firefrost-gaming/antigravity-skills-reference
3
0
Fork 0
Code Issues Pull Requests Actions 4 Packages Projects Releases Wiki Activity
Files
d63d99381b8f613f99c8cb7b758e7879b401f8a0
antigravity-skills-reference/docs/maintainers/security-findings-triage-2026-03-29-addendum.md
sickn33 d63d99381b docs(repo): Align docs with current maintainer flows 
Document the current static web-app behavior, local-only save flow, shallow installer path, and maintainer-only sync controls.\n\nAlign maintainer guides with the active audit-to-risk-sync workflow, canonical artifact bot contract, release/coverage requirements, and updated security triage context so the docs match the repository's real operating model.
2026-03-29 11:03:28 +02:00

2.1 KiB
Raw Blame History

Security Findings Triage Addendum (2026-03-29)

This addendum updates the 2026-03-15 baseline after the follow-up hardening work shipped on main.

Corrected / Updated Findings

  • Finding 1 / 7 (tools/scripts/sync_microsoft_skills.py) The Microsoft sync path now constrains filesystem writes and copied inputs to safe in-repo targets. The plugin-skill discovery path also skips symlinked SKILL.md files instead of trusting them. Regression coverage lives in tools/scripts/tests/test_sync_microsoft_skills_security.py.

  • Finding 18 / 29 (tools/scripts/validate_skills.py, tools/scripts/generate_index.py) Frontmatter parsing now rejects non-mapping YAML payloads cleanly and handles empty/frontmatter-edge cases without crashing downstream validation or index generation. Regression coverage lives in tools/scripts/tests/test_frontmatter_parsing_security.py.

  • Finding 19 The web app no longer exposes shared frontend writes for skill saves/stars by default. The current behavior is browser-local save state with optional read-only remote counts, so the old "anonymous Supabase writes allow skill star tampering" assessment is no longer the active behavior on current HEAD.

  • Findings 16 / 17 The refresh-skills plugin remains a local development surface, but the published GitHub Pages app now runs in static public-catalog mode and does not expose the maintainer sync CTA in production. Treat the residual plugin logic as local dev hardening scope, not a public production endpoint.

  • Finding 33 The Office unpack helpers no longer call extractall() blindly. They now validate archive member paths and reject traversal/symlink-style entries before extraction. Regression coverage lives in tools/scripts/tests/test_office_unpack_security.py.

Maintainer Guidance

  • Keep the 2026-03-15 file as the historical baseline snapshot.
  • Use this addendum plus the newer regression tests when deciding which findings are still actionable on current HEAD.
  • If a future triage refresh is produced, fold these corrections into the next full summary instead of re-copying the original counts unchanged.
Reference in New Issue View Git Blame Copy Permalink