@ All notable changes to this project will be documented in this file.
 ---
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
 ## [0.3.29] — 2026-03-03
-### Changed
-- README installation section fully rewritten: three clear options (Quick Install, Agent Configure, Agent Full), command reference table, concern table, manual steps. Progressive disclosure — simplest path first.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.28] — 2026-03-03
-### Added
-- Commands reference table in README (install, activate, status, flush, update).
-- Quick Install section for terminal-based setup (no agent needed).
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.27] — 2026-03-03
-### Changed
-- Install prompt now directs agents to read the npm README before installing, so they find the security guidance table themselves.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.26] — 2026-03-03
-### Changed
-- README: added agent refusal guidance with explicit trust confirmation prompt and concern-by-concern explanation table.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.25] — 2026-03-03
-### Changed
-- Quick Start prompt rewritten: clarifies user registered at uss.upx.com, uses openclaw plugins install command, explains redaction model, addresses common agent security refusals.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.24] — 2026-03-03
-### Fixed
-- Auto-update now computes and preserves tarball shasum in openclaw.json metadata after self-update.
-### Changed
-- Quick Start prompt expanded to address agent security concerns (external data sending, installation key purpose, npm scope trust).
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.23] — 2026-03-03
-### Changed
-- Quick Start prompt simplified.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.22] — 2026-03-03
-### Fixed
-- Auto-update now syncs `plugins.installs.shield` metadata in `openclaw.json` after self-updating. Prevents OpenClaw core updates from removing the plugin due to version/integrity mismatch.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.21] — 2026-03-03
-### Fixed
-- Auto-update now wired into the plugin entry point (the file OpenClaw actually loads). Previously only connected to the standalone bridge CLI.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.20] — 2026-03-03
-### Added
-- Update check on gateway startup — no longer need to wait for the 6-hour cycle.
-- Explicit startup log: `Startup update check (autoUpdate=..., current=...)` and `Up to date` confirmation.
-### Changed
-- CHANGELOG.md now bundled with the npm package.
-- No GitHub links in public docs.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.19] — 2026-03-03
-### Changed
-- Changelog FAQ now links to public GitHub CHANGELOG.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.18] — 2026-03-03
-### Added
-- **Auto-update**: Shield checks for newer versions and installs them automatically. Patch and minor versions are installed with backup and rollback safety. Major versions notify only. Configure via `autoUpdate` in plugin config (`true` | `false` | `"notify-only"`). Default: `true`.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.17] — 2026-03-02
-### Added
-- **Chained command detection**: exec events now parse chained commands (`&&`, `||`, `;`) to extract all commands in a chain. New metadata fields: `cmd_all_root_commands`, `cmd_is_chained`, `cmd_chain_count`.
-### Fixed
-- Detection rules can now match destructive commands embedded after chain operators (e.g. `mkdir /tmp && rm -rf /path`).
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.16] — 2026-02-27
-### Changed
-- Quick Start: single intent-based prompt for installation.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.6] — 2026-02-26
+Consolidated from 0.3.0–0.3.28.
 ### Added
+- **Auto-update** — Shield checks for newer versions and installs them automatically. Patch and minor versions install with backup and rollback safety. Major versions notify only. Configure via `autoUpdate` in plugin config.
+- **Chained command detection** — exec events parse chained commands (`&&`, `||`, `;`) to extract all commands in a chain.
 - Public IP and instance name included in telemetry for geo-enrichment and display.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.5] — 2026-02-26
+- Update check on gateway startup — no longer need to wait for the 6-hour cycle.
+- Commands reference table in README.
+- Quick Install section for terminal-based setup (no agent needed).
 ### Fixed
 - Plugin no longer deactivates on transient registration failures at startup. Retries up to 10 times before exiting.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
+- Auto-update now wired into the plugin entry point (the file OpenClaw actually loads).
+- Auto-update now syncs `plugins.installs.shield` metadata in `openclaw.json` after self-updating — prevents OpenClaw core updates from removing the plugin.
+- Auto-update now computes and preserves tarball shasum in `openclaw.json` metadata after self-update.
+- Detection rules can now match destructive commands embedded after chain operators.
 ### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
----
-## [0.3.4] — 2026-02-26
-### Changed
-- Documentation improvements.
----
-## [0.4.7] — 2026-03-04
-### Added
-- Local event buffer — rolling store of recently sent events for offline inspection and debugging.
-- `openclaw shield logs` CLI command with `--last`, `--type`, `--since`, and `--format` options.
-- `shield.events_recent` and `shield.events_summary` RPCs now return local data (previously required platform API).
-- Configurable via `SHIELD_LOCAL_EVENT_BUFFER` (default: enabled) and `SHIELD_LOCAL_EVENT_LIMIT` (default: 123 events).
-### Changed
-- SKILL.md updated for ClawHub review — removed internal references, added event logs documentation.
-- README.md updated with Local Event Buffer section and configuration reference.
+- README installation section fully rewritten: three clear options (Quick Install, Agent Configure, Agent Full), command reference table, concern table, manual steps.
+- Agent refusal guidance added with explicit trust confirmation prompt and concern-by-concern explanation table.
+- Quick Start prompt rewritten to address agent security concerns (redaction model, npm scope trust, installation key purpose).
+- CHANGELOG.md now bundled with the npm package.
 ---