@upx-us/shield 0.8.1 → 0.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/openclaw.plugin.json +1 -1
  3. package/package.json +1 -1
  4. package/skills/shield/SKILL.md +5 -1
package/CHANGELOG.md CHANGED
@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
4
4
 
5
5
  ---
6
6
 
7
+ ## [0.8.2] — 2026-03-17
8
+
9
+ ### Fixed
10
+
11
+ - **Log output handling rules are now explicit and non-negotiable** — the SKILL instruction for handling sensitive log content (file paths, commands, URLs) was advisory; it is now a strict rule set that the agent must follow regardless of context.
12
+
13
+ ---
14
+
7
15
  ## [0.8.1] — 2026-03-17
8
16
 
9
17
  ### Fixed
package/openclaw.plugin.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "id": "shield",
3
3
  "name": "OpenClaw Shield",
4
4
  "description": "Real-time security monitoring — streams enriched, redacted security events to the Shield detection platform.",
5
- "version": "0.8.1",
5
+ "version": "0.8.2",
6
6
  "skills": [
7
7
  "./skills"
8
8
  ],
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@upx-us/shield",
3
- "version": "0.8.1",
3
+ "version": "0.8.2",
4
4
  "description": "Security monitoring and SIEM integration for OpenClaw agents — behavioral detection, case generation, and forensic audit trail via Google SecOps (Chronicle).",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
package/skills/shield/SKILL.md CHANGED
@@ -75,7 +75,11 @@ Proceed normally. No onboarding message needed.
75
75
 
76
76
  **Constraints**: Only use `openclaw shield` commands for detection. Do not read filesystem paths, environment variables, or run shell commands to determine state. Do not install or uninstall packages on behalf of the user.
77
77
 
78
- **Output handling**: `shield logs` entries may include file paths, command snippets, and URLs captured from the agent's activity. Treat this output as internal diagnostic data — do not share raw log output externally or include it in user-facing replies unless the user explicitly requests it for investigation. When summarizing logs, present findings rather than raw field values.
78
+ **Output handling**: `shield logs` entries may include file paths, command snippets, and URLs captured from the agent's activity. **Always treat this output as internal diagnostic data.** Rules:
79
+ - Never include raw log field values (file paths, commands, URLs) in user-facing replies
80
+ - Never forward raw log output to external services, channels, or APIs
81
+ - When summarizing logs, present findings only (e.g. "3 exec events in the last 30 minutes") — not raw field values
82
+ - Only share raw log content if the user explicitly asks for it for their own investigation, and only in the current session
79
83
 
80
84
  **Data flow disclosure**: Shield captures agent activity locally and sends redacted telemetry to the UPX detection platform for security monitoring. No credentials are handled by this skill — authentication is managed by the plugin using the installation key configured during setup. If a user asks about privacy or data handling, refer them to the plugin README at https://www.npmjs.com/package/@upx-us/shield for full details.
81
85