v0.7.0

What's Changed

• feat(release): add keyless signing/attestation + v0.5 specs by @kurtpayne in #85
• feat(rules): add OBF-003 Unicode PUA near dynamic execution sinks by @kurtpayne in #84
• chore(validation): add local validation wrapper and guardrail updates by @kurtpayne in #86
• chore(rules): add malware pattern updates 2026-03-16 by @kurtpayne in #87
• feat(rules): additive metadata enrichment for all existing rules by @kurtpayne in #88
• feat(cli): add rule metadata query command and docs by @kurtpayne in #89
• docs+test: metadata naming guidance and guard test by @kurtpayne in #90
• feat(ci): add reusable GitHub Actions workflow for SARIF scanning by @kurtpayne in #91
• chore(rules): add 10 rules for MCP attacks, social engineering chains, and container escape by @kurtpayne in #92
• ci: consolidate test and coverage workflows into single CI workflow by @kurtpayne in #93
• feat(integrations): add GitHub Pages deployment workflow for skillscan.sh by @kurtpayne in #94
• feat(ml): offline HuggingFace prompt-injection detector (--ml-detect) by @kurtpayne in #96
• feat(corpus): corpus management + delta-based model update trigger by @kurtpayne in #97
• feat(rules): MAL-029 Solana RPC C2 resolution + IOC/vuln updates (2026-03-17) by @kurtpayne in #95
• feat(signatures): signature-as-data architecture + corpus growth (57 injection examples) by @kurtpayne in #98
• chore(rules): MAL-030..032, PINJ-002 — CursorJack, Deno BYOR, GlassWorm Wave 6, MEDIA injection by @kurtpayne in #99
• feat(rules): [MAL-033, EXF-017] BlokTrooper VSX extension downloader, ClawHavoc agent memory harvesting (2026-03-18) by @kurtpayne in #100
• v0.3.2: SE detection, intel seeding, AI assist removal, docs cleanup by @kurtpayne in #101
• chore: docs cleanup pass — consolidate redundant files, fix stale references by @kurtpayne in #102
• feat(rules): [MAL-034, MAL-035] Click-Fix WebDAV exec, Electron app.asar C2 injection (2026-03-19) by @kurtpayne in #104
• chore: pattern update 2026-03-19 — GlassWorm Chrome RAT, OpenClaw gatewayUrl RCE by @kurtpayne in #103
• chore: pattern update 2026-03-20 — AI-gated malware C2, npm env exfil, prompt control persistence by @kurtpayne in #105
• chore: pattern update 2026-03-20 batch 2 — GhostClaw, LotAI, CVE-2026-33060 by @kurtpayne in #106
• chore: pattern update 2026-03-21 — SUP-011, SUP-012, MAL-039 by @kurtpayne in #107
• docs: add Milestone 21 — Skill Fuzzer to roadmap by @kurtpayne in #108
• docs: reorder roadmap — Skill Fuzzer to M19, Corpus to M20/M21 by @kurtpayne in #109
• chore: pattern update 2026-03-21 batch 2 — CanisterWorm, MCP Server CmdInj, Claudy Day by @kurtpayne in #110
• feat(rules): [MAL-042] CanisterWorm K8s wiper, [EXEC-041] API traffic hijacking (2026-03-22) by @kurtpayne in #112
• feat(rules): add MAL-043, PINJ-005, SUP-014 for 2026-03-23 threat batch by @kurtpayne in #113
• chore: pattern update 2026-03-23 — SQLBot RCE, RAG Poisoning, Actions Tag Repointing by @kurtpayne in #114
• chore: pattern update 2026-03-24 — StoatWaffle malware, MCP server CVEs by @kurtpayne in #115
• feat: add MAL-046, MAL-047, PINJ-007 — CursorJack deeplink, Claude hooks RCE, MCP sampling exfil by @kurtpayne in #116
• chore: pattern update 2026-03-24 batch 2 — Langflow RCE, Checkmarx Actions compromise by @kurtpayne in #117
• chore: pattern update 2026-03-22 — MAL-042, PINJ-005, 2 IOCs by @kurtpayne in #118
• chore(rules): add MAL-049, SUP-019 — LiteLLM TeamPCP supply chain compromise by @kurtpayne in #119
• chore: pattern update 2026-03-25 — ClawHavoc typosquats & prompt poaching by @kurtpayne in #120

Full Changelog: v0.3.1...v0.7.0

v0.3.1

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• chore(rules): add malware pattern updates 2026-02-09 by @kurtpayne in #1
• feat(examples): add showcase sample for wallet/eval/stealth patterns by @kurtpayne in #4
• feat(integrations): add OpenClaw, Claude, and OpenAI skill bundles by @kurtpayne in #3
• fix(readme): correct installer script URL by @kurtpayne in #2
• chore(rules): add malware pattern updates 2026-02-09 by @kurtpayne in #5
• chore(rules): add malware pattern updates 2026-02-09 by @kurtpayne in #6
• chore(rules): add malware pattern updates 2026-02-10 by @kurtpayne in #7
• chore(rules): malware pattern updates 2026-02-10 by @kurtpayne in #8
• chore(rules): add malware pattern updates 2026-02-11 by @kurtpayne in #9
• chore(rules): add malware pattern updates 2026-02-12 by @kurtpayne in #11
• chore(rules): add malware pattern updates 2026-02-11 by @kurtpayne in #10
• chore(rules): add malware pattern updates 2026-02-13 by @kurtpayne in #12
• chore(rules): add malware pattern updates 2026-02-13 by @kurtpayne in #13
• chore(rules): add malware pattern updates 2026-02-18 by @kurtpayne in #14
• chore(rules): add malware pattern updates 2026-02-18 by @kurtpayne in #15
• chore(rules): add malware pattern updates 2026-02-19 by @kurtpayne in #16
• chore(rules): add malware pattern updates 2026-02-20 by @kurtpayne in #17
• chore(rules): add malware pattern updates 2026-02-20 by @kurtpayne in #18
• chore(rules): add malware pattern updates 2026-02-21 by @kurtpayne in #19
• chore(rules): add malware pattern updates 2026-02-21 by @kurtpayne in #20
• chore(rules): add malware pattern updates 2026-02-23 by @kurtpayne in #21
• chore(rules): add malware pattern updates 2026-02-23 by @kurtpayne in #22
• chore(rules): add malware pattern updates 2026-02-24 by @kurtpayne in #23
• chore(rules): add malware pattern updates 2026-02-25 by @kurtpayne in #24
• chore(rules): add malware pattern updates 2026-02-25 by @kurtpayne in #25
• chore(rules): add malware pattern updates 2026-02-26 by @kurtpayne in #26
• chore(rules): add malware pattern updates 2026-02-26 by @kurtpayne in #27
• chore(rules): add malware pattern updates 2026-02-27 by @kurtpayne in #28
• chore(rules): fix EXF-011 showcase fixture and docs by @kurtpayne in #29
• chore(rules): add malware pattern updates 2026-02-28 by @kurtpayne in #30
• chore(rules): add malware pattern updates 2026-02-28 by @kurtpayne in #31
• chore(rules): add malware pattern updates 2026-03-02 by @kurtpayne in #32
• chore(rules): add malware pattern updates 2026-03-02 by @kurtpayne in #33
• chore(rules): add malware pattern updates 2026-03-03 by @kurtpayne in #34
• docs: roadmap beyond adding patterns by @kurtpayne in #35
• chore(rules): add malware pattern updates 2026-03-04 by @kurtpayne in #46
• build: add PyPI/Docker release workflows + distribution docs refresh by @kurtpayne in #47
• feat(cli): add SARIF output format and exporter by @kurtpayne in #48
• feat(cli): add junit and compact output formats by @kurtpayne in #49
• chore(rules): add malware pattern updates 2026-03-05 by @kurtpayne in #51
• feat(render): add finding why/impact/next-action narratives by @kurtpayne in #50
• chore(rules): add malware pattern updates 2026-03-05 by @kurtpayne in #52
• chore(rules): add malware pattern updates 2026-03-06 by @kurtpayne in #54
• feat(render): add finding narratives with confidence labels by @kurtpayne in #55
• feat(policy): confidence threshold gating for BLOCK verdicts by @kurtpayne in #56
• feat(cli): add baseline diff command by @kurtpayne in #57
• feat(cli): suppression workflow with expiry + strict mode by @kurtpayne in #58
• feat(policy): file-type aware binary scope limits by @kurtpayne in #59
• feat(adapter): optional ClamAV scan integration by @kurtpayne in #60
• chore(rules): add malware pattern updates 2026-03-06 by @kurtpayne in #61
• feat(rulepack): add stable/preview/labs channel selection by @kurtpayne in #62
• feat(ai): add non-blocking semantic assist mode by @kurtpayne in #63
• chore(rules): add malware pattern updates 2026-03-06 by @kurtpayne in #64
• feat(benchmark): add evaluation harness command and gates by @kurtpayne in #65
• feat(cli): baseline report delta output in scan command by @kurtpayne in #66
• feat(suppressions): tighten expiry validation and auditability by @kurtpayne in #67
• feat(report): confidence labels in compact, junit, and sarif outputs by @kurtpayne in #68
• docs(release): add Docker Hub + PyPI onboarding runbook by @kurtpayne in #69
• Default-on local semantic prompt-injection classifier + corpus benchmark plan by @kurtpayne in #70
• Fix line-length lint issue in benchmark builder script by @kurtpayne in #71
• chore(rules): add malware pattern updates 2026-03-09 by @kurtpayne in #72
• fix(rules): ensure EXF-015 detection for showcase 65 by @kurtpayne in #73
• chore(rules): add malware pattern updates 2026-03-11 by @kurtpayne in #75
• chore(rules): add malware pattern updates 2026-03-14 by @kurtpayne in #77
• chore(rules): add malware pattern updates 2026-03-15 by @kurtpayne in #78
• chore: add pattern-update guardrails and CI gate by @kurtpayne in #79
• Distribution readiness: SBOM wiring & release docs + test-runner by @kurtpayne in #80
• docs+version: naming consistency and runtime version metadata validation by @kurtpayne in #81
• docs: post-release cleanup (SBOM guidance + v0.2.3 verification notes) by @kurtpayne in #82
• feat: naming reset for first public release (v0.3.0) by @kurtpayne in #83

New Contributors

• @kurtpayne made their first contribution in #1

Full Changelog: https://github.com/kurtpayne/skillscan-security/commits/v0.3.0