fix: remediate scanner security alerts

.clusterfuzzlite/Dockerfile

@@ -1,7 +1,7 @@
-FROM gcr.io/oss-fuzz-base/base-builder-python
+FROM gcr.io/oss-fuzz-base/base-builder-python@sha256:721650302bfda2f3832df73bb24aeacfa41c32e692f3d6e4dd06074e79c64ed7
 
 COPY ./.clusterfuzzlite/requirements-atheris.txt $SRC/requirements-atheris.txt
-RUN python3 -m pip install --no-cache-dir --no-binary=:all: --no-deps \
+RUN python3 -m pip install --require-hashes --no-cache-dir --no-binary=:all: --no-deps \
     -r $SRC/requirements-atheris.txt
 
 COPY . $SRC/codex-plugin-scanner

README.md

@@ -65,6 +65,8 @@ Cisco-backed skill scanning is optional:
 pip install "codex-plugin-scanner[cisco]"
 ```
 
+The `cisco` extra is pinned to a patched `hashgraph-online/skill-scanner` fork while the upstream Cisco release still carries a vulnerable LiteLLM pin.
+
 You can also run the scanner without a local install:
 
 ```bash

action/README.md

@@ -35,7 +35,7 @@ This README is intentionally root-ready for a dedicated GitHub Marketplace actio
 | `fail_on_severity` | Fail on findings at or above this severity: `none`, `critical`, `high`, `medium`, `low`, `info` | `none` |
 | `cisco_skill_scan` | Cisco skill-scanner mode: `auto`, `on`, `off` | `auto` |
 | `cisco_policy` | Cisco policy preset: `permissive`, `balanced`, `strict` | `balanced` |
-| `install_cisco` | Install the Cisco skill-scanner dependency for live skill scanning | `false` |
+| `install_cisco` | Install the Cisco skill-scanner dependency from the pinned patched fork used by this repo | `false` |
 | `submission_enabled` | Open submission issues for awesome-list and registry automation when the plugin clears the submission threshold | `false` |
 | `submission_score_threshold` | Minimum score required before a submission issue is created | `80` |
 | `submission_repos` | Comma-separated GitHub repositories that should receive the submission issue | `hashgraph-online/awesome-codex-plugins` |
@@ -115,6 +115,7 @@ jobs:
     cisco_policy: strict
     install_cisco: true
 ```
+The action installs the Cisco scanner from the same pinned patched fork used in the main scanner repo until upstream publishes a fixed LiteLLM dependency.
 
 ### Export registry payload for Codex ecosystem automation
 

action/action.yml

@@ -68,7 +68,7 @@ inputs:
     required: false
     default: "balanced"
   install_cisco:
-    description: "Install the Cisco skill-scanner dependency for live skill scanning"
+    description: "Install the Cisco skill-scanner dependency from the pinned patched fork used by this repo"
     required: false
     default: "false"
   submission_enabled:
@@ -183,7 +183,8 @@ runs:
         fi
 
         if [ "${{ inputs.install_cisco }}" = "true" ]; then
-          pip install "cisco-ai-skill-scanner>=2.0.6,<3"
+          # Temporary fork pin until upstream cisco-ai-skill-scanner ships a LiteLLM fix.
+          pip install "cisco-ai-skill-scanner @ git+https://github.com/hashgraph-online/skill-scanner.git@9b0ea08111f9129abfdf7aedc47322615cda1164"
         fi
 
     - name: Run scanner

pyproject.toml

@@ -32,7 +32,8 @@ dependencies = [
 
 [project.optional-dependencies]
 cisco = [
-    "cisco-ai-skill-scanner>=2.0.6,<3",
+    # Temporary fork pin until upstream cisco-ai-skill-scanner ships a LiteLLM fix.
+    "cisco-ai-skill-scanner @ git+https://github.com/hashgraph-online/skill-scanner.git@9b0ea08111f9129abfdf7aedc47322615cda1164",
 ]
 dev = [
     "build>=1.2.2",
@@ -55,6 +56,9 @@ Homepage = "https://github.com/hashgraph-online/codex-plugin-scanner"
 Repository = "https://github.com/hashgraph-online/codex-plugin-scanner"
 Issues = "https://github.com/hashgraph-online/codex-plugin-scanner/issues"
 
+[tool.hatch.metadata]
+allow-direct-references = true
+
 [tool.ruff]
 target-version = "py310"
 line-length = 120

tests/test_action_bundle.py

@@ -15,6 +15,11 @@ def test_action_metadata_includes_marketplace_branding_and_fallback_install() ->
     assert "actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405" in action_text
     assert "pip install codex-plugin-scanner" in action_text
     assert 'pip install "$LOCAL_SOURCE"' in action_text
+    assert (
+        'pip install "cisco-ai-skill-scanner @ '
+        'git+https://github.com/hashgraph-online/skill-scanner.git@9b0ea08111f9129abfdf7aedc47322615cda1164"'
+        in action_text
+    )
     assert "write_step_summary:" in action_text
     assert "profile:" in action_text
     assert "config:" in action_text
@@ -103,6 +108,7 @@ def test_action_bundle_docs_live_in_action_readme() -> None:
     assert "awesome-codex-plugins" in action_readme
     assert "publish-action-repo.yml" in action_readme
     assert "actions/github-script@v8" in action_readme
+    assert "pinned patched fork" in action_readme
 
 
 def test_readme_uses_stable_apache_license_badge() -> None:

tests/test_skill_security.py

@@ -90,6 +90,17 @@ def test_skill_security_auto_mode_unavailable_is_not_applicable(monkeypatch):
     assert availability.applicable is False
 
 
+def test_run_cisco_skill_scan_on_mode_requires_cisco_dependency_when_missing(monkeypatch):
+    monkeypatch.setitem(sys.modules, "skill_scanner", ModuleType("skill_scanner"))
+    monkeypatch.delitem(sys.modules, "skill_scanner.core", raising=False)
+    monkeypatch.delitem(sys.modules, "skill_scanner.core.scan_policy", raising=False)
+
+    summary = run_cisco_skill_scan(FIXTURES / "good-plugin" / "skills", mode="on", policy_name="balanced")
+
+    assert summary.status == CiscoIntegrationStatus.UNAVAILABLE
+    assert "Install with the cisco extra." in summary.message
+
+
 def test_scan_plugin_includes_cisco_findings(monkeypatch):
     monkeypatch.setattr(
         "codex_plugin_scanner.checks.skill_security.run_cisco_skill_scan",